euclide/openvpn-mgt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

optimisations

Browse Source 
* use pyke's re cache
* get an unlimited number of ldap attributes
* get a perturbator for the OTP secret, in case of stolen phone
* lowercase the username, to avoid strange behaviour with the OTP
This commit is contained in:
Xavier Henner
2019-07-12 22:33:22 +02:00
parent 3d1801ee50
commit 24544a6260
7 changed files with 96 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
main.go
View File

@@ -64,21 +64,25 @@ func main() {
for _, profile := range config.GetPaths("config.profiles") {
profileName := strings.Split(profile, ".")[2]
ldapConf := ldapConfig{
servers: parseConfigArray(config, profile+".servers"),
baseDN: config.GetString(profile+".baseDN", ""),
bindCn: config.GetString(profile+".bindCn", ""),
bindPw: config.GetString(profile+".bindPw", ""),
searchFilter: config.GetString(profile+".searchFilter", ""),
primaryAttribute: config.GetString(profile+".primaryAttribute", ""),
secondaryAttribute: config.GetString(profile+".secondaryAttribute", ""),
validGroups: parseConfigArray(config, profile+".validGroups"),
routes: parseConfigArray(config, profile+".routes"),
mfaType: config.GetString(profile+".mfa", ""),
certAuth: config.GetString(profile+".cert", "optionnal"),
upgradeFrom: config.GetString(profile+".upgradeFrom", ""),
servers: parseConfigArray(config, profile+".servers"),
baseDN: config.GetString(profile+".baseDN", ""),
bindCn: config.GetString(profile+".bindCn", ""),
bindPw: config.GetString(profile+".bindPw", ""),
searchFilter: config.GetString(profile+".searchFilter", ""),
attributes: parseConfigArray(config, profile+".attributes"),
validGroups: parseConfigArray(config, profile+".validGroups"),
routes: parseConfigArray(config, profile+".routes"),
mfaType: config.GetString(profile+".mfa", ""),
certAuth: config.GetString(profile+".cert", "optionnal"),
upgradeFrom: config.GetString(profile+".upgradeFrom", ""),
}
ldapConf.addIPRange(config.GetString(profile+".IPRange", ""))
if len(ldapConf.servers) > 0 && len(ldapConf.attributes) < 2 {
log.Println("valud ldap configuration must have 2 attributes")
os.Exit(1)
}
server.ldap[profileName] = ldapConf
}