Fix #861: use safer sprintf formatting

[pve-access-control.git] / PVE / Auth / PVE.pm

diff --git a/PVE/Auth/PVE.pm b/PVE/Auth/PVE.pm
index 5f60cf36c134931b73e7981559d37125bdd5290b..71479979eea163f47787f9d2e96fe0d869121f55 100755 (executable)
--- a/PVE/Auth/PVE.pm
+++ b/PVE/Auth/PVE.pm
@@ -19,11 +19,9 @@ sub parse_shadow_passwd {
 
     my $shadow = {};
 
-    while ($raw && $raw =~ s/^(.*?)(\n|$)//) {
+    while ($raw =~ /^\s*(.+?)\s*$/gm) {
        my $line = $1;
 
-       next if $line =~ m/^\s*$/; # skip empty lines
-
        if ($line !~ m/^\S+:\S+:$/) {
            warn "pve shadow password: ignore invalid line $.\n";
            next;
@@ -62,10 +60,11 @@ sub type {
     return 'pve';
 }
 
-sub defaults {
+sub options {
     return {
        default => { optional => 1 },
        comment => { optional => 1 },
+       tfa => { optional => 1 },
     };
 }