[pve-devel] [PATCH access-control 3/3] authenticate_user: don't give empty $tfa_challenge to authenticate_2nd_new

Wolfgang Bumiller w.bumiller at proxmox.com
Fri Oct 21 10:04:06 CEST 2022


On Thu, Oct 20, 2022 at 03:14:12PM +0200, Dominik Csapak wrote:
> just above, we check & return if $tfa_challenge is set, so there is no
> way that it would be set here. To make it clearer that it must be undef
> here, just omit it in the call.
> 
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
>  src/PVE/AccessControl.pm | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
> index d83dee2..ca36db9 100644
> --- a/src/PVE/AccessControl.pm
> +++ b/src/PVE/AccessControl.pm
> @@ -746,7 +746,7 @@ sub authenticate_user : prototype($$$$;$) {
>  
>      if ($new_format) {
>  	# This is the first factor with an optional immediate 2nd factor for TOTP:
> -	my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp, $tfa_challenge);
> +	my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp);

I'd prefer to explicitly pass `undef`, as I also prefer to have
prototypes on subs which would not allow this ;-)

>  	return wantarray ? ($username, $tfa_challenge) : $username;
>      } else {
>  	return authenticate_2nd_old($username, $realm, $otp);
> -- 
> 2.30.2





More information about the pve-devel mailing list