in_splunk: continue with the following token if size doesn't match

lecaros · edsiper · commit 54594067ccba · 2025-06-19T18:45:00.000-04:00
if the length of token v/s auth header are different, it must skip the token instead of returning unauthorized immediately fixes #10483 Signed-off-by: lecaros <lecaros@calyptia.com>
diff --git a/plugins/in_splunk/splunk_prot.c b/plugins/in_splunk/splunk_prot.c
@@ -1043,7 +1043,7 @@ static int validate_auth_header_ng(struct flb_splunk *ctx, struct flb_http_reque
         mk_list_foreach_safe(head, tmp, &ctx->auth_tokens) {
             splunk_token = mk_list_entry(head, struct flb_splunk_tokens, _head);
             if (strlen(auth_header) != splunk_token->length) {
-                return SPLUNK_AUTH_UNAUTHORIZED;
+                continue;
             }
 
             if (strncasecmp(splunk_token->header,

Original file line number	Diff line number	Diff line change
`@@ -1043,7 +1043,7 @@ static int validate_auth_header_ng(struct flb_splunk *ctx, struct flb_http_reque`
`1043`	`1043`	`mk_list_foreach_safe(head, tmp, &ctx->auth_tokens) {`
`1044`	`1044`	`splunk_token = mk_list_entry(head, struct flb_splunk_tokens, _head);`
`1045`	`1045`	`if (strlen(auth_header) != splunk_token->length) {`
`1046`		`- return SPLUNK_AUTH_UNAUTHORIZED;`
	`1046`	`+ continue;`
`1047`	`1047`	`}`
`1048`	`1048`
`1049`	`1049`	`if (strncasecmp(splunk_token->header,`