From 10b32d3895e7ca2134d403b2445f9569b1f7f36a Mon Sep 17 00:00:00 2001
From: Timo Eissler <timo.eissler@ipfire.org>
Date: Tue, 7 Jun 2022 11:20:56 +0200
Subject: [PATCH] ovpnmain.cgi: Fix OTP secret handling

Convert stored hex OTP secret to binary prior to converting to base32.
---
 html/cgi-bin/ovpnmain.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index ee7b38f3f9..71c79ef471 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2655,7 +2655,7 @@ else
       darkcolor     => Imager::Color->new(0, 0, 0),
    );
    my $cn = $confighash{$cgiparams{'KEY'}}[2];
-   my $secret = encode_base32($confighash{$cgiparams{'KEY'}}[44]);
+   my $secret = encode_base32(pack('H*', $confighash{$cgiparams{'KEY'}}[44]));
    my $issuer = "$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}";
    my $qrcodeimg = $qrcode->plot("otpauth://totp/$cn?secret=$secret&issuer=$issuer");
    my $qrcodeimgdata;
-- 
2.39.2