]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/commitdiff
projects / people / teissler / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 6aa0489)
ovpnmain.cgi: Fix OTP secret handling
authorTimo Eissler <timo.eissler@ipfire.org>
Tue, 7 Jun 2022 09:20:56 +0000 (11:20 +0200)
committerTimo Eissler <timo.eissler@ipfire.org>
Tue, 7 Jun 2022 09:20:56 +0000 (11:20 +0200)
Convert stored hex OTP secret to binary prior to converting to base32.

html/cgi-bin/ovpnmain.cgi patch | blob | blame | history

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 5b90fc44fbdbbbd6a9190064ad6d33a5fd529cdd..a69d7268f5e618fc7bc14e2e9e10716eaa3f14d6 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2655,7 +2655,7 @@ else
       darkcolor     => Imager::Color->new(0, 0, 0),
    );
    my $cn = $confighash{$cgiparams{'KEY'}}[2];
-   my $secret = encode_base32($confighash{$cgiparams{'KEY'}}[44]);
+   my $secret = encode_base32(pack('H*', $confighash{$cgiparams{'KEY'}}[44]));
    my $issuer = "$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}";
    my $qrcodeimg = $qrcode->plot("otpauth://totp/$cn?secret=$secret&issuer=$issuer");
    my $qrcodeimgdata;
Timo's tree of IPFire 2.x