Bug 13114 - samba-tool user syncpasswords truncate long password
Summary: samba-tool user syncpasswords truncate long password
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools (show other bugs)
Version: 4.5.8
Hardware: x64 Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Stefan Metzmacher
QA Contact: Samba QA Contact
Depends on:
Reported: 2017-10-31 17:18 UTC by Marco Gaiarin
Modified: 2017-11-02 11:30 UTC (History)
3 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Marco Gaiarin 2017-10-31 17:18:48 UTC
I'm using the 'samba-tool user syncpasswords' functionality, and i've found that if i set a password with 'samba-tool user setpassword --random-password', syncpassword emit a wrong base64 password, eg a password that some base64 decoders consider invalid, or decode but with warnings.

Looking at base64 passwords are all truncated to 56 chars.

Seems to me that or 'syncpasswords' (or other samba components) truncate them,  or there's some limitation to 56 chars in (base64 version), and probably it is better to have 'samba-tool user setpassword --random-password' generate passwords with less then 56 chars (in base64).


PS: also on https://lists.samba.org/archive/samba/2017-October/211730.html
Comment 1 Stefan Metzmacher 2017-11-01 08:08:26 UTC
(In reply to Marco Gaiarin from comment #0)
Are you sure you're parsing the ldif output correctly? The value
of one attribute may use more than one line.
Comment 2 Marco Gaiarin 2017-11-02 11:30:23 UTC
Ah! Damn me!

I've looked at format, that was a LDIF-like format, but never minded about long lines.

Yes, i confirm, unwrapping long lines on syncpasswd script solved the issue.

Sorry for that bug.