Use smaller cost function for test, fix race

.travis.yml

@@ -2,13 +2,11 @@ language: go
 go:
 - 1.5
 install:
-- DST=~/gopath/src/github.com/nats-io
-- mkdir -p "$DST"
-- git clone --depth=1 --quiet https://github.com/nats-io/nats.git "$DST"/nats
+- go get github.com/nats-io/nats
+- go get golang.org/x/crypto/bcrypt
 - go get golang.org/x/tools/cmd/vet
 - go get golang.org/x/tools/cmd/cover
 - go get github.com/mattn/goveralls
-- go get golang.org/x/crypto/bcrypt
 
 script:
 - go build

server/client.go

@@ -247,7 +247,9 @@ func (c *client) processConnect(arg []byte) error {
 
 	// This will be resolved regardless before we exit this func,
 	// so we can just clear it here.
+	c.mu.Lock()
 	c.clearAuthTimer()
+	c.mu.Unlock()
 
 	if err := json.Unmarshal(arg, &c.opts); err != nil {
 		return err

test/auth_test.go

@@ -161,9 +161,9 @@ func TestPasswordClientGoodConnect(t *testing.T) {
 // The bcrypt username/password version
 ////////////////////////////////////////////////////////////
 
-// Generated with util/mkpasswd
-const BCRYPT_AUTH_PASS = "#00L2zPr!j11VsT@e9QGPt"
-const BCRYPT_AUTH_HASH = "$2a$11$wDaOBnEx0GbcFTOzJRywpexI/dxH3sqV3.adFefmDDMJggnOTNqKS"
+// Generated with util/mkpasswd (Cost 4 because of cost of --race, default is 11)
+const BCRYPT_AUTH_PASS = "IW@$6v(y1(t@fhPDvf!5^%"
+const BCRYPT_AUTH_HASH = "$2a$04$Q.CgCP2Sl9pkcTXEZHazaeMwPaAkSHk7AI51HkyMt5iJQQyUA4qxq"
 
 func runAuthServerWithBcryptUserPass() *server.Server {
 	opts := DefaultTestOptions
@@ -199,8 +199,8 @@ func TestGoodBcryptPassword(t *testing.T) {
 // The bcrypt authorization token version
 ////////////////////////////////////////////////////////////
 
-const BCRYPT_AUTH_TOKEN = "743&@WeTlIwtHDytI5Bnxl"
-const BCRYPT_AUTH_TOKEN_HASH = "$2a$11$Gp5x2rvdzfm9rUREuyQeBOFd61oPYKoLWSI2fJN7DAFMF34Z9o4s2"
+const BCRYPT_AUTH_TOKEN = "0uhJOSr3GW7xvHvtd^K6pa"
+const BCRYPT_AUTH_TOKEN_HASH = "$2a$04$u5ZClXpcjHgpfc61Ee0VKuwI1K3vTC4zq7SjphjnlHMeb1Llkb5Y6"
 
 func runAuthServerWithBcryptToken() *server.Server {
 	opts := DefaultTestOptions