Skip to content

Commit

Permalink
MDEV-9205 PAM user map plugin does not work with LDAP groups
Browse files Browse the repository at this point in the history
allow more characters in a valid user/group name:
* POSIX allows dashes '-' and dots '.'
* also the name may end with a dollar sign '$'

for our purposes it's enough to allow [-.$] anywhere in the name
  • Loading branch information
vuvova committed Jan 25, 2016
1 parent a2330c8 commit 5a5f18f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions plugin/auth_pam/mapper/pam_user_map.c
Original file line number Diff line number Diff line change
Expand Up @@ -127,13 +127,13 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
s++;
}
from= s;
skip(isalnum(*s) || (*s == '_'));
skip(isalnum(*s) || (*s == '_') || (*s == '.') || (*s == '-') || (*s == '$'));
end_from= s;
skip(isspace(*s));
if (end_from == from || *s++ != ':') goto syntax_error;
skip(isspace(*s));
to= s;
skip(isalnum(*s) || (*s == '_'));
skip(isalnum(*s) || (*s == '_') || (*s == '.') || (*s == '-') || (*s == '$'));
end_to= s;
if (end_to == to) goto syntax_error;

Expand Down

0 comments on commit 5a5f18f

Please sign in to comment.