[pve-devel] [PATCH v2 manager 1/5] store u2f challenges in the rpc environment
Wolfgang Bumiller
w.bumiller at proxmox.com
Tue Apr 2 12:22:04 CEST 2019
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
PVE/HTTPServer.pm | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index 9a02e799..ec970010 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -80,7 +80,13 @@ sub auth_handler {
die "No ticket\n" if !$ticket;
- ($username, $age) = PVE::AccessControl::verify_ticket($ticket);
+ ($username, $age, my $challenge) = PVE::AccessControl::verify_ticket($ticket);
+
+ if (defined($challenge)) {
+ $rpcenv->set_u2f_challenge($challenge);
+ die "No ticket\n"
+ if ($rel_uri ne '/access/u2f' || $method ne 'POST');
+ }
$rpcenv->set_user($username);
--
2.11.0
More information about the pve-devel
mailing list