gss_indicate_mechs returns incorrect OID for PKU2U
| Originator: | iosdeveloperzone | ||
| Number: | rdar://30244513 | Date Originated: | 27-Jan-2017 04:41 PM |
| Status: | Open | Resolved: | |
| Product: | macOS | Product Version: | Mac OS X 10.11.6 (15G1217) |
| Classification: | Other Bug | Reproducible: | Always |
Summary: The object identifier (OID) for the PKU2U mechanism the Generic Security Services (GSS) API is 1.3.6.1.5.2.7 but calling `gss_indicate_mechs` includes an unknown but close OID: 1.3.5.1.5.2.7. This appears to caused by a typo in the source code. Steps to Reproduce: Write a program to call `gss_indicate_mechs` and inspect the results or run the attached project. Expected Results: The attached program should output: [0]: 1 2 840 113554 1 2 2 -> GSS_KRB5_MECHANISM [1]: 1 3 6 1 5 5 2 -> GSS_SPNEGO_MECHANISM [2]: 1 2 752 43 14 2 -> GSS_NETLOGON_MECHANISM [3]: 1 3 6 1 5 5 14 -> GSS_SCRAM_MECHANISM [4]: 1 3 6 1 4 1 311 2 2 10 -> GSS_NTLM_MECHANISM [5]: 1 3 6 1 5 2 7 -> GSS_PKU2U_MECHANISM [6]: 1 3 6 1 5 2 5 -> GSS_IAKERB_MECHANISM Actual Results: [0]: 1 2 840 113554 1 2 2 -> GSS_KRB5_MECHANISM [1]: 1 3 6 1 5 5 2 -> GSS_SPNEGO_MECHANISM [2]: 1 2 752 43 14 2 -> GSS_NETLOGON_MECHANISM [3]: 1 3 6 1 5 5 14 -> GSS_SCRAM_MECHANISM [4]: 1 3 6 1 4 1 311 2 2 10 -> GSS_NTLM_MECHANISM [5]: 1 3 5 1 5 2 7 -> Unknown [6]: 1 3 6 1 5 2 5 -> GSS_IAKERB_MECHANISM Note the third digit of the OID for the entry at index [5]. Notes: The root cause of the error can be seen in https://opensource.apple.com/source/Heimdal/Heimdal-453.40.10/lib/gssapi/krb5/external.c.auto.html The OID in pku2u_mech is, to the best of my knowledge, incorrect. It should be "\x2b\x06\x01\x05\x02\x07" instead of "\x2b\x05\x01\x05\x02\x07"
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!