MDEV-9205 PAM user map plugin does not work with LDAP groups

allow more characters in a valid user/group name:
* POSIX allows dashes '-' and dots '.'
* also the name may end with a dollar sign '$'

for our purposes it's enough to allow [-.$] anywhere in the name

1 files changed, 2 insertions, 2 deletions

diff --git a/plugin/auth_pam/mapper/pam_user_map.c b/plugin/auth_pam/mapper/pam_user_map.c
index 1c4bccc7f27..fb149c5cc05 100644
--- a/plugin/auth_pam/mapper/pam_user_map.c
+++ b/plugin/auth_pam/mapper/pam_user_map.c
@@ -127,13 +127,13 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
       s++;
     }
     from= s;
-    skip(isalnum(*s) || (*s == '_'));
+    skip(isalnum(*s) || (*s == '_') || (*s == '.') || (*s == '-') || (*s == '$'));
     end_from= s;
     skip(isspace(*s));
     if (end_from == from || *s++ != ':') goto syntax_error;
     skip(isspace(*s));
     to= s;
-    skip(isalnum(*s) || (*s == '_'));
+    skip(isalnum(*s) || (*s == '_') || (*s == '.') || (*s == '-') || (*s == '$'));
     end_to= s;
     if (end_to == to) goto syntax_error;