Don't accept empty/invalid yubikey token input when adding a factor
Details
Details
- Reviewers
mollekopf - Group Reviewers
Roundcube Kolab Plugins Developers - Commits
- rRPK18882d02dd8b: Don't accept invalid yubikey tokens
Use empty yubikey field or token < 12 chars
Diff Detail
Diff Detail
- Repository
- rRPK roundcubemail-plugins-kolab
- Branch
- fix-yubikey-2fa
- Lint
No Lint Coverage - Unit
No Test Coverage - Build Status
Buildable 7869 Build 8091: arc lint + arc unit
Event Timeline
Comment Actions
Without this patch you can actually enter an empty token or a token smaller then 12 chars and it would get accepted. After that you cannot login anymore because your given yubikey token will never match against the saved youbikeyid