From bc6fe07f5c114bdeaef4a3b83a11faaa9d1046eb Mon Sep 17 00:00:00 2001 From: Matt Jordan Date: Sun, 23 Aug 2015 18:26:50 -0500 Subject: [PATCH] res_pjsip/pjsip_configuration: Disregard empty auth values When an endpoint is backed by a non-static conf file backend (such as the AstDB or Realtime), the 'auth' object may be returned as being an empty string. Currently, res_pjsip will interpret that as being a valid auth object, and will attempt to authenticate inbound requests. This isn't desired; is an auth value is empty (which the name of an auth object cannot be), we should instead interpret that as being an invalid auth object and skip it. ASTERISK-25339 #close Change-Id: Ic32b0c6eb5575107d5164a8c40099e687cd722c7 --- res/res_pjsip/pjsip_configuration.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/res/res_pjsip/pjsip_configuration.c b/res/res_pjsip/pjsip_configuration.c index c0c96ad7fe..2fdfc9d0bb 100644 --- a/res/res_pjsip/pjsip_configuration.c +++ b/res/res_pjsip/pjsip_configuration.c @@ -402,6 +402,10 @@ int ast_sip_auth_vector_init(struct ast_sip_auth_vector *auths, const char *valu } while ((val = strsep(&auth_names, ","))) { + if (ast_strlen_zero(val)) { + continue; + } + val = ast_strdup(val); if (!val) { goto failure; -- 2.47.2