mirror of
https://github.com/inverse-inc/sogo.git
synced 2026-07-12 11:55:09 +00:00
fix(web): use a distinct salt for TOTP authentication
If TOTP is enabled for a user, it will be disabled until the user configure it again, which will generate a new private salt.
This commit is contained in:
@@ -1138,7 +1138,7 @@
|
||||
|
||||
size_t s_len, secret_len;
|
||||
|
||||
key = [[[self userSettings] userSalt] substringToIndex: 12];
|
||||
key = [[[self userSettings] userPrivateSalt] substringToIndex: 12];
|
||||
s = [key UTF8String];
|
||||
s_len = strlen(s);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user