Fix password comparison

author: Alex Auvolat <alex@adnab.me> 2020-02-01 11:32:50 +0100
committer: Alex Auvolat <alex@adnab.me> 2020-02-01 11:32:50 +0100
commit: c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113 (patch)
tree: e2b30b35becd10cf3738b51531e225634ec54254 /ssha.go
parent: 2f9ad411c7ed055646dc35c97ddae77c7bab2c16 (diff)
download: bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.tar.gz
bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/ssha.go b/ssha.go
index 134c058..0443dd0 100644
--- a/ssha.go
+++ b/ssha.go
@@ -1,12 +1,13 @@
 package main
 
 import (
-	"log"
 	"bytes"
+	"crypto/rand"
 	"crypto/sha1"
 	"encoding/base64"
 	"fmt"
-	"crypto/rand"
+	"log"
+	"strings"
 )
 
 // Encode encodes the []byte of raw password
@@ -18,7 +19,7 @@ func SSHAEncode(rawPassPhrase []byte) string {
 
 // Matches matches the encoded password and the raw password
 func SSHAMatches(encodedPassPhrase string, rawPassPhrase []byte) bool {
-	if encodedPassPhrase[:6] != "{ssha}" {
+	if !strings.EqualFold(encodedPassPhrase[:6], "{ssha}") {
 		return false
 	}
author	Alex Auvolat <alex@adnab.me>	2020-02-01 11:32:50 +0100
committer	Alex Auvolat <alex@adnab.me>	2020-02-01 11:32:50 +0100
commit	c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113 (patch)
tree	e2b30b35becd10cf3738b51531e225634ec54254 /ssha.go
parent	2f9ad411c7ed055646dc35c97ddae77c7bab2c16 (diff)
download	bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.tar.gz bottin-c3bfcdf9a1c80b9ed27840f203cf3f14ef0bb113.zip