From: Timo Eissler <timo.eissler@ipfire.org>
Date: Tue, 7 Jun 2022 09:20:56 +0000 (+0200)
Subject: ovpnmain.cgi: Fix OTP secret handling
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=10b32d3895e7ca2134d403b2445f9569b1f7f36a;p=people%2Fms%2Fipfire-2.x.git

ovpnmain.cgi: Fix OTP secret handling

Convert stored hex OTP secret to binary prior to converting to base32.
---

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index ee7b38f3f9..71c79ef471 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2655,7 +2655,7 @@ else
       darkcolor     => Imager::Color->new(0, 0, 0),
    );
    my $cn = $confighash{$cgiparams{'KEY'}}[2];
-   my $secret = encode_base32($confighash{$cgiparams{'KEY'}}[44]);
+   my $secret = encode_base32(pack('H*', $confighash{$cgiparams{'KEY'}}[44]));
    my $issuer = "$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}";
    my $qrcodeimg = $qrcode->plot("otpauth://totp/$cn?secret=$secret&issuer=$issuer");
    my $qrcodeimgdata;