diff options
author | Matthew Wild <mwild1@gmail.com> | 2014-03-30 09:15:28 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2014-03-30 09:15:28 +0100 |
commit | d6d9e5913958390a91bdd5f4c137027020c42322 (patch) | |
tree | fedfb127792bf13ccdf77108bdadbdd4428559ad /util | |
parent | d4e4954f3cd2d3ccf6f13aeaaaf50fdb0e382349 (diff) | |
download | prosody-d6d9e5913958390a91bdd5f4c137027020c42322.tar.gz prosody-d6d9e5913958390a91bdd5f4c137027020c42322.zip |
util.dependencies: Log error when LuaExpat is not capable of enforcing stanza size limits
Diffstat (limited to 'util')
-rw-r--r-- | util/dependencies.lua | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/util/dependencies.lua b/util/dependencies.lua index 53d2719d..e55b2405 100644 --- a/util/dependencies.lua +++ b/util/dependencies.lua @@ -140,7 +140,15 @@ function log_warnings() if not pcall(lxp.new, { StartDoctypeDecl = false }) then log("error", "The version of LuaExpat on your system leaves Prosody " .."vulnerable to denial-of-service attacks. You should upgrade to " - .."LuaExpat 1.1.1 or higher as soon as possible. See " + .."LuaExpat 1.3.0 or higher as soon as possible. See " + .."http://prosody.im/doc/depends#luaexpat for more information."); + end + if not lxp.new({}).getcurrentbytecount then + log("error", "The version of LuaExpat on your system does not support " + .."stanza size limits, which may leave servers on untrusted " + .."networks (e.g. the internet) vulnerable to denial-of-service " + .."attacks. You should upgrade to LuaExpat 1.3.0 or higher as " + .."soon as possible. See " .."http://prosody.im/doc/depends#luaexpat for more information."); end end |