;
; MSRP Relay example configuration file
;
; This configuration file consists of two subsections:
;
; - a global configuration section under the "Relay" heading
; - a configuration section per username/password retrieval backend

; Global configuration

[Relay]

; mandatory setting
; The X509 certificate file to use during the TLS handshake. A path that
; does not start with / is relative to /etc/msrprelay/ folder
certificate = tls/msrprelay.crt

; mandatory setting
; The X509 private key file to use during the TLS handshake. A path that
; does not start with / is relative to /etc/msrprelay/ folder
key = tls/msrprelay.key

; Local IP address and port to listen on. Default is to listen on all addresses
; for this host on port 2855, the default IANA MSRP port.
address = 0.0.0.0:2855

; Allow other methods besides SEND to be forwarded through the relay
; allow_other_methods = No

; Disable TLS and use TCP only for this MSRP Relay. As this breaks with
; specifications, only use it for debugging purposes.
; debug_notls = No

; Log failed AUTH attempts to the syslog or console.
; log_failed_auth = No

; Maximum ammount of times a newly connected client can re-try an AUTH before
; it gets disconnected.
; max_auth_attempts = 3

; The number of seconds a AUTH challenge, once issued, remains valid
; auth_challenge_expiration_time = 15

; mandatory setting
; The default backend to use for username/password retrieval. Backend names
; refer to modules in the backend package.
backend = memory

; The hostname to present in Use-Path MSRP URIs. Normally this need not be
; specified, as it is fetched automatically from the subject alternative name
; of the TLS certificate. If TLS is disabled and the hostname value is not
; specified, the IP address on which the relay is listening will be used.
; hostname = relay.example.com

; If this value is not specified, the domain part of the authentication is
; taken to be the host part of the URI in the To-Path of the AUTH request. As
; this requires provisioning of SRV records, the value can be manually
; overridden here. Note that this implies that all users are authenticated in
; this, and only this, domain.
; default_domain = example.com

; The logging level can be one of CRITICAL, ERROR, WARNING, INFO and DEBUG,
; in increasing order of verbosity. The default value is DEBUG
; log_level = DEBUG

;
; Backend configuration
;

[Database]

; The Database backend does username/password retrieval from a database
; accessible my SQLObject. By default this is configured to access an
; OpenSER database. As the table and column names are configurable this
; could be any database.

; The URI used to access the database, including username and password. Check
; the SQLObject documentation for syntax.
uri = mysql://user:pass@db/openser

; If this option is set the database will be queried for literal passwords.
; Otherwise, the "ha1" digest hash will be requested.
; cleartext_passwords = Yes

; The name of the database table to consult.
; subscriber_table = subscriber

; The username column.
; username_col = username

; The domain column.
; domain_col = domain

; The password column, consulted if cleartext_passwords is set
; password_col = password

; The ha1 column, consulted if cleartext_passwords is not set
; ha1_col = ha1


[Memory]

; A simple to use memory backend useful for testing purposes. Each entry is
; a username/password pair.

alice@example.com = 1234
bob@example.com = 1234