Jump to content

dovecot auth from wordpress problem


konkav
 Share

Recommended Posts

Hi.

 

I am trying to authenticate a mail server from the wordpress user database. Wordpress now uses phpass for password hashing, but it has changed not so long ago. So I would like to use the WP functions, to stay compatible in future releases  :)

 

There is a possibility in Dovecot, to run a shell script for authentication (checkpassword). So, I thought, this script could start a php scipt, and it would use the WP functions for authentications. I made the php script, and it worked. Then I made the bash script, which runs the php, and it worked too. But when the Dovecot starts the bash script, it gives a PHP error. I am stuck now.

 

It is a simple Debian Wheezy LAMP, with postfix, dovecot, wordpress.

 

The PHP code is:











<?php

define('WP_USE_THEMES', false);
require("wp-config.php");

$mail = $argv[1];
$pass = $argv[2];

$con=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$result = mysqli_query($con,"SELECT user_login FROM ".$table_prefix."users WHERE user_email='".$mail."'");
$row = mysqli_fetch_array($result);
$user = $row['user_login'];
mysqli_close($con);

$check = wp_authenticate_username_password(NULL, $user, $pass);
if ( is_wp_error($check) ) {
      $ispassok = "1";
} else {
      $ispassok = $user;
}

exit ($ispassok);

It gets the email address and the password as an argument, finds out the username, then uses a WP function to check out is it a valid user/pass combination. If it is, then it returns the username, if not, then returns "1".

The bash script is:











#!/bin/bash

# The first and only argument is path to checkpassword-reply binary.
# It should be executed at the end if authentication succeeds.
CHECKPASSWORD_REPLY_BINARY="$1"

# Messages to stderr will end up in mail log (prefixed with "dovecot: auth: Error:")
LOG=/dev/stderr

# User and password will be supplied on file descriptor 3.
INPUT_FD=3

export ISOK

read -d $'\0' -r -u $INPUT_FD USER
read -d $'\0' -r -u $INPUT_FD PASS

#USER=$1
#PASS=$2

ISOK=$(php /var/www/wordpress/proba.php $USER $PASS)

echo "User:"$USER"   Pass:"$PASS"   IsOK:"$ISOK > /etc/dovecot/out.txt

if [ "$ISOK" = "1" ]; then
    exit 1
else
    export password="{PLAIN}$PASS"
    exec $CHECKPASSWORD_REPLY_BINARY
fi

There is a commented out lines, used for testing. When I run the script manually from shell with email address and cleartext password as arguments, it works as it should. But when the dovecot runs it, then I have an error message in mail log about php error:







Jun  2 21:45:09 NWVK001 dovecot: auth: Error: PHP Fatal error:  Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909
Jun  2 21:45:09 NWVK001 dovecot: auth: Error: Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909

I searched around, but couldn't find any help. If there is someone with an idea, I would gladly listen.

 

Thanks.

Link to comment
Share on other sites

I tried to run the script with the dovecot user (sudo -u dovecot ...), but with no difference (it worked). I also tried to edit the /etc/php5/cli/php.ini, and change the 'memory_limit = -1' to 'memory_limit = 128MB', but it didn't help.

 

I think it has some issue about the memory available to php. is there a possibility to find out the allocated and used memory amount? and if it runs out of memory, is there a possibility to allocate some more?

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.