X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=blobdiff_plain;f=PVE%2FAccessControl.pm;h=ea4245c2e58e2159e69773b306e315d2a63f2f2b;hp=0af92d782f661e1ebf8da34c399236797eaf67f8;hb=03e2a71e3dec7dd5ef380f787412f1557b3434e8;hpb=9d52f6f2ae7db192d33312f88c3fe12e8043201e

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 0af92d7..ea4245c 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -8,7 +8,7 @@ use Crypt::OpenSSL::RSA;
 use Net::SSLeay;
 use Net::IP;
 use MIME::Base64;
-use MIME::Base32 qw(RFC); #libmime-base32-perl
+use MIME::Base32; #libmime-base32-perl
 use Digest::SHA;
 use URI::Escape;
 use LWP::UserAgent;
@@ -1299,7 +1299,7 @@ sub oath_verify_otp {
     foreach my $k (PVE::Tools::split_list($keys)) {
 	# Note: we generate 3 values to allow small time drift
 	my $binkey;
-	if ($k =~ /^[A-Z2-7=]{32}$/) {
+	if ($k =~ /^[A-Z2-7=]{16}$/) {
 	    $binkey = MIME::Base32::decode_rfc3548($k);
 	} elsif ($k =~ /^[A-Fa-f0-9]{40}$/) {
 	    $binkey = pack('H*', $k);