gss_indicate_mechs returns incorrect OID for PKU2U

Originator:iosdeveloperzone
Number:rdar://30244513 Date Originated:27-Jan-2017 04:41 PM
Status:Open Resolved:
Product:macOS Product Version:Mac OS X 10.11.6 (15G1217)
Classification:Other Bug Reproducible:Always
 
Summary:
The object identifier (OID) for the PKU2U mechanism the Generic Security Services (GSS) API is 1.3.6.1.5.2.7 but calling `gss_indicate_mechs` includes an unknown but close OID: 1.3.5.1.5.2.7. This appears to caused by a typo in the source code.

Steps to Reproduce:
Write a program to call `gss_indicate_mechs` and inspect the results or run the attached project.

Expected Results:
The attached program should output:
[0]: 1 2 840 113554 1 2 2 -> GSS_KRB5_MECHANISM
[1]: 1 3 6 1 5 5 2 -> GSS_SPNEGO_MECHANISM
[2]: 1 2 752 43 14 2 -> GSS_NETLOGON_MECHANISM
[3]: 1 3 6 1 5 5 14 -> GSS_SCRAM_MECHANISM
[4]: 1 3 6 1 4 1 311 2 2 10 -> GSS_NTLM_MECHANISM
[5]: 1 3 6 1 5 2 7 -> GSS_PKU2U_MECHANISM
[6]: 1 3 6 1 5 2 5 -> GSS_IAKERB_MECHANISM

Actual Results:
[0]: 1 2 840 113554 1 2 2 -> GSS_KRB5_MECHANISM
[1]: 1 3 6 1 5 5 2 -> GSS_SPNEGO_MECHANISM
[2]: 1 2 752 43 14 2 -> GSS_NETLOGON_MECHANISM
[3]: 1 3 6 1 5 5 14 -> GSS_SCRAM_MECHANISM
[4]: 1 3 6 1 4 1 311 2 2 10 -> GSS_NTLM_MECHANISM
[5]: 1 3 5 1 5 2 7 -> Unknown
[6]: 1 3 6 1 5 2 5 -> GSS_IAKERB_MECHANISM

Note the third digit of the OID for the entry at index [5]. 

Notes:
The root cause of the error can be seen in https://opensource.apple.com/source/Heimdal/Heimdal-453.40.10/lib/gssapi/krb5/external.c.auto.html
The OID in pku2u_mech is, to the best of my knowledge, incorrect. It should be 
"\x2b\x06\x01\x05\x02\x07" 
instead of
"\x2b\x05\x01\x05\x02\x07"

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!