X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateRequest.java;h=eba64f17a484a8dff96078cadd496e5f03a15057;hb=ccfe74bbb68976be461d215c1d313966de7ee3d5;hp=746529492146f30a0e44f23301edcbfdf24e2709;hpb=214daf6a8eca8376b0ff835b6d28abaaa61a0792;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java
index 74652949..eba64f17 100644
--- a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java
@@ -33,6 +33,7 @@ import org.cacert.gigi.output.template.Scope;
 import org.cacert.gigi.output.template.SprintfCommand;
 import org.cacert.gigi.util.AuthorizationContext;
 import org.cacert.gigi.util.PEM;
+import org.cacert.gigi.util.RateLimit;
 
 import sun.security.pkcs.PKCS9Attribute;
 import sun.security.pkcs10.PKCS10;
@@ -430,6 +431,9 @@ public class CertificateRequest {
             throw error;
         }
         try {
+            if (RATE_LIMIT.isLimitExceeded(Integer.toString(ctx.getActor().getId()))) {
+                throw new GigiApiException("Rate Limit Exceeded");
+            }
             return new Certificate(ctx.getTarget(), ctx.getActor(), subject, selectedDigest, //
                     this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()]));
         } catch (IOException e) {
@@ -438,6 +442,9 @@ public class CertificateRequest {
         return null;
     }
 
+    // 100 per 10 minutes
+    public static final RateLimit RATE_LIMIT = new RateLimit(100, 10 * 60 * 1000);
+
     private String verifyName(GigiApiException error, PropertyTemplate nameTemp, PropertyTemplate wotUserTemp, String verifiedCN) {
         // real names,
         // possible configurations: name {y,null,?}, name=WoTUser {y,null}