Newer
Older
/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2013, Digium, Inc.
*
* Mark Michelson <mmichelson@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
#include "asterisk.h"
#include <pjsip.h>
/* Needed for SUBSCRIBE, NOTIFY, and PUBLISH method definitions */
#include <pjsip_simple.h>
#include <pjsip/sip_transaction.h>
#include <pj/timer.h>
#include <pjmedia/errno.h>
#include "asterisk/res_pjsip.h"
#include "res_pjsip/include/res_pjsip_private.h"
#include "asterisk/linkedlists.h"
#include "asterisk/logger.h"
#include "asterisk/lock.h"
#include "asterisk/utils.h"
#include "asterisk/astobj2.h"
#include "asterisk/module.h"
#include "asterisk/threadpool.h"
#include "asterisk/taskprocessor.h"
#include "asterisk/uuid.h"
#include "asterisk/sorcery.h"
Joshua Colp
committed
#include "asterisk/file.h"
#include "asterisk/cli.h"
#include "asterisk/res_pjsip_cli.h"
#include "asterisk/test.h"
#include "asterisk/res_pjsip_presence_xml.h"
#include "asterisk/res_pjproject.h"
/*** MODULEINFO
<depend>pjproject</depend>
<depend>res_pjproject</depend>
<depend>res_sorcery_config</depend>
<depend>res_sorcery_memory</depend>
<depend>res_sorcery_astdb</depend>
<support_level>core</support_level>
***/
<configInfo name="res_pjsip" language="en_US">
<synopsis>SIP Resource using PJProject</synopsis>
<configObject name="endpoint">
<synopsis>Endpoint</synopsis>
<description><para>
The <emphasis>Endpoint</emphasis> is the primary configuration object.
It contains the core SIP related options only, endpoints are <emphasis>NOT</emphasis>
dialable entries of their own. Communication with another SIP device is
accomplished via Addresses of Record (AoRs) which have one or more
contacts associated with them. Endpoints <emphasis>NOT</emphasis> configured to
use a <literal>transport</literal> will default to first transport found
in <filename>pjsip.conf</filename> that matches its type.
</para>
<para>Example: An Endpoint has been configured with no transport.
When it comes time to call an AoR, PJSIP will find the
first transport that matches the type. A SIP URI of <literal>sip:5000@[11::33]</literal>
will use the first IPv6 transport and try to send the request.
</para>
<para>If the anonymous endpoint identifier is in use an endpoint with the name
"anonymous@domain" will be searched for as a last resort. If this is not found
it will fall back to searching for "anonymous". If neither endpoints are found
the anonymous endpoint identifier will not return an endpoint and anonymous
calling will not be possible.
</para>
</description>
<configOption name="100rel" default="yes">
<synopsis>Allow support for RFC3262 provisional ACK tags</synopsis>
<description>
<enumlist>
<enum name="no" />
<enum name="required" />
<enum name="yes" />
</enumlist>
</description>
</configOption>
<configOption name="aggregate_mwi" default="yes">
<synopsis>Condense MWI notifications into a single NOTIFY.</synopsis>
<description><para>When enabled, <replaceable>aggregate_mwi</replaceable> condenses message
waiting notifications from multiple mailboxes into a single NOTIFY. If it is disabled,
individual NOTIFYs are sent for each mailbox.</para></description>
</configOption>
<configOption name="allow">
<synopsis>Media Codec(s) to allow</synopsis>
</configOption>
<configOption name="allow_overlap" default="yes">
<synopsis>Enable RFC3578 overlap dialing support.</synopsis>
</configOption>
<configOption name="aors">
<synopsis>AoR(s) to be used with the endpoint</synopsis>
<description><para>
List of comma separated AoRs that the endpoint should be associated with.
</para></description>
</configOption>
<configOption name="auth">
<synopsis>Authentication Object(s) associated with the endpoint</synopsis>
<description><para>
This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
in <filename>pjsip.conf</filename> to be used to verify inbound connection attempts.
Endpoints without an authentication object
configured will allow connections without verification.</para>
<note><para>
Using the same auth section for inbound and outbound
authentication is not recommended. There is a difference in
meaning for an empty realm setting between inbound and outbound
authentication uses. See the auth realm description for details.
</para></note>
</description>
</configOption>
<configOption name="callerid">
<synopsis>CallerID information for the endpoint</synopsis>
<description><para>
Must be in the format <literal>Name <Number></literal>,
or only <literal><Number></literal>.
</para></description>
</configOption>
<configOption name="callerid_privacy">
<synopsis>Default privacy level</synopsis>
<description>
<enumlist>
<enum name="allowed_not_screened" />
<enum name="allowed_passed_screen" />
<enum name="allowed_failed_screen" />
<enum name="allowed" />
<enum name="prohib_not_screened" />
<enum name="prohib_passed_screen" />
<enum name="prohib_failed_screen" />
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
<enum name="prohib" />
<enum name="unavailable" />
</enumlist>
</description>
</configOption>
<configOption name="callerid_tag">
<synopsis>Internal id_tag for the endpoint</synopsis>
</configOption>
<configOption name="context">
<synopsis>Dialplan context for inbound sessions</synopsis>
</configOption>
<configOption name="direct_media_glare_mitigation" default="none">
<synopsis>Mitigation of direct media (re)INVITE glare</synopsis>
<description>
<para>
This setting attempts to avoid creating INVITE glare scenarios
by disabling direct media reINVITEs in one direction thereby allowing
designated servers (according to this option) to initiate direct
media reINVITEs without contention and significantly reducing call
setup time.
</para>
<para>
A more detailed description of how this option functions can be found on
the Asterisk wiki https://wiki.asterisk.org/wiki/display/AST/SIP+Direct+Media+Reinvite+Glare+Avoidance
</para>
<enumlist>
<enum name="none" />
<enum name="outgoing" />
<enum name="incoming" />
</enumlist>
</description>
</configOption>
<configOption name="direct_media_method" default="invite">
<synopsis>Direct Media method type</synopsis>
<description>
<para>Method for setting up Direct Media between endpoints.</para>
<enumlist>
<enum name="invite" />
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update" />
</enumlist>
</description>
</configOption>
<configOption name="trust_connected_line">
<synopsis>Accept Connected Line updates from this endpoint</synopsis>
</configOption>
<configOption name="send_connected_line">
<synopsis>Send Connected Line updates to this endpoint</synopsis>
</configOption>
<configOption name="connected_line_method" default="invite">
<synopsis>Connected line method type</synopsis>
<description>
<para>Method used when updating connected line information.</para>
<enumlist>
<enum name="invite">
<para>When set to <literal>invite</literal>, check the remote's Allow header and
if UPDATE is allowed, send UPDATE instead of INVITE to avoid SDP
renegotiation. If UPDATE is not Allowed, send INVITE.</para>
</enum>
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update">
<para>If set to <literal>update</literal>, send UPDATE regardless of what the remote
Allows. </para>
</enum>
</enumlist>
</description>
</configOption>
<configOption name="direct_media" default="yes">
<synopsis>Determines whether media may flow directly between endpoints.</synopsis>
</configOption>
<configOption name="disable_direct_media_on_nat" default="no">
<synopsis>Disable direct media session refreshes when NAT obstructs the media session</synopsis>
</configOption>
<configOption name="disallow">
<synopsis>Media Codec(s) to disallow</synopsis>
</configOption>
<configOption name="dtmf_mode" default="rfc4733">
<synopsis>DTMF mode</synopsis>
<description>
<para>This setting allows to choose the DTMF mode for endpoint communication.</para>
<enumlist>
<enum name="rfc4733">
Richard Mudgett
committed
<para>DTMF is sent out of band of the main audio stream. This
supercedes the older <emphasis>RFC-2833</emphasis> used within
the older <literal>chan_sip</literal>.</para>
</enum>
<enum name="inband">
<para>DTMF is sent as part of audio stream.</para>
</enum>
<enum name="info">
<para>DTMF is sent as SIP INFO packets.</para>
</enum>
<enum name="auto">
<para>DTMF is sent as RFC 4733 if the other side supports it or as INBAND if not.</para>
</enum>
<enum name="auto_info">
<para>DTMF is sent as RFC 4733 if the other side supports it or as SIP INFO if not.</para>
</enum>
</enumlist>
</description>
</configOption>
Rusty Newton
committed
<configOption name="media_address">
<synopsis>IP address used in SDP for media handling</synopsis>
<description><para>
At the time of SDP creation, the IP address defined here will be used as
the media address for individual streams in the SDP.
Rusty Newton
committed
</para>
<note><para>
Rusty Newton
committed
Be aware that the <literal>external_media_address</literal> option, set in Transport
configuration, can also affect the final media address used in the SDP.
Rusty Newton
committed
</para></note>
</description>
<configOption name="bind_rtp_to_media_address">
<synopsis>Bind the RTP instance to the media_address</synopsis>
<description><para>
If media_address is specified, this option causes the RTP instance to be bound to the
specified ip address which causes the packets to be sent from that address.
</para>
</description>
</configOption>
<configOption name="force_rport" default="yes">
<synopsis>Force use of return port</synopsis>
</configOption>
<configOption name="ice_support" default="no">
<synopsis>Enable the ICE mechanism to help traverse NAT</synopsis>
</configOption>
<configOption name="identify_by">
<synopsis>Way(s) for the endpoint to be identified</synopsis>
<description>
<para>Endpoints and AORs can be identified in multiple ways. This
option is a comma separated list of methods the endpoint can be
identified.
<note><para>
This option controls both how an endpoint is matched for incoming
traffic and also how an AOR is determined if a registration
occurs. You must list at least one method that also matches for
AORs or the registration will fail.
</para></note>
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
<enum name="username">
<para>Matches the endpoint or AOR ID based on the username
and domain in the From header (or To header for AORs). If
an exact match on both username and domain/realm fails, the
match is retried with just the username.
</para>
</enum>
<enum name="auth_username">
<para>Matches the endpoint or AOR ID based on the username
and realm in the Authentication header. If an exact match
on both username and domain/realm fails, the match is
retried with just the username.
</para>
<note><para>This method of identification has some security
considerations because an Authentication header is not
present on the first message of a dialog when digest
authentication is used. The client can't generate it until
the server sends the challenge in a 401 response. Since
Asterisk normally sends a security event when an incoming
request can't be matched to an endpoint, using this method
requires that the security event be deferred until a request
is received with the Authentication header and only
generated if the username doesn't result in a match. This
may result in a delay before an attack is recognized. You
can control how many unmatched requests are received from
a single ip address before a security event is generated
using the <literal>unidentified_request</literal>
parameters in the "global" configuration object.
</para></note>
</enum>
<enum name="ip">
<para>Matches the endpoint based on the source IP address.
</para>
<para>This method of identification is not configured here
but simply allowed by this configuration option. See the
documentation for the <literal>identify</literal>
configuration section for more details on this method of
endpoint identification.
</para>
</enum>
Richard Mudgett
committed
<enum name="header">
<para>Matches the endpoint based on a configured SIP header
value.
</para>
<para>This method of identification is not configured here
but simply allowed by this configuration option. See the
documentation for the <literal>identify</literal>
configuration section for more details on this method of
endpoint identification.
</para>
</enum>
</enumlist>
</description>
</configOption>
<configOption name="redirect_method">
<synopsis>How redirects received from an endpoint are handled</synopsis>
<description><para>
When a redirect is received from an endpoint there are multiple ways it can be handled.
If this option is set to <literal>user</literal> the user portion of the redirect target
is treated as an extension within the dialplan and dialed using a Local channel. If this option
is set to <literal>uri_core</literal> the target URI is returned to the dialing application
which dials it using the PJSIP channel driver and endpoint originally used. If this option is
set to <literal>uri_pjsip</literal> the redirect occurs within chan_pjsip itself and is not exposed
to the core at all. The <literal>uri_pjsip</literal> option has the benefit of being more efficient
and also supporting multiple potential redirect targets. The con is that since redirection occurs
within chan_pjsip redirecting information is not forwarded and redirection can not be
prevented.
</para>
<enumlist>
<enum name="user" />
<enum name="uri_core" />
<enum name="uri_pjsip" />
</enumlist>
</description>
</configOption>
Rusty Newton
committed
<synopsis>NOTIFY the endpoint when state changes for any of the specified mailboxes</synopsis>
<description><para>
Asterisk will send unsolicited MWI NOTIFY messages to the endpoint when state
changes happen for any of the specified mailboxes. More than one mailbox can be
specified with a comma-delimited string. app_voicemail mailboxes must be specified
as mailbox@context; for example: mailboxes=6001@default. For mailboxes provided by
external sources, such as through the res_external_mwi module, you must specify
strings supported by the external system.
</para><para>
For endpoints that SUBSCRIBE for MWI, use the <literal>mailboxes</literal> option in your AOR
Rusty Newton
committed
configuration.
</para></description>
George Joseph
committed
<configOption name="mwi_subscribe_replaces_unsolicited">
<synopsis>An MWI subscribe will replace sending unsolicited NOTIFYs</synopsis>
</configOption>
<configOption name="voicemail_extension">
<synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
</configOption>
<configOption name="moh_suggest" default="default">
<synopsis>Default Music On Hold class</synopsis>
</configOption>
<configOption name="outbound_auth">
<synopsis>Authentication object(s) used for outbound requests</synopsis>
<description><para>
This is a comma-delimited list of <replaceable>auth</replaceable>
sections defined in <filename>pjsip.conf</filename> used to respond
to outbound connection authentication challenges.</para>
<note><para>
Using the same auth section for inbound and outbound
authentication is not recommended. There is a difference in
meaning for an empty realm setting between inbound and outbound
authentication uses. See the auth realm description for details.
</para></note>
</description>
</configOption>
<configOption name="outbound_proxy">
<synopsis>Full SIP URI of the outbound proxy used to send requests</synopsis>
</configOption>
<configOption name="rewrite_contact">
<synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
<description><para>
On inbound SIP messages from this endpoint, the Contact header or an
appropriate Record-Route header will be changed to have the source IP
address and port. This option does not affect outbound messages sent to
this endpoint. This option helps servers communicate with endpoints
that are behind NATs. This option also helps reuse reliable transport
connections such as TCP and TLS.
</para></description>
</configOption>
<configOption name="rtp_ipv6" default="no">
<synopsis>Allow use of IPv6 for RTP traffic</synopsis>
</configOption>
<configOption name="rtp_symmetric" default="no">
<synopsis>Enforce that RTP must be symmetric</synopsis>
</configOption>
<configOption name="send_diversion" default="yes">
<synopsis>Send the Diversion header, conveying the diversion
information to the called user agent</synopsis>
</configOption>
<configOption name="send_pai" default="no">
<synopsis>Send the P-Asserted-Identity header</synopsis>
</configOption>
<configOption name="send_rpid" default="no">
<synopsis>Send the Remote-Party-ID header</synopsis>
</configOption>
Richard Mudgett
committed
<configOption name="rpid_immediate" default="no">
<synopsis>Immediately send connected line updates on unanswered incoming calls.</synopsis>
<description>
<para>When enabled, immediately send <emphasis>180 Ringing</emphasis>
or <emphasis>183 Progress</emphasis> response messages to the
caller if the connected line information is updated before
the call is answered. This can send a <emphasis>180 Ringing</emphasis>
response before the call has even reached the far end. The
caller can start hearing ringback before the far end even gets
the call. Many phones tend to grab the first connected line
information and refuse to update the display if it changes. The
first information is not likely to be correct if the call
goes to an endpoint not under the control of this Asterisk
box.</para>
<para>When disabled, a connected line update must wait for
another reason to send a message with the connected line
information to the caller before the call is answered. You can
trigger the sending of the information by using an appropriate
dialplan application such as <emphasis>Ringing</emphasis>.</para>
</description>
</configOption>
<configOption name="timers_min_se" default="90">
<synopsis>Minimum session timers expiration period</synopsis>
<description><para>
Minimum session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="timers" default="yes">
<synopsis>Session timers for SIP packets</synopsis>
<description>
<enumlist>
<enum name="no" />
<enum name="yes" />
<enum name="required" />
<enum name="always" />
<enum name="forced"><para>Alias of always</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="timers_sess_expires" default="1800">
<synopsis>Maximum session timer expiration period</synopsis>
<description><para>
Maximum session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="transport">
<synopsis>Explicit transport configuration to use</synopsis>
<description>
<para>This will <emphasis>force</emphasis> the endpoint to use the
specified transport configuration to send SIP messages. You need
to already know what kind of transport (UDP/TCP/IPv4/etc) the
endpoint device will use.
<note><para>Not specifying a transport will select the first
configured transport in <filename>pjsip.conf</filename> which is
compatible with the URI we are trying to contact.
</para></note>
Mark Michelson
committed
<warning><para>Transport configuration is not affected by reloads. In order to
change transports, a full Asterisk restart is required</para></warning>
</description>
</configOption>
<configOption name="trust_id_inbound" default="no">
<synopsis>Accept identification information received from this endpoint</synopsis>
<description><para>This option determines whether Asterisk will accept
identification from the endpoint from headers such as P-Asserted-Identity
or Remote-Party-ID header. This option applies both to calls originating from the
endpoint and calls originating from Asterisk. If <literal>no</literal>, the
configured Caller-ID from pjsip.conf will always be used as the identity for
the endpoint.</para></description>
</configOption>
<configOption name="trust_id_outbound" default="no">
<synopsis>Send private identification details to the endpoint.</synopsis>
<description><para>This option determines whether res_pjsip will send private
identification information to the endpoint. If <literal>no</literal>,
private Caller-ID information will not be forwarded to the endpoint.
"Private" in this case refers to any method of restricting identification.
Example: setting <replaceable>callerid_privacy</replaceable> to any
<literal>prohib</literal> variation.
Example: If <replaceable>trust_id_inbound</replaceable> is set to
<literal>yes</literal>, the presence of a <literal>Privacy: id</literal>
header in a SIP request or response would indicate the identification
provided in the request is private.</para></description>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'endpoint'.</synopsis>
</configOption>
<configOption name="use_ptime" default="no">
<synopsis>Use Endpoint's requested packetization interval</synopsis>
<configOption name="use_avpf" default="no">
<synopsis>Determines whether res_pjsip will use and enforce usage of AVPF for this
endpoint.</synopsis>
<description><para>
If set to <literal>yes</literal>, res_pjsip will use the AVPF or SAVPF RTP
profile for all media offers on outbound calls and media updates and will
decline media offers not using the AVPF or SAVPF profile.
</para><para>
If set to <literal>no</literal>, res_pjsip will use the AVP or SAVP RTP
profile for all media offers on outbound calls and media updates, and will
decline media offers not using the AVP or SAVP profile.
</para></description>
</configOption>
Joshua Colp
committed
<configOption name="force_avp" default="no">
<synopsis>Determines whether res_pjsip will use and enforce usage of AVP,
regardless of the RTP profile in use for this endpoint.</synopsis>
<description><para>
If set to <literal>yes</literal>, res_pjsip will use the AVP, AVPF, SAVP, or
SAVPF RTP profile for all media offers on outbound calls and media updates including
those for DTLS-SRTP streams.
</para><para>
If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
depending on configuration.
</para></description>
</configOption>
<configOption name="media_use_received_transport" default="no">
<synopsis>Determines whether res_pjsip will use the media transport received in the
offer SDP in the corresponding answer SDP.</synopsis>
<description><para>
If set to <literal>yes</literal>, res_pjsip will use the received media transport.
</para><para>
If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
depending on configuration.
</para></description>
</configOption>
<configOption name="media_encryption" default="no">
<synopsis>Determines whether res_pjsip will use and enforce usage of media encryption
for this endpoint.</synopsis>
<description>
<enumlist>
<enum name="no"><para>
res_pjsip will offer no encryption and allow no encryption to be setup.
</para></enum>
<enum name="sdes"><para>
res_pjsip will offer standard SRTP setup via in-SDP keys. Encrypted SIP
transport should be used in conjunction with this option to prevent
exposure of media encryption keys.
</para></enum>
res_pjsip will offer DTLS-SRTP setup.
</enumlist>
</description>
</configOption>
<configOption name="media_encryption_optimistic" default="no">
<synopsis>Determines whether encryption should be used if possible but does not terminate the
session if not achieved.</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>sdes</literal> or <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="g726_non_standard" default="no">
<synopsis>Force g.726 to use AAL2 packing order when negotiating g.726 audio</synopsis>
<description><para>
When set to "yes" and an endpoint negotiates g.726 audio then use g.726 for AAL2
packing order instead of what is recommended by RFC3551. Since this essentially
replaces the underlying 'g726' codec with 'g726aal2' then 'g726aal2' needs to be
specified in the endpoint's allowed codec list.
</para></description>
</configOption>
<configOption name="inband_progress" default="no">
<synopsis>Determines whether chan_pjsip will indicate ringing using inband
If set to <literal>yes</literal>, chan_pjsip will send a 183 Session Progress
when told to indicate ringing and will immediately start sending ringing
as audio.
</para><para>
If set to <literal>no</literal>, chan_pjsip will send a 180 Ringing when told
to indicate ringing and will NOT send it as audio.
</para></description>
</configOption>
<configOption name="call_group">
<synopsis>The numeric pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="pickup_group">
<synopsis>The numeric pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="named_call_group">
<synopsis>The named pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
<configOption name="named_pickup_group">
<synopsis>The named pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
<configOption name="device_state_busy_at" default="0">
Joshua Colp
committed
<synopsis>The number of in-use channels which will cause busy to be returned as device state</synopsis>
<description><para>
When the number of in-use channels for the endpoint matches the devicestate_busy_at setting the
PJSIP channel driver will return busy as the device state instead of in use.
Joshua Colp
committed
</para></description>
</configOption>
<configOption name="t38_udptl" default="no">
<synopsis>Whether T.38 UDPTL support is enabled or not</synopsis>
<description><para>
If set to yes T.38 UDPTL support will be enabled, and T.38 negotiation requests will be accepted
and relayed.
</para></description>
</configOption>
<configOption name="t38_udptl_ec" default="none">
<synopsis>T.38 UDPTL error correction method</synopsis>
<description>
<enumlist>
<enum name="none"><para>
No error correction should be used.
</para></enum>
<enum name="fec"><para>
Forward error correction should be used.
</para></enum>
<enum name="redundancy"><para>
Redundancy error correction should be used.
</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="t38_udptl_maxdatagram" default="0">
<synopsis>T.38 UDPTL maximum datagram size</synopsis>
<description><para>
This option can be set to override the maximum datagram of a remote endpoint for broken
endpoints.
</para></description>
</configOption>
<configOption name="fax_detect" default="no">
<synopsis>Whether CNG tone detection is enabled</synopsis>
<description><para>
This option can be set to send the session to the fax extension when a CNG tone is
detected.
</para></description>
</configOption>
<configOption name="fax_detect_timeout">
<synopsis>How long into a call before fax_detect is disabled for the call</synopsis>
<description><para>
The option determines how many seconds into a call before the
fax_detect option is disabled for the call. Setting the value
to zero disables the timeout.
</para></description>
</configOption>
<configOption name="t38_udptl_nat" default="no">
<synopsis>Whether NAT support is enabled on UDPTL sessions</synopsis>
<description><para>
When enabled the UDPTL stack will send UDPTL packets to the source address of
received packets.
</para></description>
</configOption>
<configOption name="t38_udptl_ipv6" default="no">
<synopsis>Whether IPv6 is used for UDPTL Sessions</synopsis>
<description><para>
When enabled the UDPTL stack will use IPv6.
</para></description>
</configOption>
<configOption name="tone_zone">
<synopsis>Set which country's indications to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="language">
<synopsis>Set the default language to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="one_touch_recording" default="no">
<synopsis>Determines whether one-touch recording is allowed for this endpoint.</synopsis>
<see-also>
<ref type="configOption">record_on_feature</ref>
<ref type="configOption">record_off_feature</ref>
</see-also>
</configOption>
<configOption name="record_on_feature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned on.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "on", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">record_off_feature</ref>
</see-also>
</configOption>
<configOption name="record_off_feature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned off.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "off", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">record_on_feature</ref>
</see-also>
</configOption>
<configOption name="rtp_engine" default="asterisk">
<synopsis>Name of the RTP engine to use for channels created for this endpoint</synopsis>
</configOption>
<configOption name="allow_transfer" default="yes">
<synopsis>Determines whether SIP REFER transfers are allowed for this endpoint</synopsis>
</configOption>
Joshua Colp
committed
<configOption name="user_eq_phone" default="no">
<synopsis>Determines whether a user=phone parameter is placed into the request URI if the user is determined to be a phone number</synopsis>
</configOption>
<configOption name="moh_passthrough" default="no">
<synopsis>Determines whether hold and unhold will be passed through using re-INVITEs with recvonly and sendrecv to the remote side</synopsis>
</configOption>
<configOption name="sdp_owner" default="-">
<synopsis>String placed as the username portion of an SDP origin (o=) line.</synopsis>
</configOption>
<configOption name="sdp_session" default="Asterisk">
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
<synopsis>String used for the SDP session (s=) line.</synopsis>
</configOption>
<configOption name="tos_audio">
<synopsis>DSCP TOS bits for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="tos_video">
<synopsis>DSCP TOS bits for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_audio">
<synopsis>Priority for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_video">
<synopsis>Priority for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="allow_subscribe" default="yes">
<synopsis>Determines if endpoint is allowed to initiate subscriptions with Asterisk.</synopsis>
</configOption>
<configOption name="sub_min_expiry" default="60">
<synopsis>The minimum allowed expiry time for subscriptions initiated by the endpoint.</synopsis>
</configOption>
<configOption name="from_user">
<synopsis>Username to use in From header for requests to this endpoint.</synopsis>
</configOption>
<configOption name="mwi_from_user">
<synopsis>Username to use in From header for unsolicited MWI NOTIFYs to this endpoint.</synopsis>
</configOption>
<configOption name="from_domain">
<synopsis>Domain to user in From header for requests to this endpoint.</synopsis>
</configOption>
<configOption name="dtls_verify">
<synopsis>Verify that the provided peer certificate is valid</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtls_rekey">
<synopsis>Interval at which to renegotiate the TLS session and rekey the SRTP session</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para><para>
If this is not set or the value provided is 0 rekeying will be disabled.
</para></description>
</configOption>
<configOption name="dtls_auto_generate_cert" default="no">
<synopsis>Whether or not to automatically generate an ephemeral X.509 certificate</synopsis>
<description>
<para>
If enabled, Asterisk will generate an X.509 certificate for each DTLS session.
This option only applies if <replaceable>media_encryption</replaceable> is set
to <literal>dtls</literal>. This option will be automatically enabled if
<literal>webrtc</literal> is enabled and <literal>dtls_cert_file</literal> is
not specified.
</para>
</description>
</configOption>
<configOption name="dtls_cert_file">
<synopsis>Path to certificate file to present to peer</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtls_private_key">
<synopsis>Path to private key for certificate file</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtls_cipher">
<synopsis>Cipher to use for DTLS negotiation</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
Richard Mudgett
committed
</para>
<para>Many options for acceptable ciphers. See link for more:</para>
<para>http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
</para></description>
</configOption>
<configOption name="dtls_ca_file">
<synopsis>Path to certificate authority certificate</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtls_ca_path">
<synopsis>Path to a directory containing certificate authority certificates</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtls_setup">
<synopsis>Whether we are willing to accept connections, connect to the other party, or both.</synopsis>
<description>
<para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para>
<enumlist>
<enum name="active"><para>
res_pjsip will make a connection to the peer.
</para></enum>
<enum name="passive"><para>
res_pjsip will accept connections from the peer.
</para></enum>
<enum name="actpass"><para>
res_pjsip will offer and accept connections from the peer.
</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="dtls_fingerprint">
<synopsis>Type of hash to use for the DTLS fingerprint in the SDP.</synopsis>
<description>
<para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para>
<enumlist>
<enum name="SHA-256"></enum>
<enum name="SHA-1"></enum>
</enumlist>
</description>
</configOption>
<configOption name="srtp_tag_32">
<synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>sdes</literal> or <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="set_var">
<synopsis>Variable set on a channel involving the endpoint.</synopsis>
<description><para>
When a new channel is created using the endpoint set the specified
variable(s) on that channel. For multiple channel variables specify
multiple 'set_var'(s).
</para></description>
</configOption>
<configOption name="message_context">
<synopsis>Context to route incoming MESSAGE requests to.</synopsis>
<description><para>
If specified, incoming MESSAGE requests will be routed to the indicated
dialplan context. If no <replaceable>message_context</replaceable> is
specified, then the <replaceable>context</replaceable> setting is used.
</para></description>
</configOption>
<configOption name="accountcode">
<synopsis>An accountcode to set automatically on any channels created for this endpoint.</synopsis>
<description><para>
If specified, any channel created for this endpoint will automatically
have this accountcode set on it.
</para></description>
</configOption>
<configOption name="preferred_codec_only" default="no">
<synopsis>Respond to a SIP invite with the single most preferred codec rather than advertising all joint codec capabilities. This limits the other side's codec choice to exactly what we prefer.</synopsis>
</configOption>
<configOption name="rtp_keepalive">
<synopsis>Number of seconds between RTP comfort noise keepalive packets.</synopsis>
<description><para>
At the specified interval, Asterisk will send an RTP comfort noise frame. This may
be useful for situations where Asterisk is behind a NAT or firewall and must keep
a hole open in order to allow for media to arrive at Asterisk.
</para></description>
</configOption>
<configOption name="rtp_timeout" default="0">
<synopsis>Maximum number of seconds without receiving RTP (while off hold) before terminating call.</synopsis>
<description><para>
This option configures the number of seconds without RTP (while off hold) before
considering a channel as dead. When the number of seconds is reached the underlying
channel is hung up. By default this option is set to 0, which means do not check.
</para></description>
</configOption>
<configOption name="rtp_timeout_hold" default="0">
<synopsis>Maximum number of seconds without receiving RTP (while on hold) before terminating call.</synopsis>
<description><para>
This option configures the number of seconds without RTP (while on hold) before
considering a channel as dead. When the number of seconds is reached the underlying
channel is hung up. By default this option is set to 0, which means do not check.
</para></description>
</configOption>
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<configOption name="acl">
<synopsis>List of IP ACL section names in acl.conf</synopsis>
<description><para>
This matches sections configured in <literal>acl.conf</literal>. The value is
defined as a list of comma-delimited section names.
</para></description>
</configOption>
<configOption name="deny">
<synopsis>List of IP addresses to deny access from</synopsis>
<description><para>
The value is a comma-delimited list of IP addresses. IP addresses may
have a subnet mask appended. The subnet mask may be written in either
CIDR or dotted-decimal notation. Separate the IP address and subnet
mask with a slash ('/')
</para></description>
</configOption>
<configOption name="permit">
<synopsis>List of IP addresses to permit access from</synopsis>
<description><para>
The value is a comma-delimited list of IP addresses. IP addresses may
have a subnet mask appended. The subnet mask may be written in either
CIDR or dotted-decimal notation. Separate the IP address and subnet
mask with a slash ('/')
</para></description>
</configOption>
<configOption name="contact_acl">
<synopsis>List of Contact ACL section names in acl.conf</synopsis>
<description><para>
This matches sections configured in <literal>acl.conf</literal>. The value is
defined as a list of comma-delimited section names.
</para></description>
</configOption>
<configOption name="contact_deny">
<synopsis>List of Contact header addresses to deny</synopsis>
<description><para>
The value is a comma-delimited list of IP addresses. IP addresses may
have a subnet mask appended. The subnet mask may be written in either
CIDR or dotted-decimal notation. Separate the IP address and subnet
mask with a slash ('/')
</para></description>
</configOption>
<configOption name="contact_permit">
<synopsis>List of Contact header addresses to permit</synopsis>
<description><para>
The value is a comma-delimited list of IP addresses. IP addresses may
have a subnet mask appended. The subnet mask may be written in either
CIDR or dotted-decimal notation. Separate the IP address and subnet
mask with a slash ('/')
</para></description>
</configOption>