#!/bin/sh
#
########################################################################
################################################################################
# Copyright 2023-2025 by NI SP Software GmbH, All rights reserved.
# Copyright 1999-2023 by Nice, srl., All rights reserved.
#
# This software includes confidential and proprietary information
# of NI SP Software GmbH ("Confidential Information").
# You shall not disclose such Confidential Information
# and shall use it only in accordance with the terms of
# the license agreement you entered into with NI SP Software.
################################################################################
################################################################################
########################################################################

#-----------------------------------------------------------------------
# Try to check the password of a user.
#   $1: ${EF_ROOT}/etc/checkpassword
#   $2: efadmin
#
# returns:
#   0: success
#   1: not running as root (skip check)
#   2: checkpassword program not found
#   3: auth failed
#-----------------------------------------------------------------------

# if we are not root abort the test

if [ ! `id | sed 's/[^(]*(\([^)]*\)).*/\1/'` = "root" ]; then
    exit 1;
fi

_checkpasswdpath=$1
_efadmin=$2

# pam service has to be defined
if [ -z "${PAM_SERVICE}" ] ; then
    exit 4
fi

# try to find the approriate checkpassword. $0 is the path
_my_checkpassword="${_checkpasswdpath}.`uname`.`uname -m`"
if [ ! -f "${_my_checkpassword}" -a ! -x "${_my_checkpassword}" ] ; then
    _my_checkpassword="${_checkpasswdpath}.`uname`"
fi
if [ ! -f "${_my_checkpassword}" -a ! -x "${_my_checkpassword}" ] ; then
    exit 2
fi

_output=$(cat - | su - "${_efadmin}" -c "/bin/sh -c \"export PAM_SERVICE=${PAM_SERVICE}; ${_my_checkpassword} --debug --stdout -- /bin/sleep 0 3<&0 2>&1\"")

_ret="$?"

if [ ! "${_ret}" = "0" ] ; then
    _test=`echo "${_output}" | sed -n '/^Authentication passed$/p'`
    if [ "${_test}" = "Authentication passed" ] ; then
        exit 0
    else
        exit 3
    fi
fi

