]> code.citadel.org Git - citadel.git/blobdiff - webcit/context_loop.c
* add logging if auth-basic session connecting fails with weird conditions
[citadel.git] / webcit / context_loop.c
index 78e4a6cbd7c748563b2c7756a04e2b41c51049b8..62ee82a03cc03038fb9de87193e1bbb10ea4f69f 100644 (file)
@@ -141,6 +141,10 @@ wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t
        wcsession *sptr = NULL;
        wcsession *TheSession = NULL;   
        
+       if (Hdr->HR.got_auth == AUTH_BASIC) {
+               GetAuthBasic(Hdr);
+       }
+
        pthread_mutex_lock(ListMutex);
        for (sptr = *wclist; ((sptr != NULL) && (TheSession == NULL)); sptr = sptr->next) {
                
@@ -150,11 +154,13 @@ wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t
                case AUTH_BASIC:
                        if ( (Hdr->HR.SessionKey != sptr->SessionKey))
                                continue;
-                       GetAuthBasic(Hdr);
                        if ((!strcasecmp(ChrPtr(Hdr->c_username), ChrPtr(sptr->wc_username))) &&
                            (!strcasecmp(ChrPtr(Hdr->c_password), ChrPtr(sptr->wc_password))) ) {
                                TheSession = sptr;
                        }
+                       if (TheSession == NULL)
+                               lprintf(1, "found sessionkey [%ld], but credentials for [%s|%s] didn't match\n",
+                                       Hdr->HR.SessionKey,ChrPtr(Hdr->c_username), ChrPtr(sptr->wc_username));
                        break;
                case AUTH_COOKIE:
                        /* If cookie-session, look for a session with matching session ID */
@@ -168,6 +174,9 @@ wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t
                }
        }
        pthread_mutex_unlock(ListMutex);
+       if (TheSession == NULL)
+               lprintf(1, "didn't find sessionkey [%ld] for user [%s]\n",
+                       Hdr->HR.SessionKey,ChrPtr(Hdr->c_username));
        return TheSession;
 }
 
@@ -175,8 +184,7 @@ wcsession *CreateSession(int Lockable, wcsession **wclist, ParsedHttpHdrs *Hdr,
 {
        wcsession *TheSession;
        lprintf(3, "Creating a new session\n");
-       TheSession = (wcsession *)
-               malloc(sizeof(wcsession));
+       TheSession = (wcsession *) malloc(sizeof(wcsession));
        memset(TheSession, 0, sizeof(wcsession));
        TheSession->Hdr = Hdr;
        TheSession->SessionKey = Hdr->HR.SessionKey;
@@ -536,11 +544,6 @@ void context_loop(ParsedHttpHdrs *Hdr)
        if (TheSession == NULL) {
                TheSession = CreateSession(1, &SessionList, Hdr, &SessionListMutex);
 
-               /* Yes, theoretically we did this already, but for some reason c_username and c_password
-                * are already gone by now, so we fetch them again.
-                */
-               GetAuthBasic(Hdr);
-
                if ((StrLength(Hdr->c_username) == 0) && (!Hdr->HR.DontNeedAuth)) {
 
                        if ((Hdr->HR.Handler != NULL) &&