[Pkg-voip-commits] [SCM] reSIProcate branch, master, updated. debian/1.8.2-1-25-g583f767
Daniel Pocock
daniel at pocock.com.au
Wed Aug 8 13:14:30 UTC 2012
The following commit has been merged in the master branch:
commit 583f767f0c935843de31e1aa44c279de2a59e7e0
Author: Daniel Pocock <daniel at pocock.com.au>
Date: Wed Aug 8 15:14:24 2012 +0200
update repro.config with new items from 1.8.5
diff --git a/debian/conf/repro.config b/debian/conf/repro.config
index d0af8ac..e51040d 100644
--- a/debian/conf/repro.config
+++ b/debian/conf/repro.config
@@ -219,9 +219,30 @@ MySQLDatabaseName = repro
# the host parameter determines the type of the connection.
MySQLPort = 3306
+# The Users and MessageSilo database tables are different from the other repro configuration
+# database tables, in that they are accessed at runtime as SIP requests arrive. It may be
+# desirable to use BerkeleyDb for the other repro tables (which are read at starup time, then
+# cached in memory), and MySQL for the runtime accessed tables; or two seperate MySQL instances
+# for these different table sets. Use the following settings in order to specify a seperate
+# MySQL instance for use by the Users and MessageSilo tables.
+#
+# WARNING: repro must be compiled with the USE_MYSQL flag in order for this work.
+#
+# Note: If this setting is left blank then repro will fallback all remaining my sql
+# settings to use the global MySQLServer settings. If the MySQLServer setting is also
+# blank, then repro will use BerkelyDB for all configuration tables. See the
+# documentation on the global MySQLServer settings for more details on the following
+# individual settings.
+RuntimeMySQLServer =
+RuntimeMySQLUser = root
+RuntimeMySQLPassword = root
+RuntimeMySQLDatabaseName = repro
+RuntimeMySQLPort = 3306
+
# If you would like to be able to authenticate uses from a MySQL source other than the repro user
# database table itself, then specify the query here. The following conditions apply:
-# 1. The database table must reside on the same MySQL server instance as the repro database.
+# 1. The database table must reside on the same MySQL server instance as the repro database
+# or Runtime tables database.
# 2. The statement provided will be UNION'd with the hardcoded repro query, so that auth from
# both sources is possible. Note: If the same user exists in both tables, then the repro
# auth info will be used.
@@ -282,10 +303,20 @@ NumAuthGrabberWorkerThreads = 2
# (ie. RequestFilter)
NumAsyncProcessorWorkerThreads = 2
-# Specify domains for which this proxy is authorative (in addition to those specified on web
+# Specify domains for which this proxy is authorative (in addition to those specified on web
# interface) - comma separate list
-# Note: Domains specified here cannot be used when creating users, domains used in user
-# AORs must be specified on the web interface.
+# Notes: * Domains specified here cannot be used when creating users, domains used in user
+# AORs must be specified on the web interface.
+# * In previous versions of repro, localhost, 127.0.0.1, the machine's hostname,
+# and all interface addresses would automatically be appended to this
+# configuration parameter. From now on, such values must be listed
+# here explicitly if required, e.g.
+#
+# Domains = localhost, 127.0.0.1, sip-server.example.org, 10.83.73.80
+#
+# although when using TLS only, it is not desirable or necessary to
+# add such values.
+#
Domains =
# Uri to use as Record-Route
@@ -306,6 +337,13 @@ DisableRegistrar = false
# Specify a comma separate list of enum suffixes to search for enum dns resolution
EnumSuffixes =
+# Specify the target domain(s) for ENUM logic support. When a dialed SIP URI
+# is addressed to +number at somedomain,
+# where somedomain is an element of EnumDomains,
+# the ENUM logic will be applied for the number
+# If empty, ENUM is never used
+EnumDomains =
+
# Specify length of timer C in sec (0 or negative will disable timer C) - default 180
TimerC = 180
@@ -324,6 +362,19 @@ DisableOutbound = true
# (ie. 5, 8, etc.)
OutboundVersion = 5626
+# There are cases where the first hop in a particular network supports the concept of outbound
+# and ensures all messaging for a client is delivered over the same connection used for
+# registration. This could be a SBC or other NAT traversal aid router that uses the Path
+# header. However such endpoints may not be 100% compliant with outbound RFC and may not
+# include a ;ob parameter in the path header. This parameter is required in order for repro
+# to have knowledge that the first hop does support outbound, and it will reject registrations
+# that appear to be using outboud (ie. instanceId and regId) with a 439 (First Hop Lacks Outbound
+# Support). In this case it can be desirable when using repro as the registrar to not reject
+# REGISTRATION requests that contain an instanceId and regId with a 439.
+# If this setting is enabled, then repro will assume the first hop supports outbound
+# and not return this error.
+AssumeFirstHopSupportsOutbound = false
+
# Enable use of flow-tokens in non-outbound cases
# WARNING: Before enabling this, ensure you have a RecordRouteUri setup, or are using
# the alternate transport specification mechanism and defining a RecordRouteUri per
@@ -365,6 +416,28 @@ FlowTimer = 0
# (whole domain) is for federated SIP proxy-to-proxy communication (RFC 5922)
EnableCertificateAuthenticator = false
+# A static text file that contains mappings of X.509 Common Names to
+# permitted SIP `From:' addresses
+#
+# Without this file, the default behavior of the CertificateAuthenticator
+# ensures that the `From:' address in SIP messages must match the
+# Common Name or one of the subjectAltNames from the X.509 certificate
+#
+# When this file is supplied, the CertificateAuthenticator will continue
+# to allow SIP messages where there is an exact match between the
+# certificate and the `From:' address, but it will also allow
+# the holder of a particular certificate to use any of the `mapped'
+# `From:' addresses specified in the mappings file
+#
+# File format:
+# common name<TAB><mapping>,<mapping>,...
+#
+# where:
+# <TAB> is exactly one tab
+# <mapping> is `user at domain' or just `domain'
+#
+CommonNameMappings = /etc/repro/tlsUserMappings.txt
+
########################################################
# DigestAuthenticator Monkey Settings
@@ -416,16 +489,12 @@ RequestFilterDefaultDBErrorBehavior = 500, Server Internal DB Error
# The hostname running MySQL server to connect to for any blocked entries
# that are configured to used a SQL statement.
-# The value of host may be either a host name or an IP address. If host is "localhost",
-# a connection to the local host is assumed. For Windows, the client connects using a
-# shared-memory connection, if the server has shared-memory connections enabled. Otherwise,
-# TCP/IP is used. For Unix, the client connects using a Unix socket file. For a host value of
-# "." on Windows, the client connects using a named pipe, if the server has named-pipe
-# connections enabled. If named-pipe connections are not enabled, an error occurs.
# WARNING: repro must be compiled with the USE_MYSQL flag in order for this work.
#
# Note: If this setting is left blank then repro will fallback all remaining my sql
-# settings to use the global MySQLServer settings.
+# settings to use the global RuntimeMySQLServer or MySQLServer settings. See the
+# documentation on the global MySQLServer settings for more details on the following
+# individual settings.
RequestFilterMySQLServer =
# The MySQL login ID to use when connecting to the MySQL Server.
--
reSIProcate
More information about the Pkg-voip-commits
mailing list