From 5b5edc4b4bbb299f9544ed1a83a6e82a756feaee Mon Sep 17 00:00:00 2001
From: Jacob <jacob@skrepr.com>
Date: Wed, 27 May 2020 21:38:51 +0200
Subject: [PATCH] Support all bcrypt versions

---
 server/auth.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/server/auth.go b/server/auth.go
index 99673c3c..33a8c825 100644
--- a/server/auth.go
+++ b/server/auth.go
@@ -20,6 +20,7 @@ import (
 	"encoding/base64"
 	"fmt"
 	"net"
+	"regexp"
 	"strings"
 	"time"
 
@@ -728,11 +729,11 @@ func (s *Server) isLeafNodeAuthorized(c *client) bool {
 }
 
 // Support for bcrypt stored passwords and tokens.
-const bcryptPrefix = "$2a$"
+var validBcryptPrefix = regexp.MustCompile(`^\$2[a,b,x,y]{1}\$\d{2}\$.*`)
 
 // isBcrypt checks whether the given password or token is bcrypted.
 func isBcrypt(password string) bool {
-	return strings.HasPrefix(password, bcryptPrefix)
+	return validBcryptPrefix.MatchString(password)
 }
 
 func comparePasswords(serverPassword, clientPassword string) bool {