[pve-devel] [PATCH access-control 3/3] authenticate_user: don't give empty $tfa_challenge to authenticate_2nd_new
Wolfgang Bumiller
w.bumiller at proxmox.com
Fri Oct 21 10:04:06 CEST 2022
On Thu, Oct 20, 2022 at 03:14:12PM +0200, Dominik Csapak wrote:
> just above, we check & return if $tfa_challenge is set, so there is no
> way that it would be set here. To make it clearer that it must be undef
> here, just omit it in the call.
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> src/PVE/AccessControl.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
> index d83dee2..ca36db9 100644
> --- a/src/PVE/AccessControl.pm
> +++ b/src/PVE/AccessControl.pm
> @@ -746,7 +746,7 @@ sub authenticate_user : prototype($$$$;$) {
>
> if ($new_format) {
> # This is the first factor with an optional immediate 2nd factor for TOTP:
> - my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp, $tfa_challenge);
> + my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp);
I'd prefer to explicitly pass `undef`, as I also prefer to have
prototypes on subs which would not allow this ;-)
> return wantarray ? ($username, $tfa_challenge) : $username;
> } else {
> return authenticate_2nd_old($username, $realm, $otp);
> --
> 2.30.2
More information about the pve-devel
mailing list