[Pkg-voip-commits] [resiprocate] 04/14: Add new reTurnServer.config parameters
Daniel Pocock
pocock at moszumanska.debian.org
Sun Jan 12 10:44:37 UTC 2014
This is an automated email from the git hooks/post-receive script.
pocock pushed a commit to branch master
in repository resiprocate.
commit 313852f524f1243943c4147555c363e65906572c
Author: Daniel Pocock <daniel at pocock.com.au>
Date: Sun Jan 12 09:08:33 2014 +0100
Add new reTurnServer.config parameters
---
debian/conf/reTurnServer.config | 76 +++++++++++++++++++++++++++++++++++++++--
1 file changed, 73 insertions(+), 3 deletions(-)
diff --git a/debian/conf/reTurnServer.config b/debian/conf/reTurnServer.config
index 6e7b5b3..23f4a57 100644
--- a/debian/conf/reTurnServer.config
+++ b/debian/conf/reTurnServer.config
@@ -2,6 +2,20 @@
# reTurnServer configuration file
########################################################
+# Software name to include in STUN messages
+# Set this to an empty string to reveal no software
+# name information in STUN messages.
+# Default: reTURNServer (RFC5389)
+# The default also includes the software version on
+# those platforms where PACKAGE_VERSION is defined
+# at compile time.
+#SoftwareName =
+
+# Whether or not to pad the SoftwareName value to
+# a multiple of four bytes for compatibility with
+# legacy clients. Default: true
+#PadSoftwareName = true
+
########################################################
# Transport settings
########################################################
@@ -116,6 +130,49 @@ AuthenticationRealm = reTurn
#
UserDatabaseFile = /etc/reTurnServer-users.txt
+# Hashed passwords in the user database file
+# This option specifies whether the passwords are plain text
+# or hashed with the scheme H(A1)
+#
+# When hashed passwords are enabled by this configuration setting,
+# the values in the password column are the MD5 hash
+# represented in hexadecimal
+#
+# To create a hashed password for the following credentials:
+#
+# user: bob
+# realm: example.org
+# password: foobar
+#
+# you can issue a command such as:
+#
+# echo -n bob:example.org:foobar | md5sum
+#
+# WARNING: the hashing scheme prevents recovery of the plain text
+# password. However, H(A1) hash values must still be kept
+# secret as they can be used to impersonate the user.
+# Therefore, the user database file should always be readable
+# only by the reTurn process and no other regular users.
+#
+UserDatabaseHashedPasswords = false
+
+# How frequently to check the user database file for changes
+# Set to 0 to only load the file once at startup
+# Default = 60 seconds
+UserDatabaseCheckInterval = 60
+
+# A common error involves leaving AuthenticationRealm at its
+# default value but using some other realm name in the
+# file specified by UserDatabaseFile
+# By default, reTurn will now refuse to run unless at least
+# one user is defined for the realm specified by the parameter
+# AuthenticationRealm
+#
+# However, if you are not using TURN and only require STUN,
+# no valid users are necessary so you can force reTurn to
+# run without users by setting RunWithoutValidUsers
+#
+RunWithoutValidUsers = false
########################################################
# TURN Allocation settings
@@ -153,12 +210,25 @@ MaxAllocationLifetime = 3600
########################################################
# TLS Server Certificate Filename (loaded from working directory)
-# The PEM formated file that contains the private and public
-# key of the certificate that will be presented to clients
-# connecting over TLS.
+# The PEM formated file that contains the server certificate.
+# If the CA supplieds an intermediate certificate chain, those
+# certificates should also be appened to this file.
+# The private key may optionally be included in this file
+# or in a separate key file specified by TlsServerPrivateKeyFilename
TlsServerCertificateFilename = server.pem
+# TLS Server Private Key Filename (loaded from working directory)
+# The PEM formated file that contains the private key of the certificate
+# that will be presented to clients connecting over TLS.
+# If not specified, reTurn will also try to find the private key
+# in the file specified by TlsServerCertificateFilename
+TlsServerPrivateKeyFilename = server-key.pem
+
# TLS temporary Diffie-Hellman parameters file (loaded from working directory)
+# Can be generated with the command:
+#
+# openssl dhparam -outform PEM -out dh512.pem 512
+#
TlsTempDhFilename = dh512.pem
# TLS server private key certificate password required to read
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/resiprocate.git
More information about the Pkg-voip-commits
mailing list