util.dependencies: Log error when LuaExpat is not capable of enforcing stanza size limits

author: Matthew Wild <mwild1@gmail.com> 2014-03-30 09:15:28 +0100
committer: Matthew Wild <mwild1@gmail.com> 2014-03-30 09:15:28 +0100
commit: 36a19e92a778a40cb124f0bad39cb167f6b0f8e2 (patch)
tree: fedfb127792bf13ccdf77108bdadbdd4428559ad
parent: 16a37370eb93573c6d561d08ac79b0479978fa24 (diff)
download: prosody-36a19e92a778a40cb124f0bad39cb167f6b0f8e2.tar.gz
prosody-36a19e92a778a40cb124f0bad39cb167f6b0f8e2.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/util/dependencies.lua b/util/dependencies.lua
index 53d2719d..e55b2405 100644
--- a/util/dependencies.lua
+++ b/util/dependencies.lua
@@ -140,7 +140,15 @@ function log_warnings()
 		if not pcall(lxp.new, { StartDoctypeDecl = false }) then
 			log("error", "The version of LuaExpat on your system leaves Prosody "
 				.."vulnerable to denial-of-service attacks. You should upgrade to "
-				.."LuaExpat 1.1.1 or higher as soon as possible. See "
+				.."LuaExpat 1.3.0 or higher as soon as possible. See "
+				.."http://prosody.im/doc/depends#luaexpat for more information.");
+		end
+		if not lxp.new({}).getcurrentbytecount then
+			log("error", "The version of LuaExpat on your system does not support "
+				.."stanza size limits, which may leave servers on untrusted "
+				.."networks (e.g. the internet) vulnerable to denial-of-service "
+				.."attacks. You should upgrade to LuaExpat 1.3.0 or higher as "
+				.."soon as possible. See "
 				.."http://prosody.im/doc/depends#luaexpat for more information.");
 		end
 	end
author	Matthew Wild <mwild1@gmail.com>	2014-03-30 09:15:28 +0100
committer	Matthew Wild <mwild1@gmail.com>	2014-03-30 09:15:28 +0100
commit	36a19e92a778a40cb124f0bad39cb167f6b0f8e2 (patch)
tree	fedfb127792bf13ccdf77108bdadbdd4428559ad
parent	16a37370eb93573c6d561d08ac79b0479978fa24 (diff)
download	prosody-36a19e92a778a40cb124f0bad39cb167f6b0f8e2.tar.gz prosody-36a19e92a778a40cb124f0bad39cb167f6b0f8e2.zip