build: Update config.guess and config.sub
[asterisk/asterisk.git] / res / res_pjsip.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Mark Michelson <mmichelson@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 #include "asterisk.h"
20
21 #include <pjsip.h>
22 /* Needed for SUBSCRIBE, NOTIFY, and PUBLISH method definitions */
23 #include <pjsip_simple.h>
24 #include <pjsip/sip_transaction.h>
25 #include <pj/timer.h>
26 #include <pjlib.h>
27 #include <pjmedia/errno.h>
28
29 #include "asterisk/res_pjsip.h"
30 #include "res_pjsip/include/res_pjsip_private.h"
31 #include "asterisk/linkedlists.h"
32 #include "asterisk/logger.h"
33 #include "asterisk/lock.h"
34 #include "asterisk/utils.h"
35 #include "asterisk/astobj2.h"
36 #include "asterisk/module.h"
37 #include "asterisk/threadpool.h"
38 #include "asterisk/taskprocessor.h"
39 #include "asterisk/uuid.h"
40 #include "asterisk/sorcery.h"
41 #include "asterisk/file.h"
42 #include "asterisk/cli.h"
43 #include "asterisk/res_pjsip_cli.h"
44 #include "asterisk/test.h"
45 #include "asterisk/res_pjsip_presence_xml.h"
46 #include "asterisk/res_pjproject.h"
47
48 /*** MODULEINFO
49         <depend>pjproject</depend>
50         <depend>res_pjproject</depend>
51         <depend>res_sorcery_config</depend>
52         <depend>res_sorcery_memory</depend>
53         <depend>res_sorcery_astdb</depend>
54         <use type="module">res_statsd</use>
55         <support_level>core</support_level>
56  ***/
57
58 /*** DOCUMENTATION
59         <configInfo name="res_pjsip" language="en_US">
60                 <synopsis>SIP Resource using PJProject</synopsis>
61                 <configFile name="pjsip.conf">
62                         <configObject name="endpoint">
63                                 <synopsis>Endpoint</synopsis>
64                                 <description><para>
65                                         The <emphasis>Endpoint</emphasis> is the primary configuration object.
66                                         It contains the core SIP related options only, endpoints are <emphasis>NOT</emphasis>
67                                         dialable entries of their own. Communication with another SIP device is
68                                         accomplished via Addresses of Record (AoRs) which have one or more
69                                         contacts associated with them. Endpoints <emphasis>NOT</emphasis> configured to
70                                         use a <literal>transport</literal> will default to first transport found
71                                         in <filename>pjsip.conf</filename> that matches its type.
72                                         </para>
73                                         <para>Example: An Endpoint has been configured with no transport.
74                                         When it comes time to call an AoR, PJSIP will find the
75                                         first transport that matches the type. A SIP URI of <literal>sip:5000@[11::33]</literal>
76                                         will use the first IPv6 transport and try to send the request.
77                                         </para>
78                                         <para>If the anonymous endpoint identifier is in use an endpoint with the name
79                                         "anonymous@domain" will be searched for as a last resort. If this is not found
80                                         it will fall back to searching for "anonymous". If neither endpoints are found
81                                         the anonymous endpoint identifier will not return an endpoint and anonymous
82                                         calling will not be possible.
83                                         </para>
84                                 </description>
85                                 <configOption name="100rel" default="yes">
86                                         <synopsis>Allow support for RFC3262 provisional ACK tags</synopsis>
87                                         <description>
88                                                 <enumlist>
89                                                         <enum name="no" />
90                                                         <enum name="required" />
91                                                         <enum name="yes" />
92                                                 </enumlist>
93                                         </description>
94                                 </configOption>
95                                 <configOption name="aggregate_mwi" default="yes">
96                                         <synopsis>Condense MWI notifications into a single NOTIFY.</synopsis>
97                                         <description><para>When enabled, <replaceable>aggregate_mwi</replaceable> condenses message
98                                         waiting notifications from multiple mailboxes into a single NOTIFY. If it is disabled,
99                                         individual NOTIFYs are sent for each mailbox.</para></description>
100                                 </configOption>
101                                 <configOption name="allow">
102                                         <synopsis>Media Codec(s) to allow</synopsis>
103                                 </configOption>
104                                 <configOption name="allow_overlap" default="yes">
105                                         <synopsis>Enable RFC3578 overlap dialing support.</synopsis>
106                                 </configOption>
107                                 <configOption name="aors">
108                                         <synopsis>AoR(s) to be used with the endpoint</synopsis>
109                                         <description><para>
110                                                 List of comma separated AoRs that the endpoint should be associated with.
111                                         </para></description>
112                                 </configOption>
113                                 <configOption name="auth">
114                                         <synopsis>Authentication Object(s) associated with the endpoint</synopsis>
115                                         <description><para>
116                                                 This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
117                                                 in <filename>pjsip.conf</filename> to be used to verify inbound connection attempts.
118                                                 </para><para>
119                                                 Endpoints without an authentication object
120                                                 configured will allow connections without verification.</para>
121                                                 <note><para>
122                                                 Using the same auth section for inbound and outbound
123                                                 authentication is not recommended.  There is a difference in
124                                                 meaning for an empty realm setting between inbound and outbound
125                                                 authentication uses.  See the auth realm description for details.
126                                                 </para></note>
127                                         </description>
128                                 </configOption>
129                                 <configOption name="callerid">
130                                         <synopsis>CallerID information for the endpoint</synopsis>
131                                         <description><para>
132                                                 Must be in the format <literal>Name &lt;Number&gt;</literal>,
133                                                 or only <literal>&lt;Number&gt;</literal>.
134                                         </para></description>
135                                 </configOption>
136                                 <configOption name="callerid_privacy">
137                                         <synopsis>Default privacy level</synopsis>
138                                         <description>
139                                                 <enumlist>
140                                                         <enum name="allowed_not_screened" />
141                                                         <enum name="allowed_passed_screen" />
142                                                         <enum name="allowed_failed_screen" />
143                                                         <enum name="allowed" />
144                                                         <enum name="prohib_not_screened" />
145                                                         <enum name="prohib_passed_screen" />
146                                                         <enum name="prohib_failed_screen" />
147                                                         <enum name="prohib" />
148                                                         <enum name="unavailable" />
149                                                 </enumlist>
150                                         </description>
151                                 </configOption>
152                                 <configOption name="callerid_tag">
153                                         <synopsis>Internal id_tag for the endpoint</synopsis>
154                                 </configOption>
155                                 <configOption name="context">
156                                         <synopsis>Dialplan context for inbound sessions</synopsis>
157                                 </configOption>
158                                 <configOption name="direct_media_glare_mitigation" default="none">
159                                         <synopsis>Mitigation of direct media (re)INVITE glare</synopsis>
160                                         <description>
161                                                 <para>
162                                                 This setting attempts to avoid creating INVITE glare scenarios
163                                                 by disabling direct media reINVITEs in one direction thereby allowing
164                                                 designated servers (according to this option) to initiate direct
165                                                 media reINVITEs without contention and significantly reducing call
166                                                 setup time.
167                                                 </para>
168                                                 <para>
169                                                 A more detailed description of how this option functions can be found on
170                                                 the Asterisk wiki https://wiki.asterisk.org/wiki/display/AST/SIP+Direct+Media+Reinvite+Glare+Avoidance
171                                                 </para>
172                                                 <enumlist>
173                                                         <enum name="none" />
174                                                         <enum name="outgoing" />
175                                                         <enum name="incoming" />
176                                                 </enumlist>
177                                         </description>
178                                 </configOption>
179                                 <configOption name="direct_media_method" default="invite">
180                                         <synopsis>Direct Media method type</synopsis>
181                                         <description>
182                                                 <para>Method for setting up Direct Media between endpoints.</para>
183                                                 <enumlist>
184                                                         <enum name="invite" />
185                                                         <enum name="reinvite">
186                                                                 <para>Alias for the <literal>invite</literal> value.</para>
187                                                         </enum>
188                                                         <enum name="update" />
189                                                 </enumlist>
190                                         </description>
191                                 </configOption>
192                                 <configOption name="trust_connected_line">
193                                         <synopsis>Accept Connected Line updates from this endpoint</synopsis>
194                                 </configOption>
195                                 <configOption name="send_connected_line">
196                                         <synopsis>Send Connected Line updates to this endpoint</synopsis>
197                                 </configOption>
198                                 <configOption name="connected_line_method" default="invite">
199                                         <synopsis>Connected line method type</synopsis>
200                                         <description>
201                                                 <para>Method used when updating connected line information.</para>
202                                                 <enumlist>
203                                                         <enum name="invite">
204                                                         <para>When set to <literal>invite</literal>, check the remote's Allow header and
205                                                         if UPDATE is allowed, send UPDATE instead of INVITE to avoid SDP
206                                                         renegotiation.  If UPDATE is not Allowed, send INVITE.</para>
207                                                         </enum>
208                                                         <enum name="reinvite">
209                                                                 <para>Alias for the <literal>invite</literal> value.</para>
210                                                         </enum>
211                                                         <enum name="update">
212                                                         <para>If set to <literal>update</literal>, send UPDATE regardless of what the remote
213                                                         Allows. </para>
214                                                         </enum>
215                                                 </enumlist>
216                                         </description>
217                                 </configOption>
218                                 <configOption name="direct_media" default="yes">
219                                         <synopsis>Determines whether media may flow directly between endpoints.</synopsis>
220                                 </configOption>
221                                 <configOption name="disable_direct_media_on_nat" default="no">
222                                         <synopsis>Disable direct media session refreshes when NAT obstructs the media session</synopsis>
223                                 </configOption>
224                                 <configOption name="disallow">
225                                         <synopsis>Media Codec(s) to disallow</synopsis>
226                                 </configOption>
227                                 <configOption name="dtmf_mode" default="rfc4733">
228                                         <synopsis>DTMF mode</synopsis>
229                                         <description>
230                                                 <para>This setting allows to choose the DTMF mode for endpoint communication.</para>
231                                                 <enumlist>
232                                                         <enum name="rfc4733">
233                                                                 <para>DTMF is sent out of band of the main audio stream.  This
234                                                                 supercedes the older <emphasis>RFC-2833</emphasis> used within
235                                                                 the older <literal>chan_sip</literal>.</para>
236                                                         </enum>
237                                                         <enum name="inband">
238                                                                 <para>DTMF is sent as part of audio stream.</para>
239                                                         </enum>
240                                                         <enum name="info">
241                                                                 <para>DTMF is sent as SIP INFO packets.</para>
242                                                         </enum>
243                                                         <enum name="auto">
244                                                                 <para>DTMF is sent as RFC 4733 if the other side supports it or as INBAND if not.</para>
245                                                         </enum>
246                                                         <enum name="auto_info">
247                                                                 <para>DTMF is sent as RFC 4733 if the other side supports it or as SIP INFO if not.</para>
248                                                         </enum>
249                                                 </enumlist>
250                                         </description>
251                                 </configOption>
252                                 <configOption name="media_address">
253                                         <synopsis>IP address used in SDP for media handling</synopsis>
254                                         <description><para>
255                                                 At the time of SDP creation, the IP address defined here will be used as
256                                                 the media address for individual streams in the SDP.
257                                         </para>
258                                         <note><para>
259                                                 Be aware that the <literal>external_media_address</literal> option, set in Transport
260                                                 configuration, can also affect the final media address used in the SDP.
261                                         </para></note>
262                                         </description>
263                                 </configOption>
264                                 <configOption name="bind_rtp_to_media_address">
265                                         <synopsis>Bind the RTP instance to the media_address</synopsis>
266                                         <description><para>
267                                                 If media_address is specified, this option causes the RTP instance to be bound to the
268                                                 specified ip address which causes the packets to be sent from that address.
269                                         </para>
270                                         </description>
271                                 </configOption>
272                                 <configOption name="force_rport" default="yes">
273                                         <synopsis>Force use of return port</synopsis>
274                                 </configOption>
275                                 <configOption name="ice_support" default="no">
276                                         <synopsis>Enable the ICE mechanism to help traverse NAT</synopsis>
277                                 </configOption>
278                                 <configOption name="identify_by">
279                                         <synopsis>Way(s) for the endpoint to be identified</synopsis>
280                                         <description>
281                                                 <para>Endpoints and AORs can be identified in multiple ways.  This
282                                                 option is a comma separated list of methods the endpoint can be
283                                                 identified.
284                                                 </para>
285                                                 <note><para>
286                                                 This option controls both how an endpoint is matched for incoming
287                                                 traffic and also how an AOR is determined if a registration
288                                                 occurs.  You must list at least one method that also matches for
289                                                 AORs or the registration will fail.
290                                                 </para></note>
291                                                 <enumlist>
292                                                         <enum name="username">
293                                                                 <para>Matches the endpoint or AOR ID based on the username
294                                                                 and domain in the From header (or To header for AORs).  If
295                                                                 an exact match on both username and domain/realm fails, the
296                                                                 match is retried with just the username.
297                                                                 </para>
298                                                         </enum>
299                                                         <enum name="auth_username">
300                                                                 <para>Matches the endpoint or AOR ID based on the username
301                                                                 and realm in the Authentication header.  If an exact match
302                                                                 on both username and domain/realm fails, the match is
303                                                                 retried with just the username.
304                                                                 </para>
305                                                                 <note><para>This method of identification has some security
306                                                                 considerations because an Authentication header is not
307                                                                 present on the first message of a dialog when digest
308                                                                 authentication is used.  The client can't generate it until
309                                                                 the server sends the challenge in a 401 response.  Since
310                                                                 Asterisk normally sends a security event when an incoming
311                                                                 request can't be matched to an endpoint, using this method
312                                                                 requires that the security event be deferred until a request
313                                                                 is received with the Authentication header and only
314                                                                 generated if the username doesn't result in a match.  This
315                                                                 may result in a delay before an attack is recognized.  You
316                                                                 can control how many unmatched requests are received from
317                                                                 a single ip address before a security event is generated
318                                                                 using the <literal>unidentified_request</literal>
319                                                                 parameters in the "global" configuration object.
320                                                                 </para></note>
321                                                         </enum>
322                                                         <enum name="ip">
323                                                                 <para>Matches the endpoint based on the source IP address.
324                                                                 </para>
325                                                                 <para>This method of identification is not configured here
326                                                                 but simply allowed by this configuration option.  See the
327                                                                 documentation for the <literal>identify</literal>
328                                                                 configuration section for more details on this method of
329                                                                 endpoint identification.
330                                                                 </para>
331                                                         </enum>
332                                                         <enum name="header">
333                                                                 <para>Matches the endpoint based on a configured SIP header
334                                                                 value.
335                                                                 </para>
336                                                                 <para>This method of identification is not configured here
337                                                                 but simply allowed by this configuration option.  See the
338                                                                 documentation for the <literal>identify</literal>
339                                                                 configuration section for more details on this method of
340                                                                 endpoint identification.
341                                                                 </para>
342                                                         </enum>
343                                                 </enumlist>
344                                         </description>
345                                 </configOption>
346                                 <configOption name="redirect_method">
347                                         <synopsis>How redirects received from an endpoint are handled</synopsis>
348                                         <description><para>
349                                                 When a redirect is received from an endpoint there are multiple ways it can be handled.
350                                                 If this option is set to <literal>user</literal> the user portion of the redirect target
351                                                 is treated as an extension within the dialplan and dialed using a Local channel. If this option
352                                                 is set to <literal>uri_core</literal> the target URI is returned to the dialing application
353                                                 which dials it using the PJSIP channel driver and endpoint originally used. If this option is
354                                                 set to <literal>uri_pjsip</literal> the redirect occurs within chan_pjsip itself and is not exposed
355                                                 to the core at all. The <literal>uri_pjsip</literal> option has the benefit of being more efficient
356                                                 and also supporting multiple potential redirect targets. The con is that since redirection occurs
357                                                 within chan_pjsip redirecting information is not forwarded and redirection can not be
358                                                 prevented.
359                                                 </para>
360                                                 <enumlist>
361                                                         <enum name="user" />
362                                                         <enum name="uri_core" />
363                                                         <enum name="uri_pjsip" />
364                                                 </enumlist>
365                                         </description>
366                                 </configOption>
367                                 <configOption name="mailboxes">
368                                         <synopsis>NOTIFY the endpoint when state changes for any of the specified mailboxes</synopsis>
369                                         <description><para>
370                                                 Asterisk will send unsolicited MWI NOTIFY messages to the endpoint when state
371                                                 changes happen for any of the specified mailboxes. More than one mailbox can be
372                                                 specified with a comma-delimited string. app_voicemail mailboxes must be specified
373                                                 as mailbox@context; for example: mailboxes=6001@default. For mailboxes provided by
374                                                 external sources, such as through the res_external_mwi module, you must specify
375                                                 strings supported by the external system.
376                                         </para><para>
377                                                 For endpoints that SUBSCRIBE for MWI, use the <literal>mailboxes</literal> option in your AOR
378                                                 configuration.
379                                         </para></description>
380                                 </configOption>
381                                 <configOption name="mwi_subscribe_replaces_unsolicited">
382                                         <synopsis>An MWI subscribe will replace sending unsolicited NOTIFYs</synopsis>
383                                 </configOption>
384                                 <configOption name="voicemail_extension">
385                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
386                                 </configOption>
387                                 <configOption name="moh_suggest" default="default">
388                                         <synopsis>Default Music On Hold class</synopsis>
389                                 </configOption>
390                                 <configOption name="outbound_auth">
391                                         <synopsis>Authentication object(s) used for outbound requests</synopsis>
392                                         <description><para>
393                                                 This is a comma-delimited list of <replaceable>auth</replaceable>
394                                                 sections defined in <filename>pjsip.conf</filename> used to respond
395                                                 to outbound connection authentication challenges.</para>
396                                                 <note><para>
397                                                 Using the same auth section for inbound and outbound
398                                                 authentication is not recommended.  There is a difference in
399                                                 meaning for an empty realm setting between inbound and outbound
400                                                 authentication uses.  See the auth realm description for details.
401                                                 </para></note>
402                                         </description>
403                                 </configOption>
404                                 <configOption name="outbound_proxy">
405                                         <synopsis>Full SIP URI of the outbound proxy used to send requests</synopsis>
406                                 </configOption>
407                                 <configOption name="rewrite_contact">
408                                         <synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
409                                         <description><para>
410                                                 On inbound SIP messages from this endpoint, the Contact header or an
411                                                 appropriate Record-Route header will be changed to have the source IP
412                                                 address and port.  This option does not affect outbound messages sent to
413                                                 this endpoint.  This option helps servers communicate with endpoints
414                                                 that are behind NATs.  This option also helps reuse reliable transport
415                                                 connections such as TCP and TLS.
416                                         </para></description>
417                                 </configOption>
418                                 <configOption name="rtp_ipv6" default="no">
419                                         <synopsis>Allow use of IPv6 for RTP traffic</synopsis>
420                                 </configOption>
421                                 <configOption name="rtp_symmetric" default="no">
422                                         <synopsis>Enforce that RTP must be symmetric</synopsis>
423                                 </configOption>
424                                 <configOption name="send_diversion" default="yes">
425                                         <synopsis>Send the Diversion header, conveying the diversion
426                                         information to the called user agent</synopsis>
427                                 </configOption>
428                                 <configOption name="send_pai" default="no">
429                                         <synopsis>Send the P-Asserted-Identity header</synopsis>
430                                 </configOption>
431                                 <configOption name="send_rpid" default="no">
432                                         <synopsis>Send the Remote-Party-ID header</synopsis>
433                                 </configOption>
434                                 <configOption name="rpid_immediate" default="no">
435                                         <synopsis>Immediately send connected line updates on unanswered incoming calls.</synopsis>
436                                         <description>
437                                                 <para>When enabled, immediately send <emphasis>180 Ringing</emphasis>
438                                                 or <emphasis>183 Progress</emphasis> response messages to the
439                                                 caller if the connected line information is updated before
440                                                 the call is answered.  This can send a <emphasis>180 Ringing</emphasis>
441                                                 response before the call has even reached the far end.  The
442                                                 caller can start hearing ringback before the far end even gets
443                                                 the call.  Many phones tend to grab the first connected line
444                                                 information and refuse to update the display if it changes.  The
445                                                 first information is not likely to be correct if the call
446                                                 goes to an endpoint not under the control of this Asterisk
447                                                 box.</para>
448                                                 <para>When disabled, a connected line update must wait for
449                                                 another reason to send a message with the connected line
450                                                 information to the caller before the call is answered.  You can
451                                                 trigger the sending of the information by using an appropriate
452                                                 dialplan application such as <emphasis>Ringing</emphasis>.</para>
453                                         </description>
454                                 </configOption>
455                                 <configOption name="timers_min_se" default="90">
456                                         <synopsis>Minimum session timers expiration period</synopsis>
457                                         <description><para>
458                                                 Minimum session timer expiration period. Time in seconds.
459                                         </para></description>
460                                 </configOption>
461                                 <configOption name="timers" default="yes">
462                                         <synopsis>Session timers for SIP packets</synopsis>
463                                         <description>
464                                                 <enumlist>
465                                                         <enum name="no" />
466                                                         <enum name="yes" />
467                                                         <enum name="required" />
468                                                         <enum name="always" />
469                                                         <enum name="forced"><para>Alias of always</para></enum>
470                                                 </enumlist>
471                                         </description>
472                                 </configOption>
473                                 <configOption name="timers_sess_expires" default="1800">
474                                         <synopsis>Maximum session timer expiration period</synopsis>
475                                         <description><para>
476                                                 Maximum session timer expiration period. Time in seconds.
477                                         </para></description>
478                                 </configOption>
479                                 <configOption name="transport">
480                                         <synopsis>Explicit transport configuration to use</synopsis>
481                                         <description>
482                                                 <para>This will <emphasis>force</emphasis> the endpoint to use the
483                                                 specified transport configuration to send SIP messages.  You need
484                                                 to already know what kind of transport (UDP/TCP/IPv4/etc) the
485                                                 endpoint device will use.
486                                                 </para>
487                                                 <note><para>Not specifying a transport will select the first
488                                                 configured transport in <filename>pjsip.conf</filename> which is
489                                                 compatible with the URI we are trying to contact.
490                                                 </para></note>
491                                                 <warning><para>Transport configuration is not affected by reloads. In order to
492                                                 change transports, a full Asterisk restart is required</para></warning>
493                                         </description>
494                                 </configOption>
495                                 <configOption name="trust_id_inbound" default="no">
496                                         <synopsis>Accept identification information received from this endpoint</synopsis>
497                                         <description><para>This option determines whether Asterisk will accept
498                                         identification from the endpoint from headers such as P-Asserted-Identity
499                                         or Remote-Party-ID header. This option applies both to calls originating from the
500                                         endpoint and calls originating from Asterisk. If <literal>no</literal>, the
501                                         configured Caller-ID from pjsip.conf will always be used as the identity for
502                                         the endpoint.</para></description>
503                                 </configOption>
504                                 <configOption name="trust_id_outbound" default="no">
505                                         <synopsis>Send private identification details to the endpoint.</synopsis>
506                                         <description><para>This option determines whether res_pjsip will send private
507                                         identification information to the endpoint. If <literal>no</literal>,
508                                         private Caller-ID information will not be forwarded to the endpoint.
509                                         "Private" in this case refers to any method of restricting identification.
510                                         Example: setting <replaceable>callerid_privacy</replaceable> to any
511                                         <literal>prohib</literal> variation.
512                                         Example: If <replaceable>trust_id_inbound</replaceable> is set to
513                                         <literal>yes</literal>, the presence of a <literal>Privacy: id</literal>
514                                         header in a SIP request or response would indicate the identification
515                                         provided in the request is private.</para></description>
516                                 </configOption>
517                                 <configOption name="type">
518                                         <synopsis>Must be of type 'endpoint'.</synopsis>
519                                 </configOption>
520                                 <configOption name="use_ptime" default="no">
521                                         <synopsis>Use Endpoint's requested packetization interval</synopsis>
522                                 </configOption>
523                                 <configOption name="use_avpf" default="no">
524                                         <synopsis>Determines whether res_pjsip will use and enforce usage of AVPF for this
525                                         endpoint.</synopsis>
526                                         <description><para>
527                                                 If set to <literal>yes</literal>, res_pjsip will use the AVPF or SAVPF RTP
528                                                 profile for all media offers on outbound calls and media updates and will
529                                                 decline media offers not using the AVPF or SAVPF profile.
530                                         </para><para>
531                                                 If set to <literal>no</literal>, res_pjsip will use the AVP or SAVP RTP
532                                                 profile for all media offers on outbound calls and media updates, and will
533                                                 decline media offers not using the AVP or SAVP profile.
534                                         </para></description>
535                                 </configOption>
536                                 <configOption name="force_avp" default="no">
537                                         <synopsis>Determines whether res_pjsip will use and enforce usage of AVP,
538                                         regardless of the RTP profile in use for this endpoint.</synopsis>
539                                         <description><para>
540                                                 If set to <literal>yes</literal>, res_pjsip will use the AVP, AVPF, SAVP, or
541                                                 SAVPF RTP profile for all media offers on outbound calls and media updates including
542                                                 those for DTLS-SRTP streams.
543                                         </para><para>
544                                                 If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
545                                                 depending on configuration.
546                                         </para></description>
547                                 </configOption>
548                                 <configOption name="media_use_received_transport" default="no">
549                                         <synopsis>Determines whether res_pjsip will use the media transport received in the
550                                         offer SDP in the corresponding answer SDP.</synopsis>
551                                         <description><para>
552                                                 If set to <literal>yes</literal>, res_pjsip will use the received media transport.
553                                         </para><para>
554                                                 If set to <literal>no</literal>, res_pjsip will use the respective RTP profile
555                                                 depending on configuration.
556                                         </para></description>
557                                 </configOption>
558                                 <configOption name="media_encryption" default="no">
559                                         <synopsis>Determines whether res_pjsip will use and enforce usage of media encryption
560                                         for this endpoint.</synopsis>
561                                         <description>
562                                                 <enumlist>
563                                                         <enum name="no"><para>
564                                                                 res_pjsip will offer no encryption and allow no encryption to be setup.
565                                                         </para></enum>
566                                                         <enum name="sdes"><para>
567                                                                 res_pjsip will offer standard SRTP setup via in-SDP keys. Encrypted SIP
568                                                                 transport should be used in conjunction with this option to prevent
569                                                                 exposure of media encryption keys.
570                                                         </para></enum>
571                                                         <enum name="dtls"><para>
572                                                                 res_pjsip will offer DTLS-SRTP setup.
573                                                         </para></enum>
574                                                 </enumlist>
575                                         </description>
576                                 </configOption>
577                                 <configOption name="media_encryption_optimistic" default="no">
578                                         <synopsis>Determines whether encryption should be used if possible but does not terminate the
579                                         session if not achieved.</synopsis>
580                                         <description><para>
581                                                 This option only applies if <replaceable>media_encryption</replaceable> is
582                                                 set to <literal>sdes</literal> or <literal>dtls</literal>.
583                                         </para></description>
584                                 </configOption>
585                                 <configOption name="g726_non_standard" default="no">
586                                         <synopsis>Force g.726 to use AAL2 packing order when negotiating g.726 audio</synopsis>
587                                         <description><para>
588                                                 When set to "yes" and an endpoint negotiates g.726 audio then use g.726 for AAL2
589                                                 packing order instead of what is recommended by RFC3551. Since this essentially
590                                                 replaces the underlying 'g726' codec with 'g726aal2' then 'g726aal2' needs to be
591                                                 specified in the endpoint's allowed codec list.
592                                         </para></description>
593                                 </configOption>
594                                 <configOption name="inband_progress" default="no">
595                                         <synopsis>Determines whether chan_pjsip will indicate ringing using inband
596                                                 progress.</synopsis>
597                                         <description><para>
598                                                 If set to <literal>yes</literal>, chan_pjsip will send a 183 Session Progress
599                                                 when told to indicate ringing and will immediately start sending ringing
600                                                 as audio.
601                                         </para><para>
602                                                 If set to <literal>no</literal>, chan_pjsip will send a 180 Ringing when told
603                                                 to indicate ringing and will NOT send it as audio.
604                                         </para></description>
605                                 </configOption>
606                                 <configOption name="call_group">
607                                         <synopsis>The numeric pickup groups for a channel.</synopsis>
608                                         <description><para>
609                                                 Can be set to a comma separated list of numbers or ranges between the values
610                                                 of 0-63 (maximum of 64 groups).
611                                         </para></description>
612                                 </configOption>
613                                 <configOption name="pickup_group">
614                                         <synopsis>The numeric pickup groups that a channel can pickup.</synopsis>
615                                         <description><para>
616                                                 Can be set to a comma separated list of numbers or ranges between the values
617                                                 of 0-63 (maximum of 64 groups).
618                                         </para></description>
619                                 </configOption>
620                                 <configOption name="named_call_group">
621                                         <synopsis>The named pickup groups for a channel.</synopsis>
622                                         <description><para>
623                                                 Can be set to a comma separated list of case sensitive strings limited by
624                                                 supported line length.
625                                         </para></description>
626                                 </configOption>
627                                 <configOption name="named_pickup_group">
628                                         <synopsis>The named pickup groups that a channel can pickup.</synopsis>
629                                         <description><para>
630                                                 Can be set to a comma separated list of case sensitive strings limited by
631                                                 supported line length.
632                                         </para></description>
633                                 </configOption>
634                                 <configOption name="device_state_busy_at" default="0">
635                                         <synopsis>The number of in-use channels which will cause busy to be returned as device state</synopsis>
636                                         <description><para>
637                                                 When the number of in-use channels for the endpoint matches the devicestate_busy_at setting the
638                                                 PJSIP channel driver will return busy as the device state instead of in use.
639                                         </para></description>
640                                 </configOption>
641                                 <configOption name="t38_udptl" default="no">
642                                         <synopsis>Whether T.38 UDPTL support is enabled or not</synopsis>
643                                         <description><para>
644                                                 If set to yes T.38 UDPTL support will be enabled, and T.38 negotiation requests will be accepted
645                                                 and relayed.
646                                         </para></description>
647                                 </configOption>
648                                 <configOption name="t38_udptl_ec" default="none">
649                                         <synopsis>T.38 UDPTL error correction method</synopsis>
650                                         <description>
651                                                 <enumlist>
652                                                         <enum name="none"><para>
653                                                                 No error correction should be used.
654                                                         </para></enum>
655                                                         <enum name="fec"><para>
656                                                                 Forward error correction should be used.
657                                                         </para></enum>
658                                                         <enum name="redundancy"><para>
659                                                                 Redundancy error correction should be used.
660                                                         </para></enum>
661                                                 </enumlist>
662                                         </description>
663                                 </configOption>
664                                 <configOption name="t38_udptl_maxdatagram" default="0">
665                                         <synopsis>T.38 UDPTL maximum datagram size</synopsis>
666                                         <description><para>
667                                                 This option can be set to override the maximum datagram of a remote endpoint for broken
668                                                 endpoints.
669                                         </para></description>
670                                 </configOption>
671                                 <configOption name="fax_detect" default="no">
672                                         <synopsis>Whether CNG tone detection is enabled</synopsis>
673                                         <description><para>
674                                                 This option can be set to send the session to the fax extension when a CNG tone is
675                                                 detected.
676                                         </para></description>
677                                 </configOption>
678                                 <configOption name="fax_detect_timeout">
679                                         <synopsis>How long into a call before fax_detect is disabled for the call</synopsis>
680                                         <description><para>
681                                                 The option determines how many seconds into a call before the
682                                                 fax_detect option is disabled for the call.  Setting the value
683                                                 to zero disables the timeout.
684                                         </para></description>
685                                 </configOption>
686                                 <configOption name="t38_udptl_nat" default="no">
687                                         <synopsis>Whether NAT support is enabled on UDPTL sessions</synopsis>
688                                         <description><para>
689                                                 When enabled the UDPTL stack will send UDPTL packets to the source address of
690                                                 received packets.
691                                         </para></description>
692                                 </configOption>
693                                 <configOption name="t38_udptl_ipv6" default="no">
694                                         <synopsis>Whether IPv6 is used for UDPTL Sessions</synopsis>
695                                         <description><para>
696                                                 When enabled the UDPTL stack will use IPv6.
697                                         </para></description>
698                                 </configOption>
699                                 <configOption name="tone_zone">
700                                         <synopsis>Set which country's indications to use for channels created for this endpoint.</synopsis>
701                                 </configOption>
702                                 <configOption name="language">
703                                         <synopsis>Set the default language to use for channels created for this endpoint.</synopsis>
704                                 </configOption>
705                                 <configOption name="one_touch_recording" default="no">
706                                         <synopsis>Determines whether one-touch recording is allowed for this endpoint.</synopsis>
707                                         <see-also>
708                                                 <ref type="configOption">record_on_feature</ref>
709                                                 <ref type="configOption">record_off_feature</ref>
710                                         </see-also>
711                                 </configOption>
712                                 <configOption name="record_on_feature" default="automixmon">
713                                         <synopsis>The feature to enact when one-touch recording is turned on.</synopsis>
714                                         <description>
715                                                 <para>When an INFO request for one-touch recording arrives with a Record header set to "on", this
716                                                 feature will be enabled for the channel. The feature designated here can be any built-in
717                                                 or dynamic feature defined in features.conf.</para>
718                                                 <note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
719                                         </description>
720                                         <see-also>
721                                                 <ref type="configOption">one_touch_recording</ref>
722                                                 <ref type="configOption">record_off_feature</ref>
723                                         </see-also>
724                                 </configOption>
725                                 <configOption name="record_off_feature" default="automixmon">
726                                         <synopsis>The feature to enact when one-touch recording is turned off.</synopsis>
727                                         <description>
728                                                 <para>When an INFO request for one-touch recording arrives with a Record header set to "off", this
729                                                 feature will be enabled for the channel. The feature designated here can be any built-in
730                                                 or dynamic feature defined in features.conf.</para>
731                                                 <note><para>This setting has no effect if the endpoint's one_touch_recording option is disabled</para></note>
732                                         </description>
733                                         <see-also>
734                                                 <ref type="configOption">one_touch_recording</ref>
735                                                 <ref type="configOption">record_on_feature</ref>
736                                         </see-also>
737                                 </configOption>
738                                 <configOption name="rtp_engine" default="asterisk">
739                                         <synopsis>Name of the RTP engine to use for channels created for this endpoint</synopsis>
740                                 </configOption>
741                                 <configOption name="allow_transfer" default="yes">
742                                         <synopsis>Determines whether SIP REFER transfers are allowed for this endpoint</synopsis>
743                                 </configOption>
744                                 <configOption name="user_eq_phone" default="no">
745                                         <synopsis>Determines whether a user=phone parameter is placed into the request URI if the user is determined to be a phone number</synopsis>
746                                 </configOption>
747                                 <configOption name="moh_passthrough" default="no">
748                                         <synopsis>Determines whether hold and unhold will be passed through using re-INVITEs with recvonly and sendrecv to the remote side</synopsis>
749                                 </configOption>
750                                 <configOption name="sdp_owner" default="-">
751                                         <synopsis>String placed as the username portion of an SDP origin (o=) line.</synopsis>
752                                 </configOption>
753                                 <configOption name="sdp_session" default="Asterisk">
754                                         <synopsis>String used for the SDP session (s=) line.</synopsis>
755                                 </configOption>
756                                 <configOption name="tos_audio">
757                                         <synopsis>DSCP TOS bits for audio streams</synopsis>
758                                         <description><para>
759                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
760                                         </para></description>
761                                 </configOption>
762                                 <configOption name="tos_video">
763                                         <synopsis>DSCP TOS bits for video streams</synopsis>
764                                         <description><para>
765                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
766                                         </para></description>
767                                 </configOption>
768                                 <configOption name="cos_audio">
769                                         <synopsis>Priority for audio streams</synopsis>
770                                         <description><para>
771                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
772                                         </para></description>
773                                 </configOption>
774                                 <configOption name="cos_video">
775                                         <synopsis>Priority for video streams</synopsis>
776                                         <description><para>
777                                                 See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for more information about QoS settings
778                                         </para></description>
779                                 </configOption>
780                                 <configOption name="allow_subscribe" default="yes">
781                                         <synopsis>Determines if endpoint is allowed to initiate subscriptions with Asterisk.</synopsis>
782                                 </configOption>
783                                 <configOption name="sub_min_expiry" default="60">
784                                         <synopsis>The minimum allowed expiry time for subscriptions initiated by the endpoint.</synopsis>
785                                 </configOption>
786                                 <configOption name="from_user">
787                                         <synopsis>Username to use in From header for requests to this endpoint.</synopsis>
788                                 </configOption>
789                                 <configOption name="mwi_from_user">
790                                         <synopsis>Username to use in From header for unsolicited MWI NOTIFYs to this endpoint.</synopsis>
791                                 </configOption>
792                                 <configOption name="from_domain">
793                                         <synopsis>Domain to user in From header for requests to this endpoint.</synopsis>
794                                 </configOption>
795                                 <configOption name="dtls_verify">
796                                         <synopsis>Verify that the provided peer certificate is valid</synopsis>
797                                         <description><para>
798                                                 This option only applies if <replaceable>media_encryption</replaceable> is
799                                                 set to <literal>dtls</literal>.
800                                         </para></description>
801                                 </configOption>
802                                 <configOption name="dtls_rekey">
803                                         <synopsis>Interval at which to renegotiate the TLS session and rekey the SRTP session</synopsis>
804                                         <description><para>
805                                                 This option only applies if <replaceable>media_encryption</replaceable> is
806                                                 set to <literal>dtls</literal>.
807                                         </para><para>
808                                                 If this is not set or the value provided is 0 rekeying will be disabled.
809                                         </para></description>
810                                 </configOption>
811                                 <configOption name="dtls_auto_generate_cert" default="no">
812                                         <synopsis>Whether or not to automatically generate an ephemeral X.509 certificate</synopsis>
813                                         <description>
814                                                 <para>
815                                                         If enabled, Asterisk will generate an X.509 certificate for each DTLS session.
816                                                         This option only applies if <replaceable>media_encryption</replaceable> is set
817                                                         to <literal>dtls</literal>. This option will be automatically enabled if
818                                                         <literal>webrtc</literal> is enabled and <literal>dtls_cert_file</literal> is
819                                                         not specified.
820                                                 </para>
821                                         </description>
822                                 </configOption>
823                                 <configOption name="dtls_cert_file">
824                                         <synopsis>Path to certificate file to present to peer</synopsis>
825                                         <description><para>
826                                                 This option only applies if <replaceable>media_encryption</replaceable> is
827                                                 set to <literal>dtls</literal>.
828                                         </para></description>
829                                 </configOption>
830                                 <configOption name="dtls_private_key">
831                                         <synopsis>Path to private key for certificate file</synopsis>
832                                         <description><para>
833                                                 This option only applies if <replaceable>media_encryption</replaceable> is
834                                                 set to <literal>dtls</literal>.
835                                         </para></description>
836                                 </configOption>
837                                 <configOption name="dtls_cipher">
838                                         <synopsis>Cipher to use for DTLS negotiation</synopsis>
839                                         <description><para>
840                                                 This option only applies if <replaceable>media_encryption</replaceable> is
841                                                 set to <literal>dtls</literal>.
842                                         </para>
843                                         <para>Many options for acceptable ciphers. See link for more:</para>
844                                         <para>http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
845                                         </para></description>
846                                 </configOption>
847                                 <configOption name="dtls_ca_file">
848                                         <synopsis>Path to certificate authority certificate</synopsis>
849                                         <description><para>
850                                                 This option only applies if <replaceable>media_encryption</replaceable> is
851                                                 set to <literal>dtls</literal>.
852                                         </para></description>
853                                 </configOption>
854                                 <configOption name="dtls_ca_path">
855                                         <synopsis>Path to a directory containing certificate authority certificates</synopsis>
856                                         <description><para>
857                                                 This option only applies if <replaceable>media_encryption</replaceable> is
858                                                 set to <literal>dtls</literal>.
859                                         </para></description>
860                                 </configOption>
861                                 <configOption name="dtls_setup">
862                                         <synopsis>Whether we are willing to accept connections, connect to the other party, or both.</synopsis>
863                                         <description>
864                                                 <para>
865                                                         This option only applies if <replaceable>media_encryption</replaceable> is
866                                                         set to <literal>dtls</literal>.
867                                                 </para>
868                                                 <enumlist>
869                                                         <enum name="active"><para>
870                                                                 res_pjsip will make a connection to the peer.
871                                                         </para></enum>
872                                                         <enum name="passive"><para>
873                                                                 res_pjsip will accept connections from the peer.
874                                                         </para></enum>
875                                                         <enum name="actpass"><para>
876                                                                 res_pjsip will offer and accept connections from the peer.
877                                                         </para></enum>
878                                                 </enumlist>
879                                         </description>
880                                 </configOption>
881                                 <configOption name="dtls_fingerprint">
882                                         <synopsis>Type of hash to use for the DTLS fingerprint in the SDP.</synopsis>
883                                         <description>
884                                                 <para>
885                                                         This option only applies if <replaceable>media_encryption</replaceable> is
886                                                         set to <literal>dtls</literal>.
887                                                 </para>
888                                                 <enumlist>
889                                                         <enum name="SHA-256"></enum>
890                                                         <enum name="SHA-1"></enum>
891                                                 </enumlist>
892                                         </description>
893                                 </configOption>
894                                 <configOption name="srtp_tag_32">
895                                         <synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis>
896                                         <description><para>
897                                                 This option only applies if <replaceable>media_encryption</replaceable> is
898                                                 set to <literal>sdes</literal> or <literal>dtls</literal>.
899                                         </para></description>
900                                 </configOption>
901                                 <configOption name="set_var">
902                                         <synopsis>Variable set on a channel involving the endpoint.</synopsis>
903                                         <description><para>
904                                                 When a new channel is created using the endpoint set the specified
905                                                 variable(s) on that channel. For multiple channel variables specify
906                                                 multiple 'set_var'(s).
907                                         </para></description>
908                                 </configOption>
909                                 <configOption name="message_context">
910                                         <synopsis>Context to route incoming MESSAGE requests to.</synopsis>
911                                         <description><para>
912                                                 If specified, incoming MESSAGE requests will be routed to the indicated
913                                                 dialplan context. If no <replaceable>message_context</replaceable> is
914                                                 specified, then the <replaceable>context</replaceable> setting is used.
915                                         </para></description>
916                                 </configOption>
917                                 <configOption name="accountcode">
918                                         <synopsis>An accountcode to set automatically on any channels created for this endpoint.</synopsis>
919                                         <description><para>
920                                                 If specified, any channel created for this endpoint will automatically
921                                                 have this accountcode set on it.
922                                         </para></description>
923                                 </configOption>
924                                 <configOption name="preferred_codec_only" default="no">
925                                         <synopsis>Respond to a SIP invite with the single most preferred codec rather than advertising all joint codec capabilities. This limits the other side's codec choice to exactly what we prefer.</synopsis>
926                                 </configOption>
927                                 <configOption name="rtp_keepalive">
928                                         <synopsis>Number of seconds between RTP comfort noise keepalive packets.</synopsis>
929                                         <description><para>
930                                                 At the specified interval, Asterisk will send an RTP comfort noise frame. This may
931                                                 be useful for situations where Asterisk is behind a NAT or firewall and must keep
932                                                 a hole open in order to allow for media to arrive at Asterisk.
933                                         </para></description>
934                                 </configOption>
935                                 <configOption name="rtp_timeout" default="0">
936                                         <synopsis>Maximum number of seconds without receiving RTP (while off hold) before terminating call.</synopsis>
937                                         <description><para>
938                                                 This option configures the number of seconds without RTP (while off hold) before
939                                                 considering a channel as dead. When the number of seconds is reached the underlying
940                                                 channel is hung up. By default this option is set to 0, which means do not check.
941                                         </para></description>
942                                 </configOption>
943                                 <configOption name="rtp_timeout_hold" default="0">
944                                         <synopsis>Maximum number of seconds without receiving RTP (while on hold) before terminating call.</synopsis>
945                                         <description><para>
946                                                 This option configures the number of seconds without RTP (while on hold) before
947                                                 considering a channel as dead. When the number of seconds is reached the underlying
948                                                 channel is hung up. By default this option is set to 0, which means do not check.
949                                         </para></description>
950                                 </configOption>
951                                 <configOption name="acl">
952                                         <synopsis>List of IP ACL section names in acl.conf</synopsis>
953                                         <description><para>
954                                                 This matches sections configured in <literal>acl.conf</literal>. The value is
955                                                 defined as a list of comma-delimited section names.
956                                         </para></description>
957                                 </configOption>
958                                 <configOption name="deny">
959                                         <synopsis>List of IP addresses to deny access from</synopsis>
960                                         <description><para>
961                                                 The value is a comma-delimited list of IP addresses. IP addresses may
962                                                 have a subnet mask appended. The subnet mask may be written in either
963                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
964                                                 mask with a slash ('/')
965                                         </para></description>
966                                 </configOption>
967                                 <configOption name="permit">
968                                         <synopsis>List of IP addresses to permit access from</synopsis>
969                                         <description><para>
970                                                 The value is a comma-delimited list of IP addresses. IP addresses may
971                                                 have a subnet mask appended. The subnet mask may be written in either
972                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
973                                                 mask with a slash ('/')
974                                         </para></description>
975                                 </configOption>
976                                 <configOption name="contact_acl">
977                                         <synopsis>List of Contact ACL section names in acl.conf</synopsis>
978                                         <description><para>
979                                                 This matches sections configured in <literal>acl.conf</literal>. The value is
980                                                 defined as a list of comma-delimited section names.
981                                         </para></description>
982                                 </configOption>
983                                 <configOption name="contact_deny">
984                                         <synopsis>List of Contact header addresses to deny</synopsis>
985                                         <description><para>
986                                                 The value is a comma-delimited list of IP addresses. IP addresses may
987                                                 have a subnet mask appended. The subnet mask may be written in either
988                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
989                                                 mask with a slash ('/')
990                                         </para></description>
991                                 </configOption>
992                                 <configOption name="contact_permit">
993                                         <synopsis>List of Contact header addresses to permit</synopsis>
994                                         <description><para>
995                                                 The value is a comma-delimited list of IP addresses. IP addresses may
996                                                 have a subnet mask appended. The subnet mask may be written in either
997                                                 CIDR or dotted-decimal notation. Separate the IP address and subnet
998                                                 mask with a slash ('/')
999                                         </para></description>
1000                                 </configOption>
1001                                 <configOption name="subscribe_context">
1002                                         <synopsis>Context for incoming MESSAGE requests.</synopsis>
1003                                         <description><para>
1004                                                 If specified, incoming SUBSCRIBE requests will be searched for the matching
1005                                                 extension in the indicated context.
1006                                                 If no <replaceable>subscribe_context</replaceable> is specified,
1007                                                 then the <replaceable>context</replaceable> setting is used.
1008                                         </para></description>
1009                                 </configOption>
1010                                 <configOption name="contact_user" default="">
1011                                         <synopsis>Force the user on the outgoing Contact header to this value.</synopsis>
1012                                         <description><para>
1013                                                 On outbound requests, force the user portion of the Contact header to this value.
1014                                         </para></description>
1015                                 </configOption>
1016                                 <configOption name="asymmetric_rtp_codec" default="no">
1017                                         <synopsis>Allow the sending and receiving RTP codec to differ</synopsis>
1018                                         <description><para>
1019                                                 When set to "yes" the codec in use for sending will be allowed to differ from
1020                                                 that of the received one. PJSIP will not automatically switch the sending one
1021                                                 to the receiving one.
1022                                         </para></description>
1023                                 </configOption>
1024                                 <configOption name="rtcp_mux" default="no">
1025                                         <synopsis>Enable RFC 5761 RTCP multiplexing on the RTP port</synopsis>
1026                                         <description><para>
1027                                                 With this option enabled, Asterisk will attempt to negotiate the use of the "rtcp-mux"
1028                                                 attribute on all media streams. This will result in RTP and RTCP being sent and received
1029                                                 on the same port. This shifts the demultiplexing logic to the application rather than
1030                                                 the transport layer. This option is useful when interoperating with WebRTC endpoints
1031                                                 since they mandate this option's use.
1032                                         </para></description>
1033                                 </configOption>
1034                                 <configOption name="refer_blind_progress" default="yes">
1035                                         <synopsis>Whether to notifies all the progress details on blind transfer</synopsis>
1036                                         <description><para>
1037                                                 Some SIP phones (Mitel/Aastra, Snom) expect a sip/frag "200 OK"
1038                                                 after REFER has been accepted. If set to <literal>no</literal> then asterisk
1039                                                 will not send the progress details, but immediately will send "200 OK".
1040                                         </para></description>
1041                                 </configOption>
1042                                 <configOption name="notify_early_inuse_ringing" default="no">
1043                                         <synopsis>Whether to notifies dialog-info 'early' on InUse&amp;Ringing state</synopsis>
1044                                         <description><para>
1045                                                 Control whether dialog-info subscriptions get 'early' state
1046                                                 on Ringing when already INUSE.
1047                                         </para></description>
1048                                 </configOption>
1049                                 <configOption name="max_audio_streams" default="1">
1050                                         <synopsis>The maximum number of allowed audio streams for the endpoint</synopsis>
1051                                         <description><para>
1052                                                 This option enforces a limit on the maximum simultaneous negotiated audio
1053                                                 streams allowed for the endpoint.
1054                                         </para></description>
1055                                 </configOption>
1056                                 <configOption name="max_video_streams" default="1">
1057                                         <synopsis>The maximum number of allowed video streams for the endpoint</synopsis>
1058                                         <description><para>
1059                                                 This option enforces a limit on the maximum simultaneous negotiated video
1060                                                 streams allowed for the endpoint.
1061                                         </para></description>
1062                                 </configOption>
1063                                 <configOption name="bundle" default="no">
1064                                         <synopsis>Enable RTP bundling</synopsis>
1065                                         <description><para>
1066                                                 With this option enabled, Asterisk will attempt to negotiate the use of bundle.
1067                                                 If negotiated this will result in multiple RTP streams being carried over the same
1068                                                 underlying transport. Note that enabling bundle will also enable the rtcp_mux option.
1069                                         </para></description>
1070                                 </configOption>
1071                                 <configOption name="webrtc" default="no">
1072                                         <synopsis>Defaults and enables some options that are relevant to WebRTC</synopsis>
1073                                         <description><para>
1074                                                 When set to "yes" this also enables the following values that are needed in
1075                                                 order for basic WebRTC support to work: rtcp_mux, use_avpf, ice_support, and
1076                                                 use_received_transport. The following configuration settings also get defaulted
1077                                                 as follows:</para>
1078                                                 <para>media_encryption=dtls</para>
1079                                                 <para>dtls_auto_generate_cert=yes (if dtls_cert_file is not set)</para>
1080                                                 <para>dtls_verify=fingerprint</para>
1081                                                 <para>dtls_setup=actpass</para>
1082                                         </description>
1083                                 </configOption>
1084                                 <configOption name="incoming_mwi_mailbox">
1085                                         <synopsis>Mailbox name to use when incoming MWI NOTIFYs are received</synopsis>
1086                                         <description><para>
1087                                                 If an MWI NOTIFY is received <emphasis>from</emphasis> this endpoint,
1088                                                 this mailbox will be used when notifying other modules of MWI status
1089                                                 changes.  If not set, incoming MWI NOTIFYs are ignored.
1090                                         </para></description>
1091                                 </configOption>
1092                                 <configOption name="follow_early_media_fork">
1093                                         <synopsis>Follow SDP forked media when To tag is different</synopsis>
1094                                         <description><para>
1095                                                 On outgoing calls, if the UAS responds with different SDP attributes
1096                                                 on subsequent 18X or 2XX responses (such as a port update) AND the
1097                                                 To tag on the subsequent response is different than that on the previous
1098                                                 one, follow it. This usually happens when the INVITE is forked to multiple
1099                                                 UASs and more than one sends an SDP answer.
1100                                                 </para>
1101                                                 <note><para>
1102                                                         This option must also be enabled in the <literal>system</literal>
1103                                                         section for it to take effect here.
1104                                                 </para></note>
1105                                         </description>
1106                                 </configOption>
1107                                 <configOption name="accept_multiple_sdp_answers" default="no">
1108                                         <synopsis>Accept multiple SDP answers on non-100rel responses</synopsis>
1109                                         <description><para>
1110                                                 On outgoing calls, if the UAS responds with different SDP attributes
1111                                                 on non-100rel 18X or 2XX responses (such as a port update) AND the
1112                                                 To tag on the subsequent response is the same as that on the previous one,
1113                                                 process the updated SDP.  This can happen when the UAS needs to change ports
1114                                                 for some reason such as using a separate port for custom ringback.
1115                                                 </para>
1116                                                 <note><para>
1117                                                         This option must also be enabled in the <literal>system</literal>
1118                                                         section for it to take effect here.
1119                                                 </para></note>
1120                                         </description>
1121                                 </configOption>
1122                                 <configOption name="suppress_q850_reason_headers" default="no">
1123                                         <synopsis>Suppress Q.850 Reason headers for this endpoint</synopsis>
1124                                         <description><para>
1125                                                 Some devices can't accept multiple Reason headers and get confused
1126                                                 when both 'SIP' and 'Q.850' Reason headers are received.  This
1127                                                 option allows the 'Q.850' Reason header to be suppressed.</para>
1128                                         </description>
1129                                 </configOption>
1130                         </configObject>
1131                         <configObject name="auth">
1132                                 <synopsis>Authentication type</synopsis>
1133                                 <description><para>
1134                                         Authentication objects hold the authentication information for use
1135                                         by other objects such as <literal>endpoints</literal> or <literal>registrations</literal>.
1136                                         This also allows for multiple objects to use a single auth object. See
1137                                         the <literal>auth_type</literal> config option for password style choices.
1138                                 </para></description>
1139                                 <configOption name="auth_type" default="userpass">
1140                                         <synopsis>Authentication type</synopsis>
1141                                         <description><para>
1142                                                 This option specifies which of the password style config options should be read
1143                                                 when trying to authenticate an endpoint inbound request. If set to <literal>userpass</literal>
1144                                                 then we'll read from the 'password' option. For <literal>md5</literal> we'll read
1145                                                 from 'md5_cred'. If set to <literal>google_oauth</literal> then we'll read from the refresh_token/oauth_clientid/oauth_secret fields.
1146                                                 </para>
1147                                                 <enumlist>
1148                                                         <enum name="md5"/>
1149                                                         <enum name="userpass"/>
1150                                                         <enum name="google_oauth"/>
1151                                                 </enumlist>
1152                                         </description>
1153                                 </configOption>
1154                                 <configOption name="nonce_lifetime" default="32">
1155                                         <synopsis>Lifetime of a nonce associated with this authentication config.</synopsis>
1156                                 </configOption>
1157                                 <configOption name="md5_cred">
1158                                         <synopsis>MD5 Hash used for authentication.</synopsis>
1159                                         <description><para>Only used when auth_type is <literal>md5</literal>.</para></description>
1160                                 </configOption>
1161                                 <configOption name="password">
1162                                         <synopsis>Plain text password used for authentication.</synopsis>
1163                                         <description><para>Only used when auth_type is <literal>userpass</literal>.</para></description>
1164                                 </configOption>
1165                                 <configOption name="refresh_token">
1166                                         <synopsis>OAuth 2.0 refresh token</synopsis>
1167                                 </configOption>
1168                                 <configOption name="oauth_clientid">
1169                                         <synopsis>OAuth 2.0 application's client id</synopsis>
1170                                 </configOption>
1171                                 <configOption name="oauth_secret">
1172                                         <synopsis>OAuth 2.0 application's secret</synopsis>
1173                                 </configOption>
1174                                 <configOption name="realm">
1175                                         <synopsis>SIP realm for endpoint</synopsis>
1176                                         <description><para>
1177                                                 The treatment of this value depends upon how the authentication
1178                                                 object is used.
1179                                                 </para><para>
1180                                                 When used as an inbound authentication object, the realm is sent
1181                                                 as part of the challenge so the peer can know which key to use
1182                                                 when responding.  An empty value will use the
1183                                                 <replaceable>global</replaceable> section's
1184                                                 <literal>default_realm</literal> value when issuing a challenge.
1185                                                 </para><para>
1186                                                 When used as an outbound authentication object, the realm is
1187                                                 matched with the received challenge realm to determine which
1188                                                 authentication object to use when responding to the challenge.  An
1189                                                 empty value matches any challenging realm when determining
1190                                                 which authentication object matches a received challenge.
1191                                                 </para>
1192                                                 <note><para>
1193                                                 Using the same auth section for inbound and outbound
1194                                                 authentication is not recommended.  There is a difference in
1195                                                 meaning for an empty realm setting between inbound and outbound
1196                                                 authentication uses.</para></note>
1197                                         </description>
1198                                 </configOption>
1199                                 <configOption name="type">
1200                                         <synopsis>Must be 'auth'</synopsis>
1201                                 </configOption>
1202                                 <configOption name="username">
1203                                         <synopsis>Username to use for account</synopsis>
1204                                 </configOption>
1205                         </configObject>
1206                         <configObject name="domain_alias">
1207                                 <synopsis>Domain Alias</synopsis>
1208                                 <description><para>
1209                                         Signifies that a domain is an alias. If the domain on a session is
1210                                         not found to match an AoR then this object is used to see if we have
1211                                         an alias for the AoR to which the endpoint is binding. This objects
1212                                         name as defined in configuration should be the domain alias and a
1213                                         config option is provided to specify the domain to be aliased.
1214                                 </para></description>
1215                                 <configOption name="type">
1216                                         <synopsis>Must be of type 'domain_alias'.</synopsis>
1217                                 </configOption>
1218                                 <configOption name="domain">
1219                                         <synopsis>Domain to be aliased</synopsis>
1220                                 </configOption>
1221                         </configObject>
1222                         <configObject name="transport">
1223                                 <synopsis>SIP Transport</synopsis>
1224                                 <description><para>
1225                                         <emphasis>Transports</emphasis>
1226                                         </para>
1227                                         <para>There are different transports and protocol derivatives
1228                                                 supported by <literal>res_pjsip</literal>. They are in order of
1229                                                 preference: UDP, TCP, and WebSocket (WS).</para>
1230                                         <note><para>Changes to transport configuration in pjsip.conf will only be
1231                                                 effected on a complete restart of Asterisk. A module reload
1232                                                 will not suffice.</para></note>
1233                                 </description>
1234                                 <configOption name="async_operations" default="1">
1235                                         <synopsis>Number of simultaneous Asynchronous Operations</synopsis>
1236                                 </configOption>
1237                                 <configOption name="bind">
1238                                         <synopsis>IP Address and optional port to bind to for this transport</synopsis>
1239                                 </configOption>
1240                                 <configOption name="ca_list_file">
1241                                         <synopsis>File containing a list of certificates to read (TLS ONLY, not WSS)</synopsis>
1242                                 </configOption>
1243                                 <configOption name="ca_list_path">
1244                                         <synopsis>Path to directory containing a list of certificates to read (TLS ONLY, not WSS)</synopsis>
1245                                 </configOption>
1246                                 <configOption name="cert_file">
1247                                         <synopsis>Certificate file for endpoint (TLS ONLY, not WSS)</synopsis>
1248                                         <description><para>
1249                                                 A path to a .crt or .pem file can be provided.  However, only
1250                                                 the certificate is read from the file, not the private key.
1251                                                 The <literal>priv_key_file</literal> option must supply a
1252                                                 matching key file.
1253                                         </para></description>
1254                                 </configOption>
1255                                 <configOption name="cipher">
1256                                         <synopsis>Preferred cryptography cipher names (TLS ONLY, not WSS)</synopsis>
1257                                         <description>
1258                                         <para>Comma separated list of cipher names or numeric equivalents.
1259                                                 Numeric equivalents can be either decimal or hexadecimal (0xX).
1260                                         </para>
1261                                         <para>There are many cipher names.  Use the CLI command
1262                                                 <literal>pjsip list ciphers</literal> to see a list of cipher
1263                                                 names available for your installation.  See link for more:</para>
1264                                         <para>http://www.openssl.org/docs/apps/ciphers.html#CIPHER_SUITE_NAMES
1265                                         </para>
1266                                         </description>
1267                                 </configOption>
1268                                 <configOption name="domain">
1269                                         <synopsis>Domain the transport comes from</synopsis>
1270                                 </configOption>
1271                                 <configOption name="external_media_address">
1272                                         <synopsis>External IP address to use in RTP handling</synopsis>
1273                                         <description><para>
1274                                                 When a request or response is sent out, if the destination of the
1275                                                 message is outside the IP network defined in the option <literal>localnet</literal>,
1276                                                 and the media address in the SDP is within the localnet network, then the
1277                                                 media address in the SDP will be rewritten to the value defined for
1278                                                 <literal>external_media_address</literal>.
1279                                         </para></description>
1280                                 </configOption>
1281                                 <configOption name="external_signaling_address">
1282                                         <synopsis>External address for SIP signalling</synopsis>
1283                                 </configOption>
1284                                 <configOption name="external_signaling_port" default="0">
1285                                         <synopsis>External port for SIP signalling</synopsis>
1286                                 </configOption>
1287                                 <configOption name="method">
1288                                         <synopsis>Method of SSL transport (TLS ONLY, not WSS)</synopsis>
1289                                         <description>
1290                                                 <enumlist>
1291                                                         <enum name="default">
1292                                                                 <para>The default as defined by PJSIP. This is currently TLSv1, but may change with future releases.</para>
1293                                                         </enum>
1294                                                         <enum name="unspecified">
1295                                                                 <para>This option is equivalent to setting 'default'</para>
1296                                                         </enum>
1297                                                         <enum name="tlsv1" />
1298                                                         <enum name="tlsv1_1" />
1299                                                         <enum name="tlsv1_2" />
1300                                                         <enum name="sslv2" />
1301                                                         <enum name="sslv3" />
1302                                                         <enum name="sslv23" />
1303                                                 </enumlist>
1304                                         </description>
1305                                 </configOption>
1306                                 <configOption name="local_net">
1307                                         <synopsis>Network to consider local (used for NAT purposes).</synopsis>
1308                                         <description><para>This must be in CIDR or dotted decimal format with the IP
1309                                         and mask separated with a slash ('/').</para></description>
1310                                 </configOption>
1311                                 <configOption name="password">
1312                                         <synopsis>Password required for transport</synopsis>
1313                                 </configOption>
1314                                 <configOption name="priv_key_file">
1315                                         <synopsis>Private key file (TLS ONLY, not WSS)</synopsis>
1316                                 </configOption>
1317                                 <configOption name="protocol" default="udp">
1318                                         <synopsis>Protocol to use for SIP traffic</synopsis>
1319                                         <description>
1320                                                 <enumlist>
1321                                                         <enum name="udp" />
1322                                                         <enum name="tcp" />
1323                                                         <enum name="tls" />
1324                                                         <enum name="ws" />
1325                                                         <enum name="wss" />
1326                                                         <enum name="flow" />
1327                                                 </enumlist>
1328                                         </description>
1329                                 </configOption>
1330                                 <configOption name="require_client_cert" default="false">
1331                                         <synopsis>Require client certificate (TLS ONLY, not WSS)</synopsis>
1332                                 </configOption>
1333                                 <configOption name="type">
1334                                         <synopsis>Must be of type 'transport'.</synopsis>
1335                                 </configOption>
1336                                 <configOption name="verify_client" default="false">
1337                                         <synopsis>Require verification of client certificate (TLS ONLY, not WSS)</synopsis>
1338                                 </configOption>
1339                                 <configOption name="verify_server" default="false">
1340                                         <synopsis>Require verification of server certificate (TLS ONLY, not WSS)</synopsis>
1341                                 </configOption>
1342                                 <configOption name="tos" default="false">
1343                                         <synopsis>Enable TOS for the signalling sent over this transport</synopsis>
1344                                         <description>
1345                                         <para>See <literal>https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service</literal>
1346                                         for more information on this parameter.</para>
1347                                         <note><para>This option does not apply to the <replaceable>ws</replaceable>
1348                                         or the <replaceable>wss</replaceable> protocols.</para></note>
1349                                         </description>
1350                                 </configOption>
1351                                 <configOption name="cos" default="false">
1352                                         <synopsis>Enable COS for the signalling sent over this transport</synopsis>
1353                                         <description>
1354                                         <para>See <literal>https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service</literal>
1355                                         for more information on this parameter.</para>
1356                                         <note><para>This option does not apply to the <replaceable>ws</replaceable>
1357                                         or the <replaceable>wss</replaceable> protocols.</para></note>
1358                                         </description>
1359                                 </configOption>
1360                                 <configOption name="websocket_write_timeout">
1361                                         <synopsis>The timeout (in milliseconds) to set on WebSocket connections.</synopsis>
1362                                         <description>
1363                                                 <para>If a websocket connection accepts input slowly, the timeout
1364                                                 for writes to it can be increased to keep it from being disconnected.
1365                                                 Value is in milliseconds; default is 100 ms.</para>
1366                                         </description>
1367                                 </configOption>
1368                                 <configOption name="allow_reload" default="no">
1369                                         <synopsis>Allow this transport to be reloaded.</synopsis>
1370                                         <description>
1371                                                 <para>Allow this transport to be reloaded when res_pjsip is reloaded.
1372                                                 This option defaults to "no" because reloading a transport may disrupt
1373                                                 in-progress calls.</para>
1374                                         </description>
1375                                 </configOption>
1376                                 <configOption name="symmetric_transport" default="no">
1377                                         <synopsis>Use the same transport for outgoing requests as incoming ones.</synopsis>
1378                                         <description>
1379                                                 <para>When a request from a dynamic contact
1380                                                         comes in on a transport with this option set to 'yes',
1381                                                         the transport name will be saved and used for subsequent
1382                                                         outgoing requests like OPTIONS, NOTIFY and INVITE.  It's
1383                                                         saved as a contact uri parameter named 'x-ast-txp' and will
1384                                                         display with the contact uri in CLI, AMI, and ARI output.
1385                                                         On the outgoing request, if a transport wasn't explicitly
1386                                                         set on the endpoint AND the request URI is not a hostname,
1387                                                         the saved transport will be used and the 'x-ast-txp'
1388                                                         parameter stripped from the outgoing packet.
1389                                                 </para>
1390                                         </description>
1391                                 </configOption>
1392                         </configObject>
1393                         <configObject name="contact">
1394                                 <synopsis>A way of creating an aliased name to a SIP URI</synopsis>
1395                                 <description><para>
1396                                         Contacts are a way to hide SIP URIs from the dialplan directly.
1397                                         They are also used to make a group of contactable parties when
1398                                         in use with <literal>AoR</literal> lists.
1399                                 </para></description>
1400                                 <configOption name="type">
1401                                         <synopsis>Must be of type 'contact'.</synopsis>
1402                                 </configOption>
1403                                 <configOption name="uri">
1404                                         <synopsis>SIP URI to contact peer</synopsis>
1405                                 </configOption>
1406                                 <configOption name="expiration_time">
1407                                         <synopsis>Time to keep alive a contact</synopsis>
1408                                         <description><para>
1409                                                 Time to keep alive a contact. String style specification.
1410                                         </para></description>
1411                                 </configOption>
1412                                 <configOption name="qualify_frequency" default="0">
1413                                         <synopsis>Interval at which to qualify a contact</synopsis>
1414                                         <description><para>
1415                                                 Interval between attempts to qualify the contact for reachability.
1416                                                 If <literal>0</literal> never qualify. Time in seconds.
1417                                         </para></description>
1418                                 </configOption>
1419                                 <configOption name="qualify_timeout" default="3.0">
1420                                         <synopsis>Timeout for qualify</synopsis>
1421                                         <description><para>
1422                                                 If the contact doesn't respond to the OPTIONS request before the timeout,
1423                                                 the contact is marked unavailable.
1424                                                 If <literal>0</literal> no timeout. Time in fractional seconds.
1425                                         </para></description>
1426                                 </configOption>
1427                                 <configOption name="authenticate_qualify">
1428                                         <synopsis>Authenticates a qualify challenge response if needed</synopsis>
1429                                         <description>
1430                                                 <para>If true and a qualify request receives a challenge response then
1431                                                 authentication is attempted before declaring the contact available.
1432                                                 </para>
1433                                                 <note><para>This option does nothing as we will always complete
1434                                                 the challenge response authentication if the qualify request is
1435                                                 challenged.
1436                                                 </para></note>
1437                                         </description>
1438                                 </configOption>
1439                                 <configOption name="outbound_proxy">
1440                                         <synopsis>Outbound proxy used when sending OPTIONS request</synopsis>
1441                                         <description><para>
1442                                                 If set the provided URI will be used as the outbound proxy when an
1443                                                 OPTIONS request is sent to a contact for qualify purposes.
1444                                         </para></description>
1445                                 </configOption>
1446                                 <configOption name="path">
1447                                         <synopsis>Stored Path vector for use in Route headers on outgoing requests.</synopsis>
1448                                 </configOption>
1449                                 <configOption name="user_agent">
1450                                         <synopsis>User-Agent header from registration.</synopsis>
1451                                         <description><para>
1452                                                 The User-Agent is automatically stored based on data present in incoming SIP
1453                                                 REGISTER requests and is not intended to be configured manually.
1454                                         </para></description>
1455                                 </configOption>
1456                                 <configOption name="endpoint">
1457                                         <synopsis>Endpoint name</synopsis>
1458                                         <description><para>
1459                                                 The name of the endpoint this contact belongs to
1460                                         </para></description>
1461                                 </configOption>
1462                                 <configOption name="reg_server">
1463                                         <synopsis>Asterisk Server name</synopsis>
1464                                         <description><para>
1465                                                 Asterisk Server name on which SIP endpoint registered.
1466                                         </para></description>
1467                                 </configOption>
1468                                 <configOption name="via_addr">
1469                                         <synopsis>IP-address of the last Via header from registration.</synopsis>
1470                                         <description><para>
1471                                                 The last Via header should contain the address of UA which sent the request.
1472                                                 The IP-address of the last Via header is automatically stored based on data present
1473                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1474                                         </para></description>
1475                                 </configOption>
1476                                 <configOption name="via_port">
1477                                         <synopsis>IP-port of the last Via header from registration.</synopsis>
1478                                         <description><para>
1479                                                 The IP-port of the last Via header is automatically stored based on data present
1480                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1481                                         </para></description>
1482                                 </configOption>
1483                                 <configOption name="call_id">
1484                                         <synopsis>Call-ID header from registration.</synopsis>
1485                                         <description><para>
1486                                                 The Call-ID header is automatically stored based on data present
1487                                                 in incoming SIP REGISTER requests and is not intended to be configured manually.
1488                                         </para></description>
1489                                 </configOption>
1490                                 <configOption name="prune_on_boot">
1491                                         <synopsis>A contact that cannot survive a restart/boot.</synopsis>
1492                                         <description><para>
1493                                                 The option is set if the incoming SIP REGISTER contact is rewritten
1494                                                 on a reliable transport and is not intended to be configured manually.
1495                                         </para></description>
1496                                 </configOption>
1497                         </configObject>
1498                         <configObject name="aor">
1499                                 <synopsis>The configuration for a location of an endpoint</synopsis>
1500                                 <description><para>
1501                                         An AoR is what allows Asterisk to contact an endpoint via res_pjsip. If no
1502                                         AoRs are specified, an endpoint will not be reachable by Asterisk.
1503                                         Beyond that, an AoR has other uses within Asterisk, such as inbound
1504                                         registration.
1505                                         </para><para>
1506                                         An <literal>AoR</literal> is a way to allow dialing a group
1507                                         of <literal>Contacts</literal> that all use the same
1508                                         <literal>endpoint</literal> for calls.
1509                                         </para><para>
1510                                         This can be used as another way of grouping a list of contacts to dial
1511                                         rather than specifying them each directly when dialing via the dialplan.
1512                                         This must be used in conjunction with the <literal>PJSIP_DIAL_CONTACTS</literal>.
1513                                         </para><para>
1514                                         Registrations: For Asterisk to match an inbound registration to an endpoint,
1515                                         the AoR object name must match the user portion of the SIP URI in the "To:"
1516                                         header of the inbound SIP registration. That will usually be equivalent
1517                                         to the "user name" set in your hard or soft phones configuration.
1518                                 </para></description>
1519                                 <configOption name="contact">
1520                                         <synopsis>Permanent contacts assigned to AoR</synopsis>
1521                                         <description><para>
1522                                                 Contacts specified will be called whenever referenced
1523                                                 by <literal>chan_pjsip</literal>.
1524                                                 </para><para>
1525                                                 Use a separate "contact=" entry for each contact required. Contacts
1526                                                 are specified using a SIP URI.
1527                                         </para></description>
1528                                 </configOption>
1529                                 <configOption name="default_expiration" default="3600">
1530                                         <synopsis>Default expiration time in seconds for contacts that are dynamically bound to an AoR.</synopsis>
1531                                 </configOption>
1532                                 <configOption name="mailboxes">
1533                                         <synopsis>Allow subscriptions for the specified mailbox(es)</synopsis>
1534                                         <description><para>This option applies when an external entity subscribes to an AoR
1535                                                 for Message Waiting Indications. The mailboxes specified will be subscribed to.
1536                                                 More than one mailbox can be specified with a comma-delimited string.
1537                                                 app_voicemail mailboxes must be specified as mailbox@context;
1538                                                 for example: mailboxes=6001@default. For mailboxes provided by external sources,
1539                                                 such as through the res_external_mwi module, you must specify strings supported by
1540                                                 the external system.
1541                                         </para><para>
1542                                                 For endpoints that cannot SUBSCRIBE for MWI, you can set the <literal>mailboxes</literal> option in your
1543                                                 endpoint configuration section to enable unsolicited MWI NOTIFYs to the endpoint.
1544                                         </para></description>
1545                                 </configOption>
1546                                 <configOption name="voicemail_extension">
1547                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
1548                                 </configOption>
1549                                 <configOption name="maximum_expiration" default="7200">
1550                                         <synopsis>Maximum time to keep an AoR</synopsis>
1551                                         <description><para>
1552                                                 Maximum time to keep a peer with explicit expiration. Time in seconds.
1553                                         </para></description>
1554                                 </configOption>
1555                                 <configOption name="max_contacts" default="0">
1556                                         <synopsis>Maximum number of contacts that can bind to an AoR</synopsis>
1557                                         <description><para>
1558                                                 Maximum number of contacts that can associate with this AoR. This value does
1559                                                 not affect the number of contacts that can be added with the "contact" option.
1560                                                 It only limits contacts added through external interaction, such as
1561                                                 registration.
1562                                                 </para>
1563                                                 <note><para>The <replaceable>rewrite_contact</replaceable> option
1564                                                 registers the source address as the contact address to help with
1565                                                 NAT and reusing connection oriented transports such as TCP and
1566                                                 TLS.  Unfortunately, refreshing a registration may register a
1567                                                 different contact address and exceed
1568                                                 <replaceable>max_contacts</replaceable>.  The
1569                                                 <replaceable>remove_existing</replaceable> option can help by
1570                                                 removing the soonest to expire contact(s) over
1571                                                 <replaceable>max_contacts</replaceable> which is likely the
1572                                                 old <replaceable>rewrite_contact</replaceable> contact source
1573                                                 address being refreshed.
1574                                                 </para></note>
1575                                                 <note><para>This should be set to <literal>1</literal> and
1576                                                 <replaceable>remove_existing</replaceable> set to <literal>yes</literal> if you
1577                                                 wish to stick with the older <literal>chan_sip</literal> behaviour.
1578                                                 </para></note>
1579                                         </description>
1580                                 </configOption>
1581                                 <configOption name="minimum_expiration" default="60">
1582                                         <synopsis>Minimum keep alive time for an AoR</synopsis>
1583                                         <description><para>
1584                                                 Minimum time to keep a peer with an explicit expiration. Time in seconds.
1585                                         </para></description>
1586                                 </configOption>
1587                                 <configOption name="remove_existing" default="no">
1588                                         <synopsis>Determines whether new contacts replace existing ones.</synopsis>
1589                                         <description><para>
1590                                                 On receiving a new registration to the AoR should it remove enough
1591                                                 existing contacts not added or updated by the registration to
1592                                                 satisfy <replaceable>max_contacts</replaceable>?  Any removed
1593                                                 contacts will expire the soonest.
1594                                                 </para>
1595                                                 <note><para>The <replaceable>rewrite_contact</replaceable> option
1596                                                 registers the source address as the contact address to help with
1597                                                 NAT and reusing connection oriented transports such as TCP and
1598                                                 TLS.  Unfortunately, refreshing a registration may register a
1599                                                 different contact address and exceed
1600                                                 <replaceable>max_contacts</replaceable>.  The
1601                                                 <replaceable>remove_existing</replaceable> option can help by
1602                                                 removing the soonest to expire contact(s) over
1603                                                 <replaceable>max_contacts</replaceable> which is likely the
1604                                                 old <replaceable>rewrite_contact</replaceable> contact source
1605                                                 address being refreshed.
1606                                                 </para></note>
1607                                                 <note><para>This should be set to <literal>yes</literal> and
1608                                                 <replaceable>max_contacts</replaceable> set to <literal>1</literal> if you
1609                                                 wish to stick with the older <literal>chan_sip</literal> behaviour.
1610                                                 </para></note>
1611                                         </description>
1612                                 </configOption>
1613                                 <configOption name="type">
1614                                         <synopsis>Must be of type 'aor'.</synopsis>
1615                                 </configOption>
1616                                 <configOption name="qualify_frequency" default="0">
1617                                         <synopsis>Interval at which to qualify an AoR</synopsis>
1618                                         <description><para>
1619                                                 Interval between attempts to qualify the AoR for reachability.
1620                                                 If <literal>0</literal> never qualify. Time in seconds.
1621                                         </para></description>
1622                                 </configOption>
1623                                 <configOption name="qualify_timeout" default="3.0">
1624                                         <synopsis>Timeout for qualify</synopsis>
1625                                         <description><para>
1626                                                 If the contact doesn't respond to the OPTIONS request before the timeout,
1627                                                 the contact is marked unavailable.
1628                                                 If <literal>0</literal> no timeout. Time in fractional seconds.
1629                                         </para></description>
1630                                 </configOption>
1631                                 <configOption name="authenticate_qualify">
1632                                         <synopsis>Authenticates a qualify challenge response if needed</synopsis>
1633                                         <description>
1634                                                 <para>If true and a qualify request receives a challenge response then
1635                                                 authentication is attempted before declaring the contact available.
1636                                                 </para>
1637                                                 <note><para>This option does nothing as we will always complete
1638                                                 the challenge response authentication if the qualify request is
1639                                                 challenged.
1640                                                 </para></note>
1641                                         </description>
1642                                 </configOption>
1643                                 <configOption name="outbound_proxy">
1644                                         <synopsis>Outbound proxy used when sending OPTIONS request</synopsis>
1645                                         <description><para>
1646                                                 If set the provided URI will be used as the outbound proxy when an
1647                                                 OPTIONS request is sent to a contact for qualify purposes.
1648                                         </para></description>
1649                                 </configOption>
1650                                 <configOption name="support_path">
1651                                         <synopsis>Enables Path support for REGISTER requests and Route support for other requests.</synopsis>
1652                                         <description><para>
1653                                                 When this option is enabled, the Path headers in register requests will be saved
1654                                                 and its contents will be used in Route headers for outbound out-of-dialog requests
1655                                                 and in Path headers for outbound 200 responses. Path support will also be indicated
1656                                                 in the Supported header.
1657                                         </para></description>
1658                                 </configOption>
1659                         </configObject>
1660                         <configObject name="system">
1661                                 <synopsis>Options that apply to the SIP stack as well as other system-wide settings</synopsis>
1662                                 <description><para>
1663                                         The settings in this section are global. In addition to being global, the values will
1664                                         not be re-evaluated when a reload is performed. This is because the values must be set
1665                                         before the SIP stack is initialized. The only way to reset these values is to either
1666                                         restart Asterisk, or unload res_pjsip.so and then load it again.
1667                                 </para></description>
1668                                 <configOption name="timer_t1" default="500">
1669                                         <synopsis>Set transaction timer T1 value (milliseconds).</synopsis>
1670                                         <description><para>
1671                                                 Timer T1 is the base for determining how long to wait before retransmitting
1672                                                 requests that receive no response when using an unreliable transport (e.g. UDP).
1673                                                 For more information on this timer, see RFC 3261, Section 17.1.1.1.
1674                                         </para></description>
1675                                 </configOption>
1676                                 <configOption name="timer_b" default="32000">
1677                                         <synopsis>Set transaction timer B value (milliseconds).</synopsis>
1678                                         <description><para>
1679                                                 Timer B determines the maximum amount of time to wait after sending an INVITE
1680                                                 request before terminating the transaction. It is recommended that this be set
1681                                                 to 64 * Timer T1, but it may be set higher if desired. For more information on
1682                                                 this timer, see RFC 3261, Section 17.1.1.1.
1683                                         </para></description>
1684                                 </configOption>
1685                                 <configOption name="compact_headers" default="no">
1686                                         <synopsis>Use the short forms of common SIP header names.</synopsis>
1687                                 </configOption>
1688                                 <configOption name="threadpool_initial_size" default="0">
1689                                         <synopsis>Initial number of threads in the res_pjsip threadpool.</synopsis>
1690                                 </configOption>
1691                                 <configOption name="threadpool_auto_increment" default="5">
1692                                         <synopsis>The amount by which the number of threads is incremented when necessary.</synopsis>
1693                                 </configOption>
1694                                 <configOption name="threadpool_idle_timeout" default="60">
1695                                         <synopsis>Number of seconds before an idle thread should be disposed of.</synopsis>
1696                                 </configOption>
1697                                 <configOption name="threadpool_max_size" default="0">
1698                                         <synopsis>Maximum number of threads in the res_pjsip threadpool.
1699                                         A value of 0 indicates no maximum.</synopsis>
1700                                 </configOption>
1701                                 <configOption name="disable_tcp_switch" default="yes">
1702                                         <synopsis>Disable automatic switching from UDP to TCP transports.</synopsis>
1703                                         <description><para>
1704                                                 Disable automatic switching from UDP to TCP transports if outgoing
1705                                                 request is too large.  See RFC 3261 section 18.1.1.
1706                                         </para></description>
1707                                 </configOption>
1708                                 <configOption name="follow_early_media_fork">
1709                                         <synopsis>Follow SDP forked media when To tag is different</synopsis>
1710                                         <description><para>
1711                                                 On outgoing calls, if the UAS responds with different SDP attributes
1712                                                 on subsequent 18X or 2XX responses (such as a port update) AND the
1713                                                 To tag on the subsequent response is different than that on the previous
1714                                                 one, follow it.
1715                                                 </para>
1716                                                 <note><para>
1717                                                         This option must also be enabled on endpoints that require
1718                                                         this functionality.
1719                                                 </para></note>
1720                                         </description>
1721                                 </configOption>
1722                                 <configOption name="accept_multiple_sdp_answers">
1723                                         <synopsis>Follow SDP forked media when To tag is the same</synopsis>
1724                                         <description><para>
1725                                                 On outgoing calls, if the UAS responds with different SDP attributes
1726                                                 on non-100rel 18X or 2XX responses (such as a port update) AND the
1727                                                 To tag on the subsequent response is the same as that on the previous one,
1728                                                 process the updated SDP.
1729                                                 </para>
1730                                                 <note><para>
1731                                                         This option must also be enabled on endpoints that require
1732                                                         this functionality.
1733                                                 </para></note>
1734                                         </description>
1735                                 </configOption>
1736                                 <configOption name="type">
1737                                         <synopsis>Must be of type 'system' UNLESS the object name is 'system'.</synopsis>
1738                                 </configOption>
1739                         </configObject>
1740                         <configObject name="global">
1741                                 <synopsis>Options that apply globally to all SIP communications</synopsis>
1742                                 <description><para>
1743                                         The settings in this section are global. Unlike options in the <literal>system</literal>
1744                                         section, these options can be refreshed by performing a reload.
1745                                 </para></description>
1746                                 <configOption name="max_forwards" default="70">
1747                                         <synopsis>Value used in Max-Forwards header for SIP requests.</synopsis>
1748                                 </configOption>
1749                                 <configOption name="keep_alive_interval" default="90">
1750                                         <synopsis>The interval (in seconds) to send keepalives to active connection-oriented transports.</synopsis>
1751                                 </configOption>
1752                                 <configOption name="contact_expiration_check_interval" default="30">
1753                                         <synopsis>The interval (in seconds) to check for expired contacts.</synopsis>
1754                                 </configOption>
1755                                 <configOption name="disable_multi_domain" default="no">
1756                                         <synopsis>Disable Multi Domain support</synopsis>
1757                                         <description><para>
1758                                                 If disabled it can improve realtime performance by reducing the number of database requests.
1759                                         </para></description>
1760                                 </configOption>
1761                                 <configOption name="max_initial_qualify_time" default="0">
1762                                         <synopsis>The maximum amount of time from startup that qualifies should be attempted on all contacts.
1763                                         If greater than the qualify_frequency for an aor, qualify_frequency will be used instead.</synopsis>
1764                                 </configOption>
1765                                 <configOption name="unidentified_request_period" default="5">
1766                                         <synopsis>The number of seconds over which to accumulate unidentified requests.</synopsis>
1767                                         <description><para>
1768                                         If <literal>unidentified_request_count</literal> unidentified requests are received
1769                                         during <literal>unidentified_request_period</literal>, a security event will be generated.
1770                                         </para></description>
1771                                 </configOption>
1772                                 <configOption name="unidentified_request_count" default="5">
1773                                         <synopsis>The number of unidentified requests from a single IP to allow.</synopsis>
1774                                         <description><para>
1775                                         If <literal>unidentified_request_count</literal> unidentified requests are received
1776                                         during <literal>unidentified_request_period</literal>, a security event will be generated.
1777                                         </para></description>
1778                                 </configOption>
1779                                 <configOption name="unidentified_request_prune_interval" default="30">
1780                                         <synopsis>The interval at which unidentified requests are older than
1781                                         twice the unidentified_request_period are pruned.</synopsis>
1782                                 </configOption>
1783                                 <configOption name="type">
1784                                         <synopsis>Must be of type 'global' UNLESS the object name is 'global'.</synopsis>
1785                                 </configOption>
1786                                 <configOption name="user_agent" default="Asterisk &lt;Asterisk Version&gt;">
1787                                         <synopsis>Value used in User-Agent header for SIP requests and Server header for SIP responses.</synopsis>
1788                                 </configOption>
1789                                 <configOption name="regcontext" default="">
1790                                         <synopsis>When set, Asterisk will dynamically create and destroy a NoOp priority 1 extension for a given
1791                                                 peer who registers or unregisters with us.</synopsis>
1792                                 </configOption>
1793                                 <configOption name="default_outbound_endpoint" default="default_outbound_endpoint">
1794                                         <synopsis>Endpoint to use when sending an outbound request to a URI without a specified endpoint.</synopsis>
1795                                 </configOption>
1796                                 <configOption name="default_voicemail_extension">
1797                                         <synopsis>The voicemail extension to send in the NOTIFY Message-Account header if not specified on endpoint or aor</synopsis>
1798                                 </configOption>
1799                                 <configOption name="debug" default="no">
1800                                         <synopsis>Enable/Disable SIP debug logging.  Valid options include yes, no, or
1801                                                 a host address</synopsis>
1802                                 </configOption>
1803                                 <configOption name="endpoint_identifier_order">
1804                                         <synopsis>The order by which endpoint identifiers are processed and checked.
1805                                                 Identifier names are usually derived from and can be found in the endpoint
1806                                                 identifier module itself (res_pjsip_endpoint_identifier_*).
1807                                                 You can use the CLI command "pjsip show identifiers" to see the
1808                                                 identifiers currently available.</synopsis>
1809                                         <description>
1810                                                 <note><para>
1811                                                 One of the identifiers is "auth_username" which matches on the username in
1812                                                 an Authentication header.  This method has some security considerations because an
1813                                                 Authentication header is not present on the first message of a dialog when
1814                                                 digest authentication is used.  The client can't generate it until the server
1815                                                 sends the challenge in a 401 response.  Since Asterisk normally sends a security
1816                                                 event when an incoming request can't be matched to an endpoint, using auth_username
1817                                                 requires that the security event be deferred until a request is received with
1818                                                 the Authentication header and only generated if the username doesn't result in a
1819                                                 match.  This may result in a delay before an attack is recognized.  You can control
1820                                                 how many unmatched requests are received from a single ip address before a security
1821                                                 event is generated using the unidentified_request parameters.
1822                                                 </para></note>
1823                                         </description>
1824                                 </configOption>
1825                                 <configOption name="default_from_user" default="asterisk">
1826                                         <synopsis>When Asterisk generates an outgoing SIP request, the From header username will be
1827                                                 set to this value if there is no better option (such as CallerID) to be
1828                                                 used.</synopsis>
1829                                 </configOption>
1830                                 <configOption name="default_realm" default="asterisk">
1831                                         <synopsis>When Asterisk generates a challenge, the digest realm will be
1832                                                 set to this value if there is no better option (such as auth/realm) to be
1833                                                 used.</synopsis>
1834                                 </configOption>
1835                                 <configOption name="mwi_tps_queue_high" default="500">
1836                                         <synopsis>MWI taskprocessor high water alert trigger level.</synopsis>
1837                                         <description>
1838                                                 <para>On a heavily loaded system you may need to adjust the
1839                                                 taskprocessor queue limits.  If any taskprocessor queue size
1840                                                 reaches its high water level then pjsip will stop processing
1841                                                 new requests until the alert is cleared.  The alert clears
1842                                                 when all alerting taskprocessor queues have dropped to their
1843                                                 low water clear level.
1844                                                 </para>
1845                                         </description>
1846                                 </configOption>
1847                                 <configOption name="mwi_tps_queue_low" default="-1">
1848                                         <synopsis>MWI taskprocessor low water clear alert level.</synopsis>
1849                                         <description>
1850                                                 <para>On a heavily loaded system you may need to adjust the
1851                                                 taskprocessor queue limits.  If any taskprocessor queue size
1852                                                 reaches its high water level then pjsip will stop processing
1853                                                 new requests until the alert is cleared.  The alert clears
1854                                                 when all alerting taskprocessor queues have dropped to their
1855                                                 low water clear level.
1856                                                 </para>
1857                                                 <note><para>Set to -1 for the low water level to be 90% of
1858                                                 the high water level.</para></note>
1859                                         </description>
1860                                 </configOption>
1861                                 <configOption name="mwi_disable_initial_unsolicited" default="no">
1862                                         <synopsis>Enable/Disable sending unsolicited MWI to all endpoints on startup.</synopsis>
1863                                         <description>
1864                                                 <para>When the initial unsolicited MWI notification are
1865                                                 enabled on startup then the initial notifications
1866                                                 get sent at startup.  If you have a lot of endpoints
1867                                                 (thousands) that use unsolicited MWI then you may
1868                                                 want to consider disabling the initial startup
1869                                                 notifications.
1870                                                 </para>
1871                                                 <para>When the initial unsolicited MWI notifications are
1872                                                 disabled on startup then the notifications will start
1873                                                 on the endpoint's next contact update.
1874                                                 </para>
1875                                         </description>
1876                                 </configOption>
1877                                 <configOption name="ignore_uri_user_options">
1878                                         <synopsis>Enable/Disable ignoring SIP URI user field options.</synopsis>
1879                                         <description>
1880                                                 <para>If you have this option enabled and there are semicolons
1881                                                 in the user field of a SIP URI then the field is truncated
1882                                                 at the first semicolon.  This effectively makes the semicolon
1883                                                 a non-usable character for PJSIP endpoint names, extensions,
1884                                                 and AORs.  This can be useful for improving compatibility with
1885                                                 an ITSP that likes to use user options for whatever reason.
1886                                                 </para>
1887                                                 <example title="Sample SIP URI">
1888                                                         sip:1235557890;phone-context=national@x.x.x.x;user=phone
1889                                                 </example>
1890                                                 <example title="Sample SIP URI user field">
1891                                                         1235557890;phone-context=national
1892                                                 </example>
1893                                                 <example title="Sample SIP URI user field truncated">
1894                                                         1235557890
1895                                                 </example>
1896                                                 <note><para>The caller-id and redirecting number strings
1897                                                 obtained from incoming SIP URI user fields are always truncated
1898                                                 at the first semicolon.</para></note>
1899                                         </description>
1900                                 </configOption>
1901                                 <configOption name="use_callerid_contact" default="no">
1902                                         <synopsis>Place caller-id information into Contact header</synopsis>
1903                                         <description><para>
1904                                                 This option will cause Asterisk to place caller-id information into
1905                                                 generated Contact headers.</para>
1906                                         </description>
1907                                 </configOption>
1908                         </configObject>
1909                 </configFile>
1910         </configInfo>
1911         <manager name="PJSIPQualify" language="en_US">
1912                 <synopsis>
1913                         Qualify a chan_pjsip endpoint.
1914                 </synopsis>
1915                 <syntax>
1916                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
1917                         <parameter name="Endpoint" required="true">
1918                                 <para>The endpoint you want to qualify.</para>
1919                         </parameter>
1920                 </syntax>
1921                 <description>
1922                         <para>Qualify a chan_pjsip endpoint.</para>
1923                 </description>
1924         </manager>
1925         <managerEvent language="en_US" name="IdentifyDetail">
1926                 <managerEventInstance class="EVENT_FLAG_COMMAND">
1927                         <synopsis>Provide details about an identify section.</synopsis>
1928                         <syntax>
1929                                 <parameter name="ObjectType">
1930                                         <para>The object's type. This will always be 'identify'.</para>
1931                                 </parameter>
1932                                 <parameter name="ObjectName">
1933                                         <para>The name of this object.</para>
1934                                 </parameter>
1935                                 <parameter name="Endpoint">
1936                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='endpoint']/synopsis/node())"/></para>
1937                                 </parameter>
1938                                 <parameter name="SrvLookups">
1939                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='srv_lookups']/synopsis/node())"/></para>
1940                                 </parameter>
1941                                 <parameter name="Match">
1942                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='match']/synopsis/node())"/></para>
1943                                 </parameter>
1944                                 <parameter name="MatchHeader">
1945                                         <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip_endpoint_identifier_ip']/configFile[@name='pjsip.conf']/configObject[@name='identify']/configOption[@name='match_header']/synopsis/node())"/></para>
1946                                 </parameter>
1947                                 <parameter name="EndpointName">
1948                                         <para>The name of the endpoint associated with this information.</para>
1949                                 </parameter>
1950                         </syntax>
1951                 </managerEventInstance>
1952         </managerEvent>
1953         <managerEvent language="en_US" name="AorDetail">
1954                 <managerEventInstance class="EVENT_FLAG_COMMAND">
1955                         <synopsis>Provide details about an Address of Record (AoR) section.</synopsis>
1956                         <syntax>
1957                                 <parameter name="ObjectType">
1958                                         <para>The object's type. This will always be 'aor'.</para>
1959                                 </parameter>
1960                                 <parameter name="ObjectName">
1961                                         <para>The name of this object.</para>