Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2013, Digium, Inc.
*
* Mark Michelson <mmichelson@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
#include "asterisk.h"
#include <pjsip.h>
/* Needed for SUBSCRIBE, NOTIFY, and PUBLISH method definitions */
#include <pjsip_simple.h>
#include <pjlib.h>
#include "asterisk/res_sip.h"
#include "res_sip/include/res_sip_private.h"
#include "asterisk/linkedlists.h"
#include "asterisk/logger.h"
#include "asterisk/lock.h"
#include "asterisk/utils.h"
#include "asterisk/astobj2.h"
#include "asterisk/module.h"
#include "asterisk/threadpool.h"
#include "asterisk/taskprocessor.h"
#include "asterisk/uuid.h"
#include "asterisk/sorcery.h"
/*** MODULEINFO
<depend>pjproject</depend>
<depend>res_sorcery_config</depend>
<support_level>core</support_level>
***/
/*** DOCUMENTATION
<configInfo name="res_sip" language="en_US">
<synopsis>SIP Resource using PJProject</synopsis>
<configFile name="res_sip.conf">
<configObject name="endpoint">
<synopsis>Endpoint</synopsis>
<description><para>
The <emphasis>Endpoint</emphasis> is the primary configuration object.
It contains the core SIP related options only, endpoints are <emphasis>NOT</emphasis>
dialable entries of their own. Communication with another SIP device is
accomplished via Addresses of Record (AoRs) which have one or more
contacts assicated with them. Endpoints <emphasis>NOT</emphasis> configured to
use a <literal>transport</literal> will default to first transport found
in <filename>res_sip.conf</filename> that matches its type.
</para>
<para>Example: An Endpoint has been configured with no transport.
When it comes time to call an AoR, PJSIP will find the
first transport that matches the type. A SIP URI of <literal>sip:5000@[11::33]</literal>
will use the first IPv6 transport and try to send the request.
</para>
<para>If the anonymous endpoint identifier is in use an endpoint with the name
"anonymous@domain" will be searched for as a last resort. If this is not found
it will fall back to searching for "anonymous". If neither endpoints are found
the anonymous endpoint identifier will not return an endpoint and anonymous
calling will not be possible.
</para>
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
</description>
<configOption name="100rel" default="yes">
<synopsis>Allow support for RFC3262 provisional ACK tags</synopsis>
<description>
<enumlist>
<enum name="no" />
<enum name="required" />
<enum name="yes" />
</enumlist>
</description>
</configOption>
<configOption name="aggregate_mwi" default="yes">
<synopsis></synopsis>
<description><para>When enabled, <replaceable>aggregate_mwi</replaceable> condenses message
waiting notifications from multiple mailboxes into a single NOTIFY. If it is disabled,
individual NOTIFYs are sent for each mailbox.</para></description>
</configOption>
<configOption name="allow">
<synopsis>Media Codec(s) to allow</synopsis>
</configOption>
<configOption name="aors">
<synopsis>AoR(s) to be used with the endpoint</synopsis>
<description><para>
List of comma separated AoRs that the endpoint should be associated with.
</para></description>
</configOption>
<configOption name="auth">
<synopsis>Authentication Object(s) associated with the endpoint</synopsis>
<description><para>
This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
in <filename>res_sip.conf</filename> to be used to verify inbound connection attempts.
</para><para>
Endpoints without an <literal>authentication</literal> object
configured will allow connections without vertification.
</para></description>
</configOption>
<configOption name="callerid">
<synopsis>CallerID information for the endpoint</synopsis>
<description><para>
Must be in the format <literal>Name <Number></literal>,
or only <literal><Number></literal>.
</para></description>
</configOption>
<configOption name="callerid_privacy">
<synopsis>Default privacy level</synopsis>
<description>
<enumlist>
<enum name="allowed_not_screened" />
<enum name="allowed_passed_screened" />
<enum name="allowed_failed_screened" />
<enum name="allowed" />
<enum name="prohib_not_screened" />
<enum name="prohib_passed_screened" />
<enum name="prohib_failed_screened" />
<enum name="prohib" />
<enum name="unavailable" />
</enumlist>
</description>
</configOption>
<configOption name="callerid_tag">
<synopsis>Internal id_tag for the endpoint</synopsis>
</configOption>
<configOption name="context">
<synopsis>Dialplan context for inbound sessions</synopsis>
</configOption>
<configOption name="direct_media_glare_mitigation" default="none">
<synopsis>Mitigation of direct media (re)INVITE glare</synopsis>
<description>
<para>
This setting attempts to avoid creating INVITE glare scenarios
by disabling direct media reINVITEs in one direction thereby allowing
designated servers (according to this option) to initiate direct
media reINVITEs without contention and significantly reducing call
setup time.
</para>
<para>
A more detailed description of how this option functions can be found on
the Asterisk wiki https://wiki.asterisk.org/wiki/display/AST/SIP+Direct+Media+Reinvite+Glare+Avoidance
</para>
<enumlist>
<enum name="none" />
<enum name="outgoing" />
<enum name="incoming" />
</enumlist>
</description>
</configOption>
<configOption name="direct_media_method" default="invite">
<synopsis>Direct Media method type</synopsis>
<description>
<para>Method for setting up Direct Media between endpoints.</para>
<enumlist>
<enum name="invite" />
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update" />
</enumlist>
</description>
</configOption>
<configOption name="connected_line_method" default="invite">
<synopsis>Connected line method type</synopsis>
<description>
<para>Method used when updating connected line information.</para>
<enumlist>
<enum name="invite" />
<enum name="reinvite">
<para>Alias for the <literal>invite</literal> value.</para>
</enum>
<enum name="update" />
</enumlist>
</description>
</configOption>
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
<configOption name="direct_media" default="yes">
<synopsis>Determines whether media may flow directly between endpoints.</synopsis>
</configOption>
<configOption name="disable_direct_media_on_nat" default="no">
<synopsis>Disable direct media session refreshes when NAT obstructs the media session</synopsis>
</configOption>
<configOption name="disallow">
<synopsis>Media Codec(s) to disallow</synopsis>
</configOption>
<configOption name="dtmfmode" default="rfc4733">
<synopsis>DTMF mode</synopsis>
<description>
<para>This setting allows to choose the DTMF mode for endpoint communication.</para>
<enumlist>
<enum name="rfc4733">
<para>DTMF is sent out of band of the main audio stream.This
supercedes the older <emphasis>RFC-2833</emphasis> used within
the older <literal>chan_sip</literal>.</para>
</enum>
<enum name="inband">
<para>DTMF is sent as part of audio stream.</para>
</enum>
<enum name="info">
<para>DTMF is sent as SIP INFO packets.</para>
</enum>
</enumlist>
</description>
</configOption>
<configOption name="external_media_address">
<synopsis>IP used for External Media handling</synopsis>
</configOption>
<configOption name="force_rport" default="yes">
<synopsis>Force use of return port</synopsis>
</configOption>
<configOption name="ice_support" default="no">
<synopsis>Enable the ICE mechanism to help traverse NAT</synopsis>
</configOption>
<configOption name="identify_by" default="username,location">
<synopsis>Way(s) for Endpoint to be identified</synopsis>
<description><para>
There are currently two methods to identify an endpoint. By default
both are used to identify an endpoint.
</para>
<enumlist>
<enum name="username" />
<enum name="location" />
<enum name="username,location" />
</enumlist>
</description>
</configOption>
<configOption name="mailboxes">
<synopsis>Mailbox(es) to be associated with</synopsis>
</configOption>
<configOption name="mohsuggest" default="default">
<synopsis>Default Music On Hold class</synopsis>
</configOption>
<configOption name="outbound_auth">
<synopsis>Authentication object used for outbound requests</synopsis>
</configOption>
<configOption name="outbound_proxy">
<synopsis>Proxy through which to send requests</synopsis>
</configOption>
<configOption name="rewrite_contact">
<synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
</configOption>
<configOption name="rtp_ipv6" default="no">
<synopsis>Allow use of IPv6 for RTP traffic</synopsis>
</configOption>
<configOption name="rtp_symmetric" default="no">
<synopsis>Enforce that RTP must be symmetric</synopsis>
</configOption>
<configOption name="send_pai" default="no">
<synopsis>Send the P-Asserted-Identity header</synopsis>
</configOption>
<configOption name="send_rpid" default="no">
<synopsis>Send the Remote-Party-ID header</synopsis>
</configOption>
<configOption name="timers_min_se" default="90">
<synopsis>Minimum session timers expiration period</synopsis>
<description><para>
Minimium session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="timers" default="yes">
<synopsis>Session timers for SIP packets</synopsis>
<description>
<enumlist>
<enum name="forced" />
<enum name="no" />
<enum name="required" />
<enum name="yes" />
</enumlist>
</description>
</configOption>
<configOption name="timers_sess_expires" default="1800">
<synopsis>Maximum session timer expiration period</synopsis>
<description><para>
Maximium session timer expiration period. Time in seconds.
</para></description>
</configOption>
<configOption name="transport">
<synopsis>Desired transport configuration</synopsis>
<description><para>
This will set the desired transport configuration to send SIP data through.
</para>
<warning><para>Not specifying a transport will <emphasis>DEFAULT</emphasis>
to the first configured transport in <filename>res_sip.conf</filename> which is
valid for the URI we are trying to contact.
</para></warning>
</description>
</configOption>
<configOption name="trust_id_inbound" default="no">
<synopsis>Trust inbound CallerID information from endpoint</synopsis>
<description><para>This option determines whether res_sip will accept identification from the endpoint
received in a P-Asserted-Identity or Remote-Party-ID header. If <literal>no</literal>,
the configured Caller-ID from res_sip.conf will always be used as the identity for the
endpoint.</para></description>
</configOption>
<configOption name="trust_id_outbound" default="no">
<synopsis>Trust endpoint with private CallerID information</synopsis>
<description><para>This option determines whether res_sip will send identification
information to the endpoint that has been marked as private. If <literal>no</literal>,
private Caller-ID information will not be forwarded to the endpoint.</para></description>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'endpoint'.</synopsis>
</configOption>
<configOption name="use_ptime" default="no">
<synopsis>Use Endpoint's requested packetisation interval</synopsis>
</configOption>
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
<configOption name="use_avpf" default="no">
<synopsis>Determines whether res_sip will use and enforce usage of AVPF for this
endpoint.</synopsis>
<description><para>
If set to <literal>yes</literal>, res_sip will use use the AVPF or SAVPF RTP
profile for all media offers on outbound calls and media updates and will
decline media offers not using the AVPF or SAVPF profile.
</para><para>
If set to <literal>no</literal>, res_sip will use use the AVP or SAVP RTP
profile for all media offers on outbound calls and media updates and will
decline media offers not using the AVP or SAVP profile.
</para></description>
</configOption>
<configOption name="media_encryption" default="no">
<synopsis>Determines whether res_sip will use and enforce usage of media encryption
for this endpoint.</synopsis>
<description>
<enumlist>
<enum name="no"><para>
res_sip will offer no encryption and allow no encryption to be setup.
</para></enum>
<enum name="sdes"><para>
res_sip will offer standard SRTP setup via in-SDP keys. Encrypted SIP
transport should be used in conjunction with this option to prevent
exposure of media encryption keys.
</para></enum>
<enum name="dtls"><para>
res_sip will offer DTLS-SRTP setup.
</para></enum>
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
</enumlist>
</description>
</configOption>
<configOption name="inband_progress" default="no">
<synopsis>Determines whether chan_gulp will indicate ringing using inband
progress.</synopsis>
<description><para>
If set to <literal>yes</literal>, chan_gulp will send a 183 Session Progress
when told to indicate ringing and will immediately start sending ringing
as audio.
</para><para>
If set to <literal>no</literal>, chan_gulp will send a 180 Ringing when told
to indicate ringing and will NOT send it as audio.
</para></description>
</configOption>
<configOption name="callgroup">
<synopsis>The numeric pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="pickupgroup">
<synopsis>The numeric pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of numbers or ranges between the values
of 0-63 (maximum of 64 groups).
</para></description>
</configOption>
<configOption name="namedcallgroup">
<synopsis>The named pickup groups for a channel.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
<configOption name="namedpickupgroup">
<synopsis>The named pickup groups that a channel can pickup.</synopsis>
<description><para>
Can be set to a comma separated list of case sensitive strings limited by
supported line length.
</para></description>
</configOption>
Joshua Colp
committed
<configOption name="devicestate_busy_at" default="0">
<synopsis>The number of in-use channels which will cause busy to be returned as device state</synopsis>
<description><para>
When the number of in-use channels for the endpoint matches the devicestate_busy_at setting the
Gulp channel driver will return busy as the device state instead of in use.
</para></description>
</configOption>
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
<configOption name="tonezone">
<synopsis>Set which country's indications to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="language">
<synopsis>Set the default language to use for channels created for this endpoint.</synopsis>
</configOption>
<configOption name="one_touch_recording" default="no">
<synopsis>Determines whether one-touch recording is allowed for this endpoint.</synopsis>
<see-also>
<ref type="configOption">recordonfeature</ref>
<ref type="configOption">recordofffeature</ref>
</see-also>
</configOption>
<configOption name="recordonfeature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned on.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "on", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">recordofffeature</ref>
</see-also>
</configOption>
<configOption name="recordofffeature" default="automixmon">
<synopsis>The feature to enact when one-touch recording is turned off.</synopsis>
<description>
<para>When an INFO request for one-touch recording arrives with a Record header set to "off", this
feature will be enabled for the channel. The feature designated here can be any built-in
or dynamic feature defined in features.conf.</para>
<note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
</description>
<see-also>
<ref type="configOption">one_touch_recording</ref>
<ref type="configOption">recordonfeature</ref>
</see-also>
</configOption>
<configOption name="rtpengine" default="asterisk">
<synopsis>Name of the RTP engine to use for channels created for this endpoint</synopsis>
</configOption>
<configOption name="allowtransfer" default="yes">
<synopsis>Determines whether SIP REFER transfers are allowed for this endpoint</synopsis>
</configOption>
<configOption name="sdpowner" default="-">
<synopsis>String placed as the username portion of an SDP origin (o=) line.</synopsis>
</configOption>
<configOption name="sdpsession" default="Asterisk">
<synopsis>String used for the SDP session (s=) line.</synopsis>
</configOption>
<configOption name="tos_audio">
<synopsis>DSCP TOS bits for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="tos_video">
<synopsis>DSCP TOS bits for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_audio">
<synopsis>Priority for audio streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="cos_video">
<synopsis>Priority for video streams</synopsis>
<description><para>
See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
</para></description>
</configOption>
<configOption name="allowsubscribe" default="yes">
<synopsis>Determines if endpoint is allowed to initiate subscriptions with Asterisk.</synopsis>
</configOption>
<configOption name="subminexpiry" default="60">
<synopsis>The minimum allowed expiry time for subscriptions initiated by the endpoint.</synopsis>
</configOption>
<configOption name="fromuser">
<synopsis>Username to use in From header for requests to this endpoint.</synopsis>
</configOption>
<configOption name="mwifromuser">
<synopsis>Username to use in From header for unsolicited MWI NOTIFYs to this endpoint.</synopsis>
</configOption>
<configOption name="fromdomain">
<synopsis>Domain to user in From header for requests to this endpoint.</synopsis>
</configOption>
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
<configOption name="dtlsverify">
<synopsis>Verify that the provided peer certificate is valid</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlsrekey">
<synopsis>Interval at which to renegotiate the TLS session and rekey the SRTP session</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para><para>
If this is not set or the value provided is 0 rekeying will be disabled.
</para></description>
</configOption>
<configOption name="dtlscertfile">
<synopsis>Path to certificate file to present to peer</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlsprivatekey">
<synopsis>Path to private key for certificate file</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlscipher">
<synopsis>Cipher to use for DTLS negotiation</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para><para>
Many options for acceptable ciphers. See link for more:
http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
</para></description>
</configOption>
<configOption name="dtlscafile">
<synopsis>Path to certificate authority certificate</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlscapath">
<synopsis>Path to a directory containing certificate authority certificates</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para></description>
</configOption>
<configOption name="dtlssetup">
<synopsis>Whether we are willing to accept connections, connect to the other party, or both.</synopsis>
<description>
<para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>dtls</literal>.
</para>
<enumlist>
<enum name="active"><para>
res_sip will make a connection to the peer.
</para></enum>
<enum name="passive"><para>
res_sip will accept connections from the peer.
</para></enum>
<enum name="actpass"><para>
res_sip will offer and accept connections from the peer.
</para></enum>
</enumlist>
</description>
</configOption>
<configOption name="srtp_tag_32">
<synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis>
<description><para>
This option only applies if <replaceable>media_encryption</replaceable> is
set to <literal>sdes</literal> or <literal>dtls</literal>.
</para></description>
</configOption>
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
</configObject>
<configObject name="auth">
<synopsis>Authentication type</synopsis>
<description><para>
Authentication objects hold the authenitcation information for use
by <literal>endpoints</literal>. This also allows for multiple <literal>
endpoints</literal> to use the same information. Choice of MD5/plaintext
and setting of username.
</para></description>
<configOption name="auth_type" default="userpass">
<synopsis>Authentication type</synopsis>
<description><para>
This option specifies which of the password style config options should be read,
either 'password' or 'md5_cred' when trying to authenticate an endpoint inbound request.
</para>
<enumlist>
<enum name="md5"/>
<enum name="userpass"/>
</enumlist>
</description>
</configOption>
<configOption name="nonce_lifetime" default="32">
<synopsis>Lifetime of a nonce associated with this authentication config.</synopsis>
</configOption>
<configOption name="md5_cred">
<synopsis>MD5 Hash used for authentication.</synopsis>
<description><para>Only used when auth_type is <literal>md5</literal>.</para></description>
</configOption>
<configOption name="password">
<synopsis>PlainText password used for authentication.</synopsis>
<description><para>Only used when auth_type is <literal>userpass</literal>.</para></description>
</configOption>
<configOption name="realm" default="asterisk">
<synopsis>SIP realm for endpoint</synopsis>
</configOption>
<configOption name="type">
<synopsis>Must be 'auth'</synopsis>
</configOption>
<configOption name="username">
<synopsis>Username to use for account</synopsis>
</configOption>
</configObject>
<configObject name="nat_hook">
<synopsis>XXX This exists only to prevent XML documentation errors.</synopsis>
<configOption name="external_media_address">
<synopsis>I should be undocumented or hidden</synopsis>
</configOption>
<configOption name="method">
<synopsis>I should be undocumented or hidden</synopsis>
</configOption>
</configObject>
<configObject name="domain_alias">
<synopsis>Domain Alias</synopsis>
<description><para>
Signifies that a domain is an alias. Used for checking the domain of
the AoR to which the endpoint is binding.
</para></description>
<configOption name="type">
<synopsis>Must be of type 'domain_alias'.</synopsis>
</configOption>
<configOption name="domain">
<synopsis>Domain to be aliased</synopsis>
</configOption>
</configObject>
<configObject name="transport">
<synopsis>SIP Transport</synopsis>
<description><para>
<emphasis>Transports</emphasis>
</para>
<para>There are different transports and protocol derivatives
supported by <literal>res_sip</literal>. They are in order of
preference: UDP, TCP, and WebSocket (WS).</para>
<warning><para>
Multiple endpoints using the same connection is <emphasis>NOT</emphasis>
supported. Doing so may result in broken calls.
</para></warning>
</description>
<configOption name="async_operations" default="1">
<synopsis>Number of simultaneous Asynchronous Operations</synopsis>
</configOption>
<configOption name="bind">
<synopsis>IP Address and optional port to bind to for this transport</synopsis>
</configOption>
<configOption name="ca_list_file">
<synopsis>File containing a list of certificates to read (TLS ONLY)</synopsis>
</configOption>
<configOption name="cert_file">
<synopsis>Certificate file for endpoint (TLS ONLY)</synopsis>
</configOption>
<configOption name="cipher">
<synopsis>Preferred Cryptography Cipher (TLS ONLY)</synopsis>
<description><para>
Many options for acceptable ciphers see link for more:
http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
</para></description>
</configOption>
<configOption name="domain">
<synopsis>Domain the transport comes from</synopsis>
</configOption>
<configOption name="external_media_address">
<synopsis>External Address to use in RTP handling</synopsis>
</configOption>
<configOption name="external_signaling_address">
<synopsis>External address for SIP signalling</synopsis>
</configOption>
<configOption name="external_signaling_port" default="0">
<synopsis>External port for SIP signalling</synopsis>
</configOption>
<configOption name="method">
<synopsis>Method of SSL transport (TLS ONLY)</synopsis>
<description>
<enumlist>
<enum name="default" />
<enum name="unspecified" />
<enum name="tlsv1" />
<enum name="sslv2" />
<enum name="sslv3" />
<enum name="sslv23" />
</enumlist>
</description>
</configOption>
<configOption name="localnet">
<synopsis>Network to consider local (used for NAT purposes).</synopsis>
<description><para>This must be in CIDR or dotted decimal format with the IP
and mask separated with a slash ('/').</para></description>
</configOption>
<configOption name="password">
<synopsis>Password required for transport</synopsis>
</configOption>
<configOption name="privkey_file">
<synopsis>Private key file (TLS ONLY)</synopsis>
</configOption>
<configOption name="protocol" default="udp">
<synopsis>Protocol to use for SIP traffic</synopsis>
<description>
<enumlist>
<enum name="udp" />
<enum name="tcp" />
<enum name="tls" />
</enumlist>
</description>
</configOption>
<configOption name="require_client_cert" default="false">
<synopsis>Require client certificate (TLS ONLY)</synopsis>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'transport'.</synopsis>
</configOption>
<configOption name="verify_client" default="false">
<synopsis>Require verification of client certificate (TLS ONLY)</synopsis>
</configOption>
<configOption name="verify_server" default="false">
<synopsis>Require verification of server certificate (TLS ONLY)</synopsis>
</configOption>
</configObject>
<configObject name="contact">
<synopsis>A way of creating an aliased name to a SIP URI</synopsis>
<description><para>
Contacts are a way to hide SIP URIs from the dialplan directly.
They are also used to make a group of contactable parties when
in use with <literal>AoR</literal> lists.
</para></description>
<configOption name="type">
<synopsis>Must be of type 'contact'.</synopsis>
</configOption>
<configOption name="uri">
<synopsis>SIP URI to contact peer</synopsis>
</configOption>
<configOption name="expiration_time">
<synopsis>Time to keep alive a contact</synopsis>
<description><para>
Time to keep alive a contact. String style specification.
</para></description>
</configOption>
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
<configOption name="qualify_frequency" default="0">
<synopsis>Interval at which to qualify a contact</synopsis>
<description><para>
Interval between attempts to qualify the contact for reachability.
If <literal>0</literal> never qualify. Time in seconds.
</para></description>
</configOption>
</configObject>
<configObject name="contact_status">
<synopsis>Status for a contact</synopsis>
<description><para>
The contact status keeps track of whether or not a contact is reachable
and how long it took to qualify the contact (round trip time).
</para></description>
<configOption name="status">
<synopsis>A contact's status</synopsis>
<description>
<enumlist>
<enum name="AVAILABLE" />
<enum name="UNAVAILABLE" />
</enumlist>
</description>
</configOption>
<configOption name="rtt">
<synopsis>Round trip time</synopsis>
<description><para>
The time, in microseconds, it took to qualify the contact.
</para></description>
</configOption>
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
</configObject>
<configObject name="aor">
<synopsis>The configuration for a location of an endpoint</synopsis>
<description><para>
An AoR is what allows Asterisk to contact an endpoint via res_sip. If no
AoRs are specified, an endpoint will not be reachable by Asterisk.
Beyond that, an AoR has other uses within Asterisk.
</para><para>
An <literal>AoR</literal> is a way to allow dialing a group
of <literal>Contacts</literal> that all use the same
<literal>endpoint</literal> for calls.
</para><para>
This can be used as another way of grouping a list of contacts to dial
rather than specifing them each directly when dialing via the dialplan.
This must be used in conjuction with the <literal>PJSIP_DIAL_CONTACTS</literal>.
</para></description>
<configOption name="contact">
<synopsis>Permanent contacts assigned to AoR</synopsis>
<description><para>
Contacts included in this list will be called whenever referenced
by <literal>chan_pjsip</literal>.
</para></description>
</configOption>
<configOption name="default_expiration" default="3600">
<synopsis>Default expiration time in seconds for contacts that are dynamically bound to an AoR.</synopsis>
</configOption>
<configOption name="mailboxes">
<synopsis>Mailbox(es) to be associated with</synopsis>
<description><para>This option applies when an external entity subscribes to an AoR
for message waiting indications. The mailboxes specified here will be
subscribed to.</para></description>
</configOption>
<configOption name="maximum_expiration" default="7200">
<synopsis>Maximum time to keep an AoR</synopsis>
<description><para>
Maximium time to keep a peer with explicit expiration. Time in seconds.
</para></description>
</configOption>
<configOption name="max_contacts" default="0">
<synopsis>Maximum number of contacts that can bind to an AoR</synopsis>
<description><para>
Maximum number of contacts that can associate with this AoR.
</para>
<note><para>This should be set to <literal>1</literal> and
<replaceable>remove_existing</replaceable> set to <literal>yes</literal> if you
wish to stick with the older <literal>chan_sip</literal> behaviour.
</para></note>
</description>
</configOption>
<configOption name="minimum_expiration" default="60">
<synopsis>Minimum keep alive time for an AoR</synopsis>
<description><para>
Minimum time to keep a peer with an explict expiration. Time in seconds.
</para></description>
</configOption>
<configOption name="remove_existing" default="no">
<synopsis>Determines whether new contacts replace existing ones.</synopsis>
<description><para>
On receiving a new registration to the AoR should it remove
the existing contact that was registered against it?
</para>
<note><para>This should be set to <literal>yes</literal> and
<replaceable>max_contacts</replaceable> set to <literal>1</literal> if you
wish to stick with the older <literal>chan_sip</literal> behaviour.
</para></note>
</description>
</configOption>
<configOption name="type">
<synopsis>Must be of type 'aor'.</synopsis>
</configOption>
<configOption name="qualify_frequency" default="0">
<synopsis>Interval at which to qualify an AoR</synopsis>
<description><para>
Interval between attempts to qualify the AoR for reachability.
If <literal>0</literal> never qualify. Time in seconds.
</para></description>
</configOption>
<configOption name="authenticate_qualify" default="no">
<synopsis>Authenticates a qualify request if needed</synopsis>
<description><para>
If true and a qualify request receives a challenge or authenticate response
authentication is attempted before declaring the contact available.
</para></description>
</configOption>
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
<configObject name="system">
<synopsis>Options that apply to the SIP stack as well as other system-wide settings</synopsis>
<description><para>
The settings in this section are global. In addition to being global, the values will
not be re-evaluated when a reload is performed. This is because the values must be set
before the SIP stack is initialized. The only way to reset these values is to either
restart Asterisk, or unload res_sip.so and then load it again.
</para></description>
<configOption name="timert1" default="500">
<synopsis>Set transaction timer T1 value (milliseconds).</synopsis>
<description><para>
Timer T1 is the base for determining how long to wait before retransmitting
requests that receive no response when using an unreliable transport (e.g. UDP).
For more information on this timer, see RFC 3261, Section 17.1.1.1.
</para></description>
</configOption>
<configOption name="timerb" default="32000">
<synopsis>Set transaction timer B value (milliseconds).</synopsis>
<description><para>
Timer B determines the maximum amount of time to wait after sending an INVITE
request before terminating the transaction. It is recommended that this be set
to 64 * Timer T1, but it may be set higher if desired. For more information on
this timer, see RFC 3261, Section 17.1.1.1.
</para></description>
</configOption>
<configOption name="compactheaders" default="no">
<synopsis>Use the short forms of common SIP header names.</synopsis>
</configOption>
</configObject>
<configObject name="global">
<synopsis>Options that apply globally to all SIP communications</synopsis>
<description><para>
The settings in this section are global. Unlike options in the <literal>system</literal>
section, these options can be refreshed by performing a reload.
</para></description>
<configOption name="maxforwards" default="70">
<synopsis>Value used in Max-Forwards header for SIP requests.</synopsis>
</configOption>
<configOption name="useragent" default="Asterisk <Asterisk Version>">
<synopsis>Value used in User-Agent header for SIP requests and Server header for SIP responses.</synopsis>
</configOption>
</configObject>
</configFile>
</configInfo>
***/
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
static pjsip_endpoint *ast_pjsip_endpoint;
static struct ast_threadpool *sip_threadpool;
static int register_service(void *data)
{
pjsip_module **module = data;
if (!ast_pjsip_endpoint) {
ast_log(LOG_ERROR, "There is no PJSIP endpoint. Unable to register services\n");
return -1;
}
if (pjsip_endpt_register_module(ast_pjsip_endpoint, *module) != PJ_SUCCESS) {
ast_log(LOG_ERROR, "Unable to register module %.*s\n", (int) pj_strlen(&(*module)->name), pj_strbuf(&(*module)->name));
return -1;
}
ast_debug(1, "Registered SIP service %.*s (%p)\n", (int) pj_strlen(&(*module)->name), pj_strbuf(&(*module)->name), *module);
ast_module_ref(ast_module_info->self);
return 0;
}
int ast_sip_register_service(pjsip_module *module)
{
return ast_sip_push_task_synchronous(NULL, register_service, &module);
}
static int unregister_service(void *data)
{
pjsip_module **module = data;
ast_module_unref(ast_module_info->self);
if (!ast_pjsip_endpoint) {
return -1;
}
pjsip_endpt_unregister_module(ast_pjsip_endpoint, *module);
ast_debug(1, "Unregistered SIP service %.*s\n", (int) pj_strlen(&(*module)->name), pj_strbuf(&(*module)->name));
return 0;
}
void ast_sip_unregister_service(pjsip_module *module)
{
ast_sip_push_task_synchronous(NULL, unregister_service, &module);
}
static struct ast_sip_authenticator *registered_authenticator;
int ast_sip_register_authenticator(struct ast_sip_authenticator *auth)
{
if (registered_authenticator) {
ast_log(LOG_WARNING, "Authenticator %p is already registered. Cannot register a new one\n", registered_authenticator);
return -1;
}
registered_authenticator = auth;
ast_debug(1, "Registered SIP authenticator module %p\n", auth);
ast_module_ref(ast_module_info->self);
return 0;
}
void ast_sip_unregister_authenticator(struct ast_sip_authenticator *auth)
{
if (registered_authenticator != auth) {
ast_log(LOG_WARNING, "Trying to unregister authenticator %p but authenticator %p registered\n",
auth, registered_authenticator);
return;
}
registered_authenticator = NULL;
ast_debug(1, "Unregistered SIP authenticator %p\n", auth);
ast_module_unref(ast_module_info->self);
}
int ast_sip_requires_authentication(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
{
if (!registered_authenticator) {
ast_log(LOG_WARNING, "No SIP authenticator registered. Assuming authentication is not required\n");
return 0;
}
return registered_authenticator->requires_authentication(endpoint, rdata);
}
enum ast_sip_check_auth_result ast_sip_check_authentication(struct ast_sip_endpoint *endpoint,
pjsip_rx_data *rdata, pjsip_tx_data *tdata)
{
if (!registered_authenticator) {
ast_log(LOG_WARNING, "No SIP authenticator registered. Assuming authentication is successful\n");
return 0;
}
return registered_authenticator->check_authentication(endpoint, rdata, tdata);
}
static struct ast_sip_outbound_authenticator *registered_outbound_authenticator;
int ast_sip_register_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)
{
if (registered_outbound_authenticator) {
ast_log(LOG_WARNING, "Outbound authenticator %p is already registered. Cannot register a new one\n", registered_outbound_authenticator);
return -1;
}
registered_outbound_authenticator = auth;
ast_debug(1, "Registered SIP outbound authenticator module %p\n", auth);
ast_module_ref(ast_module_info->self);
return 0;
}
void ast_sip_unregister_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)