optimisations

* use pyke's re cache
* get an unlimited number of ldap attributes
* get a perturbator for the OTP secret, in case of stolen phone
* lowercase the username, to avoid strange behaviour with the OTP

vpnserver.go

@@ -8,12 +8,12 @@ import (
 	"log"
 	"net"
 	"os"
-	"regexp"
 	"strconv"
 	"strings"
 	"sync"
 
 	hibp "github.com/mattevans/pwned-passwords"
+	"github.com/pyke369/golang-support/rcache"
 )
 
 // Server represents the server
@@ -136,7 +136,7 @@ func (s *OpenVpnMgt) Kill(session string, id int) error {
 // send the help command on all vpn servers. Kind of useless
 func (s *OpenVpnMgt) Help() (error, map[string]map[string]string) {
 	ret := make(map[string]map[string]string)
-	re := regexp.MustCompile("^(.*[^ ])  *: (.*)$")
+	re := rcache.Get("^(.*[^ ])  *: (.*)$")
 	for remote := range s.buf {
 		help := make(map[string]string)
 		err, msg := s.sendCommand([]string{"help"}, remote)
@@ -247,7 +247,7 @@ func (s *OpenVpnMgt) ClientReAuth(line, remote string) {
 
 // find a client among all registered sessions
 func (s *OpenVpnMgt) getClient(line, remote string) (error, *vpnSession) {
-	re := regexp.MustCompile("^[^0-9]*,([0-9]+)[^0-9]*")
+	re := rcache.Get("^[^0-9]*,([0-9]+)[^0-9]*")
 	match := re.FindStringSubmatch(line)
 	if len(match) == 0 {
 		return errors.New("invalid message"), nil