Add logging, including the json one

get infos from I've been pwned and the API on install.dm.gg/vpn-log.php

and send mail if there is anything strange

vpnsession.go

@@ -11,32 +11,38 @@ import (
 	"strconv"
 	"strings"
 	"time"
+
+	hibp "github.com/mattevans/pwned-passwords"
 )
 
 type vpnSession struct {
-	Time        time.Time `json:"time"`
-	Login       string    `json:"username"`
-	Operation   string    `json:"operation"`
-	Status      string    `json:"status"`
-	Profile     string    `json:"profile"`
-	TwoFA       bool      `json:"2fa_auth"`
-	IP          string    `json:"client_ip"`
-	PrivIP      string    `json:"private_ip"`
-	AsNumber    string    `json:"as_number"`
-	AsName      string    `json:"as_name"`
-	NewAS       bool      `json:"as_new"`
-	PwnedPasswd bool      `json:"pwned_passwd"`
-	Hostname    string    `json:"hostname"`
-	TooMuchPwn  bool      `json:"too_much_pwn"`
-	Mail        string    `json:"-"`
-	cID         int       `json:"-"`
-	kID         int       `json:"-"`
-	port        int       `json:"-"`
-	dev         string    `json:"-"`
-	password    string    `json:"-"`
-	otpCode     string    `json:"-"`
-	localIP     string    `json:"-"`
-	vpnserver   string    `json:"-"`
+	Time          time.Time `json:"time"`
+	Login         string    `json:"username"`
+	Operation     string    `json:"operation"`
+	Status        string    `json:"status"`
+	Profile       string    `json:"profile"`
+	TwoFA         bool      `json:"2fa_auth"`
+	IP            string    `json:"client_ip"`
+	PrivIP        string    `json:"private_ip"`
+	AsNumber      string    `json:"as_number"`
+	AsName        string    `json:"as_name"`
+	NewAS         bool      `json:"as_new"`
+	PwnedPasswd   bool      `json:"pwned_passwd"`
+	Hostname      string    `json:"hostname"`
+	TooMuchPwn    bool      `json:"too_much_pwn"`
+	Mail          string    `json:"-"`
+	cID           int       `json:"-"`
+	kID           int       `json:"-"`
+	port          int       `json:"-"`
+	dev           string    `json:"-"`
+	password      string    `json:"-"`
+	otpCode       string    `json:"-"`
+	localIP       string    `json:"-"`
+	vpnserver     string    `json:"-"`
+	pwnMail       string    `json:"-"`
+	newAsMail     string    `json:"-"`
+	MailFrom      string    `json:"-"`
+	CcPwnPassword string    `json:"-"`
 }
 
 func NewVPNSession(operation string) *vpnSession {
@@ -73,6 +79,16 @@ func (c *vpnSession) ParseSessionId(line string) error {
 	return nil
 }
 
+func (c *vpnSession) CheckPwn(password string) error {
+	client := hibp.NewClient()
+	pwned, err := client.Pwned.Compromised(password)
+	if err != nil {
+		return err
+	}
+	c.PwnedPasswd = pwned
+	return nil
+}
+
 func (c *vpnSession) ParseEnv(infos *[]string) error {
 	var err error
 	r := regexp.MustCompile("[^a-zA-Z0-9./_@-]")
@@ -92,6 +108,8 @@ func (c *vpnSession) ParseEnv(infos *[]string) error {
 			c.IP = r.ReplaceAllString(p[1], "")
 		case "untrusted_ip":
 			c.IP = r.ReplaceAllString(p[1], "")
+		case "ifconfig_pool_remote_ip":
+			c.PrivIP = r.ReplaceAllString(p[1], "")
 		case "ifconfig_local":
 			c.localIP = r.ReplaceAllString(p[1], "")
 		case "password":
@@ -106,6 +124,7 @@ func (c *vpnSession) ParseEnv(infos *[]string) error {
 				if c.otpCode == "" {
 					c.otpCode = "***"
 				}
+				go c.CheckPwn(c.password)
 
 			case strings.HasPrefix(p[1], "SCRV1"):
 				split := strings.Split(p[1], ":")
@@ -132,6 +151,7 @@ func (c *vpnSession) ParseEnv(infos *[]string) error {
 			default:
 				c.password = p[1]
 				c.otpCode = ""
+				go c.CheckPwn(c.password)
 			}
 
 		case "username":
@@ -180,7 +200,7 @@ func (c *vpnSession) Auth(s *OpenVpnMgt) {
 	}
 
 	if err, _ := s.sendCommand(cmd, c.vpnserver); err != nil {
-		log.Println(err)
+		c.LogPrintln(err)
 	}
 
 	return
@@ -235,7 +255,7 @@ func (c *vpnSession) auth(s *OpenVpnMgt) (error, int) {
 
 			// if there is an error, try the other configurations
 			if err != nil {
-				log.Println(err)
+				c.LogPrintln(err)
 				continue
 			}