Commit 7e6ef6e39a for asterisk.org

commit 7e6ef6e39a0fc6fd777e85e696a478efe1586dfe
Author: Sean Bright <sean@seanbright.com>
Date:   Tue May 26 14:05:48 2026 +0000

    res_pjsip: Don't allow a leading period when wildcard matching

    The reference identifier (what the client provides - in this case a
    hostname) must start with a domain label, not a `.`.

    The current implementation will match `.seanbright.com` against
    `*.seanbright.com` which is incorrect.

diff --git a/res/res_pjsip/pjsip_transport_events.c b/res/res_pjsip/pjsip_transport_events.c
index 65a740cb2c..5aeb8f87b4 100644
--- a/res/res_pjsip/pjsip_transport_events.c
+++ b/res/res_pjsip/pjsip_transport_events.c
@@ -212,7 +212,7 @@ static int verify_cert_name(const pj_str_t *local, const pj_str_t *remote)
 	}

 	p = pj_strchr(local, '.');
-	if (!p) {
+	if (!p || p == pj_strbuf(local)) {
 		return 0;
 	}