DBM groups bug fix patch

[Rob Hartill <ha...@ooo.lanl.gov>]

The patch below fixes a bug in mod_auth_dbm.c

The code was allowing multiple groups in .htaccess lines e.g.

require group A,B,C 

and allowing users to be in groups B,C,D 

the algorithm was;

  A == B ?
  A == C ?
  A == D ?
  <next group on requires line> 
  B == nothing left to match, so fail


The pointer to "B,C,D" wasn't being reset while stepping through the
require group list.








*** mod_auth_dbm.c.orig	Tue Oct 10 16:00:29 1995
--- mod_auth_dbm.c	Mon Nov  6 15:15:02 1995
***************
*** 203,209 ****
          w = getword(r->pool, &t, ' ');
  	
          if(!strcmp(w,"group") && sec->auth_dbmgrpfile) {
!            char *groups,*v;
  
             if (!(groups = get_dbm_grp(r, user, sec->auth_dbmgrpfile))) {
                 sprintf(errstr,"user %s not in DBM group file %s",
--- 203,209 ----
          w = getword(r->pool, &t, ' ');
  	
          if(!strcmp(w,"group") && sec->auth_dbmgrpfile) {
!            char *orig_groups,*groups,*v;
  
             if (!(groups = get_dbm_grp(r, user, sec->auth_dbmgrpfile))) {
                 sprintf(errstr,"user %s not in DBM group file %s",
***************
*** 212,219 ****
--- 212,221 ----
  	       note_basic_auth_failure (r);
  	       return AUTH_REQUIRED;
             }
+            orig_groups = groups;
             while(t[0]) {
                 w = getword(r->pool, &t, ' ');
+                groups = orig_groups;
                 while(groups[0]) {
                     v = getword(r->pool, &groups,',');
                     if(!strcmp(v,w))