res_pjsip/pjsip_configuration: Disregard empty auth values

When an endpoint is backed by a non-static conf file backend (such as the AstDB or Realtime), the 'auth' object may be returned as being an empty string. Currently, res_pjsip will interpret that as being a valid auth object, and will attempt to authenticate inbound requests. This isn't desired; is an auth value is empty (which the name of an auth object cannot be), we should instead interpret that as being an invalid auth object and skip it. ASTERISK-25339 #close Change-Id: Ic32b0c6eb5575107d5164a8c40099e687cd722c7
2025-10-05 04:32:44 +00:00 · 2015-08-23 18:26:50 -05:00
parent ab373f2cef
commit bc6fe07f5c
1 changed files with 4 additions and 0 deletions
--- a/res/res_pjsip/pjsip_configuration.c
+++ b/res/res_pjsip/pjsip_configuration.c
@@ -402,6 +402,10 @@ int ast_sip_auth_vector_init(struct ast_sip_auth_vector *auths, const char *valu
 	}

 	while ((val = strsep(&auth_names, ","))) {
+		if (ast_strlen_zero(val)) {
+			continue;
+		}
+
 		val = ast_strdup(val);
 		if (!val) {
 			goto failure;