Hi.
I am trying to authenticate a mail server from the wordpress user database. Wordpress now uses phpass for password hashing, but it has changed not so long ago. So I would like to use the WP functions, to stay compatible in future releases
There is a possibility in Dovecot, to run a shell script for authentication (checkpassword). So, I thought, this script could start a php scipt, and it would use the WP functions for authentications. I made the php script, and it worked. Then I made the bash script, which runs the php, and it worked too. But when the Dovecot starts the bash script, it gives a PHP error. I am stuck now.
It is a simple Debian Wheezy LAMP, with postfix, dovecot, wordpress.
The PHP code is:
<?php
define('WP_USE_THEMES', false);
require("wp-config.php");
$mail = $argv[1];
$pass = $argv[2];
$con=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$result = mysqli_query($con,"SELECT user_login FROM ".$table_prefix."users WHERE user_email='".$mail."'");
$row = mysqli_fetch_array($result);
$user = $row['user_login'];
mysqli_close($con);
$check = wp_authenticate_username_password(NULL, $user, $pass);
if ( is_wp_error($check) ) {
$ispassok = "1";
} else {
$ispassok = $user;
}
exit ($ispassok);
It gets the email address and the password as an argument, finds out the username, then uses a WP function to check out is it a valid user/pass combination. If it is, then it returns the username, if not, then returns "1".
The bash script is:
#!/bin/bash
# The first and only argument is path to checkpassword-reply binary.
# It should be executed at the end if authentication succeeds.
CHECKPASSWORD_REPLY_BINARY="$1"
# Messages to stderr will end up in mail log (prefixed with "dovecot: auth: Error:")
LOG=/dev/stderr
# User and password will be supplied on file descriptor 3.
INPUT_FD=3
export ISOK
read -d $'\0' -r -u $INPUT_FD USER
read -d $'\0' -r -u $INPUT_FD PASS
#USER=$1
#PASS=$2
ISOK=$(php /var/www/wordpress/proba.php $USER $PASS)
echo "User:"$USER" Pass:"$PASS" IsOK:"$ISOK > /etc/dovecot/out.txt
if [ "$ISOK" = "1" ]; then
exit 1
else
export password="{PLAIN}$PASS"
exec $CHECKPASSWORD_REPLY_BINARY
fi
There is a commented out lines, used for testing. When I run the script manually from shell with email address and cleartext password as arguments, it works as it should. But when the dovecot runs it, then I have an error message in mail log about php error:
Jun 2 21:45:09 NWVK001 dovecot: auth: Error: PHP Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909
Jun 2 21:45:09 NWVK001 dovecot: auth: Error: Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909
I searched around, but couldn't find any help. If there is someone with an idea, I would gladly listen.
Thanks.