mod_sasl2_fast: Fix harmless off-by-one error (invalidates existing tokens!) Problem: This was causing the key to become "<token>--cur" instead of the expected "<token>-cur". As the same key was used by the code to both set and get, it still worked. Rationale for change: Although it worked, it's unintended, inconsistent and messy. It increases the chances of future bugs due to the unexpected format. Side-effects of change: Existing '--cur' entries will not be checked after this change, and therefore existing FAST clients will fail to authenticate until they attempt password auth and obtain a new FAST token. Existing '--cur' entries in storage will not be cleaned up by this commit, but this is considered a minor issue, and okay for the relatively few FAST deployments.

-- mod_c2s_limit_sessions

local next, count = next, require "util.iterators".count;

local max_resources = module:get_option_number("max_resources", 10);

local sessions = hosts[module.host].sessions;
module:hook("resource-bind", function(event)
	local session = event.session;
	if count(next, sessions[session.username].sessions) > max_resources then
		session:close{ condition = "policy-violation", text = "Too many resources" };
		return false
	end
end, -1);