diff options
author | Alex Auvolat <alex@adnab.me> | 2020-02-01 11:32:50 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2020-02-01 11:32:50 +0100 |
commit | c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113 (patch) | |
tree | e2b30b35becd10cf3738b51531e225634ec54254 | |
parent | 2f9ad411c7ed055646dc35c97ddae77c7bab2c16 (diff) | |
download | bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.tar.gz bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.zip |
Fix password comparison
-rw-r--r-- | bottin.hcl.example | 2 | ||||
-rw-r--r-- | main.go | 2 | ||||
-rw-r--r-- | ssha.go | 7 |
3 files changed, 6 insertions, 5 deletions
diff --git a/bottin.hcl.example b/bottin.hcl.example index 8c6cfa8..d10394b 100644 --- a/bottin.hcl.example +++ b/bottin.hcl.example @@ -12,7 +12,7 @@ job "directory" { task "server" { driver = "docker" config { - image = "lxpz/bottin_amd64:1" + image = "lxpz/bottin_amd64:3" readonly_rootfs = true port_map { ldap_port = 389 @@ -5,6 +5,7 @@ package main // @FIXME: Add an initial prefix to the consul key value import ( + "crypto/rand" "crypto/tls" "encoding/base64" "encoding/json" @@ -12,7 +13,6 @@ import ( "fmt" "io/ioutil" "log" - "crypto/rand" "os" "os/signal" "syscall" @@ -1,12 +1,13 @@ package main import ( - "log" "bytes" + "crypto/rand" "crypto/sha1" "encoding/base64" "fmt" - "crypto/rand" + "log" + "strings" ) // Encode encodes the []byte of raw password @@ -18,7 +19,7 @@ func SSHAEncode(rawPassPhrase []byte) string { // Matches matches the encoded password and the raw password func SSHAMatches(encodedPassPhrase string, rawPassPhrase []byte) bool { - if encodedPassPhrase[:6] != "{ssha}" { + if !strings.EqualFold(encodedPassPhrase[:6], "{ssha}") { return false } |