diff -r 4d39adda7a38 -r b28cf69f42e8 src/server/safs/auth.c
--- a/src/server/safs/auth.c	Sat Jan 19 21:52:21 2013 +0100
+++ b/src/server/safs/auth.c	Thu Feb 28 20:00:05 2013 +0100
@@ -42,7 +42,7 @@
 
 /* ------------------------------ _uudecode ------------------------------- */
 
-const unsigned char pr2six[256]={
+const unsigned char pr2six[256] = {
     64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,
     64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,62,64,64,64,63,
     52,53,54,55,56,57,58,59,60,61,64,64,64,64,64,64,64,0,1,2,3,4,5,6,7,8,9,
@@ -56,8 +56,7 @@
     64,64,64,64,64,64,64,64,64,64,64,64,64
 };
 
-char *_uudecode(char *bufcoded)
-{
+char *_uudecode(pool_handle_t *pool, char *bufcoded) {
     register char *bufin = bufcoded;
     register unsigned char *bufout;
     register int nprbytes;
@@ -69,7 +68,7 @@
     nprbytes = bufin - bufcoded - 1;
     nbytesdecoded = ((nprbytes+3)/4) * 3;
 
-    bufout = (unsigned char *) malloc(nbytesdecoded + 1);
+    bufout = pool_malloc(pool, nbytesdecoded + 1);
     bufplain = bufout;
 
     bufin = bufcoded;
@@ -96,6 +95,61 @@
     return (char *)bufplain;
 }
 
+int basicauth_getuser(Session *sn, Request *rq, char **user, char **pw) {
+    char *auth = NULL;
+    *user = NULL;
+    *pw = NULL;
+    char *u;
+    char *p;
+    
+    if(request_header("authorization", &auth, sn, rq) == REQ_ABORTED) {
+        return REQ_ABORTED;
+    }
+    
+    if(!auth) {
+        return REQ_NOACTION;
+    }
+    
+    /* Skip leading whitespace */
+    while(*auth && (*auth == ' '))
+        ++auth;
+    if(!(*auth)) {
+        protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL);
+        return REQ_ABORTED;
+    }
+
+    /* Verify correct type */
+    if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6)) {
+        return REQ_NOACTION;
+    }
+
+    /* Skip whitespace */
+    auth += 6;
+    while(*auth && (*auth == ' ')) {
+        ++auth;
+    }
+
+    if(!*auth) {
+        return REQ_NOACTION;
+    }
+    
+    /* Uuencoded user:password now */
+    if(!(u = _uudecode(sn->pool, auth))) {
+        return REQ_NOACTION;
+    }
+
+    if(!(p = strchr(u, ':'))) {
+        pool_free(sn->pool, u);
+        return REQ_NOACTION;
+    }
+    *p++ = '\0';
+    
+    *user = u;
+    *pw = p;
+    
+    return REQ_PROCEED;
+}
+
 /* ------------------------------ auth_basic ------------------------------ */
 
 int auth_basic(pblock *param, Session *sn, Request *rq)
@@ -114,12 +168,6 @@
      */
     rq->directive_is_cacheable = 1;
 
-    if(request_header("authorization", &auth, sn, rq) == REQ_ABORTED)
-        return REQ_ABORTED;
-
-    if(!auth)
-        return REQ_NOACTION;
-
     type = pblock_findval("auth-type", param);
     pwfile = pblock_findval("userdb", param);
     grpfile = pblock_findval("groupdb", param);
@@ -134,36 +182,11 @@
         return REQ_ABORTED;
     }
 
-    /* Skip leading whitespace */
-    while(*auth && (*auth == ' '))
-        ++auth;
-    if(!(*auth)) {
-        protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL);
-        return REQ_ABORTED;
+    ret = basicauth_getuser(sn, rq, &user, &pw);
+    if(ret != REQ_PROCEED) {
+        return ret;
     }
 
-    /* Verify correct type */
-    if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6))
-        return REQ_NOACTION;
-
-    /* Skip whitespace */
-    auth += 6;
-    while(*auth && (*auth == ' '))
-        ++auth;
-
-    if(!*auth)
-        return REQ_NOACTION;
-
-    /* Uuencoded user:password now */
-    if(!(user = _uudecode(auth)))
-        return REQ_NOACTION;
-
-    if(!(pw = strchr(user, ':'))) {
-        free(user);
-        return REQ_NOACTION;
-    }
-    *pw++ = '\0';
-
     npb = pblock_create(4);
     pblock_nvinsert("user", user, npb);
     pblock_nvinsert("pw", pw, npb);
@@ -198,27 +221,13 @@
     ret = REQ_PROCEED;
   bye:
     pblock_free(npb);
-    free(user);
     return ret;
 }
 
 int auth_db(pblock *param, Session *sn, Request *rq) {
-    // TODO: reimplement this function and auth_basic to avoid code redundancy
-    
-    //pblock *npb;
-    //pb_param *pp;
-    //int ret;
-
-    char *auth;
     char *db;
     char *user;
-    char *pw;
-    
-    if(request_header("authorization", &auth, sn, rq) == REQ_ABORTED)
-        return REQ_ABORTED;
-
-    if(!auth)
-        return REQ_NOACTION;
+    char *pw; 
 
     db = pblock_findval("db", param);
 
@@ -230,36 +239,11 @@
         return REQ_ABORTED;
     }
 
-    /* Skip leading whitespace */
-    while(*auth && (*auth == ' '))
-        ++auth;
-    if(!(*auth)) {
-        protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL);
-        return REQ_ABORTED;
+    int ret = basicauth_getuser(sn, rq, &user, &pw);
+    if(ret != REQ_PROCEED) {
+        return ret;
     }
 
-    /* Verify correct type */
-    if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6))
-        return REQ_NOACTION;
-
-    /* Skip whitespace */
-    auth += 6;
-    while(*auth && (*auth == ' '))
-        ++auth;
-
-    if(!*auth)
-        return REQ_NOACTION;
-
-    /* Uuencoded user:password now */
-    if(!(user = _uudecode(auth)))
-        return REQ_NOACTION;
-
-    if(!(pw = strchr(user, ':'))) {
-        free(user);
-        return REQ_NOACTION;
-    }
-    *pw++ = '\0';
-
     // get auth db
     ServerConfiguration *config = session_get_config(sn);
     sstr_t dbname = sstr(db);
@@ -278,7 +262,6 @@
     pblock_nvinsert("auth-user", user, rq->vars);
     pblock_nvinsert("auth-db", db, rq->vars);
     
-    free(user);
     if(auth_user) {
         auth_user->free(auth_user);
     }