#!/bin/bash

# ast-vmpasscheck
#
# Input Arg1: mbox_number
# Input Arg2: context
# Input Arg3: oldpassword
# Input Arg4: newpassword
#
# When the voicemail.conf file has "externpasscheck=" pointed to this script,
# Asterisk VoiceMailMain password change attempts will be validated.
#

REQUIRED_LENGTH=4

mbox="$1"
old_pw="$3"
new_pw="$4"

reject()
{
  echo "INVALID${1:+: $1}"

  exit 0
}

string_in_string()
{
  local needle="$1" haystack="$2"

  if [ "$haystack" != "${haystack/$needle/}" ]; then
    return 0
  fi

  return 1
}

if [ ${#new_pw} -lt $REQUIRED_LENGTH ]; then
  reject "Password too short"
fi

if [ "$mbox" = "$new_pw" ]; then
  reject "Same as mailbox number detected"
fi

if [ "$old_pw" = "$new_pw" ]; then
  reject "Same as old password detected"
fi

for i in 0123 1234 2345 3456 4567 5678 6789 9876 8765 7654 6543 5432 4321 3210; do
  if string_in_string "$i" "$new_pw"; then
    reject "Sequence detected"
  fi
done

for i in 0000 1111 2222 3333 4444 5555 6666 7777 8888 9999; do
  if string_in_string "$i" "$new_pw"; then
    reject "Multiples detected"
  fi
done

delta=$((${#new_pw} - ${#mbox}))
if [ $delta -eq 1 ]; then
  if string_in_string "$mbox" "$new_pw"; then
    reject "Too similar to mailbox number detected"
  fi
fi

echo "VALID"
exit 0