Merge remote-tracking branch 'origin/tqtc/lts-5.15.8' into tqtc/lts-5.15-opensourcev5.15.8-lts-lgpl

Change-Id: I569a2246c9e8d70430e8c5405b9f3df2218078ee
author: Tarja Sundqvist <tarja.sundqvist@qt.io> 2022-11-11 09:29:17 +0200
committer: Tarja Sundqvist <tarja.sundqvist@qt.io> 2022-11-11 09:29:17 +0200
commit: 4ee4fc18b4067b90efa46ca9baba74f53b54d9ec (patch)
tree: cc68622c9b85992d99a8373ab55471ee821a4ebf /src/network/kernel/qauthenticator.cpp
parent: ab28ff2207e8f33754c79793089dbf943d67736d (diff)
parent: ebb49c66aaf22ed55d62ff7bc3690fce00b7d8ba (diff)
1 files changed, 22 insertions, 1 deletions
diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp
index 86242b011f..d9fe7bc47b 100644
--- a/src/network/kernel/qauthenticator.cpp
+++ b/src/network/kernel/qauthenticator.cpp
@@ -423,6 +423,22 @@ void QAuthenticatorPrivate::updateCredentials()
     }
 }
 
+static bool verifyDigestMD5(const QByteArray &value)
+{
+    auto opts = QAuthenticatorPrivate::parseDigestAuthenticationChallenge(value);
+    auto it = opts.constFind("algorithm");
+    if (it != opts.cend()) {
+        QByteArray alg = it.value();
+        if (alg.size() < 3)
+            return false;
+        // Just compare the first 3 characters, that way we match other subvariants as well, such as
+        // "MD5-sess"
+        auto view = QByteArray::fromRawData(alg.data(), 3);
+        return view.compare("MD5", Qt::CaseInsensitive) == 0;
+    }
+    return true; // assume it's ok if algorithm is not specified
+}
+
 void QAuthenticatorPrivate::parseHttpResponse(const QList<QPair<QByteArray, QByteArray> > &values, bool isProxy, const QString &host)
 {
 #if !QT_CONFIG(gssapi)
@@ -454,8 +470,13 @@ void QAuthenticatorPrivate::parseHttpResponse(const QList<QPair<QByteArray, QByt
             method = Ntlm;
             headerVal = current.second.mid(5);
         } else if (method < DigestMd5 && str.startsWith("digest")) {
+            // Make sure the algorithm is actually MD5 before committing to it:
+            QByteArray fieldValue = current.second.mid(7);
+            if (!verifyDigestMD5(fieldValue))
+                continue;
+
             method = DigestMd5;
-            headerVal = current.second.mid(7);
+            headerVal = fieldValue;
         } else if (method < Negotiate && str.startsWith("negotiate")) {
 #if QT_CONFIG(sspi) || QT_CONFIG(gssapi) // if it's not supported then we shouldn't try to use it
 #if QT_CONFIG(gssapi)
author	Tarja Sundqvist <tarja.sundqvist@qt.io>	2022-11-11 09:29:17 +0200
committer	Tarja Sundqvist <tarja.sundqvist@qt.io>	2022-11-11 09:29:17 +0200
commit	4ee4fc18b4067b90efa46ca9baba74f53b54d9ec (patch)
tree	cc68622c9b85992d99a8373ab55471ee821a4ebf /src/network/kernel/qauthenticator.cpp
parent	ab28ff2207e8f33754c79793089dbf943d67736d (diff)
parent	ebb49c66aaf22ed55d62ff7bc3690fce00b7d8ba (diff)