[Samba] syncpassword and (strange) base64...

Marco Gaiarin gaio at sv.lnf.it
Thu Oct 26 13:20:56 UTC 2017 

I've setup in my domain the 'samba-tool user syncpasswords' to catch
password changes, to propagate correctly to some legacy system.

I've done some tests, but today i've found the ''daemon'' is not
running. After fiddling a bit, i've found the culprit came from the
fact that a user have a base64 version of the password as:

	flhibllHV2tPVFMyIXIjcGpnWUE/cmV1Q3hjLm5BQUQycX5EdyR1NGh

[ i make a noke: this probably it is not a real password, but came from
  a 'samba-tool user setpassword --random-password' ]

some online base64 decoder decodes it as:

	~XbnYGWkOTS2!r#pjgYA?reuCxc.nAAD2q~Dw$u4h

but if i try to decode with a local tool, i get:

 root at vdcsv1:~# echo "flhibllHV2tPVFMyIXIjcGpnWUE/cmV1Q3hjLm5BQUQycX5EdyR1NGh" | LANG=C base64 --decode
 ~XbnYGWkOTS2!r#pjgYA?reuCxc.nAAD2q~Dw$u4hbase64: invalid input
 root at vdcsv1:~# echo "flhibllHV2tPVFMyIXIjcGpnWUE/cmV1Q3hjLm5BQUQycX5EdyR1NGh" | LANG=C openssl base64 -d
 root at vdcsv1:~# echo "flhibllHV2tPVFMyIXIjcGpnWUE/cmV1Q3hjLm5BQUQycX5EdyR1NGh" | LANG=C python -m base64 -d
 Traceback (most recent call last):
   File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
     "__main__", fname, loader, pkg_name)
   File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
     exec code in run_globals
   File "/usr/lib/python2.7/base64.py", line 360, in <module>
     test()
   File "/usr/lib/python2.7/base64.py", line 349, in test
     func(sys.stdin, sys.stdout)
   File "/usr/lib/python2.7/base64.py", line 306, in decode
     s = binascii.a2b_base64(line)
 binascii.Error: Incorrect padding
 root at vdcsv1:~# echo "flhibllHV2tPVFMyIXIjcGpnWUE/cmV1Q3hjLm5BQUQycX5EdyR1NGh" | LANG=C perl -MMIME::Base64 -ne 'printf "%s\n",decode_base64($_)'
 ~XbnYGWkOTS2!r#pjgYA?reuCxc.nAAD2q~Dw$u4h

so:

a) 'base64' decode it, but bump an error

b) openssl does nothing

c) python bump an error

d) perl decode it


Seems a bit strange to me...

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list