mikelevenick
commented
2 months ago Thanks @apirkl . This should be fixed in 6.2.0
Closed apirkl closed 2 months ago
mikelevenick
commented
2 months ago Thanks @apirkl . This should be fixed in 6.2.0
The login window will sometimes fail to save the password. The error in the logs is: 2023-01-05 12:15:48 [ERROR ]: Error writing credentials to keychain. unhandledError(status: -25299)
The issue appears to happen in here: https://github.com/jamf/mut/blob/release-6.1/The%20MUT/KeychainHelper.swift#L13
Using https://developer.apple.com/documentation/security/1394686-seccopyerrormessagestring the error is the
specified item already exists in the keychainSo the issue is probably with the delete section and the primary keys in the query not returning all possible results that could cause a duplicate. A bit about that is here: https://stackoverflow.com/questions/11614047/what-makes-a-keychain-item-unique-in-ios and here: https://developer.apple.com/documentation/security/keychain_services/keychain_items/updating_and_deleting_keychain_items
It makes sense given that a lot of users are going to have credentials for their jamf pro instance that could collide with the pimary keys for a kSecClassInternetPassword. I'd recommend both changing the query used to find the item to delete and changing the kSecClass of the stored credentials. It might also be a good idea to update credentials instead of deleting and recreating them each time.