digest: reject broken header with session protocol but without qop

Closes #9077
2022-06-30 18:30:21 +03:00 · 2022-06-30 18:30:21 +03:00 · 3fe24ea322
commit 3fe24ea322
parent b6dd849fa3
1 changed files with 4 additions and 0 deletions
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@ -637,6 +637,10 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
  if(!digest->nonce)
    return CURLE_BAD_CONTENT_ENCODING;

+  /* "<algo>-sess" protocol versions require "auth" or "auth-int" qop */
+  if(!digest->qop && (digest->algo & SESSION_ALGO))
+    return CURLE_BAD_CONTENT_ENCODING;
+
  return CURLE_OK;
 }