Jump to content

Recommended Posts

Hi.

 

I am trying to authenticate a mail server from the wordpress user database. Wordpress now uses phpass for password hashing, but it has changed not so long ago. So I would like to use the WP functions, to stay compatible in future releases  :)

 

There is a possibility in Dovecot, to run a shell script for authentication (checkpassword). So, I thought, this script could start a php scipt, and it would use the WP functions for authentications. I made the php script, and it worked. Then I made the bash script, which runs the php, and it worked too. But when the Dovecot starts the bash script, it gives a PHP error. I am stuck now.

 

It is a simple Debian Wheezy LAMP, with postfix, dovecot, wordpress.

 

The PHP code is:











<?php

define('WP_USE_THEMES', false);
require("wp-config.php");

$mail = $argv[1];
$pass = $argv[2];

$con=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$result = mysqli_query($con,"SELECT user_login FROM ".$table_prefix."users WHERE user_email='".$mail."'");
$row = mysqli_fetch_array($result);
$user = $row['user_login'];
mysqli_close($con);

$check = wp_authenticate_username_password(NULL, $user, $pass);
if ( is_wp_error($check) ) {
      $ispassok = "1";
} else {
      $ispassok = $user;
}

exit ($ispassok);

It gets the email address and the password as an argument, finds out the username, then uses a WP function to check out is it a valid user/pass combination. If it is, then it returns the username, if not, then returns "1".

The bash script is:











#!/bin/bash

# The first and only argument is path to checkpassword-reply binary.
# It should be executed at the end if authentication succeeds.
CHECKPASSWORD_REPLY_BINARY="$1"

# Messages to stderr will end up in mail log (prefixed with "dovecot: auth: Error:")
LOG=/dev/stderr

# User and password will be supplied on file descriptor 3.
INPUT_FD=3

export ISOK

read -d $'\0' -r -u $INPUT_FD USER
read -d $'\0' -r -u $INPUT_FD PASS

#USER=$1
#PASS=$2

ISOK=$(php /var/www/wordpress/proba.php $USER $PASS)

echo "User:"$USER"   Pass:"$PASS"   IsOK:"$ISOK > /etc/dovecot/out.txt

if [ "$ISOK" = "1" ]; then
    exit 1
else
    export password="{PLAIN}$PASS"
    exec $CHECKPASSWORD_REPLY_BINARY
fi

There is a commented out lines, used for testing. When I run the script manually from shell with email address and cleartext password as arguments, it works as it should. But when the dovecot runs it, then I have an error message in mail log about php error:







Jun  2 21:45:09 NWVK001 dovecot: auth: Error: PHP Fatal error:  Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909
Jun  2 21:45:09 NWVK001 dovecot: auth: Error: Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909

I searched around, but couldn't find any help. If there is someone with an idea, I would gladly listen.

 

Thanks.

Link to comment
https://forums.phpfreaks.com/topic/288946-dovecot-auth-from-wordpress-problem/
Share on other sites

Well, I had an idea and then realized it was pretty stupid, so I erased that.

At this point, I'd have to suspect per-user memory limits?   Could be PAM config, ulimit from shell settings, limits.conf for some distros ....

Edited by dalecosp

I tried to run the script with the dovecot user (sudo -u dovecot ...), but with no difference (it worked). I also tried to edit the /etc/php5/cli/php.ini, and change the 'memory_limit = -1' to 'memory_limit = 128MB', but it didn't help.

 

I think it has some issue about the memory available to php. is there a possibility to find out the allocated and used memory amount? and if it runs out of memory, is there a possibility to allocate some more?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.