From: Dominik Csapak <d.csapak@proxmox.com>
Date: Wed, 20 Jul 2016 11:31:33 +0000 (+0200)
Subject: fix #1062: use correct length for base32 keys
X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff_plain;h=5426494b105d5949695962a34ddbf75719f56333;hp=28ddf48b469235a894d91aa025a76b4ee07ab282;ds=sidebyside

fix #1062: use correct length for base32 keys

we wrongly assumed the keys to be 32 chars long,
instead of 16

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 0af92d7..0b64374 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -1299,7 +1299,7 @@ sub oath_verify_otp {
     foreach my $k (PVE::Tools::split_list($keys)) {
 	# Note: we generate 3 values to allow small time drift
 	my $binkey;
-	if ($k =~ /^[A-Z2-7=]{32}$/) {
+	if ($k =~ /^[A-Z2-7=]{16}$/) {
 	    $binkey = MIME::Base32::decode_rfc3548($k);
 	} elsif ($k =~ /^[A-Fa-f0-9]{40}$/) {
 	    $binkey = pack('H*', $k);