res_pjsip/pjsip_configuration: Disregard empty auth values

When an endpoint is backed by a non-static conf file backend (such as
the AstDB or Realtime), the 'auth' object may be returned as being an
empty string. Currently, res_pjsip will interpret that as being a valid
auth object, and will attempt to authenticate inbound requests. This
isn't desired; is an auth value is empty (which the name of an auth
object cannot be), we should instead interpret that as being an invalid
auth object and skip it.

ASTERISK-25339 #close

Change-Id: Ic32b0c6eb5575107d5164a8c40099e687cd722c7

diff --git a/res/res_pjsip/pjsip_configuration.c b/res/res_pjsip/pjsip_configuration.c
index 64ffe15d8d9449fb3833c22c282a72ac7ac95e5f..cfb17cd8df8b4d2dc989daa286720d44f852bc30 100644 (file)
--- a/res/res_pjsip/pjsip_configuration.c
+++ b/res/res_pjsip/pjsip_configuration.c
@@ -402,6 +402,10 @@ int ast_sip_auth_vector_init(struct ast_sip_auth_vector *auths, const char *valu
        }
 
        while ((val = strsep(&auth_names, ","))) {
+               if (ast_strlen_zero(val)) {
+                       continue;
+               }
+
                val = ast_strdup(val);
                if (!val) {
                        goto failure;