res_pjsip: Update endpoint transport option documentation.
[asterisk/asterisk.git] / res / res_pjsip.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Mark Michelson <mmichelson@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 #include "asterisk.h"
20
21 #include <pjsip.h>
22 /* Needed for SUBSCRIBE, NOTIFY, and PUBLISH method definitions */
23 #include <pjsip_simple.h>
24 #include <pjsip/sip_transaction.h>
25 #include <pj/timer.h>
26 #include <pjlib.h>
27 #include <pjmedia/errno.h>
28
29 #include "asterisk/res_pjsip.h"
30 #include "res_pjsip/include/res_pjsip_private.h"
31 #include "asterisk/linkedlists.h"
32 #include "asterisk/logger.h"
33 #include "asterisk/lock.h"
34 #include "asterisk/utils.h"
35 #include "asterisk/astobj2.h"
36 #include "asterisk/module.h"
37 #include "asterisk/threadpool.h"
38 #include "asterisk/taskprocessor.h"
39 #include "asterisk/uuid.h"
40 #include "asterisk/sorcery.h"
41 #include "asterisk/file.h"
42 #include "asterisk/cli.h"
43 #include "asterisk/res_pjsip_cli.h"
44 #include "asterisk/test.h"
45 #include "asterisk/res_pjsip_presence_xml.h"
46 #include "asterisk/res_pjproject.h"
47
48 /*** MODULEINFO
49         <depend>pjproject</depend>
50         <depend>res_pjproject</depend>
51         <depend>res_sorcery_config</depend>
52         <depend>res_sorcery_memory</depend>
53         <depend>res_sorcery_astdb</depend>
54         <use type="module">res_statsd</use>
55         <support_level>core</support_level>
56  ***/
57
58 /*** DOCUMENTATION
59         <configInfo name="res_pjsip" language="en_US">
60                 <synopsis>SIP Resource using PJProject</synopsis>
61                 <configFile name="pjsip.conf">
62                         <configObject name="endpoint">
63                                 <synopsis>Endpoint</synopsis>
64                                 <description><para>
65                                         The <emphasis>Endpoint</emphasis> is the primary configuration object.
66                                         It contains the core SIP related options only, endpoints are <emphasis>NOT</emphasis>
67                                         dialable entries of their own. Communication with another SIP device is
68                                         accomplished via Addresses of Record (AoRs) which have one or more
69                                         contacts associated with them. Endpoints <emphasis>NOT</emphasis> configured to
70                                         use a <literal>transport</literal> will default to first transport found
71                                         in <filename>pjsip.conf</filename> that matches its type.
72                                         </para>
73                                         <para>Example: An Endpoint has been configured with no transport.
74                                         When it comes time to call an AoR, PJSIP will find the
75                                         first transport that matches the type. A SIP URI of <literal>sip:5000@[11::33]</literal>
76                                         will use the first IPv6 transport and try to send the request.
77                                         </para>
78                                         <para>If the anonymous endpoint identifier is in use an endpoint with the name
79                                         "anonymous@domain" will be searched for as a last resort. If this is not found
80                                         it will fall back to searching for "anonymous". If neither endpoints are found
81                                         the anonymous endpoint identifier will not return an endpoint and anonymous
82                                         calling will not be possible.
83                                         </para>
84                                 </description>
85                                 <configOption name="100rel" default="yes">
86                                         <synopsis>Allow support for RFC3262 provisional ACK tags</synopsis>
87                                         <description>
88                                                 <enumlist>
89                                                         <enum name="no" />
90                                                         <enum name="required" />
91                                                         <enum name="yes" />
92                                                 </enumlist>
93                                         </description>
94                                 </configOption>
95                                 <configOption name="aggregate_mwi" default="yes">
96                                         <synopsis>Condense MWI notifications into a single NOTIFY.</synopsis>
97                                         <description><para>When enabled, <replaceable>aggregate_mwi</replaceable> condenses message
98                                         waiting notifications from multiple mailboxes into a single NOTIFY. If it is disabled,
99                                         individual NOTIFYs are sent for each mailbox.</para></description>
100                                 </configOption>
101                                 <configOption name="allow">
102                                         <synopsis>Media Codec(s) to allow</synopsis>
103                                 </configOption>
104                                 <configOption name="allow_overlap" default="yes">
105                                         <synopsis>Enable RFC3578 overlap dialing support.</synopsis>
106                                 </configOption>
107                                 <configOption name="aors">
108                                         <synopsis>AoR(s) to be used with the endpoint</synopsis>
109                                         <description><para>
110                                                 List of comma separated AoRs that the endpoint should be associated with.
111                                         </para></description>
112                                 </configOption>
113                                 <configOption name="auth">
114                                         <synopsis>Authentication Object(s) associated with the endpoint</synopsis>
115                                         <description><para>
116                                                 This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
117                                                 in <filename>pjsip.conf</filename> to be used to verify inbound connection attempts.
118                                                 </para><para>
119                                                 Endpoints without an authentication object
120                                                 configured will allow connections without verification.</para>
121                                                 <note><para>
122                                                 Using the same auth section for inbound and outbound
123                                                 authentication is not recommended.  There is a difference in
124                                                 meaning for an empty realm setting between inbound and outbound
125                                                 authentication uses.  See the auth realm description for details.
126                                                 </para></note>
127                                         </description>
128                                 </configOption>
129                                 <configOption name="callerid">
130                                         <synopsis>CallerID information for the endpoint</synopsis>
131                                         <description><para>
132                                                 Must be in the format <literal>Name &lt;Number&gt;</literal>,
133                                                 or only <literal>&lt;Number&gt;</literal>.
134                                         </para></description>
135                                 </configOption>
136                                 <configOption name="callerid_privacy">
137                                         <synopsis>Default privacy level</synopsis>
138                                         <description>
139                                                 <enumlist>
140                                                         <enum name="allowed_not_screened" />
141                                                         <enum name="allowed_passed_screen" />
142                                                         <enum name="allowed_failed_screen" />
143                                                         <enum name="allowed" />
144                                                         <enum name="prohib_not_screened" />
145                                                         <enum name="prohib_passed_screen" />
146                                                         <enum name="prohib_failed_screen" />
147                                                         <enum name="prohib" />
148                                                         <enum name="unavailable" />
149                                                 </enumlist>
150                                         </description>
151                                 </configOption>
152                                 <configOption name="callerid_tag">
153                                         <synopsis>Internal id_tag for the endpoint</synopsis>
154                                 </configOption>
155                                 <configOption name="context">
156                                         <synopsis>Dialplan context for inbound sessions</synopsis>
157                                 </configOption>
158                                 <configOption name="direct_media_glare_mitigation" default="none">
159                                         <synopsis>Mitigation of direct media (re)INVITE glare</synopsis>
160                                         <description>
161                                                 <para>
162                                                 This setting attempts to avoid creating INVITE glare scenarios
163                                                 by disabling direct media reINVITEs in one direction thereby allowing
164                                                 designated servers (according to this option) to initiate direct
165                                                 media reINVITEs without contention and significantly reducing call
166                                                 setup time.
167                                                 </para>
168                                                 <para>
169                                                 A more detailed description of how this option functions can be found on
170                                                 the Asterisk wiki https://wiki.asterisk.org/wiki/display/AST/SIP+Direct+Media+Reinvite+Glare+Avoidance
171                                                 </para>
172                                                 <enumlist>
173                                                         <enum name="none" />
174                                                         <enum name="outgoing" />
175                                                         <enum name="incoming" />
176                                                 </enumlist>
177                                         </description>
178                                 </configOption>
179                                 <configOption name="direct_media_method" default="invite">
180                                         <synopsis>Direct Media method type</synopsis>
181                                         <description>
182                                                 <para>Method for setting up Direct Media between endpoints.</para>
183                                                 <enumlist>
184                                                         <enum name="invite" />
185                                                         <enum name="reinvite">
186                                                                 <para>Alias for the <literal>invite</literal> value.</para>
187                                                         </enum>
188                                                         <enum name="update" />
189                                                 </enumlist>
190                                         </description>
191                                 </configOption>
192                                 <configOption name="connected_line_method" default="invite">
193                                         <synopsis>Connected line method type</synopsis>
194                                         <description>
195                                                 <para>Method used when updating connected line information.</para>
196                                                 <enumlist>
197                                                         <enum name="invite">
198                                                         <para>When set to <literal>invite</literal>, check the remote's Allow header and
199                                                         if UPDATE is allowed, send UPDATE instead of INVITE to avoid SDP
200                                                         renegotiation.  If UPDATE is not Allowed, send INVITE.</para>
201                                                         </enum>
202                                                         <enum name="reinvite">
203                                                                 <para>Alias for the <literal>invite</literal> value.</para>
204                                                         </enum>
205                                                         <enum name="update">
206                                                         <para>If set to <literal>update</literal>, send UPDATE regardless of what the remote
207                                                         Allows. </para>
208                                                         </enum>
209                                                 </enumlist>
210                                         </description>
211                                 </configOption>
212                                 <configOption name="direct_media" default="yes">
213                                         <synopsis>Determines whether media may flow directly between endpoints.</synopsis>
214                                 </configOption>
215                                 <configOption name="disable_direct_media_on_nat" default="no">
216                                         <synopsis>Disable direct media session refreshes when NAT obstructs the media session</synopsis>
217                                 </configOption>
218                                 <configOption name="disallow">
219                                         <synopsis>Media Codec(s) to disallow</synopsis>
220                                 </configOption>
221                                 <configOption name="dtmf_mode" default="rfc4733">
222                                         <synopsis>DTMF mode</synopsis>
223                                         <description>
224                                                 <para>This setting allows to choose the DTMF mode for endpoint communication.</para>
225                                                 <enumlist>
226                                                         <enum name="rfc4733">
227                                                                 <para>DTMF is sent out of band of the main audio stream.  This
228                                                                 supercedes the older <emphasis>RFC-2833</emphasis> used within
229                                                                 the older <literal>chan_sip</literal>.</para>
230                                                         </enum>
231                                                         <enum name="inband">
232                                                                 <para>DTMF is sent as part of audio stream.</para>
233                                                         </enum>
234                                                         <enum name="info">
235                                                                 <para>DTMF is sent as SIP INFO packets.</para>
236                                                         </enum>
237                                                         <enum name="auto">
238                                                                 <para>DTMF is sent as RFC 4733 if the other side supports it or as INBAND if not.</para>
239                                                         </enum>
240                                                         <enum name="auto_info">
241                                                                 <para>DTMF is sent as RFC 4733 if the other side supports it or as SIP INFO if not.</para>
242                                                         </enum>
243                                                 </enumlist>
244                                         </description>
245                                 </configOption>
246                                 <configOption name="media_address">
247                                         <synopsis>IP address used in SDP for media handling</synopsis>
248                                         <description><para>
249                                                 At the time of SDP creation, the IP address defined here will be used as
250                                                 the media address for individual streams in the SDP.
251                                         </para>
252                                         <note><para>
253                                                 Be aware that the <literal>external_media_address</literal> option, set in Transport
254                                                 configuration, can also affect the final media address used in the SDP.
255                                         </para></note>
256                                         </description>
257                                 </configOption>
258                                 <configOption name="bind_rtp_to_media_address">
259                                         <synopsis>Bind the RTP instance to the media_address</synopsis>
260                                         <description><para>
261                                                 If media_address is specified, this option causes the RTP instance to be bound to the
262                                                 specified ip address which causes the packets to be sent from that address.
263                                         </para>
264                                         </description>
265                                 </configOption>
266                                 <configOption name="force_rport" default="yes">
267                                         <synopsis>Force use of return port</synopsis>
268                                 </configOption>
269                                 <configOption name="ice_support" default="no">
270                                         <synopsis>Enable the ICE mechanism to help traverse NAT</synopsis>
271                                 </configOption>
272                                 <configOption name="identify_by">
273                                         <synopsis>Way(s) for the endpoint to be identified</synopsis>
274                                         <description>
275                                                 <para>Endpoints and AORs can be identified in multiple ways.  This
276                                                 option is a comma separated list of methods the endpoint can be
277                                                 identified.
278                                                 </para>
279                                                 <note><para>
280                                                 This option controls both how an endpoint is matched for incoming
281                                                 traffic and also how an AOR is determined if a registration
282                                                 occurs.  You must list at least one method that also matches for
283                                                 AORs or the registration will fail.
284                                                 </para></note>
285                                                 <enumlist>
286                                                         <enum name="username">
287                                                                 <para>Matches the endpoint or AOR ID based on the username
288                                                                 and domain in the From header (or To header for AORs).  If
289                                                                 an exact match on both username and domain/realm fails, the
290                                                                 match is retried with just the username.
291                                                                 </para>
292                                                         </enum>
293                                                         <enum name="auth_username">
294                                                                 <para>Matches the endpoint or AOR ID based on the username
295                                                                 and realm in the Authentication header.  If an exact match
296                                                                 on both username and domain/realm fails, the match is
297                                                                 retried with just the username.
298                                                                 </para>
299                                                                 <note><para>This method of identification has some security
300                                                                 considerations because an Authentication header is not
301                                                                 present on the first message of a dialog when digest
302                                                                 authentication is used.  The client can't generate it until
303                                                                 the server sends the challenge in a 401 response.  Since
304                                                                 Asterisk normally sends a security event when an incoming
305                                                                 request can't be matched to an endpoint, using this method
306                                                                 requires that the security event be deferred until a request
307                                                                 is received with the Authentication header and only
308                                                                 generated if the username doesn't result in a match.  This
309                                                                 may result in a delay before an attack is recognized.  You
310                                                                 can control how many unmatched requests are received from
311                                                                 a single ip address before a security event is generated
312                                                                 using the <literal>unidentified_request</literal>
313                                                                 parameters in the "global" configuration object.
314                                                                 </para></note>
315                                                         </enum>
316                                                         <enum name="ip">
317                                                                 <para>Matches the endpoint based on the source IP address.
318                                                                 </para>
319                                                                 <para>This method of identification is not configured here
320                                                                 but simply allowed by this configuration option.  See the
321                                                                 documentation for the <literal>identify</literal>
322                                                                 configuration section for more details on this method of
323                                                                 endpoint identification.
324                                                                 </para>
325                                                         </enum>
326                                                         <enum name="header">
327                                                                 <para>Matches the endpoint based on a configured SIP header
328                                                                 value.
329                                                                 </para>
330                                                                 <para>This method of identification is not configured here
331                                                                 but simply allowed by this configuration option.  See the
332                                                                 documentation for the <literal>identify</literal>
333                                                                 configuration section for more details on this method of
334                                                                 endpoint identification.
335                                                                 </para>
336                                                         </enum>
337                                                 </enumlist>
338                                         </description>
339                                 </configOption>
340                                 <configOption name="redirect_method">
341                                         <synopsis>How redirects received from an endpoint are handled</synopsis>
342                                         <description><para>
343                                                 When a redirect is received from an endpoint there are multiple ways it can be handled.
344                                                 If this option is set to <literal>user</literal> the user portion of the redirect target
345                                                 is treated as an extension within the dialplan and dialed using a Local channel. If this option
346                                                 is set to <literal>uri_core</literal> the target URI is returned to the dialing application
347                                                 which dials it using the PJSIP channel driver and endpoint originally used. If this option is
348                                                 set to <literal>uri_pjsip</literal> the redirect occurs within chan_pjsip itself and is not exposed
349                                                 to the core at all. The <literal>uri_pjsip</literal> option has the benefit of being more efficient
350                                                 and also supporting multiple potential redirect targets. The con is that since redirection occurs
351                                                 within chan_pjsip redirecting information is not forwarded and redirection can not be
352                                                 prevented.
353                                                 </para>
354                                                 <enumlist>
355                                                         <enum name="user" />
356                                                         <enum name="uri_core" />
357                                                         <enum name="uri_pjsip" />
358                                                 </enumlist>
359                                         </description>
360                                 </configOption>
361                                 <configOption name="mailboxes">
362                                         <synopsis>NOTIFY the endpoint when state changes for any of the specified mailboxes</synopsis>
363                                         <description><para>
364                                                 Asterisk will send unsolicited MWI NOTIFY messages to the endpoint when state
365                                                 changes happen for any of the specified mailboxes. More than one mailbox can be
366                                                 specified with a comma-delimited string. app_voicemail mailboxes must be specified
367                                                 as mailbox@context; for example: mailboxes=6001@default. For mailboxes provided by
368                                                 external sources, such as through the res_external_mwi module, you must specify
369                                                 strings supported by the external system.
370                                         </para><para>
371                                                 For endpoints that SUBSCRIBE for MWI, use the <literal>mailboxes</literal> option in your AOR
372                                                 configuration.
373                                         </para></description>
374                                 </configOption>
375                                 <configOption name="mwi_subscribe_replaces_unsolicited">
376                                         <synopsis>An MWI subscribe will replace sending unsolicited NOTIFYs</synopsis>
377                                 </configOption>
378                                 <configOption name="voicemail_extension">
379                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
380                                 </configOption>
381                                 <configOption name="moh_suggest" default="default">
382                                         <synopsis>Default Music On Hold class</synopsis>
383                                 </configOption>
384                                 <configOption name="outbound_auth">
385                                         <synopsis>Authentication object(s) used for outbound requests</synopsis>
386                                         <description><para>
387                                                 This is a comma-delimited list of <replaceable>auth</replaceable>
388                                                 sections defined in <filename>pjsip.conf</filename> used to respond
389                                                 to outbound connection authentication challenges.</para>
390                                                 <note><para>
391                                                 Using the same auth section for inbound and outbound
392                                                 authentication is not recommended.  There is a difference in
393                                                 meaning for an empty realm setting between inbound and outbound
394                                                 authentication uses.  See the auth realm description for details.
395                                                 </para></note>
396                                         </description>
397                                 </configOption>
398                                 <configOption name="outbound_proxy">
399                                         <synopsis>Full SIP URI of the outbound proxy used to send requests</synopsis>
400                                 </configOption>
401                                 <configOption name="rewrite_contact">
402                                         <synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
403                                         <description><para>
404                                                 On inbound SIP messages from this endpoint, the Contact header or an
405                                                 appropriate Record-Route header will be changed to have the source IP
406                                                 address and port.  This option does not affect outbound messages sent to
407                                                 this endpoint.  This option helps servers communicate with endpoints
408                                                 that are behind NATs.  This option also helps reuse reliable transport
409                                                 connections such as TCP and TLS.
410                                         </para></description>
411                                 </configOption>
412                                 <configOption name="rtp_ipv6" default="no">
413                                         <synopsis>Allow use of IPv6 for RTP traffic</synopsis>
414                                 </configOption>
415                                 <configOption name="rtp_symmetric" default="no">
416                                         <synopsis>Enforce that RTP must be symmetric</synopsis>
417                                 </configOption>
418                                 <configOption name="send_diversion" default="yes">
419                                         <synopsis>Send the Diversion header, conveying the diversion
420                                         information to the called user agent</synopsis>
421                                 </configOption>
422                                 <configOption name="send_pai" default="no">
423                                         <synopsis>Send the P-Asserted-Identity header</synopsis>
424                                 </configOption>
425                                 <configOption name="send_rpid" default="no">
426                                         <synopsis>Send the Remote-Party-ID header</synopsis>
427                                 </configOption>
428                                 <configOption name="rpid_immediate" default="no">
429                                         <synopsis>Immediately send connected line updates on unanswered incoming calls.</synopsis>
430                                         <description>
431                                                 <para>When enabled, immediately send <emphasis>180 Ringing</emphasis>
432                                                 or <emphasis>183 Progress</emphasis> response messages to the
433                                                 caller if the connected line information is updated before
434                                                 the call is answered.  This can send a <emphasis>180 Ringing</emphasis>
435                                                 response before the call has even reached the far end.  The
436                                                 caller can start hearing ringback before the far end even gets
437                                                 the call.  Many phones tend to grab the first connected line
438                                                 information and refuse to update the display if it changes.  The
439                                                 first information is not likely to be correct if the call
440                                                 goes to an endpoint not under the control of this Asterisk
441                                                 box.</para>
442                                                 <para>When disabled, a connected line update must wait for
443                                                 another reason to send a message with the connected line
444                                                 information to the caller before the call is answered.  You can
445                                                 trigger the sending of the information by using an appropriate
446                                                 dialplan application such as <emphasis>Ringing</emphasis>.</para>
447                                         </description>
448                                 </configOption>
449                                 <configOption name="timers_min_se" default="90">
450                                         <synopsis>Minimum session timers expiration period</synopsis>
451                                         <description><para>
452                                                 Minimum session timer expiration period. Time in seconds.
453                                         </para></description>
454                                 </configOption>
455                                 <configOption name="timers" default="yes">
456                                         <synopsis>Session timers for SIP packets</synopsis>
457                                         <description>
458                                                 <enumlist>
459                                                         <enum name="no" />
460                                                         <enum name="yes" />
461                                                         <enum name="required" />
462                                                         <enum name="always" />
463                                                         <enum name="forced"><para>Alias of always</para></enum>
464                                                 </enumlist>
465                                         </description>
466                                 </configOption>
467                                 <configOption name="timers_sess_expires" default="1800">
468                                         <synopsis>Maximum session timer expiration period</synopsis>
469                                         <description><para>
470                                                 Maximum session timer expiration period. Time in seconds.
471                                         </para></description>
472                                 </configOption>
473                                 <configOption name="transport">
474                                         <synopsis>Explicit transport configuration to use</synopsis>
475                                         <description>
476                                                 <para>This will <emphasis>force</emphasis> the endpoint to use the
477                                                 specified transport configuration to send SIP messages.  You need
478                                                 to already know what kind of transport (UDP/TCP/IPv4/etc) the
479                                                 endpoint device will use.
480                                                 </para>
481                                                 <note><para>Not specifying a transport will select the first
482                                                 configured transport in <filename>pjsip.conf</filename> which is
483                                                 compatible with the URI we are trying to contact.
484                                                 </para></note>
485                                                 <warning><para>Transport configuration is not affected by reloads. In order to
486                                                 change transports, a full Asterisk restart is required</para></warning>
487                                         </description>
488                                 </configOption>
489                                 <configOption name="trust_id_inbound" default="no">
490                                         <synopsis>Accept identification information received from this endpoint</synopsis>
491                                         <description><para>This option determines whether Asterisk will accept
492                                         identification from the endpoint from headers such as P-Asserted-Identity
493                                         or Remote-Party-ID header. This option applies both to calls originating from the
494                                         endpoint and calls originating from Asterisk. If <literal>no</literal>, the
495                                         configured Caller-ID from pjsip.conf will always be used as the identity for
496                                         the endpoint.</para></description>
497                                 </configOption>
498                                 <configOption name="trust_id_outbound" default="no">
499                                         <synopsis>Send private identification details to the endpoint.</synopsis>
500                                         <description><para>This option determines whether res_pjsip will send private
501                                         identification information to the endpoint. If <literal>no</literal>,
502                                         private Caller-ID information will not be forwarded to the endpoint.
503                                         "Private" in this case refers to any method of restricting identification.
504                                         Example: setting <replaceable>callerid_privacy</replaceable> to any
505                                         <literal>prohib</literal> variation.
506                                         Example: If <replaceable>trust_id_inbound</replaceable> is set to
507                                         <literal>yes</literal>, the presence of a <literal>Privacy: id</literal>
508                                         header in a SIP request or response would indicate the identification
509                                         provided in the request is private.</para></description>
510                                 </configOption>
511                                 <configOption name="type">
512                                         <synopsis>Must be of type 'endpoint'.</synopsis>
513                                 </configOption>
514                                 <configOption name="use_ptime" default="no">
515                                         <synopsis>Use Endpoint's requested packetization interval</synopsis>
516                                 </configOption>
517                                 <configOption name="use_avpf" default="no">
518                                         <synopsis>Determines whether res_pjsip will use and enforce usage of AVPF for this
519                                         endpoint.</synopsis>
520                                         <description><para>
521                                                 If set to <literal>yes</literal>, res_pjsip will use the AVPF or SAVPF RTP
522                                                 profile for all media offers on outbound calls and media updates and will
523                                                 decline media offers not using the AVPF or SAVPF profile.
524                                         </para><para>
525                                                 If set to <literal>no</literal>, res_pjsip will use the AVP or SAVP RTP
526                                                 profile for all media offers on outbound calls and media updates, and will
527                                                 decline media offers not using the AVP or SAVP profile.
528                                         </para></description>
529                                 </configOption>
530                                 <configOption name="force_avp" default="no">
531                                         <synopsis>Determines whether res_pjsip will use and enforce usage of AVP,
532                                         regardless of the RTP profile in use for this endpoint.</synopsis>
533                                         <description><para>
534                                                 If set to <literal>yes</literal>, res_pjsip will use the AVP, AVPF, SAVP, or
535                                                 SAVPF RTP profile for all media offers on outbound calls and media updates including
536                                                 those for DTLS-SRTP streams.
537                                         </para><para>
538                                                 If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
539                                                 depending on configuration.
540                                         </para></description>
541                                 </configOption>
542                                 <configOption name="media_use_received_transport" default="no">
543                                         <synopsis>Determines whether res_pjsip will use the media transport received in the
544                                         offer SDP in the corresponding answer SDP.</synopsis>
545                                         <description><para>
546                                                 If set to <literal>yes</literal>, res_pjsip will use the received media transport.
547                                         </para><para>
548                                                 If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
549                                                 depending on configuration.
550                                         </para></description>
551                                 </configOption>
552                                 <configOption name="media_encryption" default="no">
553                                         <synopsis>Determines whether res_pjsip will use and enforce usage of media encryption
554                                         for this endpoint.</synopsis>
555                                         <description>
556                                                 <enumlist>
557                                                         <enum name="no"><para>
558                                                                 res_pjsip will offer no encryption and allow no encryption to be setup.
559                                                         </para></enum>
560                                                         <enum name="sdes"><para>
561                                                                 res_pjsip will offer standard SRTP setup via in-SDP keys. Encrypted SIP
562                                                                 transport should be used in conjunction with this option to prevent
563                                                                 exposure of media encryption keys.
564                                                         </para></enum>
565                                                         <enum name="dtls"><para>
566                                                                 res_pjsip will offer DTLS-SRTP setup.
567                                                         </para></enum>
568                                                 </enumlist>
569                                         </description>
570                                 </configOption>
571                                 <configOption name="media_encryption_optimistic" default="no">
572                                         <synopsis>Determines whether encryption should be used if possible but does not terminate the
573                                         session if not achieved.</synopsis>
574                                         <description><para>
575                                                 This option only applies if <replaceable>media_encryption</replaceable> is
576                                                 set to <literal>sdes</literal> or <literal>dtls</literal>.
577                                         </para></description>
578                                 </configOption>
579                                 <configOption name="g726_non_standard" default="no">
580                                         <synopsis>Force g.726 to use AAL2 packing order when negotiating g.726 audio</synopsis>
581                                         <description><para>
582                                                 When set to "yes" and an endpoint negotiates g.726 audio then use g.726 for AAL2
583                                                 packing order instead of what is recommended by RFC3551. Since this essentially
584                                                 replaces the underlying 'g726' codec with 'g726aal2' then 'g726aal2' needs to be
585                                                 specified in the endpoint's allowed codec list.
586                                         </para></description>
587                                 </configOption>
588                                 <configOption name="inband_progress" default="no">
589                                         <synopsis>Determines whether chan_pjsip will indicate ringing using inband
590                                                 progress.</synopsis>
591                                         <description><para>
592                                                 If set to <literal>yes</literal>, chan_pjsip will send a 183 Session Progress
593                                                 when told to indicate ringing and will immediately start sending ringing
594                                                 as audio.
595                                         </para><para>
596                                                 If set to <literal>no</literal>, chan_pjsip will send a 180 Ringing when told
597                                                 to indicate ringing and will NOT send it as audio.
598                                         </para></description>
599                                 </configOption>
600                                 <configOption name="call_group">
601                                         <synopsis>The numeric pickup groups for a channel.</synopsis>
602                                         <description><para>
603                                                 Can be set to a comma separated list of numbers or ranges between the values
604                                                 of 0-63 (maximum of 64 groups).
605                                         </para></description>
606                                 </configOption>
607                                 <configOption name="pickup_group">
608                                         <synopsis>The numeric pickup groups that a channel can pickup.</synopsis>
609                                         <description><para>
610                                                 Can be set to a comma separated list of numbers or ranges between the values
611                                                 of 0-63 (maximum of 64 groups).
612                                         </para></description>
613                                 </configOption>
614                                 <configOption name="named_call_group">
615                                         <synopsis>The named pickup groups for a channel.</synopsis>
616                                         <description><para>
617                                                 Can be set to a comma separated list of case sensitive strings limited by
618                                                 supported line length.
619                                         </para></description>
620                                 </configOption>
621                                 <configOption name="named_pickup_group">
622                                         <synopsis>The named pickup groups that a channel can pickup.</synopsis>
623                                         <description><para>
624                                                 Can be set to a comma separated list of case sensitive strings limited by
625                                                 supported line length.
626                                         </para></description>
627                                 </configOption>
628                                 <configOption name="device_state_busy_at" default="0">
629                                         <synopsis>The number of in-use channels which will cause busy to be returned as device state</synopsis>
630                                         <description><para>
631                                                 When the number of in-use channels for the endpoint matches the devicestate_busy_at setting the
632                                                 PJSIP channel driver will return busy as the device state instead of in use.
633                                         </para></description>
634                                 </configOption>
635                                 <configOption name="t38_udptl" default="no">
636                                         <synopsis>Whether T.38 UDPTL support is enabled or not</synopsis>
637                                         <description><para>
638                                                 If set to yes T.38 UDPTL support will be enabled, and T.38 negotiation requests will be accepted
639                                                 and relayed.
640                                         </para></description>
641                                 </configOption>
642                                 <configOption name="t38_udptl_ec" default="none">
643                                         <synopsis>T.38 UDPTL error correction method</synopsis>
644                                         <description>
645                                                 <enumlist>
646                                                         <enum name="none"><para>
647                                                                 No error correction should be used.
648                                                         </para></enum>
649                                                         <enum name="fec"><para>
650                                                                 Forward error correction should be used.
651                                                         </para></enum>
652                                                         <enum name="redundancy"><para>
653                                                                 Redundancy error correction should be used.
654                                                         </para></enum>
655                                                 </enumlist>
656                                         </description>
657                                 </configOption>
658                                 <configOption name="t38_udptl_maxdatagram" default="0">
659                                         <synopsis>T.38 UDPTL maximum datagram size</synopsis>
660                                         <description><para>
661                                                 This option can be set to override the maximum datagram of a remote endpoint for broken
662                                                 endpoints.
663                                         </para></description>
664                                 </configOption>
665                                 <configOption name="fax_detect" default="no">
666                                         <synopsis>Whether CNG tone detection is enabled</synopsis>
667                                         <description><para>
668                                                 This option can be set to send the session to the fax extension when a CNG tone is
669                                                 detected.
670                                         </para></description>
671                                 </configOption>
672                                 <configOption name="fax_detect_timeout">
673                                         <synopsis>How long into a call before fax_detect is disabled for the call</synopsis>
674                                         <description><para>
675                                                 The option determines how many seconds into a call before the
676                                                 fax_detect option is disabled for the call.  Setting the value
677                                                 to zero disables the timeout.
678                                         </para></description>
679                                 </configOption>
680                                 <configOption name="t38_udptl_nat" default="no">
681                                         <synopsis>Whether NAT support is enabled on UDPTL sessions</synopsis>
682                                         <description><para>
683                                                 When enabled the UDPTL stack will send UDPTL packets to the source address of
684                                                 received packets.
685                                         </para></description>
686                                 </configOption>
687                                 <configOption name="t38_udptl_ipv6" default="no">
688                                         <synopsis>Whether IPv6 is used for UDPTL Sessions</synopsis>
689                                         <description><para>
690                                                 When enabled the UDPTL stack will use IPv6.
691                                         </para></description>
692                                 </configOption>
693                                 <configOption name="tone_zone">
694                                         <synopsis>Set which country's indications to use for channels created for this endpoint.</synopsis>
695                                 </configOption>
696                                 <configOption name="language">
697                                         <synopsis>Set the default language to use for channels created for this endpoint.</synopsis>
698                                 </configOption>
699                                 <configOption name="one_touch_recording" default="no">
700                                         <synopsis>Determines whether one-touch recording is allowed for this endpoint.</synopsis>
701                                         <see-also>
702                                                 <ref type="configOption">record_on_feature</ref>
703                                                 <ref type="configOption">record_off_feature</ref>
704                                         </see-also>
705                                 </configOption>
706                                 <configOption name="record_on_feature" default="automixmon">
707                                         <synopsis>The feature to enact when one-touch recording is turned on.</synopsis>
708                                         <description>
709                                                 <para>When an INFO request for one-touch recording arrives with a Record header set to "on", this
710                                                 feature will be enabled for the channel. The feature designated here can be any built-in
711                                                 or dynamic feature defined in features.conf.</para>
712                                                 <note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
713                                         </description>
714                                         <see-also>
715                                                 <ref type="configOption">one_touch_recording</ref>
716                                                 <ref type="configOption">record_off_feature</ref>
717                                         </see-also>
718                                 </configOption>
719                                 <configOption name="record_off_feature" default="automixmon">
720                                         <synopsis>The feature to enact when one-touch recording is turned off.</synopsis>
721                                         <description>
722                                                 <para>When an INFO request for one-touch recording arrives with a Record header set to "off", this
723                                                 feature will be enabled for the channel. The feature designated here can be any built-in
724                                                 or dynamic feature defined in features.conf.</para>
725                                                 <note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
726                                         </description>
727                                         <see-also>
728                                                 <ref type="configOption">one_touch_recording</ref>
729                                                 <ref type="configOption">record_on_feature</ref>
730                                         </see-also>
731                                 </configOption>
732                                 <configOption name="rtp_engine" default="asterisk">
733                                         <synopsis>Name of the RTP engine to use for channels created for this endpoint</synopsis>
734                                 </configOption>
735                                 <configOption name="allow_transfer" default="yes">
736                                         <synopsis>Determines whether SIP REFER transfers are allowed for this endpoint</synopsis>
737                                 </configOption>
738                                 <configOption name="user_eq_phone" default="no">
739                                         <synopsis>Determines whether a user=phone parameter is placed into the request URI if the user is determined to be a phone number</synopsis>
740                                 </configOption>
741                                 <configOption name="moh_passthrough" default="no">
742                                         <synopsis>Determines whether hold and unhold will be passed through using re-INVITEs with recvonly and sendrecv to the remote side</synopsis>
743                                 </configOption>
744                                 <configOption name="sdp_owner" default="-">
745                                         <synopsis>String placed as the username portion of an SDP origin (o=) line.</synopsis>
746                                 </configOption>
747                                 <configOption name="sdp_session" default="Asterisk">
748                                         <synopsis>String used for the SDP session (s=) line.</synopsis>
749                                 </configOption>
750                                 <configOption name="tos_audio">
751                                         <synopsis>DSCP TOS bits for audio streams</synopsis>
752                                         <description><para>
753                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
754                                         </para></description>
755                                 </configOption>
756                                 <configOption name="tos_video">
757                                         <synopsis>DSCP TOS bits for video streams</synopsis>
758                                         <description><para>
759                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
760                                         </para></description>
761                                 </configOption>
762                                 <configOption name="cos_audio">
763                                         <synopsis>Priority for audio streams</synopsis>
764                                         <description><para>
765                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
766                                         </para></description>
767                                 </configOption>
768                                 <configOption name="cos_video">
769                                         <synopsis>Priority for video streams</synopsis>
770                                         <description><para>
771                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
772                                         </para></description>
773                                 </configOption>
774                                 <configOption name="allow_subscribe" default="yes">
775                                         <synopsis>Determines if endpoint is allowed to initiate subscriptions with Asterisk.</synopsis>
776                                 </configOption>
777                                 <configOption name="sub_min_expiry" default="60">
778                                         <synopsis>The minimum allowed expiry time for subscriptions initiated by the endpoint.</synopsis>
779                                 </configOption>
780                                 <configOption name="from_user">
781                                         <synopsis>Username to use in From header for requests to this endpoint.</synopsis>
782                                 </configOption>
783                                 <configOption name="mwi_from_user">
784                                         <synopsis>Username to use in From header for unsolicited MWI NOTIFYs to this endpoint.</synopsis>
785                                 </configOption>
786                                 <configOption name="from_domain">
787                                         <synopsis>Domain to user in From header for requests to this endpoint.</synopsis>
788                                 </configOption>
789                                 <configOption name="dtls_verify">
790                                         <synopsis>Verify that the provided peer certificate is valid</synopsis>
791                                         <description><para>
792                                                 This option only applies if <replaceable>media_encryption</replaceable> is
793                                                 set to <literal>dtls</literal>.
794                                         </para></description>
795                                 </configOption>
796                                 <configOption name="dtls_rekey">
797                                         <synopsis>Interval at which to renegotiate the TLS session and rekey the SRTP session</synopsis>
798                                         <description><para>
799                                                 This option only applies if <replaceable>media_encryption</replaceable> is
800                                                 set to <literal>dtls</literal>.
801                                         </para><para>
802                                                 If this is not set or the value provided is 0 rekeying will be disabled.
803                                         </para></description>
804                                 </configOption>
805                                 <configOption name="dtls_auto_generate_cert" default="no">
806                                         <synopsis>Whether or not to automatically generate an ephemeral X.509 certificate</synopsis>
807                                         <description>
808                                                 <para>
809                                                         If enabled, Asterisk will generate an X.509 certificate for each DTLS session.
810                                                         This option only applies if <replaceable>media_encryption</replaceable> is set
811                                                         to <literal>dtls</literal>. This option will be automatically enabled if
812                                                         <literal>webrtc</literal> is enabled and <literal>dtls_cert_file</literal> is
813                                                         not specified.
814                                                 </para>
815                                         </description>
816                                 </configOption>
817                                 <configOption name="dtls_cert_file">
818                                         <synopsis>Path to certificate file to present to peer</synopsis>
819                                         <description><para>
820                                                 This option only applies if <replaceable>media_encryption</replaceable> is
821                                                 set to <literal>dtls</literal>.
822                                         </para></description>
823                                 </configOption>
824                                 <configOption name="dtls_private_key">
825                                         <synopsis>Path to private key for certificate file</synopsis>
826                                         <description><para>
827                                                 This option only applies if <replaceable>media_encryption</replaceable> is
828                                                 set to <literal>dtls</literal>.
829                                         </para></description>
830                                 </configOption>
831                                 <configOption name="dtls_cipher">
832                                         <synopsis>Cipher to use for DTLS negotiation</synopsis>
833                                         <description><para>
834                                                 This option only applies if <replaceable>media_encryption</replaceable> is
835                                                 set to <literal>dtls</literal>.
836                                         </para>
837                                         <para>Many options for acceptable ciphers. See link for more:</para>
838                                         <para>http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
839                                         </para></description>
840                                 </configOption>
841                                 <configOption name="dtls_ca_file">
842                                         <synopsis>Path to certificate authority certificate</synopsis>
843                                         <description><para>
844                                                 This option only applies if <replaceable>media_encryption</replaceable> is
845                                                 set to <literal>dtls</literal>.
846                                         </para></description>
847                                 </configOption>
848                                 <configOption name="dtls_ca_path">
849                                         <synopsis>Path to a directory containing certificate authority certificates</synopsis>
850                                         <description><para>
851                                                 This option only applies if <replaceable>media_encryption</replaceable> is
852                                                 set to <literal>dtls</literal>.
853                                         </para></description>
854                                 </configOption>
855                                 <configOption name="dtls_setup">
856                                         <synopsis>Whether we are willing to accept connections, connect to the other party, or both.</synopsis>
857                                         <description>
858                                                 <para>
859                                                         This option only applies if <replaceable>media_encryption</replaceable> is
860                                                         set to <literal>dtls</literal>.
861                                                 </para>
862                                                 <enumlist>
863                                                         <enum name="active"><para>
864                                                                 res_pjsip will make a connection to the peer.
865                                                         </para></enum>
866                                                         <enum name="passive"><para>
867                                                                 res_pjsip will accept connections from the peer.
868                                                         </para></enum>
869                                                         <enum name="actpass"><para>
870                                                                 res_pjsip will offer and accept connections from the peer.
871                                                         </para></enum>
872                                                 </enumlist>
873                                         </description>
874                                 </configOption>
875                                 <configOption name="dtls_fingerprint">
876                                         <synopsis>Type of hash to use for the DTLS fingerprint in the SDP.</synopsis>
877                                         <description>
878                                                 <para>
879                                                         This option only applies if <replaceable>media_encryption</replaceable> is
880                                                         set to <literal>dtls</literal>.
881                                                 </para>
882                                                 <enumlist>
883                                                         <enum name="SHA-256"></enum>
884                                                         <enum name="SHA-1"></enum>
885                                                 </enumlist>
886                                         </description>
887                                 </configOption>
888                                 <configOption name="srtp_tag_32">
889                                         <synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis>
890                                         <description><para>
891                                                 This option only applies if <replaceable>media_encryption</replaceable> is
892                                                 set to <literal>sdes</literal> or <literal>dtls</literal>.
893                                         </para></description>
894                                 </configOption>
895                                 <configOption name="set_var">
896                                         <synopsis>Variable set on a channel involving the endpoint.</synopsis>
897                                         <description><para>
898                                                 When a new channel is created using the endpoint set the specified
899                                                 variable(s) on that channel. For multiple channel variables specify
900                                                 multiple 'set_var'(s).
901                                         </para></description>
902                                 </configOption>
903                                 <configOption name="message_context">
904                                         <synopsis>Context to route incoming MESSAGE requests to.</synopsis>
905                                         <description><para>
906                                                 If specified, incoming MESSAGE requests will be routed to the indicated
907                                                 dialplan context. If no <replaceable>message_context</replaceable> is
908                                                 specified, then the <replaceable>context</replaceable> setting is used.
909                                         </para></description>
910                                 </configOption>
911                                 <configOption name="accountcode">
912                                         <synopsis>An accountcode to set automatically on any channels created for this endpoint.</synopsis>
913                                         <description><para>
914                                                 If specified, any channel created for this endpoint will automatically
915                                                 have this accountcode set on it.
916                                         </para></description>
917                                 </configOption>
918                                 <configOption name="preferred_codec_only" default="no">
919                                         <synopsis>Respond to a SIP invite with the single most preferred codec rather than advertising all joint codec capabilities. This limits the other side's codec choice to exactly what we prefer.</synopsis>
920                                 </configOption>
921                                 <configOption name="rtp_keepalive">
922                                         <synopsis>Number of seconds between RTP comfort noise keepalive packets.</synopsis>
923                                         <description><para>
924                                                 At the specified interval, Asterisk will send an RTP comfort noise frame. This may
925                                                 be useful for situations where Asterisk is behind a NAT or firewall and must keep
926                                                 a hole open in order to allow for media to arrive at Asterisk.
927                                         </para></description>
928                                 </configOption>
929                                 <configOption name="rtp_timeout" default="0">
930                                         <synopsis>Maximum number of seconds without receiving RTP (while off hold) before terminating call.</synopsis>
931                                         <description><para>
932                                                 This option configures the number of seconds without RTP (while off hold) before
933                                                 considering a channel as dead. When the number of seconds is reached the underlying
934                                                 channel is hung up. By default this option is set to 0, which means do not check.
935                                         </para></description>
936                                 </configOption>
937                                 <configOption name="rtp_timeout_hold" default="0">
938                                         <synopsis>Maximum number of seconds without receiving RTP (while on hold) before terminating call.</synopsis>
939                                         <description><para>
940                                                 This option configures the number of seconds without RTP (while on hold) before
941                                                 considering a channel as dead. When the number of seconds is reached the underlying
942                                                 channel is hung up. By default this option is set to 0, which means do not check.
943                                         </para></description>
944                                 </configOption>
945                                 <configOption name="acl">
946                                         <synopsis>List of IP ACL section names in acl.conf</synopsis>
947                                         <description><para>
948                                                 This matches sections configured in <literal>acl.conf</literal>. The value is
949                                                 defined as a list of comma-delimited section names.
950                                         </para></description>
951                                 </configOption>
952                                 <configOption name="deny">
953                                         <synopsis>List of IP addresses to deny access from</synopsis>
954                                         <description><para>
955                                                 The value is a comma-delimited list of IP addresses. IP addresses may
956                                                 have a subnet mask appended. The subnet mask may be written in either
957                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
958                                                 mask with a slash ('/')
959                                         </para></description>
960                                 </configOption>
961                                 <configOption name="permit">
962                                         <synopsis>List of IP addresses to permit access from</synopsis>
963                                         <description><para>
964                                                 The value is a comma-delimited list of IP addresses. IP addresses may
965                                                 have a subnet mask appended. The subnet mask may be written in either
966                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
967                                                 mask with a slash ('/')
968                                         </para></description>
969                                 </configOption>
970                                 <configOption name="contact_acl">
971                                         <synopsis>List of Contact ACL section names in acl.conf</synopsis>
972                                         <description><para>
973                                                 This matches sections configured in <literal>acl.conf</literal>. The value is
974                                                 defined as a list of comma-delimited section names.
975                                         </para></description>
976                                 </configOption>
977                                 <configOption name="contact_deny">
978                                         <synopsis>List of Contact header addresses to deny</synopsis>
979                                         <description><para>
980                                                 The value is a comma-delimited list of IP addresses. IP addresses may
981                                                 have a subnet mask appended. The subnet mask may be written in either
982                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
983                                                 mask with a slash ('/')
984                                         </para></description>
985                                 </configOption>
986                                 <configOption name="contact_permit">
987                                         <synopsis>List of Contact header addresses to permit</synopsis>
988                                         <description><para>
989                                                 The value is a comma-delimited list of IP addresses. IP addresses may
990                                                 have a subnet mask appended. The subnet mask may be written in either
991                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
992                                                 mask with a slash ('/')
993                                         </para></description>
994                                 </configOption>
995                                 <configOption name="subscribe_context">
996                                         <synopsis>Context for incoming MESSAGE requests.</synopsis>
997                                         <description><para>
998                                                 If specified, incoming SUBSCRIBE requests will be searched for the matching
999                                                 extension in the indicated context.
1000                                                 If no <replaceable>subscribe_context</replaceable> is specified,
1001                                                 then the <replaceable>context</replaceable> setting is used.
1002                                         </para></description>
1003                                 </configOption>
1004                                 <configOption name="contact_user" default="">
1005                                         <synopsis>Force the user on the outgoing Contact header to this value.</synopsis>
1006                                         <description><para>
1007                                                 On outbound requests, force the user portion of the Contact header to this value.
1008                                         </para></description>
1009                                 </configOption>
1010                                 <configOption name="asymmetric_rtp_codec" default="no">
1011                                         <synopsis>Allow the sending and receiving RTP codec to differ</synopsis>
1012                                         <description><para>
1013                                                 When set to "yes" the codec in use for sending will be allowed to differ from
1014                                                 that of the received one. PJSIP will not automatically switch the sending one
1015                                                 to the receiving one.
1016                                         </para></description>
1017                                 </configOption>
1018                                 <configOption name="rtcp_mux" default="no">
1019                                         <synopsis>Enable RFC 5761 RTCP multiplexing on the RTP port</synopsis>
1020                                         <description><para>
1021                                                 With this option enabled, Asterisk will attempt to negotiate the use of the "rtcp-mux"
1022                                                 attribute on all media streams. This will result in RTP and RTCP being sent and received
1023                                                 on the same port. This shifts the demultiplexing logic to the application rather than
1024                                                 the transport layer. This option is useful when interoperating with WebRTC endpoints
1025                                                 since they mandate this option's use.
1026                                         </para></description>
1027                                 </configOption>
1028                                 <configOption name="refer_blind_progress" default="yes">
1029                                         <synopsis>Whether to notifies all the progress details on blind transfer</synopsis>
1030                                         <description><para>
1031                                                 Some SIP phones (Mitel/Aastra, Snom) expect a sip/frag "200 OK"
1032                                                 after REFER has been accepted. If set to <literal>no</literal> then asterisk
1033                                                 will not send the progress details, but immediately will send "200 OK".
1034                                         </para></description>
1035                                 </configOption>
1036                                 <configOption name="notify_early_inuse_ringing" default="no">
1037                                         <synopsis>Whether to notifies dialog-info 'early' on InUse&amp;Ringing state</synopsis>
1038                                         <description><para>
1039                                                 Control whether dialog-info subscriptions get 'early' state
1040                                                 on Ringing when already INUSE.
1041                                         </para></description>
1042                                 </configOption>
1043                                 <configOption name="max_audio_streams" default="1">
1044                                         <synopsis>The maximum number of allowed audio streams for the endpoint</synopsis>
1045                                         <description><para>
1046                                                 This option enforces a limit on the maximum simultaneous negotiated audio
1047                                                 streams allowed for the endpoint.
1048                                         </para></description>
1049                                 </configOption>
1050                                 <configOption name="max_video_streams" default="1">
1051                                         <synopsis>The maximum number of allowed video streams for the endpoint</synopsis>
1052                                         <description><para>
1053                                                 This option enforces a limit on the maximum simultaneous negotiated video
1054                                                 streams allowed for the endpoint.
1055                                         </para></description>
1056                                 </configOption>
1057                                 <configOption name="bundle" default="no">
1058                                         <synopsis>Enable RTP bundling</synopsis>
1059                                         <description><para>
1060                                                 With this option enabled, Asterisk will attempt to negotiate the use of bundle.
1061                                                 If negotiated this will result in multiple RTP streams being carried over the same
1062                                                 underlying transport. Note that enabling bundle will also enable the rtcp_mux option.
1063                                         </para></description>
1064                                 </configOption>
1065                                 <configOption name="webrtc" default="no">
1066                                         <synopsis>Defaults and enables some options that are relevant to WebRTC</synopsis>
1067                                         <description><para>
1068                                                 When set to "yes" this also enables the following values that are needed in
1069                                                 order for basic WebRTC support to work: rtcp_mux, use_avpf, ice_support, and
1070                                                 use_received_transport. The following configuration settings also get defaulted
1071                                                 as follows:</para>
1072                                                 <para>media_encryption=dtls</para>
1073                                                 <para>dtls_auto_generate_cert=yes (if dtls_cert_file is not set)</para>
1074                                                 <para>dtls_verify=fingerprint</para>
1075                                                 <para>dtls_setup=actpass</para>
1076                                         </description>
1077                                 </configOption>
1078                                 <configOption name="incoming_mwi_mailbox">
1079                                         <synopsis>Mailbox name to use when incoming MWI NOTIFYs are received</synopsis>
1080                                         <description><para>
1081                                                 If an MWI NOTIFY is received <emphasis>from</emphasis> this endpoint,
1082                                                 this mailbox will be used when notifying other modules of MWI status
1083                                                 changes.  If not set, incoming MWI NOTIFYs are ignored.
1084                                         </para></description>
1085                                 </configOption>
1086                                 <configOption name="follow_early_media_fork">
1087                                         <synopsis>Follow SDP forked media when To tag is different</synopsis>
1088                                         <description><para>
1089                                                 On outgoing calls, if the UAS responds with different SDP attributes
1090                                                 on subsequent 18X or 2XX responses (such as a port update) AND the
1091                                                 To tag on the subsequent response is different than that on the previous
1092                                                 one, follow it. This usually happens when the INVITE is forked to multiple
1093                                                 UASs and more than one sends an SDP answer.
1094                                                 </para>
1095                                                 <note><para>
1096                                                         This option must also be enabled in the <literal>system</literal>
1097                                                         section for it to take effect here.
1098                                                 </para></note>
1099                                         </description>
1100                                 </configOption>
1101                                 <configOption name="accept_multiple_sdp_answers" default="no">
1102                                         <synopsis>Accept multiple SDP answers on non-100rel responses</synopsis>
1103                                         <description><para>
1104                                                 On outgoing calls, if the UAS responds with different SDP attributes
1105                                                 on non-100rel 18X or 2XX responses (such as a port update) AND the
1106                                                 To tag on the subsequent response is the same as that on the previous one,
1107                                                 process the updated SDP.  This can happen when the UAS needs to change ports
1108                                                 for some reason such as using a separate port for custom ringback.
1109                                                 </para>
1110                                                 <note><para>
1111                                                         This option must also be enabled in the <literal>system</literal>
1112                                                         section for it to take effect here.
1113                                                 </para></note>
1114                                         </description>
1115                                 </configOption>
1116                                 <configOption name="suppress_q850_reason_headers" default="no">
1117                                         <synopsis>Suppress Q.850 Reason headers for this endpoint</synopsis>
1118                                         <description><para>
1119                                                 Some devices can't accept multiple Reason headers and get confused
1120                                                 when both 'SIP' and 'Q.850' Reason headers are received.  This
1121                                                 option allows the 'Q.850' Reason header to be suppressed.</para>
1122                                         </description>
1123                                 </configOption>
1124                         </configObject>
1125                         <configObject name="auth">
1126                                 <synopsis>Authentication type</synopsis>
1127                                 <description><para>
1128                                         Authentication objects hold the authentication information for use
1129                                         by other objects such as <literal>endpoints</literal> or <literal>registrations</literal>.
1130                                         This also allows for multiple objects to use a single auth object. See
1131                                         the <literal>auth_type</literal> config option for password style choices.
1132                                 </para></description>
1133                                 <configOption name="auth_type" default="userpass">
1134                                         <synopsis>Authentication type</synopsis>
1135                                         <description><para>
1136                                                 This option specifies which of the password style config options should be read
1137                                                 when trying to authenticate an endpoint inbound request. If set to <literal>userpass</literal>
1138                                                 then we'll read from the 'password' option. For <literal>md5</literal> we'll read
1139                                                 from 'md5_cred'.
1140                                                 </para>
1141                                                 <enumlist>
1142                                                         <enum name="md5"/>
1143                                                         <enum name="userpass"/>
1144                                                 </enumlist>
1145                                         </description>
1146                                 </configOption>
1147                                 <configOption name="nonce_lifetime" default="32">
1148                                         <synopsis>Lifetime of a nonce associated with this authentication config.</synopsis>
1149                                 </configOption>
1150                                 <configOption name="md5_cred">
1151                                         <synopsis>MD5 Hash used for authentication.</synopsis>
1152                                         <description><para>Only used when auth_type is <literal>md5</literal>.</para></description>
1153                                 </configOption>
1154                                 <configOption name="password">
1155                                         <synopsis>Plain text password used for authentication.</synopsis>
1156                                         <description><para>Only used when auth_type is <literal>userpass</literal>.</para></description>
1157                                 </configOption>
1158                                 <configOption name="realm">
1159                                         <synopsis>SIP realm for endpoint</synopsis>
1160                                         <description><para>
1161                                                 The treatment of this value depends upon how the authentication
1162                                                 object is used.
1163                                                 </para><para>
1164                                                 When used as an inbound authentication object, the realm is sent
1165                                                 as part of the challenge so the peer can know which key to use
1166                                                 when responding.  An empty value will use the
1167                                                 <replaceable>global</replaceable> section's
1168                                                 <literal>default_realm</literal> value when issuing a challenge.
1169                                                 </para><para>
1170                                                 When used as an outbound authentication object, the realm is
1171                                                 matched with the received challenge realm to determine which
1172                                                 authentication object to use when responding to the challenge.  An
1173                                                 empty value matches any challenging realm when determining
1174                                                 which authentication object matches a received challenge.
1175                                                 </para>
1176                                                 <note><para>
1177                                                 Using the same auth section for inbound and outbound
1178                                                 authentication is not recommended.  There is a difference in
1179                                                 meaning for an empty realm setting between inbound and outbound
1180                                                 authentication uses.</para></note>
1181                                         </description>
1182                                 </configOption>
1183                                 <configOption name="type">
1184                                         <synopsis>Must be 'auth'</synopsis>
1185                                 </configOption>
1186                                 <configOption name="username">
1187                                         <synopsis>Username to use for account</synopsis>
1188                                 </configOption>
1189                         </configObject>
1190                         <configObject name="domain_alias">
1191                                 <synopsis>Domain Alias</synopsis>
1192                                 <description><para>
1193                                         Signifies that a domain is an alias. If the domain on a session is
1194                                         not found to match an AoR then this object is used to see if we have
1195                                         an alias for the AoR to which the endpoint is binding. This objects
1196                                         name as defined in configuration should be the domain alias and a
1197                                         config option is provided to specify the domain to be aliased.
1198                                 </para></description>
1199                                 <configOption name="type">
1200                                         <synopsis>Must be of type 'domain_alias'.</synopsis>
1201                                 </configOption>
1202                                 <configOption name="domain">
1203                                         <synopsis>Domain to be aliased</synopsis>
1204                                 </configOption>
1205                         </configObject>
1206                         <configObject name="transport">
1207                                 <synopsis>SIP Transport</synopsis>
1208                                 <description><para>
1209                                         <emphasis>Transports</emphasis>
1210                                         </para>
1211                                         <para>There are different transports and protocol derivatives
1212                                                 supported by <literal>res_pjsip</literal>. They are in order of
1213                                                 preference: UDP, TCP, and WebSocket (WS).</para>
1214                                         <note><para>Changes to transport configuration in pjsip.conf will only be
1215                                                 effected on a complete restart of Asterisk. A module reload
1216                                                 will not suffice.</para></note>
1217                                 </description>
1218                                 <configOption name="async_operations" default="1">
1219                                         <synopsis>Number of simultaneous Asynchronous Operations</synopsis>
1220                                 </configOption>
1221                                 <configOption name="bind">
1222                                         <synopsis>IP Address and optional port to bind to for this transport</synopsis>
1223                                 </configOption>
1224                                 <configOption name="ca_list_file">
1225                                         <synopsis>File containing a list of certificates to read (TLS ONLY, not WSS)</synopsis>
1226                                 </configOption>
1227                                 <configOption name="ca_list_path">
1228                                         <synopsis>Path to directory containing a list of certificates to read (TLS ONLY, not WSS)</synopsis>
1229                                 </configOption>
1230                                 <configOption name="cert_file">
1231                                         <synopsis>Certificate file for endpoint (TLS ONLY, not WSS)</synopsis>
1232                                         <description><para>
1233                                                 A path to a .crt or .pem file can be provided.  However, only
1234                                                 the certificate is read from the file, not the private key.
1235                                                 The <literal>priv_key_file</literal> option must supply a
1236                                                 matching key file.
1237                                         </para></description>
1238                                 </configOption>
1239                                 <configOption name="cipher">
1240                                         <synopsis>Preferred cryptography cipher names (TLS ONLY, not WSS)</synopsis>
1241                                         <description>
1242                                         <para>Comma separated list of cipher names or numeric equivalents.
1243                                                 Numeric equivalents can be either decimal or hexadecimal (0xX).
1244                                         </para>
1245                                         <para>There are many cipher names.  Use the CLI command
1246                                                 <literal>pjsip list ciphers</literal> to see a list of cipher
1247                                                 names available for your installation.  See link for more:</para>
1248                                         <para>http://www.openssl.org/docs/apps/ciphers.html#CIPHER_SUITE_NAMES
1249                                         </para>
1250                                         </description>
1251                                 </configOption>
1252                                 <configOption name="domain">
1253                                         <synopsis>Domain the transport comes from</synopsis>
1254                                 </configOption>
1255                                 <configOption name="external_media_address">
1256                                         <synopsis>External IP address to use in RTP handling</synopsis>
1257                                         <description><para>
1258                                                 When a request or response is sent out, if the destination of the
1259                                                 message is outside the IP network defined in the option <literal>localnet</literal>,
1260                                                 and the media address in the SDP is within the localnet network, then the
1261                                                 media address in the SDP will be rewritten to the value defined for
1262                                                 <literal>external_media_address</literal>.
1263                                         </para></description>
1264                                 </configOption>
1265                                 <configOption name="external_signaling_address">
1266                                         <synopsis>External address for SIP signalling</synopsis>
1267                                 </configOption>
1268                                 <configOption name="external_signaling_port" default="0">
1269                                         <synopsis>External port for SIP signalling</synopsis>
1270                                 </configOption>
1271                                 <configOption name="method">
1272                                         <synopsis>Method of SSL transport (TLS ONLY, not WSS)</synopsis>
1273                                         <description>
1274                                                 <enumlist>
1275                                                         <enum name="default">
1276                                                                 <para>The default as defined by PJSIP. This is currently TLSv1, but may change with future releases.</para>
1277                                                         </enum>
1278                                                         <enum name="unspecified">
1279                                                                 <para>This option is equivalent to setting 'default'</para>
1280                                                         </enum>
1281                                                         <enum name="tlsv1" />
1282                                                         <enum name="tlsv1_1" />
1283                                                         <enum name="tlsv1_2" />
1284                                                         <enum name="sslv2" />
1285                                                         <enum name="sslv3" />
1286                                                         <enum name="sslv23" />
1287                                                 </enumlist>
1288                                         </description>
1289                                 </configOption>
1290                                 <configOption name="local_net">
1291                                         <synopsis>Network to consider local (used for NAT purposes).</synopsis>
1292                                         <description><para>This must be in CIDR or dotted decimal format with the IP
1293                                         and mask separated with a slash ('/').</para></description>
1294                                 </configOption>
1295                                 <configOption name="password">
1296                                         <synopsis>Password required for transport</synopsis>
1297                                 </configOption>
1298                                 <configOption name="priv_key_file">
1299                                         <synopsis>Private key file (TLS ONLY, not WSS)</synopsis>
1300                                 </configOption>
1301                                 <configOption name="protocol" default="udp">
1302                                         <synopsis>Protocol to use for SIP traffic</synopsis>
1303                                         <description>
1304                                                 <enumlist>
1305                                                         <enum name="udp" />
1306                                                         <enum name="tcp" />
1307                                                         <enum name="tls" />
1308                                                         <enum name="ws" />
1309                                                         <enum name="wss" />
1310                                                 </enumlist>
1311                                         </description>
1312                                 </configOption>
1313                                 <configOption name="require_client_cert" default="false">
1314                                         <synopsis>Require client certificate (TLS ONLY, not WSS)</synopsis>
1315                                 </configOption>
1316                                 <configOption name="type">
1317                                         <synopsis>Must be of type 'transport'.</synopsis>
1318                                 </configOption>
1319                                 <configOption name="verify_client" default="false">
1320                                         <synopsis>Require verification of client certificate (TLS ONLY, not WSS)</synopsis>
1321                                 </configOption>
1322                                 <configOption name="verify_server" default="false">
1323                                         <synopsis>Require verification of server certificate (TLS ONLY, not WSS)</synopsis>
1324                                 </configOption>
1325                                 <configOption name="tos" default="false">
1326                                         <synopsis>Enable TOS for the signalling sent over this transport</synopsis>
1327                                         <description>
1328                                         <para>See <literal>https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service</literal>
1329                                         for more information on this parameter.</para>
1330                                         <note><para>This option does not apply to the <replaceable>ws</replaceable>
1331                                         or the <replaceable>wss</replaceable> protocols.</para></note>
1332                                         </description>
1333                                 </configOption>
1334                                 <configOption name="cos" default="false">
1335                                         <synopsis>Enable COS for the signalling sent over this transport</synopsis>
1336                                         <description>
1337                                         <para>See <literal>https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service</literal>
1338                                         for more information on this parameter.</para>
1339                                         <note><para>This option does not apply to the <replaceable>ws</replaceable>
1340                                         or the <replaceable>wss</replaceable> protocols.</para></note>
1341                                         </description>
1342                                 </configOption>
1343                                 <configOption name="websocket_write_timeout">
1344                                         <synopsis>The timeout (in milliseconds) to set on WebSocket connections.</synopsis>
1345                                         <description>
1346                                                 <para>If a websocket connection accepts input slowly, the timeout
1347                                                 for writes to it can be increased to keep it from being disconnected.
1348                                                 Value is in milliseconds; default is 100 ms.</para>
1349                                         </description>
1350                                 </configOption>
1351                                 <configOption name="allow_reload" default="no">
1352                                         <synopsis>Allow this transport to be reloaded.</synopsis>
1353                                         <description>
1354                                                 <para>Allow this transport to be reloaded when res_pjsip is reloaded.
1355                                                 This option defaults to "no" because reloading a transport may disrupt
1356                                                 in-progress calls.</para>
1357                                         </description>
1358                                 </configOption>
1359                                 <configOption name="symmetric_transport" default="no">
1360                                         <synopsis>Use the same transport for outgoing requests as incoming ones.</synopsis>
1361                                         <description>
1362                                                 <para>When a request from a dynamic contact
1363                                                         comes in on a transport with this option set to 'yes',
1364                                                         the transport name will be saved and used for subsequent
1365                                                         outgoing requests like OPTIONS, NOTIFY and INVITE.  It's
1366                                                         saved as a contact uri parameter named 'x-ast-txp' and will
1367                                                         display with the contact uri in CLI, AMI, and ARI output.
1368                                                         On the outgoing request, if a transport wasn't explicitly
1369                                                         set on the endpoint AND the request URI is not a hostname,
1370                                                         the saved transport will be used and the 'x-ast-txp'
1371                                                         parameter stripped from the outgoing packet.
1372                                                 </para>
1373                                         </description>
1374                                 </configOption>
1375                         </configObject>
1376                         <configObject name="contact">
1377                                 <synopsis>A way of creating an aliased name to a SIP URI</synopsis>
1378                                 <description><para>
1379                                         Contacts are a way to hide SIP URIs from the dialplan directly.
1380                                         They are also used to make a group of contactable parties when
1381                                         in use with <literal>AoR</literal> lists.
1382                                 </para></description>
1383                                 <configOption name="type">
1384                                         <synopsis>Must be of type 'contact'.</synopsis>
1385                                 </configOption>
1386                                 <configOption name="uri">
1387                                         <synopsis>SIP URI to contact peer</synopsis>
1388                                 </configOption>
1389                                 <configOption name="expiration_time">
1390                                         <synopsis>Time to keep alive a contact</synopsis>
1391                                         <description><para>
1392                                                 Time to keep alive a contact. String style specification.
1393                                         </para></description>
1394                                 </configOption>
1395                                 <configOption name="qualify_frequency" default="0">
1396                                         <synopsis>Interval at which to qualify a contact</synopsis>
1397                                         <description><para>
1398                                                 Interval between attempts to qualify the contact for reachability.
1399                                                 If <literal>0</literal> never qualify. Time in seconds.
1400                                         </para></description>
1401                                 </configOption>
1402                                 <configOption name="qualify_timeout" default="3.0">
1403                                         <synopsis>Timeout for qualify</synopsis>
1404                                         <description><para>
1405                                                 If the contact doesn't respond to the OPTIONS request before the timeout,
1406                                                 the contact is marked unavailable.
1407                                                 If <literal>0</literal> no timeout. Time in fractional seconds.
1408                                         </para></description>
1409                                 </configOption>
1410                                 <configOption name="authenticate_qualify">
1411                                         <synopsis>Authenticates a qualify challenge response if needed</synopsis>
1412                                         <description>
1413                                                 <para>If true and a qualify request receives a challenge response then
1414                                                 authentication is attempted before declaring the contact available.
1415                                                 </para>
1416                                                 <note><para>This option does nothing as we will always complete
1417                                                 the challenge response authentication if the qualify request is
1418                                                 challenged.
1419                                                 </para></note>
1420                                         </description>
1421                                 </configOption>
1422                                 <configOption name="outbound_proxy">
1423                                         <synopsis>Outbound proxy used when sending OPTIONS request</synopsis>
1424                                         <description><para>
1425                                                 If set the provided URI will be used as the outbound proxy when an
1426                                                 OPTIONS request is sent to a contact for qualify purposes.
1427                                         </para></description>
1428                                 </configOption>
1429                                 <configOption name="path">
1430                                         <synopsis>Stored Path vector for use in Route headers on outgoing requests.</synopsis>
1431                                 </configOption>
1432                                 <configOption name="user_agent">
1433                                         <synopsis>User-Agent header from registration.</synopsis>
1434                                         <description><para>
1435                                                 The User-Agent is automatically stored based on data present in incoming SIP
1436                                                 REGISTER requests and is not intended to be configured manually.
1437                                         </para></description>
1438                                 </configOption>
1439                                 <configOption name="endpoint">
1440                                         <synopsis>Endpoint name</synopsis>
1441                                         <description><para>
1442                                                 The name of the endpoint this contact belongs to
1443                                         </para></description>
1444                                 </configOption>
1445                                 <configOption name="reg_server">
1446                                         <synopsis>Asterisk Server name</synopsis>
1447                                         <description><para>
1448                                                 Asterisk Server name on which SIP endpoint registered.
1449                                         </para></description>
1450                                 </configOption>
1451                                 <configOption name="via_addr">
1452                                         <synopsis>IP-address of the last Via header from registration.</synopsis>
1453                                         <description><para>
1454                                                 The last Via header should contain the address of UA which sent the request.
1455                                                 The IP-address of the last Via header is automatically stored based on data present
1456                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1457                                         </para></description>
1458                                 </configOption>
1459                                 <configOption name="via_port">
1460                                         <synopsis>IP-port of the last Via header from registration.</synopsis>
1461                                         <description><para>
1462                                                 The IP-port of the last Via header is automatically stored based on data present
1463                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1464                                         </para></description>
1465                                 </configOption>
1466                                 <configOption name="call_id">
1467                                         <synopsis>Call-ID header from registration.</synopsis>
1468                                         <description><para>
1469                                                 The Call-ID header is automatically stored based on data present
1470                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1471                                         </para></description>
1472                                 </configOption>
1473                                 <configOption name="prune_on_boot">
1474                                         <synopsis>A contact that cannot survive a restart/boot.</synopsis>
1475                                         <description><para>
1476                                                 The option is set if the incoming SIP REGISTER contact is rewritten
1477                                                 on a reliable transport and is not intended to be configured manually.
1478                                         </para></description>
1479                                 </configOption>
1480                         </configObject>
1481                         <configObject name="aor">
1482                                 <synopsis>The configuration for a location of an endpoint</synopsis>
1483                                 <description><para>
1484                                         An AoR is what allows Asterisk to contact an endpoint via res_pjsip. If no
1485                                         AoRs are specified, an endpoint will not be reachable by Asterisk.
1486                                         Beyond that, an AoR has other uses within Asterisk, such as inbound
1487                                         registration.
1488                                         </para><para>
1489                                         An <literal>AoR</literal> is a way to allow dialing a group
1490                                         of <literal>Contacts</literal> that all use the same
1491                                         <literal>endpoint</literal> for calls.
1492                                         </para><para>
1493                                         This can be used as another way of grouping a list of contacts to dial
1494                                         rather than specifying them each directly when dialing via the dialplan.
1495                                         This must be used in conjunction with the <literal>PJSIP_DIAL_CONTACTS</literal>.
1496                                         </para><para>
1497                                         Registrations: For Asterisk to match an inbound registration to an endpoint,
1498                                         the AoR object name must match the user portion of the SIP URI in the "To:"
1499                                         header of the inbound SIP registration. That will usually be equivalent
1500                                         to the "user name" set in your hard or soft phones configuration.
1501                                 </para></description>
1502                                 <configOption name="contact">
1503                                         <synopsis>Permanent contacts assigned to AoR</synopsis>
1504                                         <description><para>
1505                                                 Contacts specified will be called whenever referenced
1506                                                 by <literal>chan_pjsip</literal>.
1507                                                 </para><para>
1508                                                 Use a separate "contact=" entry for each contact required. Contacts
1509                                                 are specified using a SIP URI.
1510                                         </para></description>
1511                                 </configOption>
1512                                 <configOption name="default_expiration" default="3600">
1513                                         <synopsis>Default expiration time in seconds for contacts that are dynamically bound to an AoR.</synopsis>
1514                                 </configOption>
1515                                 <configOption name="mailboxes">
1516                                         <synopsis>Allow subscriptions for the specified mailbox(es)</synopsis>
1517                                         <description><para>This option applies when an external entity subscribes to an AoR
1518                                                 for Message Waiting Indications. The mailboxes specified will be subscribed to.
1519                                                 More than one mailbox can be specified with a comma-delimited string.
1520                                                 app_voicemail mailboxes must be specified as mailbox@context;
1521                                                 for example: mailboxes=6001@default. For mailboxes provided by external sources,
1522                                                 such as through the res_external_mwi module, you must specify strings supported by
1523                                                 the external system.
1524                                         </para><para>
1525                                                 For endpoints that cannot SUBSCRIBE for MWI, you can set the <literal>mailboxes</literal> option in your
1526                                                 endpoint configuration section to enable unsolicited MWI NOTIFYs to the endpoint.
1527                                         </para></description>
1528                                 </configOption>
1529                                 <configOption name="voicemail_extension">
1530                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
1531                                 </configOption>
1532                                 <configOption name="maximum_expiration" default="7200">
1533                                         <synopsis>Maximum time to keep an AoR</synopsis>
1534                                         <description><para>
1535                                                 Maximum time to keep a peer with explicit expiration. Time in seconds.
1536                                         </para></description>
1537                                 </configOption>
1538                                 <configOption name="max_contacts" default="0">
1539                                         <synopsis>Maximum number of contacts that can bind to an AoR</synopsis>
1540                                         <description><para>
1541                                                 Maximum number of contacts that can associate with this AoR. This value does
1542                                                 not affect the number of contacts that can be added with the "contact" option.
1543                                                 It only limits contacts added through external interaction, such as
1544                                                 registration.
1545                                                 </para>
1546                                                 <note><para>The <replaceable>rewrite_contact</replaceable> option
1547                                                 registers the source address as the contact address to help with
1548                                                 NAT and reusing connection oriented transports such as TCP and
1549                                                 TLS.  Unfortunately, refreshing a registration may register a
1550                                                 different contact address and exceed
1551                                                 <replaceable>max_contacts</replaceable>.  The
1552                                                 <replaceable>remove_existing</replaceable> option can help by
1553                                                 removing the soonest to expire contact(s) over
1554                                                 <replaceable>max_contacts</replaceable> which is likely the
1555                                                 old <replaceable>rewrite_contact</replaceable> contact source
1556                                                 address being refreshed.
1557                                                 </para></note>
1558                                                 <note><para>This should be set to <literal>1</literal> and
1559                                                 <replaceable>remove_existing</replaceable> set to <literal>yes</literal> if you
1560                                                 wish to stick with the older <literal>chan_sip</literal> behaviour.
1561                                                 </para></note>
1562                                         </description>
1563                                 </configOption>
1564                                 <configOption name="minimum_expiration" default="60">
1565                                         <synopsis>Minimum keep alive time for an AoR</synopsis>
1566                                         <description><para>
1567                                                 Minimum time to keep a peer with an explicit expiration. Time in seconds.
1568                                         </para></description>
1569                                 </configOption>
1570                                 <configOption name="remove_existing" default="no">
1571                                         <synopsis>Determines whether new contacts replace existing ones.</synopsis>
1572                                         <description><para>
1573                                                 On receiving a new registration to the AoR should it remove enough
1574                                                 existing contacts not added or updated by the registration to
1575                                                 satisfy <replaceable>max_contacts</replaceable>?  Any removed
1576                                                 contacts will expire the soonest.
1577                                                 </para>
1578                                                 <note><para>The <replaceable>rewrite_contact</replaceable> option
1579                                                 registers the source address as the contact address to help with
1580                                                 NAT and reusing connection oriented transports such as TCP and
1581                                                 TLS.  Unfortunately, refreshing a registration may register a
1582                                                 different contact address and exceed
1583                                                 <replaceable>max_contacts</replaceable>.  The
1584                                                 <replaceable>remove_existing</replaceable> option can help by
1585                                                 removing the soonest to expire contact(s) over
1586                                                 <replaceable>max_contacts</replaceable> which is likely the
1587                                                 old <replaceable>rewrite_contact</replaceable> contact source
1588                                                 address being refreshed.
1589                                                 </para></note>
1590                                                 <note><para>This should be set to <literal>yes</literal> and
1591                                                 <replaceable>max_contacts</replaceable> set to <literal>1</literal> if you
1592                                                 wish to stick with the older <literal>chan_sip</literal> behaviour.
1593                                                 </para></note>
1594                                         </description>
1595                                 </configOption>
1596                                 <configOption name="type">
1597                                         <synopsis>Must be of type 'aor'.</synopsis>
1598                                 </configOption>
1599                                 <configOption name="qualify_frequency" default="0">
1600                                         <synopsis>Interval at which to qualify an AoR</synopsis>
1601                                         <description><para>
1602                                                 Interval between attempts to qualify the AoR for reachability.
1603                                                 If <literal>0</literal> never qualify. Time in seconds.
1604                                         </para></description>
1605                                 </configOption>
1606                                 <configOption name="qualify_timeout" default="3.0">
1607                                         <synopsis>Timeout for qualify</synopsis>
1608                                         <description><para>
1609                                                 If the contact doesn't respond to the OPTIONS request before the timeout,
1610                                                 the contact is marked unavailable.
1611                                                 If <literal>0</literal> no timeout. Time in fractional seconds.
1612                                         </para></description>
1613                                 </configOption>
1614                                 <configOption name="authenticate_qualify">
1615                                         <synopsis>Authenticates a qualify challenge response if needed</synopsis>
1616                                         <description>
1617                                                 <para>If true and a qualify request receives a challenge response then
1618                                                 authentication is attempted before declaring the contact available.
1619                                                 </para>
1620                                                 <note><para>This option does nothing as we will always complete
1621                                                 the challenge response authentication if the qualify request is
1622                                                 challenged.
1623                                                 </para></note>
1624                                         </description>
1625                                 </configOption>
1626                                 <configOption name="outbound_proxy">
1627                                         <synopsis>Outbound proxy used when sending OPTIONS request</synopsis>
1628                                         <description><para>
1629                                                 If set the provided URI will be used as the outbound proxy when an
1630                                                 OPTIONS request is sent to a contact for qualify purposes.
1631                                         </para></description>
1632                                 </configOption>
1633                                 <configOption name="support_path">
1634                                         <synopsis>Enables Path support for REGISTER requests and Route support for other requests.</synopsis>
1635                                         <description><para>
1636                                                 When this option is enabled, the Path headers in register requests will be saved
1637                                                 and its contents will be used in Route headers for outbound out-of-dialog requests
1638                                                 and in Path headers for outbound 200 responses. Path support will also be indicated
1639                                                 in the Supported header.
1640                                         </para></description>
1641                                 </configOption>
1642                         </configObject>
1643                         <configObject name="system">
1644                                 <synopsis>Options that apply to the SIP stack as well as other system-wide settings</synopsis>
1645                                 <description><para>
1646                                         The settings in this section are global. In addition to being global, the values will
1647                                         not be re-evaluated when a reload is performed. This is because the values must be set
1648                                         before the SIP stack is initialized. The only way to reset these values is to either
1649                                         restart Asterisk, or unload res_pjsip.so and then load it again.
1650                                 </para></description>
1651                                 <configOption name="timer_t1" default="500">
1652                                         <synopsis>Set transaction timer T1 value (milliseconds).</synopsis>
1653                                         <description><para>
1654                                                 Timer T1 is the base for determining how long to wait before retransmitting
1655                                                 requests that receive no response when using an unreliable transport (e.g. UDP).
1656                                                 For more information on this timer, see RFC 3261, Section 17.1.1.1.
1657                                         </para></description>
1658                                 </configOption>
1659                                 <configOption name="timer_b" default="32000">
1660                                         <synopsis>Set transaction timer B value (milliseconds).</synopsis>
1661                                         <description><para>
1662                                                 Timer B determines the maximum amount of time to wait after sending an INVITE
1663                                                 request before terminating the transaction. It is recommended that this be set
1664                                                 to 64 * Timer T1, but it may be set higher if desired. For more information on
1665                                                 this timer, see RFC 3261, Section 17.1.1.1.
1666                                         </para></description>
1667                                 </configOption>
1668                                 <configOption name="compact_headers" default="no">
1669                                         <synopsis>Use the short forms of common SIP header names.</synopsis>
1670                                 </configOption>
1671                                 <configOption name="threadpool_initial_size" default="0">
1672                                         <synopsis>Initial number of threads in the res_pjsip threadpool.</synopsis>
1673                                 </configOption>
1674                                 <configOption name="threadpool_auto_increment" default="5">
1675                                         <synopsis>The amount by which the number of threads is incremented when necessary.</synopsis>
1676                                 </configOption>
1677                                 <configOption name="threadpool_idle_timeout" default="60">
1678                                         <synopsis>Number of seconds before an idle thread should be disposed of.</synopsis>
1679                                 </configOption>
1680                                 <configOption name="threadpool_max_size" default="0">
1681                                         <synopsis>Maximum number of threads in the res_pjsip threadpool.
1682                                         A value of 0 indicates no maximum.</synopsis>
1683                                 </configOption>
1684                                 <configOption name="disable_tcp_switch" default="yes">
1685                                         <synopsis>Disable automatic switching from UDP to TCP transports.</synopsis>
1686                                         <description><para>
1687                                                 Disable automatic switching from UDP to TCP transports if outgoing
1688                                                 request is too large.  See RFC 3261 section 18.1.1.
1689                                         </para></description>
1690                                 </configOption>
1691                                 <configOption name="follow_early_media_fork">
1692                                         <synopsis>Follow SDP forked media when To tag is different</synopsis>
1693                                         <description><para>
1694                                                 On outgoing calls, if the UAS responds with different SDP attributes
1695                                                 on subsequent 18X or 2XX responses (such as a port update) AND the
1696                                                 To tag on the subsequent response is different than that on the previous
1697                                                 one, follow it.
1698                                                 </para>
1699                                                 <note><para>
1700                                                         This option must also be enabled on endpoints that require
1701                                                         this functionality.
1702                                                 </para></note>
1703                                         </description>
1704                                 </configOption>
1705                                 <configOption name="accept_multiple_sdp_answers">
1706                                         <synopsis>Follow SDP forked media when To tag is the same</synopsis>
1707                                         <description><para>
1708                                                 On outgoing calls, if the UAS responds with different SDP attributes
1709                                                 on non-100rel 18X or 2XX responses (such as a port update) AND the
1710                                                 To tag on the subsequent response is the same as that on the previous one,
1711                                                 process the updated SDP.
1712                                                 </para>
1713                                                 <note><para>
1714                                                         This option must also be enabled on endpoints that require
1715                                                         this functionality.
1716                                                 </para></note>
1717                                         </description>
1718                                 </configOption>
1719                                 <configOption name="type">
1720                                         <synopsis>Must be of type 'system' UNLESS the object name is 'system'.</synopsis>
1721                                 </configOption>
1722                         </configObject>
1723                         <configObject name="global">
1724                                 <synopsis>Options that apply globally to all SIP communications</synopsis>
1725                                 <description><para>
1726                                         The settings in this section are global. Unlike options in the <literal>system</literal>
1727                                         section, these options can be refreshed by performing a reload.
1728                                 </para></description>
1729                                 <configOption name="max_forwards" default="70">
1730                                         <synopsis>Value used in Max-Forwards header for SIP requests.</synopsis>
1731                                 </configOption>
1732                                 <configOption name="keep_alive_interval" default="0">
1733                                         <synopsis>The interval (in seconds) to send keepalives to active connection-oriented transports.</synopsis>
1734                                 </configOption>
1735                                 <configOption name="contact_expiration_check_interval" default="30">
1736                                         <synopsis>The interval (in seconds) to check for expired contacts.</synopsis>
1737                                 </configOption>
1738                                 <configOption name="disable_multi_domain" default="no">
1739                                         <synopsis>Disable Multi Domain support</synopsis>
1740                                         <description><para>
1741                                                 If disabled it can improve realtime performance by reducing the number of database requests.
1742                                         </para></description>
1743                                 </configOption>
1744                                 <configOption name="max_initial_qualify_time" default="0">
1745                                         <synopsis>The maximum amount of time from startup that qualifies should be attempted on all contacts.
1746                                         If greater than the qualify_frequency for an aor, qualify_frequency will be used instead.</synopsis>
1747                                 </configOption>
1748                                 <configOption name="unidentified_request_period" default="5">
1749                                         <synopsis>The number of seconds over which to accumulate unidentified requests.</synopsis>
1750                                         <description><para>
1751                                         If <literal>unidentified_request_count</literal> unidentified requests are received
1752                                         during <literal>unidentified_request_period</literal>, a security event will be generated.
1753                                         </para></description>
1754                                 </configOption>
1755                                 <configOption name="unidentified_request_count" default="5">
1756                                         <synopsis>The number of unidentified requests from a single IP to allow.</synopsis>
1757                                         <description><para>
1758                                         If <literal>unidentified_request_count</literal> unidentified requests are received
1759                                         during <literal>unidentified_request_period</literal>, a security event will be generated.
1760                                         </para></description>
1761                                 </configOption>
1762                                 <configOption name="unidentified_request_prune_interval" default="30">
1763                                         <synopsis>The interval at which unidentified requests are older than
1764                                         twice the unidentified_request_period are pruned.</synopsis>
1765                                 </configOption>
1766                                 <configOption name="type">
1767                                         <synopsis>Must be of type 'global' UNLESS the object name is 'global'.</synopsis>
1768                                 </configOption>
1769                                 <configOption name="user_agent" default="Asterisk &lt;Asterisk Version&gt;">
1770                                         <synopsis>Value used in User-Agent header for SIP requests and Server header for SIP responses.</synopsis>
1771                                 </configOption>
1772                                 <configOption name="regcontext" default="">
1773                                         <synopsis>When set, Asterisk will dynamically create and destroy a NoOp priority 1 extension for a given
1774                                                 peer who registers or unregisters with us.</synopsis>
1775                                 </configOption>
1776                                 <configOption name="default_outbound_endpoint" default="default_outbound_endpoint">
1777                                         <synopsis>Endpoint to use when sending an outbound request to a URI without a specified endpoint.</synopsis>
1778                                 </configOption>
1779                                 <configOption name="default_voicemail_extension">
1780                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header if not specified on endpoint or aor</synopsis>
1781                                 </configOption>
1782                                 <configOption name="debug" default="no">
1783                                         <synopsis>Enable/Disable SIP debug logging.  Valid options include yes|no or
1784                                                 a host address</synopsis>
1785                                 </configOption>
1786                                 <configOption name="endpoint_identifier_order">
1787                                         <synopsis>The order by which endpoint identifiers are processed and checked.
1788                                                 Identifier names are usually derived from and can be found in the endpoint
1789                                                 identifier module itself (res_pjsip_endpoint_identifier_*).
1790                                                 You can use the CLI command "pjsip show identifiers" to see the
1791                                                 identifiers currently available.</synopsis>
1792                                         <description>
1793                                                 <note><para>
1794                                                 One of the identifiers is "auth_username" which matches on the username in
1795                                                 an Authentication header.  This method has some security considerations because an
1796                                                 Authentication header is not present on the first message of a dialog when
1797                                                 digest authentication is used.  The client can't generate it until the server
1798                                                 sends the challenge in a 401 response.  Since Asterisk normally sends a security
1799                                                 event when an incoming request can't be matched to an endpoint, using auth_username
1800                                                 requires that the security event be deferred until a request is received with
1801                                                 the Authentication header and only generated if the username doesn't result in a
1802                                                 match.  This may result in a delay before an attack is recognized.  You can control
1803                                                 how many unmatched requests are received from a single ip address before a security
1804                                                 event is generated using the unidentified_request parameters.
1805                                                 </para></note>
1806                                         </description>
1807                                 </configOption>
1808                                 <configOption name="default_from_user" default="asterisk">
1809                                         <synopsis>When Asterisk generates an outgoing SIP request, the From header username will be
1810                                                 set to this value if there is no better option (such as CallerID) to be
1811                                                 used.</synopsis>
1812                                 </configOption>
1813                                 <configOption name="default_realm" default="asterisk">
1814                                         <synopsis>When Asterisk generates a challenge, the digest realm will be
1815                                                 set to this value if there is no better option (such as auth/realm) to be
1816                                                 used.</synopsis>
1817                                 </configOption>
1818                                 <configOption name="mwi_tps_queue_high" default="500">
1819                                         <synopsis>MWI taskprocessor high water alert trigger level.</synopsis>
1820                                         <description>
1821                                                 <para>On a heavily loaded system you may need to adjust the
1822                                                 taskprocessor queue limits.  If any taskprocessor queue size
1823                                                 reaches its high water level then pjsip will stop processing
1824                                                 new requests until the alert is cleared.  The alert clears
1825                                                 when all alerting taskprocessor queues have dropped to their
1826                                                 low water clear level.
1827                                                 </para>
1828                                         </description>
1829                                 </configOption>
1830                                 <configOption name="mwi_tps_queue_low" default="-1">
1831                                         <synopsis>MWI taskprocessor low water clear alert level.</synopsis>
1832                                         <description>
1833                                                 <para>On a heavily loaded system you may need to adjust the
1834                                                 taskprocessor queue limits.  If any taskprocessor queue size
1835                                                 reaches its high water level then pjsip will stop processing
1836                                                 new requests until the alert is cleared.  The alert clears
1837                                                 when all alerting taskprocessor queues have dropped to their
1838                                                 low water clear level.
1839                                                 </para>
1840                                                 <note><para>Set to -1 for the low water level to be 90% of
1841                                                 the high water level.</para></note>
1842                                         </description>
1843                                 </configOption>
1844                                 <configOption name="mwi_disable_initial_unsolicited" default="no">
1845                                         <synopsis>Enable/Disable sending unsolicited MWI to all endpoints on startup.</synopsis>
1846                                         <description>
1847                                                 <para>When the initial unsolicited MWI notification are
1848                                                 enabled on startup then the initial notifications
1849                                                 get sent at startup.  If you have a lot of endpoints
1850                                                 (thousands) that use unsolicited MWI then you may
1851                                                 want to consider disabling the initial startup
1852                                                 notifications.
1853                                                 </para>
1854                                                 <para>When the initial unsolicited MWI notifications are
1855                                                 disabled on startup then the notifications will start
1856                                                 on the endpoint's next contact update.
1857                                                 </para>
1858                                         </description>
1859                                 </configOption>
1860                                 <configOption name="ignore_uri_user_options">
1861                                         <synopsis>Enable/Disable ignoring SIP URI user field options.</synopsis>
1862                                         <description>
1863                                                 <para>If you have this option enabled and there are semicolons
1864                                                 in the user field of a SIP URI then the field is truncated
1865                                                 at the first semicolon.  This effectively makes the semicolon
1866                                                 a non-usable character for PJSIP endpoint names, extensions,
1867                                                 and AORs.  This can be useful for improving compatibility with
1868                                                 an ITSP that likes to use user options for whatever reason.
1869                                                 </para>
1870                                                 <example title="Sample SIP URI">
1871                                                         sip:1235557890;phone-context=national@x.x.x.x;user=phone
1872                                                 </example>
1873                                                 <example title="Sample SIP URI user field">
1874                                                         1235557890;phone-context=national
1875                                                 </example>
1876                                                 <example title="Sample SIP URI user field truncated">
1877                                                         1235557890
1878                                                 </example>
1879                                                 <note><para>The caller-id and redirecting number strings
1880                                                 obtained from incoming SIP URI user fields are always truncated
1881                                                 at the first semicolon.</para></note>
1882                                         </description>
1883                                 </configOption>
1884                         </configObject>
1885                 </configFile>
1886         </configInfo>
1887         <manager name="PJSIPQualify" language="en_US">
1888                 <synopsis>
1889                         Qualify a chan_pjsip endpoint.
1890                 </synopsis>
1891                 <syntax>
1892                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
1893                         <parameter name="Endpoint" required="true">
1894                                 <para>The endpoint you want to qualify.</para>
1895                         </parameter>
1896                 </syntax>
1897                 <description>
1898                         <para>Qualify a chan_pjsip endpoint.</para>
1899                 </description>
1900         </manager>
1901         <managerEvent language="en_US" name="IdentifyDetail">
1902                 <managerEventInstance class="EVENT_FLAG_COMMAND">
1903                         <synopsis>Provide details about an identify section.</synopsis>
1904                         <syntax>
1905                                 <parameter name="ObjectType">
1906                                         <para>The object's type. This will always be 'identify'.</para>
1907                                 </parameter>
1908                                 <parameter name="ObjectName">
1909                                         <para>The name of this object.</para>
1910                                 </parameter>
1911                                 <parameter name="Endpoint">
1912                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='endpoint']/synopsis/node())"/></para>
1913                                 </parameter>
1914                                 <parameter name="SrvLookups">
1915                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='srv_lookups']/synopsis/node())"/></para>
1916                                 </parameter>
1917                                 <parameter name="Match">
1918                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='match']/synopsis/node())"/></para>
1919                                 </parameter>
1920                                 <parameter name="MatchHeader">
1921                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='match_header']/synopsis/node())"/></para>
1922                                 </parameter>
1923                                 <parameter name="EndpointName">
1924                                         <para>The name of the endpoint associated with this information.</para>
1925                                 </parameter>
1926                         </syntax>
1927                 </managerEventInstance>
1928         </managerEvent>
1929         <managerEvent language="en_US" name="AorDetail">
1930                 <managerEventInstance class="EVENT_FLAG_COMMAND">
1931                         <synopsis>Provide details about an Address of Record (AoR) section.</synopsis>
1932                         <syntax>
1933                                 <parameter name="ObjectType">
1934                                         <para>The object's type. This will always be 'aor'.</para>
1935                                 </parameter>
1936                                 <parameter name="ObjectName">
1937                                         <para>The name of this object.</para>
1938                                 </parameter>
1939                                 <parameter name="MinimumExpiration">
1940                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='minimum_expiration']/synopsis/node())"/></para>
1941                                 </parameter>
1942                                 <parameter name="MaximumExpiration">
1943                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='maximum_expiration']/synopsis/node())"/></para>
1944                                 </parameter>
1945                                 <parameter name="DefaultExpiration">
1946                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='default_expiration']/synopsis/node())"/></para>
1947                                 </parameter>
1948                                 <parameter name="QualifyFrequency">
1949                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='qualify_frequency']/synopsis/node())"/></para>
1950                                 </parameter>
1951                                 <parameter name="AuthenticateQualify">
1952                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='authenticate_qualify']/synopsis/node())"/></para>
1953                                 </parameter>
1954                                 <parameter name="MaxContacts">
1955                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='max_contacts']/synopsis/node())"/></para>
1956                                 </parameter>
1957                                 <parameter name="RemoveExisting">
1958                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='aor']/configOption[@name='remove_existing']/synopsis/node())"/></para>
1959                                 </parameter>
1960                                 <parameter name="Mailboxes">
1961