* [pve-devel] [PATCH access-control 1/2] fix a 'use of undefined...' warning
@ 2021-12-06 8:38 Wolfgang Bumiller
2021-12-06 8:38 ` [pve-devel] [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings Wolfgang Bumiller
2021-12-06 12:56 ` [pve-devel] applied: [PATCH access-control 1/2] fix a 'use of undefined...' warning Thomas Lamprecht
0 siblings, 2 replies; 4+ messages in thread
From: Wolfgang Bumiller @ 2021-12-06 8:38 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
src/PVE/AccessControl.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 168fc26..51a96a3 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -781,9 +781,9 @@ sub authenticate_2nd_new : prototype($$$$) {
}
my $realm_type = $realm_tfa && $realm_tfa->{type};
- $realm_type = 'totp' if $realm_type eq 'oath'; # we used to call it that
# verify realm type unless using recovery keys:
if (defined($realm_type)) {
+ $realm_type = 'totp' if $realm_type eq 'oath'; # we used to call it that
if ($realm_type eq 'yubico') {
# Yubico auth will not be supported in rust for now...
if (!defined($tfa_challenge)) {
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings
2021-12-06 8:38 [pve-devel] [PATCH access-control 1/2] fix a 'use of undefined...' warning Wolfgang Bumiller
@ 2021-12-06 8:38 ` Wolfgang Bumiller
2021-12-06 12:56 ` [pve-devel] applied: " Thomas Lamprecht
2021-12-06 12:56 ` [pve-devel] applied: [PATCH access-control 1/2] fix a 'use of undefined...' warning Thomas Lamprecht
1 sibling, 1 reply; 4+ messages in thread
From: Wolfgang Bumiller @ 2021-12-06 8:38 UTC (permalink / raw)
To: pve-devel
but don't bail out of the entire auth process, otherwise
not even totp or recovery keys will work anymore in this
case
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
src/PVE/AccessControl.pm | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 51a96a3..1306576 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -895,17 +895,23 @@ sub configure_u2f_and_wa : prototype($) {
my $dc = cfs_read_file('datacenter.cfg');
if (my $u2f = $dc->{u2f}) {
- $tfa_cfg->set_u2f_config({
- origin => $u2f->{origin} // $get_origin->(),
- appid => $u2f->{appid},
- });
+ eval {
+ $tfa_cfg->set_u2f_config({
+ origin => $u2f->{origin} // $get_origin->(),
+ appid => $u2f->{appid},
+ });
+ };
+ warn "u2f unavailable, configuration error: $@\n" if $@;
}
if (my $wa = $dc->{webauthn}) {
- $tfa_cfg->set_webauthn_config({
- origin => $wa->{origin} // $get_origin->(),
- rp => $wa->{rp},
- id => $wa->{id},
- });
+ eval {
+ $tfa_cfg->set_webauthn_config({
+ origin => $wa->{origin} // $get_origin->(),
+ rp => $wa->{rp},
+ id => $wa->{id},
+ });
+ };
+ warn "webauthn unavailable, configuration error: $@\n" if $@;
}
}
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] applied: [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings
2021-12-06 8:38 ` [pve-devel] [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings Wolfgang Bumiller
@ 2021-12-06 12:56 ` Thomas Lamprecht
0 siblings, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2021-12-06 12:56 UTC (permalink / raw)
To: Proxmox VE development discussion, Wolfgang Bumiller
On 06.12.21 09:38, Wolfgang Bumiller wrote:
> but don't bail out of the entire auth process, otherwise
> not even totp or recovery keys will work anymore in this
> case
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
> ---
> src/PVE/AccessControl.pm | 24 +++++++++++++++---------
> 1 file changed, 15 insertions(+), 9 deletions(-)
>
>
applied, thanks!
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] applied: [PATCH access-control 1/2] fix a 'use of undefined...' warning
2021-12-06 8:38 [pve-devel] [PATCH access-control 1/2] fix a 'use of undefined...' warning Wolfgang Bumiller
2021-12-06 8:38 ` [pve-devel] [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings Wolfgang Bumiller
@ 2021-12-06 12:56 ` Thomas Lamprecht
1 sibling, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2021-12-06 12:56 UTC (permalink / raw)
To: Proxmox VE development discussion, Wolfgang Bumiller
On 06.12.21 09:38, Wolfgang Bumiller wrote:
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
> ---
> src/PVE/AccessControl.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>
applied, thanks!
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-12-06 12:56 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-06 8:38 [pve-devel] [PATCH access-control 1/2] fix a 'use of undefined...' warning Wolfgang Bumiller
2021-12-06 8:38 ` [pve-devel] [PATCH access-control 2/2] fix #3768: warn on bad u2f or webauthn settings Wolfgang Bumiller
2021-12-06 12:56 ` [pve-devel] applied: " Thomas Lamprecht
2021-12-06 12:56 ` [pve-devel] applied: [PATCH access-control 1/2] fix a 'use of undefined...' warning Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal