#!/usr/bin/perl -w
# Script to auth users in a master.passwd file, where crypt() and md5 are mixed.
# Return 0 if good logon, 1 if bad logon, 2 if other error.
# Author: Chris Ball <chris@cpan.org>

use strict;
use Crypt::PasswdMD5; 

if (scalar @ARGV != 2) { print "Usage: $0 <user> <pass>\n"; exit(2); }

my ($input_user, $input_pass) = @ARGV;

# Read the passwd file.
open(PASSWD, 'passwd');
while (<PASSWD>) {
	chomp;
	my ($login, $passwd, $uid, $gid, $gcos, $home, $shell) = split(/:/);

	# Do we have the right user?
	next if $login ne $input_user;
 
	# Function dispatch.
	if ($passwd =~ m/^\$1/) { &auth_md5($passwd, $input_pass); }	
 	else { &auth_crypt($passwd, $input_pass); }
}

# If we get here, a function wasn't called, and the user isn't present.
print "The username given is not present in the passwd file.\n";
exit(2);

sub auth_md5 {
	my ($passwd, $input_pass) = @_; 
	my $salt = (split (/\$/, $passwd))[2];
	
	# compare the passwd with the md5 sum given.
	(unix_md5_crypt($input_pass,$salt) eq $passwd) ? exit 0 : exit 1; 	
}

sub auth_crypt {
	my ($passwd, $input_pass) = @_;
	my $salt = substr($passwd, 0, 2);

	# compare the passwd with the crypt hash.
	(crypt($input_pass,$salt) eq $passwd) ? exit 0 : exit 1;
}