Add support for two more BCrypt variants. (#2)

* Add support for two more BCrypt variants.

Summary with historical details: https://stackoverflow.com/questions/15733196/where-2x-prefix-are-used-in-bcrypt/36225192#36225192

* Better example to match the code

* Add test case for $2b$ variant

* Add test case for $2x$ variant as well

Author: sbertrang

bcrypt.go

@@ -13,7 +13,7 @@ type bcryptPassword struct {
 
 //AcceptBcrypt accepts any valid password encoded using bcrypt.
 func AcceptBcrypt(src string) (EncodedPasswd, error) {
-	if !strings.HasPrefix(src, "$2y$") && !strings.HasPrefix(src, "$2a$") {
+	if !strings.HasPrefix(src, "$2y$") && !strings.HasPrefix(src, "$2a$") && !strings.HasPrefix(src, "$2b$") && !strings.HasPrefix(src, "$2x$") {
 		return nil, nil
 	}
 
@@ -22,7 +22,7 @@ func AcceptBcrypt(src string) (EncodedPasswd, error) {
 
 //RejectBcrypt rejects any password encoded using bcrypt.
 func RejectBcrypt(src string) (EncodedPasswd, error) {
-	if strings.HasPrefix(src, "$2y$") || strings.HasPrefix(src, "$2a$") {
+	if strings.HasPrefix(src, "$2y$") || strings.HasPrefix(src, "$2a$") || strings.HasPrefix(src, "$2b$") || strings.HasPrefix(src, "$2x$") {
 		return nil, fmt.Errorf("bcrypt passwords are not accepted: %s", src)
 	}
 

bcrypt_test.go

@@ -6,6 +6,8 @@ import (
 
 func Test_Bcrypt(t *testing.T) {
 	testParserGood(t, "bcrypt", AcceptBcrypt, nil, "$2y$05$bWBMg3oUStnhfy5rFvoyreviPySU6hvEmBub5wIlM/D.c5FeYJQ6O", "bar")
+	testParserGood(t, "bcrypt", AcceptBcrypt, nil, "$2b$08$hQbZuw.cHsECArUAP9mOjehaJxTG9NMJfioQIHcbC0YyXpVybhoQa", "bar")
+	testParserGood(t, "bcrypt", AcceptBcrypt, nil, "$2x$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e", "\xff\xff\xa3")
 	testParserBad(t, "bcrypt", nil, RejectBcrypt, "$2y$0")
 	testParserNot(t, "bcrypt", nil, RejectBcrypt, "plaintext")
 }

htpasswd.go

@@ -5,9 +5,9 @@
 // by the programmer to support others. (See the sha.go source file as a guide.)
 //
 // You will want to use something like...
-//      myauth := htpasswd.New("My Realm", "./my-htpasswd-file", htpasswd.DefaultSystems, nil)
-//      m.Use(myauth.Handler)
-// ...to configure your authentication and then use the myauth.Handler as a middleware handler in your Martini stack.
+//      myauth := htpasswd.New("./my-htpasswd-file", htpasswd.DefaultSystems, nil)
+//      ok := myauth.Match(user, password)
+// ...to use in your handler code.
 // You should read about that nil, as well as Reread() too.
 package htpasswd