#!/usr/bin/perl -wT

use strict;
use Crypt::PasswdMD5;
use Data::Dumper;

use constant TRUE   => '1';
use constant FALSE  => '0';

my $username = shift;
my $password = shift;
my $found = FALSE;
my ($salt, $MD5passwd);
my ($name, $passwd, $uid, $gid);

# Obviously we need a username/password pair
if ((!defined $username || $username eq '') || (!defined $password || $password eq '')) {
        # warn "Must supply a username and password pair\n" ;
        exit 3;
}

# Never guess root's password
exit 1 if ($username == "root");

while (($name, $passwd, $uid, $gid) = getpwent()) {
        next unless ($name eq $username);

        # Only check real user accounts (includes root but hey, we should be paranoid)
        exit 1 if ($uid < 500);

         # We have found the user in /etc/passwd
        $found = TRUE;

        # Pass the salt please
        $salt = substr($passwd, 3, 8);

        # generate an encrypted string to test against the encrypted password
        $MD5passwd = unix_md5_crypt($password, $salt);

        if ($MD5passwd eq $passwd) {
                exit 0; # Correct
        } else {
                exit 1; # Wrong
        }
        #last;
}

exit 2; # User not found

__END__