From eb25cbafc37cb08b93bb089f788ce571a7db73e8 Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Tue, 9 Apr 2019 12:44:23 +0200
Subject: [PATCH] u2f: new perl bindings encode public key for us

as it was binary data, which can contain everything, including '\0',
and this was cut off, making it impossible to login after
registration, as a borked publicKey got saved in tfa.cfg

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 PVE/API2/AccessControl.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 2caa4af..dfbdfc6 100644
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -589,7 +589,7 @@ __PACKAGE__->register_method ({
 	    my ($keyHandle, $publicKey) = $u2f->registration_verify($response);
 	    PVE::AccessControl::user_set_tfa($userid, $realm, 'u2f', {
 		keyHandle => $keyHandle,
-		publicKey => encode_base64($publicKey, ''),
+		publicKey => $publicKey, # already base64 encoded
 	    });
 	} else {
 	    die "invalid action: $action\n";