prevent setting empty usernames with environment variables (#5373)

internal/conf/auth_internal_users.go

@@ -1,11 +1,5 @@
 package conf
 
-import (
-	"fmt"
-
-	"github.com/bluenviron/mediamtx/internal/conf/jsonwrapper"
-)
-
 // AuthInternalUserPermission is a permission of a user.
 type AuthInternalUserPermission struct {
 	Action AuthAction `json:"action"`
@@ -20,25 +14,6 @@ type AuthInternalUser struct {
 	Permissions []AuthInternalUserPermission `json:"permissions"`
 }
 
-// UnmarshalJSON implements json.Unmarshaler.
-func (d *AuthInternalUser) UnmarshalJSON(b []byte) error {
-	type alias AuthInternalUser
-	if err := jsonwrapper.Unmarshal(b, (*alias)(d)); err != nil {
-		return err
-	}
-
-	// https://github.com/bluenviron/gortsplib/blob/55556f1ecfa2bd51b29fe14eddd70512a0361cbd/server_conn.go#L155-L156
-	if d.User == "" {
-		return fmt.Errorf("empty usernames are not supported")
-	}
-
-	if d.User == "any" && d.Pass != "" {
-		return fmt.Errorf("using a password with 'any' user is not supported")
-	}
-
-	return nil
-}
-
 // AuthInternalUsers is a list of AuthInternalUser.
 type AuthInternalUsers []AuthInternalUser
 

internal/conf/conf.go

@@ -600,6 +600,18 @@ func (conf *Conf) Validate(l logger.Writer) error {
 	// Authentication
 
 	switch conf.AuthMethod {
+	case AuthMethodInternal:
+		for _, u := range conf.AuthInternalUsers {
+			// https://github.com/bluenviron/gortsplib/blob/55556f1ecfa2bd51b29fe14eddd70512a0361cbd/server_conn.go#L155-L156
+			if u.User == "" {
+				return fmt.Errorf("empty usernames are not supported")
+			}
+
+			if u.User == "any" && u.Pass != "" {
+				return fmt.Errorf("using a password with 'any' user is not supported")
+			}
+		}
+
 	case AuthMethodHTTP:
 		if conf.AuthHTTPAddress == "" {
 			return fmt.Errorf("'authHTTPAddress' is empty")