u2f: new perl bindings encode public key for us

as it was binary data, which can contain everything, including '\0',
and this was cut off, making it impossible to login after
registration, as a borked publicKey got saved in tfa.cfg

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 2caa4afac9897cc31130826900df37ab6b7aef0b..dfbdfc6354e48546fdc72db30111a4c32d507bb0 100644 (file)
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -589,7 +589,7 @@ __PACKAGE__->register_method ({
            my ($keyHandle, $publicKey) = $u2f->registration_verify($response);
            PVE::AccessControl::user_set_tfa($userid, $realm, 'u2f', {
                keyHandle => $keyHandle,
            my ($keyHandle, $publicKey) = $u2f->registration_verify($response);
            PVE::AccessControl::user_set_tfa($userid, $realm, 'u2f', {
                keyHandle => $keyHandle,

-               publicKey => encode_base64($publicKey, ''),
+               publicKey => $publicKey, # already base64 encoded

            });
        } else {
            die "invalid action: $action\n";
            });
        } else {
            die "invalid action: $action\n";