Merge pull request #160 from nobu/digest_md5-bad-challenge

Fix for Digest MD5 bad challenges
ruby · Jul 24, 2023 · 1f81870 · 1f81870
2 parents 16dafde + 77ed8e8
commit 1f81870
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 2 deletions.
diff --git a/lib/net/imap/authenticators/digest_md5.rb b/lib/net/imap/authenticators/digest_md5.rb
@@ -15,7 +15,7 @@ def process(challenge)
       @stage = STAGE_TWO
       sparams = {}
       c = StringScanner.new(challenge)
-      while c.scan(/(?:\s*,)?\s*(\w+)=("(?:[^\\"]+|\\.)*"|[^,]+)\s*/)
+      while c.scan(/(?:\s*,)?\s*(\w+)=("(?:[^\\"]|\\.)*"|[^,]+)\s*/)
         k, v = c[1], c[2]
         if v =~ /^"(.*)"$/
           v = $1
@@ -26,7 +26,7 @@ def process(challenge)
         sparams[k] = v
       end
 
-      raise Net::IMAP::DataFormatError, "Bad Challenge: '#{challenge}'" unless c.eos?
+      raise Net::IMAP::DataFormatError, "Bad Challenge: '#{challenge}'" unless c.eos? and sparams['qop']
       raise Net::IMAP::Error, "Server does not support auth (qop = #{sparams['qop'].join(',')})" unless sparams['qop'].include?("auth")
 
       response = {

diff --git a/test/net/imap/test_imap_authenticators.rb b/test/net/imap/test_imap_authenticators.rb
@@ -139,4 +139,28 @@ def test_digest_md5_authenticator
       )
     )
   end
+
+  def test_digest_md5_authenticator_garbage
+    auth = digest_md5("user", "pass")
+    assert_raise(Net::IMAP::DataFormatError) do
+      auth.process('.')
+    end
+  end
+
+  def test_digest_md5_authenticator_no_qop
+    auth = digest_md5("user", "pass")
+    assert_raise(Net::IMAP::DataFormatError) do
+      auth.process('Qop=""')
+    end
+  end
+
+  def test_digest_md5_authenticator_illinear
+    pre = ->(n) {'qop="a' + ',x'*n}
+    assert_linear_performance([5, 10, 15, 20], pre: pre) do |challenge|
+      auth = digest_md5("user", "pass")
+      assert_raise(Net::IMAP::DataFormatError) do
+        auth.process(challenge)
+      end
+    end
+  end
 end