use new PVE::Tools::encrypt_pw, bump version to 5.0-3

[pve-access-control.git] / PVE / Auth / PVE.pm

diff --git a/PVE/Auth/PVE.pm b/PVE/Auth/PVE.pm
index 5f60cf36c134931b73e7981559d37125bdd5290b..6065df08411eb7e0d5c716b43abc78284821b428 100755 (executable)
--- a/PVE/Auth/PVE.pm
+++ b/PVE/Auth/PVE.pm
@@ -3,6 +3,7 @@ package PVE::Auth::PVE;
 use strict;
 use warnings;
 
+use PVE::Tools;
 use PVE::Auth::Plugin;
 use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file);
 
@@ -19,10 +20,10 @@ sub parse_shadow_passwd {
 
     my $shadow = {};
 
-    while ($raw && $raw =~ s/^(.*?)(\n|$)//) {
-       my $line = $1;
+    return $shadow if !defined($raw);
 
-       next if $line =~ m/^\s*$/; # skip empty lines
+    while ($raw =~ /^\s*(.+?)\s*$/gm) {
+       my $line = $1;
 
        if ($line !~ m/^\S+:\S+:$/) {
            warn "pve shadow password: ignore invalid line $.\n";
@@ -62,10 +63,11 @@ sub type {
     return 'pve';
 }
 
-sub defaults {
+sub options {
     return {
        default => { optional => 1 },
        comment => { optional => 1 },
+       tfa => { optional => 1 },
     };
 }
 
@@ -91,7 +93,7 @@ sub store_password {
 
     lock_shadow_config(sub {
        my $shadow_cfg = cfs_read_file($shadowconfigfile);
-       my $epw = PVE::Auth::Plugin::encrypt_pw($password);
+       my $epw = PVE::Tools::encrypt_pw($password);
        $shadow_cfg->{users}->{$username}->{shadow} = $epw;
        cfs_write_file($shadowconfigfile, $shadow_cfg);
     });