diff options
Diffstat (limited to 'vendor/github.com/xenolf/lego/acme')
| -rw-r--r-- | vendor/github.com/xenolf/lego/acme/client.go | 18 | ||||
| -rw-r--r-- | vendor/github.com/xenolf/lego/acme/jws.go | 5 |
2 files changed, 20 insertions, 3 deletions
diff --git a/vendor/github.com/xenolf/lego/acme/client.go b/vendor/github.com/xenolf/lego/acme/client.go index ba56e796c..ee519f2e2 100644 --- a/vendor/github.com/xenolf/lego/acme/client.go +++ b/vendor/github.com/xenolf/lego/acme/client.go @@ -23,8 +23,15 @@ var ( Logger *log.Logger ) -// maxBodySize is the maximum size of body that we will read. -const maxBodySize = 1024 * 1024 +const ( + // maxBodySize is the maximum size of body that we will read. + maxBodySize = 1024 * 1024 + + // overallRequestLimit is the overall number of request per second limited on the + // “new-reg”, “new-authz” and “new-cert” endpoints. From the documentation the + // limitation is 20 requests per second, but using 20 as value doesn't work but 18 do + overallRequestLimit = 18 +) // logf writes a log entry. It uses Logger if not // nil, otherwise it uses the default log.Logger. @@ -522,7 +529,14 @@ func (c *Client) chooseSolvers(auth authorization, domain string) map[int]solver func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[string]error) { resc, errc := make(chan authorizationResource), make(chan domainError) + var delay time.Duration + if len(domains) > overallRequestLimit { + delay = time.Second / overallRequestLimit + } + for _, domain := range domains { + time.Sleep(delay) + go func(domain string) { authMsg := authorization{Resource: "new-authz", Identifier: identifier{Type: "dns", Value: domain}} var authz authorization diff --git a/vendor/github.com/xenolf/lego/acme/jws.go b/vendor/github.com/xenolf/lego/acme/jws.go index 1b4d29d53..3b77cd491 100644 --- a/vendor/github.com/xenolf/lego/acme/jws.go +++ b/vendor/github.com/xenolf/lego/acme/jws.go @@ -41,7 +41,10 @@ func (j *jws) post(url string, content []byte) (*http.Response, error) { } resp, err := httpPost(url, "application/jose+json", bytes.NewBuffer([]byte(signedContent.FullSerialize()))) - + if err != nil { + return nil, fmt.Errorf("Failed to HTTP POST to %s -> %s", url, err.Error()) + } + // Even in case of an error, the response should still contain a nonce. nonce, nonceErr := getNonceFromResponse(resp) if nonceErr == nil { |