Newer
Older
/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2013, Digium, Inc.
*
* Mark Michelson <mmichelson@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
#include "asterisk.h"
#include <pjsip.h>
/* Needed for SUBSCRIBE, NOTIFY, and PUBLISH method definitions */
#include <pjsip_simple.h>
#include <pjlib.h>
#include "asterisk/res_pjsip.h"
#include "res_pjsip/include/res_pjsip_private.h"
#include "asterisk/linkedlists.h"
#include "asterisk/logger.h"
#include "asterisk/lock.h"
#include "asterisk/utils.h"
#include "asterisk/astobj2.h"
#include "asterisk/module.h"
#include "asterisk/threadpool.h"
#include "asterisk/taskprocessor.h"
#include "asterisk/uuid.h"
#include "asterisk/sorcery.h"
/*** MODULEINFO
<depend>pjproject</depend>
<depend>res_sorcery_config</depend>
<support_level>core</support_level>
***/
<configInfo name="res_pjsip" language="en_US">
<synopsis>SIP Resource using PJProject</synopsis>
<configObject name="endpoint">
<synopsis>Endpoint</synopsis>
<description><para>
The <emphasis>Endpoint</emphasis> is the primary configuration object.
It contains the core SIP related options only, endpoints are <emphasis>NOT</emphasis>
dialable entries of their own. Communication with another SIP device is
accomplished via Addresses of Record (AoRs) which have one or more
contacts assicated with them. Endpoints <emphasis>NOT</emphasis> configured to
use a <literal>transport</literal> will default to first transport found
in <filename>pjsip.conf</filename> that matches its type.
</para>
<para>Example: An Endpoint has been configured with no transport.
When it comes time to call an AoR, PJSIP will find the
first transport that matches the type. A SIP URI of <literal>sip:5000@[11::33]</literal>
will use the first IPv6 transport and try to send the request.
</para>
<para>If the anonymous endpoint identifier is in use an endpoint with the name
"anonymous@domain" will be searched for as a last resort. If this is not found
it will fall back to searching for "anonymous". If neither endpoints are found
the anonymous endpoint identifier will not return an endpoint and anonymous
calling will not be possible.
</para>
</description>
<configOption name="100rel" default="yes">
<synopsis>Allow support for RFC3262 provisional ACK tags</synopsis>
<description>
<enumlist>
<enum name="no" />
<enum name="required" />
<enum name="yes" />
</enumlist>
</description>
</configOption>
<configOption name="aggregate_mwi" default="yes">
<synopsis></synopsis>
<description><para>When enabled, <replaceable>aggregate_mwi</replaceable> condenses message
waiting notifications from multiple mailboxes into a single NOTIFY. If it is disabled,
individual NOTIFYs are sent for each mailbox.</para></description>
</configOption>
<configOption name="allow">
<synopsis>Media Codec(s) to allow</synopsis>
</configOption>
<configOption name="aors">
<synopsis>AoR(s) to be used with the endpoint</synopsis>
<description><para>
List of comma separated AoRs that the endpoint should be associated with.
</para></description>
</configOption>
<configOption name="auth">
<synopsis>Authentication Object(s) associated with the endpoint</synopsis>
<description><para>
This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
in <filename>pjsip.conf</filename> to be used to verify inbound connection attempts.
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
</para><para>
Endpoints without an <literal>authentication</literal> object
configured will allow connections without vertification.
</para></description>
</configOption>
<configOption name="callerid">
<synopsis>CallerID information for the endpoint</synopsis>
<description><para>
Must be in the format <literal>Name <Number></literal>,
or only <literal><Number></literal>.
</para></description>
</configOption>
<configOption name="callerid_privacy">
<synopsis>Default privacy level</synopsis>
<description>
<enumlist>
<enum name="allowed_not_screened" />
<enum name="allowed_passed_screened" />
<enum name="allowed_failed_screened" />
<enum name="allowed" />
<enum name="prohib_not_screened" />
<enum name="prohib_passed_screened" />
<enum name="prohib_failed_screened" />
<enum name="prohib" />
<enum name="unavailable" />
</enumlist>
</description>
</configOption>
<configOption name="callerid_tag">
<synopsis>Internal id_tag for the endpoint</synopsis>
</configOption>
<configOption name="context">
<synopsis>Dialplan context for inbound sessions</synopsis>
</configOption>
<configOption name="direct_media_glare_mitigation" default="none">
<synopsis>Mitigation of direct media (re)INVITE glare</synopsis>
<description>
<para>
This setting attempts to avoid creating INVITE glare scenarios
by disabling direct media reINVITEs in one direction thereby allowing
designated servers (according to this option) to initiate direct
media reINVITEs without contention and significantly reducing call
setup time.
</para>
<para>
A more detailed description of how this option functions can be found on
the Asterisk wiki https://wiki.asterisk.org/wiki/display/AST/SIP+Direct+Media+Reinvite+Glare+Avoidance
</para>
<enumlist>
<enum name="none" />
<enum name="outgoing" />
<enum name="incoming" />
</enumlist>
</description>
</configOption>
<configOption name="direct_media_method" default="invite">
<synopsis>Direct Media method type</synopsis>
<description>
<para>Method for setting up Direct Media between endpoints.</para>
<enumlist>
<enum name="invite" />
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update" />
</enumlist>
</description>
</configOption>
<configOption name="connected_line_method" default="invite">
<synopsis>Connected line method type</synopsis>
<description>
<para>Method used when updating connected line information.</para>
<enumlist>
<enum name="invite" />
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update" />
</enumlist>
</description>
</configOption>
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
<configOption name="direct_media" default="yes">
<synopsis>Determines whether media may flow directly between endpoints.</synopsis>
</configOption>
<configOption name="disable_direct_media_on_nat" default="no">
<synopsis>Disable direct media session refreshes when NAT obstructs the media session</synopsis>
</configOption>
<configOption name="disallow">
<synopsis>Media Codec(s) to disallow</synopsis>
</configOption>
<configOption name="dtmfmode" default="rfc4733">
<synopsis>DTMF mode</synopsis>
<description>
<para>This setting allows to choose the DTMF mode for endpoint communication.</para>
<enumlist>
<enum name="rfc4733">
<para>DTMF is sent out of band of the main audio stream.This
supercedes the older <emphasis>RFC-2833</emphasis> used within
the older <literal>chan_sip</literal>.</para>
</enum>
<enum name="inband">
<para>DTMF is sent as part of audio stream.</para>
</enum>
<enum name="info">
<para>DTMF is sent as SIP INFO packets.</para>
</enum>
</enumlist>
</description>
</configOption>
<configOption name="external_media_address">
<synopsis>IP used for External Media handling</synopsis>
</configOption>
<configOption name="force_rport" default="yes">
<synopsis>Force use of return port</synopsis>
</configOption>
<configOption name="ice_support" default="no">
<synopsis>Enable the ICE mechanism to help traverse NAT</synopsis>
</configOption>
<configOption name="identify_by" default="username,location">
<synopsis>Way(s) for Endpoint to be identified</synopsis>
<description><para>
An endpoint can be identified in multiple ways. Currently, the only supported
option is <literal>username</literal>, which matches the endpoint based on the
username in the From header.
<note><para>Endpoints can also be identified by IP address; however, that method
of identification is not handled by this configuration option. See the documentation
for the <literal>identify</literal> configuration section for more details on that
method of endpoint identification. If this option is set to <literal>username</literal>
and an <literal>identify</literal> configuration section exists for the endpoint, then
the endpoint can be identified in multiple ways.</para></note>
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
<enumlist>
<enum name="username" />
</enumlist>
</description>
</configOption>
<configOption name="mailboxes">
<synopsis>Mailbox(es) to be associated with</synopsis>
</configOption>
<configOption name="mohsuggest" default="default">
<synopsis>Default Music On Hold class</synopsis>
</configOption>
<configOption name="outbound_auth">
<synopsis>Authentication object used for outbound requests</synopsis>
</configOption>
<configOption name="outbound_proxy">
<synopsis>Proxy through which to send requests</synopsis>
</configOption>
<configOption name="rewrite_contact">
<synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
</configOption>
<configOption name="rtp_ipv6" default="no">
<synopsis>Allow use of IPv6 for RTP traffic</synopsis>
</configOption>
<configOption name="rtp_symmetric" default="no">
<synopsis>Enforce that RTP must be symmetric</synopsis>
</configOption>
<configOption name="send_pai" default="no">
<synopsis>Send the P-Asserted-Identity header</synopsis>
</configOption>
<configOption name="send_rpid" default="no">
<synopsis>Send the Remote-Party-ID header</synopsis>
</configOption>
<configOption name="timers_min_se" default="90">
<synopsis>Minimum session timers expiration period</synopsis>
<description><para>
Minimium session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="timers" default="yes">
<synopsis>Session timers for SIP packets</synopsis>
<description>
<enumlist>
<enum name="forced" />
<enum name="no" />
<enum name="required" />
<enum name="yes" />
</enumlist>
</description>
</configOption>
<configOption name="timers_sess_expires" default="1800">
<synopsis>Maximum session timer expiration period</synopsis>
<description><para>
Maximium session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="transport">
<synopsis>Desired transport configuration</synopsis>
<description><para>
This will set the desired transport configuration to send SIP data through.
</para>
<warning><para>Not specifying a transport will <emphasis>DEFAULT</emphasis>
to the first configured transport in <filename>pjsip.conf</filename> which is
valid for the URI we are trying to contact.
</para></warning>
Mark Michelson
committed
<warning><para>Transport configuration is not affected by reloads. In order to
change transports, a full Asterisk restart is required</para></warning>
</description>
</configOption>
<configOption name="trust_id_inbound" default="no">
<synopsis>Accept identification information received from this endpoint</synopsis>
<description><para>This option determines whether Asterisk will accept
identification from the endpoint from headers such as P-Asserted-Identity
or Remote-Party-ID header. This option applies both to calls originating from the
endpoint and calls originating from Asterisk. If <literal>no</literal>, the
configured Caller-ID from pjsip.conf will always be used as the identity for
the endpoint.</para></description>
</configOption>
<configOption name="trust_id_outbound" default="no">
<synopsis>Send private identification details to the endpoint.</synopsis>
<description><para>This option determines whether res_pjsip will send private
identification information to the endpoint. If <literal>no</literal>,
private Caller-ID information will not be forwarded to the endpoint.
"Private" in this case refers to any method of restricting identification.
Example: setting <replaceable>callerid_privacy</replaceable> to any
<literal>prohib</literal> variation.
Example: If <replaceable>trust_id_inbound</replaceable> is set to
<literal>yes</literal>, the presence of a <literal>Privacy: id</literal>
header in a SIP request or response would indicate the identification
provided in the request is private.</para></description>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'endpoint'.</synopsis>
</configOption>
<configOption name="use_ptime" default="no">
<synopsis>Use Endpoint's requested packetisation interval</synopsis>
</configOption>
<configOption name="use_avpf" default="no">
<synopsis>Determines whether res_pjsip will use and enforce usage of AVPF for this
endpoint.</synopsis>
<description><para>
If set to <literal>yes</literal>, res_pjsip will use use the AVPF or SAVPF RTP
profile for all media offers on outbound calls and media updates and will
decline media offers not using the AVPF or SAVPF profile.
</para><para>
If set to <literal>no</literal>, res_pjsip will use use the AVP or SAVP RTP
profile for all media offers on outbound calls and media updates and will
decline media offers not using the AVP or SAVP profile.
</para></description>
</configOption>
<configOption name="media_encryption" default="no">
<synopsis>Determines whether res_pjsip will use and enforce usage of media encryption
for this endpoint.</synopsis>
<description>
<enumlist>
<enum name="no"><para>
res_pjsip will offer no encryption and allow no encryption to be setup.
</para></enum>
<enum name="sdes"><para>
res_pjsip will offer standard SRTP setup via in-SDP keys. Encrypted SIP
transport should be used in conjunction with this option to prevent
exposure of media encryption keys.
</para></enum>
res_pjsip will offer DTLS-SRTP setup.
</enumlist>
</description>
</configOption>
<configOption name="inband_progress" default="no">
<synopsis>Determines whether chan_pjsip will indicate ringing using inband
progress.</synopsis>
<description><para>
If set to <literal>yes</literal>, chan_pjsip will send a 183 Session Progress
when told to indicate ringing and will immediately start sending ringing
as audio.
</para><para>
If set to <literal>no</literal>, chan_pjsip will send a 180 Ringing when told
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
to indicate ringing and will NOT send it as audio.
</para></description>
</configOption>
<configOption name="callgroup">
<synopsis>The numeric pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="pickupgroup">
<synopsis>The numeric pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="namedcallgroup">
<synopsis>The named pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
<configOption name="namedpickupgroup">
<synopsis>The named pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
Joshua Colp
committed
<configOption name="devicestate_busy_at" default="0">
<synopsis>The number of in-use channels which will cause busy to be returned as device state</synopsis>
<description><para>
When the number of in-use channels for the endpoint matches the devicestate_busy_at setting the
PJSIP channel driver will return busy as the device state instead of in use.
Joshua Colp
committed
</para></description>
</configOption>
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
<configOption name="t38udptl" default="no">
<synopsis>Whether T.38 UDPTL support is enabled or not</synopsis>
<description><para>
If set to yes T.38 UDPTL support will be enabled, and T.38 negotiation requests will be accepted
and relayed.
</para></description>
</configOption>
<configOption name="t38udptl_ec" default="none">
<synopsis>T.38 UDPTL error correction method</synopsis>
<description>
<enumlist>
<enum name="none"><para>
No error correction should be used.
</para></enum>
<enum name="fec"><para>
Forward error correction should be used.
</para></enum>
<enum name="redundancy"><para>
Redundacy error correction should be used.
</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="t38udptl_maxdatagram" default="0">
<synopsis>T.38 UDPTL maximum datagram size</synopsis>
<description><para>
This option can be set to override the maximum datagram of a remote endpoint for broken
endpoints.
</para></description>
</configOption>
<configOption name="faxdetect" default="no">
<synopsis>Whether CNG tone detection is enabled</synopsis>
<description><para>
This option can be set to send the session to the fax extension when a CNG tone is
detected.
</para></description>
</configOption>
<configOption name="t38udptl_nat" default="no">
<synopsis>Whether NAT support is enabled on UDPTL sessions</synopsis>
<description><para>
When enabled the UDPTL stack will send UDPTL packets to the source address of
received packets.
</para></description>
</configOption>
<configOption name="t38udptl_ipv6" default="no">
<synopsis>Whether IPv6 is used for UDPTL Sessions</synopsis>
<description><para>
When enabled the UDPTL stack will use IPv6.
</para></description>
</configOption>
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
<configOption name="tonezone">
<synopsis>Set which country's indications to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="language">
<synopsis>Set the default language to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="one_touch_recording" default="no">
<synopsis>Determines whether one-touch recording is allowed for this endpoint.</synopsis>
<see-also>
<ref type="configOption">recordonfeature</ref>
<ref type="configOption">recordofffeature</ref>
</see-also>
</configOption>
<configOption name="recordonfeature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned on.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "on", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">recordofffeature</ref>
</see-also>
</configOption>
<configOption name="recordofffeature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned off.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "off", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">recordonfeature</ref>
</see-also>
</configOption>
<configOption name="rtpengine" default="asterisk">
<synopsis>Name of the RTP engine to use for channels created for this endpoint</synopsis>
</configOption>
<configOption name="allowtransfer" default="yes">
<synopsis>Determines whether SIP REFER transfers are allowed for this endpoint</synopsis>
</configOption>
<configOption name="sdpowner" default="-">
<synopsis>String placed as the username portion of an SDP origin (o=) line.</synopsis>
</configOption>
<configOption name="sdpsession" default="Asterisk">
<synopsis>String used for the SDP session (s=) line.</synopsis>
</configOption>
<configOption name="tos_audio">
<synopsis>DSCP TOS bits for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="tos_video">
<synopsis>DSCP TOS bits for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_audio">
<synopsis>Priority for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_video">
<synopsis>Priority for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="allowsubscribe" default="yes">
<synopsis>Determines if endpoint is allowed to initiate subscriptions with Asterisk.</synopsis>
</configOption>
<configOption name="subminexpiry" default="60">
<synopsis>The minimum allowed expiry time for subscriptions initiated by the endpoint.</synopsis>
</configOption>
<configOption name="fromuser">
<synopsis>Username to use in From header for requests to this endpoint.</synopsis>
</configOption>
<configOption name="mwifromuser">
<synopsis>Username to use in From header for unsolicited MWI NOTIFYs to this endpoint.</synopsis>
</configOption>
<configOption name="fromdomain">
<synopsis>Domain to user in From header for requests to this endpoint.</synopsis>
</configOption>
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
<configOption name="dtlsverify">
<synopsis>Verify that the provided peer certificate is valid</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlsrekey">
<synopsis>Interval at which to renegotiate the TLS session and rekey the SRTP session</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para><para>
If this is not set or the value provided is 0 rekeying will be disabled.
</para></description>
</configOption>
<configOption name="dtlscertfile">
<synopsis>Path to certificate file to present to peer</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlsprivatekey">
<synopsis>Path to private key for certificate file</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlscipher">
<synopsis>Cipher to use for DTLS negotiation</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para><para>
Many options for acceptable ciphers. See link for more:
http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
</para></description>
</configOption>
<configOption name="dtlscafile">
<synopsis>Path to certificate authority certificate</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlscapath">
<synopsis>Path to a directory containing certificate authority certificates</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlssetup">
<synopsis>Whether we are willing to accept connections, connect to the other party, or both.</synopsis>
<description>
<para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para>
<enumlist>
<enum name="active"><para>
res_pjsip will make a connection to the peer.
</para></enum>
<enum name="passive"><para>
res_pjsip will accept connections from the peer.
</para></enum>
<enum name="actpass"><para>
res_pjsip will offer and accept connections from the peer.
</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="srtp_tag_32">
<synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>sdes</literal> or <literal>dtls</literal>.
</para></description>
</configOption>
</configObject>
<configObject name="auth">
<synopsis>Authentication type</synopsis>
<description><para>
Rusty Newton
committed
Authentication objects hold the authentication information for use
by other objects such as <literal>endpoints</literal> or <literal>registrations</literal>.
This also allows for multiple objects to use a single auth object. See
the <literal>auth_type</literal> config option for password style choices.
</para></description>
<configOption name="auth_type" default="userpass">
<synopsis>Authentication type</synopsis>
<description><para>
Rusty Newton
committed
This option specifies which of the password style config options should be read
when trying to authenticate an endpoint inbound request. If set to <literal>userpass</literal>
then we'll read from the 'password' option. For <literal>md5</literal> we'll read
from 'md5_cred'.
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
</para>
<enumlist>
<enum name="md5"/>
<enum name="userpass"/>
</enumlist>
</description>
</configOption>
<configOption name="nonce_lifetime" default="32">
<synopsis>Lifetime of a nonce associated with this authentication config.</synopsis>
</configOption>
<configOption name="md5_cred">
<synopsis>MD5 Hash used for authentication.</synopsis>
<description><para>Only used when auth_type is <literal>md5</literal>.</para></description>
</configOption>
<configOption name="password">
<synopsis>PlainText password used for authentication.</synopsis>
<description><para>Only used when auth_type is <literal>userpass</literal>.</para></description>
</configOption>
<configOption name="realm" default="asterisk">
<synopsis>SIP realm for endpoint</synopsis>
</configOption>
<configOption name="type">
<synopsis>Must be 'auth'</synopsis>
</configOption>
<configOption name="username">
<synopsis>Username to use for account</synopsis>
</configOption>
</configObject>
<configObject name="nat_hook">
<synopsis>XXX This exists only to prevent XML documentation errors.</synopsis>
<configOption name="external_media_address">
<synopsis>I should be undocumented or hidden</synopsis>
</configOption>
<configOption name="method">
<synopsis>I should be undocumented or hidden</synopsis>
</configOption>
</configObject>
<configObject name="domain_alias">
<synopsis>Domain Alias</synopsis>
<description><para>
Rusty Newton
committed
Signifies that a domain is an alias. If the domain on a session is
not found to match an AoR then this object is used to see if we have
an alias for the AoR to which the endpoint is binding. This objects
name as defined in configuration should be the domain alias and a
config option is provided to specify the domain to be aliased.
</para></description>
<configOption name="type">
<synopsis>Must be of type 'domain_alias'.</synopsis>
</configOption>
<configOption name="domain">
<synopsis>Domain to be aliased</synopsis>
</configOption>
</configObject>
<configObject name="transport">
<synopsis>SIP Transport</synopsis>
<description><para>
<emphasis>Transports</emphasis>
</para>
<para>There are different transports and protocol derivatives
supported by <literal>res_pjsip</literal>. They are in order of
preference: UDP, TCP, and WebSocket (WS).</para>
Rusty Newton
committed
<note><para>Changes to transport configuration in pjsip.conf will only be
effected on a complete restart of Asterisk. A module reload
will not suffice.</para></note>
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
</description>
<configOption name="async_operations" default="1">
<synopsis>Number of simultaneous Asynchronous Operations</synopsis>
</configOption>
<configOption name="bind">
<synopsis>IP Address and optional port to bind to for this transport</synopsis>
</configOption>
<configOption name="ca_list_file">
<synopsis>File containing a list of certificates to read (TLS ONLY)</synopsis>
</configOption>
<configOption name="cert_file">
<synopsis>Certificate file for endpoint (TLS ONLY)</synopsis>
</configOption>
<configOption name="cipher">
<synopsis>Preferred Cryptography Cipher (TLS ONLY)</synopsis>
<description><para>
Many options for acceptable ciphers see link for more:
http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
</para></description>
</configOption>
<configOption name="domain">
<synopsis>Domain the transport comes from</synopsis>
</configOption>
<configOption name="external_media_address">
<synopsis>External Address to use in RTP handling</synopsis>
</configOption>
<configOption name="external_signaling_address">
<synopsis>External address for SIP signalling</synopsis>
</configOption>
<configOption name="external_signaling_port" default="0">
<synopsis>External port for SIP signalling</synopsis>
</configOption>
<configOption name="method">
<synopsis>Method of SSL transport (TLS ONLY)</synopsis>
<description>
<enumlist>
<enum name="default" />
<enum name="unspecified" />
<enum name="tlsv1" />
<enum name="sslv2" />
<enum name="sslv3" />
<enum name="sslv23" />
</enumlist>
</description>
</configOption>
<configOption name="localnet">
<synopsis>Network to consider local (used for NAT purposes).</synopsis>
<description><para>This must be in CIDR or dotted decimal format with the IP
and mask separated with a slash ('/').</para></description>
</configOption>
<configOption name="password">
<synopsis>Password required for transport</synopsis>
</configOption>
<configOption name="privkey_file">
<synopsis>Private key file (TLS ONLY)</synopsis>
</configOption>
<configOption name="protocol" default="udp">
<synopsis>Protocol to use for SIP traffic</synopsis>
<description>
<enumlist>
<enum name="udp" />
<enum name="tcp" />
<enum name="tls" />
</enumlist>
</description>
</configOption>
<configOption name="require_client_cert" default="false">
<synopsis>Require client certificate (TLS ONLY)</synopsis>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'transport'.</synopsis>
</configOption>
<configOption name="verify_client" default="false">
<synopsis>Require verification of client certificate (TLS ONLY)</synopsis>
</configOption>
<configOption name="verify_server" default="false">
<synopsis>Require verification of server certificate (TLS ONLY)</synopsis>
</configOption>
</configObject>
<configObject name="contact">
<synopsis>A way of creating an aliased name to a SIP URI</synopsis>
<description><para>
Contacts are a way to hide SIP URIs from the dialplan directly.
They are also used to make a group of contactable parties when
in use with <literal>AoR</literal> lists.
</para></description>
<configOption name="type">
<synopsis>Must be of type 'contact'.</synopsis>
</configOption>
<configOption name="uri">
<synopsis>SIP URI to contact peer</synopsis>
</configOption>
<configOption name="expiration_time">
<synopsis>Time to keep alive a contact</synopsis>
<description><para>
Time to keep alive a contact. String style specification.
</para></description>
</configOption>
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
<configOption name="qualify_frequency" default="0">
<synopsis>Interval at which to qualify a contact</synopsis>
<description><para>
Interval between attempts to qualify the contact for reachability.
If <literal>0</literal> never qualify. Time in seconds.
</para></description>
</configOption>
</configObject>
<configObject name="contact_status">
<synopsis>Status for a contact</synopsis>
<description><para>
The contact status keeps track of whether or not a contact is reachable
and how long it took to qualify the contact (round trip time).
</para></description>
<configOption name="status">
<synopsis>A contact's status</synopsis>
<description>
<enumlist>
<enum name="AVAILABLE" />
<enum name="UNAVAILABLE" />
</enumlist>
</description>
</configOption>
<configOption name="rtt">
<synopsis>Round trip time</synopsis>
<description><para>
The time, in microseconds, it took to qualify the contact.
</para></description>
</configOption>
</configObject>
<configObject name="aor">
<synopsis>The configuration for a location of an endpoint</synopsis>
<description><para>
An AoR is what allows Asterisk to contact an endpoint via res_pjsip. If no
AoRs are specified, an endpoint will not be reachable by Asterisk.
Beyond that, an AoR has other uses within Asterisk, such as inbound
registration.
</para><para>
An <literal>AoR</literal> is a way to allow dialing a group
of <literal>Contacts</literal> that all use the same
<literal>endpoint</literal> for calls.
</para><para>
This can be used as another way of grouping a list of contacts to dial
rather than specifing them each directly when dialing via the dialplan.
This must be used in conjuction with the <literal>PJSIP_DIAL_CONTACTS</literal>.
</para><para>
Registrations: For Asterisk to match an inbound registration to an endpoint,
the AoR object name must match the user portion of the SIP URI in the "To:"
header of the inbound SIP registration. That will usually be equivalent
to the "user name" set in your hard or soft phones configuration.
</para></description>
<configOption name="contact">
<synopsis>Permanent contacts assigned to AoR</synopsis>
<description><para>
Contacts specified will be called whenever referenced
</para><para>
Use a separate "contact=" entry for each contact required. Contacts
are specified using a SIP URI.
</para></description>
</configOption>
<configOption name="default_expiration" default="3600">
<synopsis>Default expiration time in seconds for contacts that are dynamically bound to an AoR.</synopsis>
</configOption>
<configOption name="mailboxes">
<synopsis>Mailbox(es) to be associated with</synopsis>
<description><para>This option applies when an external entity subscribes to an AoR
for message waiting indications. The mailboxes specified will be subscribed to.
More than one mailbox can be specified with a comma-delimited string.</para></description>
</configOption>
<configOption name="maximum_expiration" default="7200">
<synopsis>Maximum time to keep an AoR</synopsis>
<description><para>
Maximium time to keep a peer with explicit expiration. Time in seconds.
</para></description>
</configOption>
<configOption name="max_contacts" default="0">
<synopsis>Maximum number of contacts that can bind to an AoR</synopsis>
<description><para>
Maximum number of contacts that can associate with this AoR. This value does
not affect the number of contacts that can be added with the "contact" option.
It only limits contacts added through external interaction, such as
registration.
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
</para>
<note><para>This should be set to <literal>1</literal> and
<replaceable>remove_existing</replaceable> set to <literal>yes</literal> if you
wish to stick with the older <literal>chan_sip</literal> behaviour.
</para></note>
</description>
</configOption>
<configOption name="minimum_expiration" default="60">
<synopsis>Minimum keep alive time for an AoR</synopsis>
<description><para>
Minimum time to keep a peer with an explict expiration. Time in seconds.
</para></description>
</configOption>
<configOption name="remove_existing" default="no">
<synopsis>Determines whether new contacts replace existing ones.</synopsis>
<description><para>
On receiving a new registration to the AoR should it remove
the existing contact that was registered against it?
</para>
<note><para>This should be set to <literal>yes</literal> and
<replaceable>max_contacts</replaceable> set to <literal>1</literal> if you
wish to stick with the older <literal>chan_sip</literal> behaviour.
</para></note>
</description>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'aor'.</synopsis>
</configOption>
<configOption name="qualify_frequency" default="0">
<synopsis>Interval at which to qualify an AoR</synopsis>
<description><para>
Interval between attempts to qualify the AoR for reachability.
If <literal>0</literal> never qualify. Time in seconds.
</para></description>
</configOption>
<configOption name="authenticate_qualify" default="no">
<synopsis>Authenticates a qualify request if needed</synopsis>
<description><para>
If true and a qualify request receives a challenge or authenticate response
authentication is attempted before declaring the contact available.
</para></description>
</configOption>
<configObject name="system">
<synopsis>Options that apply to the SIP stack as well as other system-wide settings</synopsis>
<description><para>
The settings in this section are global. In addition to being global, the values will
not be re-evaluated when a reload is performed. This is because the values must be set
before the SIP stack is initialized. The only way to reset these values is to either
restart Asterisk, or unload res_pjsip.so and then load it again.
</para></description>
<configOption name="timert1" default="500">
<synopsis>Set transaction timer T1 value (milliseconds).</synopsis>
<description><para>
Timer T1 is the base for determining how long to wait before retransmitting
requests that receive no response when using an unreliable transport (e.g. UDP).
For more information on this timer, see RFC 3261, Section 17.1.1.1.
</para></description>
</configOption>
<configOption name="timerb" default="32000">
<synopsis>Set transaction timer B value (milliseconds).</synopsis>
<description><para>
Timer B determines the maximum amount of time to wait after sending an INVITE
request before terminating the transaction. It is recommended that this be set
to 64 * Timer T1, but it may be set higher if desired. For more information on
this timer, see RFC 3261, Section 17.1.1.1.
</para></description>
</configOption>
<configOption name="compactheaders" default="no">
<synopsis>Use the short forms of common SIP header names.</synopsis>
</configOption>
<configOption name="threadpool_initial_size" default="0">
<synopsis>Initial number of threads in the res_pjsip threadpool.</synopsis>
</configOption>
<configOption name="threadpool_auto_increment" default="5">
<synopsis>The amount by which the number of threads is incremented when necessary.</synopsis>
</configOption>
<configOption name="threadpool_idle_timeout" default="60">
<synopsis>Number of seconds before an idle thread should be disposed of.</synopsis>
</configOption>
<configOption name="threadpool_max_size" default="0">
<synopsis>Maximum number of threads in the res_pjsip threadpool.
A value of 0 indicates no maximum.</synopsis>
</configOption>
Rusty Newton
committed
<configOption name="type">
<synopsis>Must be of type 'system'.</synopsis>
</configObject>
<configObject name="global">
<synopsis>Options that apply globally to all SIP communications</synopsis>
<description><para>
The settings in this section are global. Unlike options in the <literal>system</literal>
section, these options can be refreshed by performing a reload.
</para></description>
<configOption name="maxforwards" default="70">
<synopsis>Value used in Max-Forwards header for SIP requests.</synopsis>
</configOption>
<configOption name="useragent" default="Asterisk <Asterisk Version>">
<synopsis>Value used in User-Agent header for SIP requests and Server header for SIP responses.</synopsis>
</configOption>
Rusty Newton
committed
<configOption name="type">
<synopsis>Must be of type 'global'.</synopsis>
<manager name="PJSIPQualify" language="en_US">
<synopsis>
Qualify a chan_pjsip endpoint.
</synopsis>
<syntax>