Hi!
I'm trying to get a ejabberd 1.1.4 server running on an ubuntu server 8.04 distribution.
My problem i can't get any trace of the auth script being called when i try to login through the web admin nor a IM client.
The auth script is executable by ejabberd user (i've checked it) and all the log files have their permissions set.
When i try to log in (web or IM client) i see lines in /var/log/ejabberd/ejabberd.log but none in /var/log/JabberAuth.log (the script's log file).
This is my auth script (it's a modification of the normal PHP & MySQL script that you can get on the website, but i've switched from syslog to a file for the log):
#!/usr/bin/php5
<?php
/*
Copyright (c) <2005> LISSY Alexandre, "lissyx" <alexandrelissy@free.fr>
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software andassociated documentation files (the "Software"), to deal in the
Software without restriction, including without limitation the rights to use,
copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the
Software, and to permit persons to whom the Software is furnished to do so,
subject to thefollowing conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
error_reporting(E_ALL);
$auth = new JabberAuth();
$auth->dbhost = "=====";
$auth->dbuser = "=====";
$auth->dbpass = "=====";
$auth->dbbase = "=====";
$auth->play(); // We simply start process !
class JabberAuth {
public $dbhost; /* MySQL server */
public $dbuser; /* MySQL user */
public $dbpass; /* MySQL password */
public $dbbase; /* MySQL database where users are stored */
public $jabber_user; /* This is the jabber user passed to the script. filled by $this->command() */
public $jabber_pass; /* This is the jabber user password passed to the script. filled by $this->command() */
public $jabber_server; /* This is the jabber server passed to the script. filled by $this->command(). Useful for VirtualHosts */
public $jid; /* Simply the JID, if you need it, you have to fill. */
public $data; /* This is what SM component send to us. */
public $logfile = '/var/log/JabberAuth.log';
public $mysock; /* MySQL connection ressource */
public $stdin; /* stdin file pointer */
public $stdout; /* stdout file pointer */
public function __construct() {
$this->openstd();
}
public function stop() {
$this->logg("Shutting down ..."); // Sorry, have to go ...
$this->closestd(); // Simply close files
exit(0); // and exit cleanly
}
public function openstd() {
$this->stdout = @fopen("php://stdout", "w"); // We open STDOUT so we can read
$this->stdin = @fopen("php://stdin", "r"); // and STDIN so we can talk !
}
public function readstdin() {
$l = @fgets($this->stdin, 3); // We take the length of string
$length = @unpack("n", $l); // ejabberd give us something to play with ...
$len = $length["1"]; // and we now know how long to read.
if($len > 0) { // if not, we'll fill logfile ... and disk full is just funny once
$this->logg("Reading $len bytes ... "); // We notice ...
$data = @fgets($this->stdin, $len + 1);
// $data = iconv("UTF-8", "ISO-8859-15", $data); // To be tested, not sure if still needed.
$this->data = $data; // We set what we got.
$this->logg("IN: " . $data);
}
}
public function closestd() {
@fclose($this->stdin); // We close everything ...
@fclose($this->stdout);
}
public function out($message) {
@fwrite($this->stdout, $message); // We reply ...
$dump = @unpack("nn", $message);
$dump = $dump["n"];
$this->logg("OUT: " . $dump);
}
public function myalive() {
if(! is_resource($this->mysock) || ! @mysql_ping($this->mysock)) { // check if we have a MySQL connection and if it's valid.
$this->mysql(); // We try to reconnect if MySQL gone away ...
return @mysql_ping($this->mysock); // we simply try again, to be sure ...
} else {
return true; // so good !
}
}
public function play() {
do {
$this->readstdin(); // get data
$length = strlen($this->data); // compute data length
if($length > 0) { // for debug mainly ...
$this->logg("GO: " . $this->data);
$this->logg("data length is : " . $length);
}
$ret = $this->command(); // play with data !
$this->logg("RE: " . $ret); // this is what WE send.
$this->out($ret); // send what we reply.
$this->data = NULL; // more clean. ...
} while(true);
}
public function command() {
$data = $this->splitcomm(); // This is an array, where each node is part of what SM sent to us :
// 0 => the command,
// and the others are arguments .. e.g. : user, server, password ...
if($this->myalive()) { // Check we can play with MySQL
if(strlen($data[0]) > 0) {
$this->logg("Command was : " . $data[0]);
}
switch($data[0]) {
case "isuser": // this is the "isuser" command, used to check for user existance
$this->jabber_user = $data[1];
$parms = $data[1]; // only for logging purpose
$return = $this->checkuser();
break;
case "auth": // check login, password
$this->jabber_user = $data[1];
$this->jabber_pass = $data[3];
$parms = $data[1] . ":" . $data[2] . ":" . md5($data[3]); // only for logging purpose
$return = $this->checkpass();
break;
case "setpass":
$return = false; // We do not want jabber to be able to change password
break;
default:
$this->stop(); // if it's not something known, we have to leave.
// never had a problem with this using ejabberd, but might lead to problem ?
break;
}
$return = ($return) ? 1 : 0;
if(strlen($data[0]) > 0 && strlen($parms) > 0) {
$this->logg("Command : " . $data[0] . ":" . $parms . " ==> " . $return . " ");
}
return @pack("nn", 2, $return);
} else {
// $this->prevenir(); // Maybe useful to tell somewhere there's a problem ...
return @pack("nn", 2, 0); // it's so bad.
}
}
public function checkpass() {
/*
* Put here your code to check password
* $this->jabber_user
* $this->jabber_pass
* $this->jabber_server
*/
$this->mysql();
$SQL = "SELECT COUNT(*) FROM user WHERE email = '" . $this->jabber_user . "' AND password = '" . sha1($this->jabber_pass) . "'";
$rs = mysql_query($SQL, $this->mysock);
$count = mysql_fetch_row($rs);
if ($count[0] > 0) {
$this->logg("User ".$this->jabber_user." successfully authenticated");
} else {
$this->logg("User ".$this->jabber_user." not authenticated");
}
return ($count[0] > 0);
}
public function checkuser() {
/*
* Put here your code to check user
* $this->jabber_user
* $this->jabber_pass
* $this->jabber_server
*/
$this->mysql();
$SQL = "SELECT COUNT(*) FROM user WHERE email = '" . $this->jabber_user . "'";
$rs = mysql_query($SQL, $this->mysock);
$count = mysql_fetch_row($rs);
if ($count[0] > 0) {
$this->logg("User ".$this->jabber_user." exists");
} else {
$this->logg("User ".$this->jabber_user." doesn't exist");
}
return ($count[0] > 0);
}
public function splitcomm() {
return explode(":", $this->data);
}
public function mysql() {
$this->mysock = @mysql_pconnect($this->dbhost, $this->dbuser, $this->dbpass);
@mysql_select_db($this->dbbase, $this->mysock);
$this->logg("MySQL :: " . (is_resource($this->mysock) ? "Connected" : "Disconnected"));
}
public function logg($message) {
$msg = date("Y-m-d H:i:s")." $message\n";
file_put_contents($this->logfile, $msg, FILE_APPEND);
}
}
?>And this is part of my config file:
% Default Debian ejabberd.cfg
% This config must be in UTF-8 encoding
override_global.
override_local.
override_acls.
...
Blah blah blah
...
% For authentication via external script use the following:
{auth_method, external}.
{extauth_program, "/home/www-data/trastosdeguerra.com/www/batch/JabberAuth.class.php"}.
...
More Blah blah
I'm hoping that someone will be able to help me on this.
Thx a lot!
write permissions to write log file
When i try to log in (web or IM client) i see lines in /var/log/ejabberd/ejabberd.log but none in /var/log/JabberAuth.log (the script's log file).
Maybe the problem is permissions to write log file? I tried that script with ejabberd trunk SVN and works.
To get it to log, I changed the line to
When ejabberd starts, it starts the script for each different vhost you have. In my case I have two vhosts in ejabberd.cfg, so I see:
When I try to login with a Jabber client, the script log file is created with some lines:
Checked... permissions are OK
Hi, thanks for your reply!
I've double checked permissions for the log file and it's 666 (everyone can write and read). Also, if ejabberd didn't have permissions to write in the logfile, i should probably see something in it's log but there is no signs of nothing happening when i try to authenticate.
I think that the problem might be somewhere else. I forgot to mention that i'm using the standard ubuntu's repository ejabberd version. I'll try to download it from the trunk and see what happens...
Checked... permissions are OK
Make sure you also check permissions of the authentication script itself, it must be executable. It wouldn't be strange to miss this, when you write for the web you don't need to take care of this, but in cli mode you do.
Further each time you edit the script or permissions, restart ejabberd or you won't get any change.
I know this post is 6 years
I know this post is 6 years old, but I just ran into the same problem using an external auth perl script. It was apparently working to authenticate using an oauth2 endpoint, but was emitting no logs.
Fixed it by turning on autoflush for my file handle. see: