diff -r Pound-2.2/config.c Pound-2.2b/config.c
81a82,83
> /* Added by PETE SHEW */
> static regex_t  Question, Response ;
598a601,614
> /* Added by PETE SHEW */
>         } else if(!regexec(&Question, lin, 4, matches, 0)) {
>             lin[matches[1].rm_eo] = '\0';
>             if((res->question = strdup(lin + matches[1].rm_so)) == NULL) {
>                 logmsg(LOG_ERR, "line %d: Question config: out of memory - aborted", n_lin);
>                 exit(1);
>             }		
>         } else if(!regexec(&Response, lin, 4, matches, 0)) {
>             lin[matches[1].rm_eo] = '\0';
>             if((res->response = strdup(lin + matches[1].rm_so)) == NULL) {
>                 logmsg(LOG_ERR, "line %d: Response config: out of memory - aborted", n_lin);
>                 exit(1);
>             }
> /* */
746a763,776
> /* Added by PETE SHEW */
>         } else if(!regexec(&Question, lin, 4, matches, 0)) {
>             lin[matches[1].rm_eo] = '\0';
>             if((res->question = strdup(lin + matches[1].rm_so)) == NULL) {
>                 logmsg(LOG_ERR, "line %d: Question config: out of memory - aborted", n_lin);
>                 exit(1);
>             }
>         } else if(!regexec(&Response, lin, 4, matches, 0)) {
>             lin[matches[1].rm_eo] = '\0';
>             if((res->response = strdup(lin + matches[1].rm_so)) == NULL) {
>                 logmsg(LOG_ERR, "line %d: Response config: out of memory - aborted", n_lin);
>                 exit(1);
>             }
> /* */
1050a1081,1083
> /* Added by PETE SHEW */
>     || regcomp(&Question, "^[ \t]*Question[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
>     || regcomp(&Response, "^[ \t]*Response[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
1171a1205,1208
> /* Added by PETE SHEW */
>     regfree(&Question);
>     regfree(&Response);
> 
diff -r Pound-2.2/http.c Pound-2.2b/http.c
420a421
>     int                 AuthRC	; /* Added by PETE SHEW */
648a650,661
>         /* PETE SHEW - We have a request
>             Now we need to check the aithentication before
>             passing the request to a back end.
>         */
>         if ((AuthRC=auth_check(cl, lstn, headers )) == 0)
>         {
>             /* Skip further processing */
>                 free_headers(headers);
>                 clean_all();
>                 pthread_exit(NULL);
>         }
> 
657a671
> 
1070a1085,1097
>             /* Added by PETE SHEW */
>             if ((AuthRC == 2) && (lstn->cookie1)) {	/* we need to add our cookie */
>                 if(BIO_printf(cl, "Set-Cookie: PoundAuth=%s\r\n", lstn->cookie1) <= 0) {
>                     if(errno) {
>                         addr2str(caddr, MAXBUF - 1, &from_host);
>                         logmsg(LOG_NOTICE, "error write cookie to %s: %s", caddr, strerror(errno));
>                     }
>                     clean_all();
>                     pthread_exit(NULL);
>                 }
>             }
>             /* */
> 
diff -r Pound-2.2/Makefile.in Pound-2.2b/Makefile.in
39c39
< OBJS=pound.o http.o config.o svc.o
---
> OBJS=pound.o http.o config.o svc.o auth.o
diff -r Pound-2.2/pound.h Pound-2.2b/pound.h
357a358,364
> /* Added by PETE SHEW */
>     char        *question ;  /* Security question */
>     char        *response ;	/* Response to security question */
>     char        *cookie1 ;	/* The cookie value to check for */
>     char        *cookie2 ;	/* The cookie value to check for */
>     time_t      cookietime ; /* when cookie1 was created */
> /* */
524a532,535
> 
> 
> /* Added by PETE SHEW */
> extern int auth_check(BIO * cl, LISTENER * lstn, char ** headers) ;