13114 – samba-tool user syncpasswords truncate long password

Bug 13114 - samba-tool user syncpasswords truncate long password

Summary: samba-tool user syncpasswords truncate long password

Status:	RESOLVED INVALID

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Tools (show other bugs)
Version:	4.5.8
Hardware:	x64 Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Stefan Metzmacher
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-31 17:18 UTC by Marco Gaiarin
Modified:	2017-11-02 11:30 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marco Gaiarin 2017-10-31 17:18:48 UTC

I'm using the 'samba-tool user syncpasswords' functionality, and i've found that if i set a password with 'samba-tool user setpassword --random-password', syncpassword emit a wrong base64 password, eg a password that some base64 decoders consider invalid, or decode but with warnings.

Looking at base64 passwords are all truncated to 56 chars.

Seems to me that or 'syncpasswords' (or other samba components) truncate them,  or there's some limitation to 56 chars in (base64 version), and probably it is better to have 'samba-tool user setpassword --random-password' generate passwords with less then 56 chars (in base64).

Thanks.

PS: also on https://lists.samba.org/archive/samba/2017-October/211730.html

Comment 1 Stefan Metzmacher 2017-11-01 08:08:26 UTC

(In reply to Marco Gaiarin from comment #0)
Are you sure you're parsing the ldif output correctly? The value
of one attribute may use more than one line.

Comment 2 Marco Gaiarin 2017-11-02 11:30:23 UTC

Ah! Damn me!

I've looked at format, that was a LDIF-like format, but never minded about long lines.

Yes, i confirm, unwrapping long lines on syncpasswd script solved the issue.

Sorry for that bug.