#!/bin/sh
file="$1"
username="$(head -n 1 "$file" | tr -cd '[a-z][A-Z][0-9].\-_@')"
password="$(tail -n 1 "$file" | tr -cd '[a-z][A-Z][0-9].\-_@')"
passfile=/etc/openvpn/password

goodpass="$(grep "^$username:" $passfile)"
goodpass="${goodpass#*:}"
salt="${goodpass#\$*\$}"
salt="${salt%\$*}"

mangle() {
	password="$(mkpasswd -m $1 -S $salt -s << EOF
$password
EOF
)"
}

case "$goodpass" in
	\$1\$*) mangle md5 ;;
	\$5\$*) mangle sha-256 ;;
	\$6\$*) mangle sha-512 ;;
esac

grep -q -- "^$username:$password$" $passfile