[Pkg-voip-commits] [SCM] reSIProcate branch, master, updated. debian/1.8.2-1-25-g583f767

Daniel Pocock daniel at pocock.com.au
Wed Aug 8 13:14:30 UTC 2012 

The following commit has been merged in the master branch:
commit 583f767f0c935843de31e1aa44c279de2a59e7e0
Author: Daniel Pocock <daniel at pocock.com.au>
Date:   Wed Aug 8 15:14:24 2012 +0200

    update repro.config with new items from 1.8.5

diff --git a/debian/conf/repro.config b/debian/conf/repro.config
index d0af8ac..e51040d 100644
--- a/debian/conf/repro.config
+++ b/debian/conf/repro.config
@@ -219,9 +219,30 @@ MySQLDatabaseName = repro
 # the host parameter determines the type of the connection.
 MySQLPort = 3306
 
+# The Users and MessageSilo database tables are different from the other repro configuration
+# database tables, in that they are accessed at runtime as SIP requests arrive.  It may be
+# desirable to use BerkeleyDb for the other repro tables (which are read at starup time, then
+# cached in memory), and MySQL for the runtime accessed tables; or two seperate MySQL instances
+# for these different table sets.  Use the following settings in order to specify a seperate
+# MySQL instance for use by the Users and MessageSilo tables.
+#
+# WARNING: repro must be compiled with the USE_MYSQL flag in order for this work.
+#
+# Note:  If this setting is left blank then repro will fallback all remaining my sql
+# settings to use the global MySQLServer settings.  If the MySQLServer setting is also
+# blank, then repro will use BerkelyDB for all configuration tables.  See the
+# documentation on the global MySQLServer settings for more details on the following
+# individual settings.
+RuntimeMySQLServer =
+RuntimeMySQLUser = root
+RuntimeMySQLPassword = root
+RuntimeMySQLDatabaseName = repro
+RuntimeMySQLPort = 3306
+
 # If you would like to be able to authenticate uses from a MySQL source other than the repro user
 # database table itself, then specify the query here.  The following conditions apply:
-# 1.  The database table must reside on the same MySQL server instance as the repro database.
+# 1.  The database table must reside on the same MySQL server instance as the repro database
+#     or Runtime tables database.
 # 2.  The statement provided will be UNION'd with the hardcoded repro query, so that auth from
 #     both sources is possible.  Note:  If the same user exists in both tables, then the repro
 #     auth info will be used.
@@ -282,10 +303,20 @@ NumAuthGrabberWorkerThreads = 2
 # (ie. RequestFilter)
 NumAsyncProcessorWorkerThreads = 2
 
-# Specify domains for which this proxy is authorative (in addition to those specified on web 
+# Specify domains for which this proxy is authorative (in addition to those specified on web
 # interface) - comma separate list
-# Note:  Domains specified here cannot be used when creating users, domains used in user
-#        AORs must be specified on the web interface.
+# Notes: * Domains specified here cannot be used when creating users, domains used in user
+#          AORs must be specified on the web interface.
+#        * In previous versions of repro, localhost, 127.0.0.1, the machine's hostname,
+#          and all interface addresses would automatically be appended to this
+#          configuration parameter.  From now on, such values must be listed
+#          here explicitly if required, e.g.
+#
+#             Domains = localhost, 127.0.0.1, sip-server.example.org, 10.83.73.80
+#
+#          although when using TLS only, it is not desirable or necessary to
+#          add such values.
+#
 Domains =
 
 # Uri to use as Record-Route
@@ -306,6 +337,13 @@ DisableRegistrar = false
 # Specify a comma separate list of enum suffixes to search for enum dns resolution
 EnumSuffixes =
 
+# Specify the target domain(s) for ENUM logic support.  When a dialed SIP URI
+# is addressed to +number at somedomain,
+# where somedomain is an element of EnumDomains,
+# the ENUM logic will be applied for the number
+# If empty, ENUM is never used
+EnumDomains =
+
 # Specify length of timer C in sec (0 or negative will disable timer C) - default 180
 TimerC = 180
 
@@ -324,6 +362,19 @@ DisableOutbound = true
 # (ie. 5, 8, etc.)
 OutboundVersion = 5626
 
+# There are cases where the first hop in a particular network supports the concept of outbound
+# and ensures all messaging for a client is delivered over the same connection used for
+# registration.  This could be a SBC or other NAT traversal aid router that uses the Path
+# header.  However such endpoints may not be 100% compliant with outbound RFC and may not
+# include a ;ob parameter in the path header.  This parameter is required in order for repro
+# to have knowledge that the first hop does support outbound, and it will reject registrations
+# that appear to be using outboud (ie. instanceId and regId) with a 439 (First Hop Lacks Outbound
+# Support).  In this case it can be desirable when using repro as the registrar to not reject
+# REGISTRATION requests that contain an instanceId and regId with a 439.
+# If this setting is enabled, then repro will assume the first hop supports outbound
+# and not return this error.
+AssumeFirstHopSupportsOutbound = false
+
 # Enable use of flow-tokens in non-outbound cases
 # WARNING: Before enabling this, ensure you have a RecordRouteUri setup, or are using
 # the alternate transport specification mechanism and defining a RecordRouteUri per
@@ -365,6 +416,28 @@ FlowTimer = 0
 # (whole domain) is for federated SIP proxy-to-proxy communication (RFC 5922)
 EnableCertificateAuthenticator = false
 
+# A static text file that contains mappings of X.509 Common Names to
+# permitted SIP `From:' addresses
+#
+# Without this file, the default behavior of the CertificateAuthenticator
+# ensures that the `From:' address in SIP messages must match the
+# Common Name or one of the subjectAltNames from the X.509 certificate
+#
+# When this file is supplied, the CertificateAuthenticator will continue
+# to allow SIP messages where there is an exact match between the
+# certificate and the `From:' address, but it will also allow
+# the holder of a particular certificate to use any of the `mapped'
+# `From:' addresses specified in the mappings file
+#
+# File format:
+# common name<TAB><mapping>,<mapping>,...
+#
+#    where:
+#        <TAB> is exactly one tab
+#        <mapping> is `user at domain' or just `domain'
+#
+CommonNameMappings = /etc/repro/tlsUserMappings.txt
+
 
 ########################################################
 # DigestAuthenticator Monkey Settings
@@ -416,16 +489,12 @@ RequestFilterDefaultDBErrorBehavior = 500, Server Internal DB Error
 
 # The hostname running MySQL server to connect to for any blocked entries
 # that are configured to used a SQL statement.
-# The value of host may be either a host name or an IP address. If host is "localhost",
-# a connection to the local host is assumed. For Windows, the client connects using a
-# shared-memory connection, if the server has shared-memory connections enabled. Otherwise,
-# TCP/IP is used. For Unix, the client connects using a Unix socket file. For a host value of
-# "." on Windows, the client connects using a named pipe, if the server has named-pipe
-# connections enabled. If named-pipe connections are not enabled, an error occurs.
 # WARNING: repro must be compiled with the USE_MYSQL flag in order for this work.
 #
 # Note:  If this setting is left blank then repro will fallback all remaining my sql
-# settings to use the global MySQLServer settings.
+# settings to use the global RuntimeMySQLServer or MySQLServer settings.  See the
+# documentation on the global MySQLServer settings for more details on the following
+# individual settings.
 RequestFilterMySQLServer =
 
 # The MySQL login ID to use when connecting to the MySQL Server. 

-- 
reSIProcate

More information about the Pkg-voip-commits mailing list