view mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 3216:5d35e6b409e0

mod_http_upload_external: share.php: Use hash_equals() if available to protect against timing attack
author Matthew Wild <mwild1@gmail.com>
date Tue, 07 Aug 2018 19:12:52 +0100
parents f581210093a7
children
line wrap: on
line source

-- mod_c2s_limit_sessions

local next, count = next, require "util.iterators".count;

local max_resources = module:get_option_number("max_resources", 10);

local sessions = hosts[module.host].sessions;
module:hook("resource-bind", function(event)
	local session = event.session;
	if count(next, sessions[session.username].sessions) > max_resources then
		session:close{ condition = "policy-violation", text = "Too many resources" };
		return false
	end
end, -1);