boulder: github.com/letsencrypt/boulder/ratelimit Index | Files

package ratelimit

import "github.com/letsencrypt/boulder/ratelimit"

Index

Package Files

rate-limits.go

type Limits Uses

type Limits interface {
    CertificatesPerName() RateLimitPolicy
    RegistrationsPerIP() RateLimitPolicy
    RegistrationsPerIPRange() RateLimitPolicy
    PendingAuthorizationsPerAccount() RateLimitPolicy
    InvalidAuthorizationsPerAccount() RateLimitPolicy
    CertificatesPerFQDNSet() RateLimitPolicy
    PendingOrdersPerAccount() RateLimitPolicy
    NewOrdersPerAccount() RateLimitPolicy
    LoadPolicies(contents []byte) error
}

Limits is defined to allow mock implementations be provided during unit testing

func New Uses

func New() Limits

type RateLimitPolicy Uses

type RateLimitPolicy struct {
    // How long to count items for
    Window cmd.ConfigDuration `yaml:"window"`
    // The max number of items that can be present before triggering the rate
    // limit. Zero means "no limit."
    Threshold int `yaml:"threshold"`
    // A per-key override setting different limits than the default (higher or lower).
    // The key is defined on a per-limit basis and should match the key it counts on.
    // For instance, a rate limit on the number of certificates per name uses name as
    // a key, while a rate limit on the number of registrations per IP subnet would
    // use subnet as a key.
    // Note that a zero entry in the overrides map does not mean "not limit," it
    // means a limit of zero.
    Overrides map[string]int `yaml:"overrides"`
    // A per-registration override setting. This can be used, e.g. if there are
    // hosting providers that we would like to grant a higher rate of issuance
    // than the default. If both key-based and registration-based overrides are
    // available, the registration-based on takes priority.
    RegistrationOverrides map[int64]int `yaml:"registrationOverrides"`
}

RateLimitPolicy describes a general limiting policy

func (*RateLimitPolicy) Enabled Uses

func (rlp *RateLimitPolicy) Enabled() bool

Enabled returns true iff the RateLimitPolicy is enabled.

func (*RateLimitPolicy) GetThreshold Uses

func (rlp *RateLimitPolicy) GetThreshold(key string, regID int64) int

GetThreshold returns the threshold for this rate limit, taking into account any overrides for `key` or `regID`. If both `key` and `regID` have an override the largest of the two will be used.

func (*RateLimitPolicy) WindowBegin Uses

func (rlp *RateLimitPolicy) WindowBegin(windowEnd time.Time) time.Time

WindowBegin returns the time that a RateLimitPolicy's window begins, given a particular end time (typically the current time).

Package ratelimit imports 4 packages (graph) and is imported by 11 packages. Updated 2019-10-20. Refresh now. Tools for package owners.