+wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t *ListMutex)
+{
+ wcsession *sptr = NULL;
+ wcsession *TheSession = NULL;
+
+ if (Hdr->HR.got_auth == AUTH_BASIC) {
+ GetAuthBasic(Hdr);
+ }
+
+ CtdlLogResult(pthread_mutex_lock(ListMutex));
+ for (sptr = *wclist; ((sptr != NULL) && (TheSession == NULL)); sptr = sptr->next) {
+
+ /* If HTTP-AUTH, look for a session with matching credentials */
+ switch (Hdr->HR.got_auth)
+ {
+ case AUTH_BASIC:
+ if ( (!strcasecmp(ChrPtr(Hdr->c_username), ChrPtr(sptr->wc_username)))
+ && (!strcasecmp(ChrPtr(Hdr->c_password), ChrPtr(sptr->wc_password)))
+ && (sptr->killthis == 0)
+ ) {
+ syslog(LOG_DEBUG, "\033[32m-- matched a session with the same http-auth\033[0m");
+ TheSession = sptr;
+ }
+ break;
+ case AUTH_COOKIE:
+ /* If cookie-session, look for a session with matching session ID */
+ if ( (Hdr->HR.desired_session != 0)
+ && (sptr->wc_session == Hdr->HR.desired_session)
+ ) {
+ syslog(LOG_DEBUG, "\033[32m-- matched a session with the same cookie\033[0m");
+ TheSession = sptr;
+ }
+ break;
+ case NO_AUTH:
+ /* Any unbound session is a candidate */
+ if ( (sptr->wc_session == 0) && (sptr->inuse == 0) ) {
+ syslog(LOG_DEBUG, "\033[32m-- reusing an unbound session\033[0m");
+ TheSession = sptr;
+ }
+ break;
+ }
+ }
+ CtdlLogResult(pthread_mutex_unlock(ListMutex));
+ if (TheSession == NULL) {
+ syslog(LOG_DEBUG, "\033[32m-- no existing session was matched\033[0m");
+ }
+ return TheSession;
+}
+
+wcsession *CreateSession(int Lockable, int Static, wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t *ListMutex)
+{
+ wcsession *TheSession;
+ TheSession = (wcsession *) malloc(sizeof(wcsession));
+ memset(TheSession, 0, sizeof(wcsession));
+ TheSession->Hdr = Hdr;
+ TheSession->serv_sock = (-1);