Don't expose binary format in preauth otp

ticket: 7417 (new) target_version: 1.11 tags: pullup
krb5 · Oct 19, 2012 · f2a177d · f2a177d
1 parent 4c1e02b
commit f2a177d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
@@ -6408,7 +6408,6 @@ krb5_prompter_posix(krb5_context context, void *data, const char *name,
 #define KRB5_RESPONDER_OTP_FORMAT_DECIMAL 0
 #define KRB5_RESPONDER_OTP_FORMAT_HEXADECIMAL 1
 #define KRB5_RESPONDER_OTP_FORMAT_ALPHANUMERIC 2
-#define KRB5_RESPONDER_OTP_FORMAT_BINARY 3
 
 /**
  * This flag indicates that the token value MUST be collected.

diff --git a/src/lib/krb5/krb/preauth_otp.c b/src/lib/krb5/krb/preauth_otp.c
@@ -181,7 +181,8 @@ codec_encode_tokeninfo(krb5_otp_tokeninfo *ti, k5_json_object *out)
     if (retval != 0)
         goto error;
 
-    if (ti->format != KRB5_OTP_FORMAT_BASE64) {
+    if (ti->format != KRB5_OTP_FORMAT_BASE64 &&
+        ti->format != KRB5_OTP_FORMAT_BINARY) {
         retval = codec_int32_to_value(ti->format, obj, "format");
         if (retval != 0)
             goto error;