sasl/saslauthd.conf@fd611cde817f (annotated)
sasl/saslauthd.conf
Sat, 24 Mar 2012 21:40:49 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 24 Mar 2012 21:40:49 +0100
- changeset 414
- fd611cde817f
- permissions
- -rw-r--r--
Introduce many changes to the buildconf and source code including:
(01) clean up, update, and partially update default config files,
(02) seems that Melware is unable to perform release engineering so
update chan_capi to new daily snapshot to solve echo problems,
(03) correct Asterisk inadequate hard coded gmime version check,
(04) force postgresql pthreads linkage to solve build problem,
(05) remove buggy hard coded LibXML configure definitions,
(06) remove local architecture specification to allow GCC
internal logic to determine proper CPU type instead,
(07) remove vendor sound install target causing uncontrolled
downloads and non RPM managed file installation,
(08) solve long outstanding bug in tcptls causing Asterisk
to ignore any intermediate CA certificate signatures,
(09) back out Digium engineering team's bright idea of replacing the
very portable and pervasive POSIX rand(1) with ast_random(), and
then not even implementing it causing all references to fail in
platforms not providing the very new POSIX.1-2008 mkdtemp(3)
function only distributed by BSD and some Linux,
(10) withdraw advanced linker symbol manipulations from SVR5 builds
until either Binutils supports hybrid versioned and anonymous
linker scripts or GCC stops hard coding versioned linker scripts,
(11) correct missing library linkage, some tailored to a specific OS,
(12) remove outdated logic for the no longer distributed gmime-config(1),
(13) remove local gmime buildconf hacks now that Asterisk has corrected
their own build configuration to almost portably support gmime,
(14) solve build problems relating to undetected LibXML paths,
(15) correct erroneous out of tree include definitions,
(16) improve some variable and comment naming,
(17) simplify sound language path hierarchy creation,
and correct australian english installation logic.
| michael@144 | 1 | ## |
| michael@144 | 2 | ## saslauthd.conf -- SASL Authentication Daemon Configuration |
| michael@144 | 3 | ## |
| michael@144 | 4 | |
| michael@144 | 5 | # white space separated list of LDAP servers |
| michael@144 | 6 | ldap_servers: ldap://127.0.0.1 |
| michael@144 | 7 | |
| michael@144 | 8 | # authentication for restricted LDAP servers |
| michael@144 | 9 | #ldap_bind_dn: cn=operator,ou=Profile,o=example.com |
| michael@144 | 10 | #ldap_bind_pw: secret |
| michael@144 | 11 | |
| michael@144 | 12 | # LDAP version to use (2|3) |
| michael@144 | 13 | #ldap_version 3 |
| michael@144 | 14 | |
| michael@144 | 15 | # LDAP timeout |
| michael@144 | 16 | #ldap_timeout 5 |
| michael@144 | 17 | |
| michael@144 | 18 | # LDAP aliases (search|find|always|never) |
| michael@144 | 19 | ldap_deref: never |
| michael@144 | 20 | |
| michael@144 | 21 | # follow LDAP referrals ? |
| michael@144 | 22 | ldap_referrals: no |
| michael@144 | 23 | |
| michael@144 | 24 | # restart LDAP I/O operations that fail ? |
| michael@144 | 25 | ldap_restart: yes |
| michael@144 | 26 | |
| michael@144 | 27 | # search scope (sub|one|base) |
| michael@144 | 28 | #ldap_scope: sub |
| michael@144 | 29 | |
| michael@144 | 30 | # starting point for a search |
| michael@144 | 31 | ldap_search_base: MUST-SPECIFY |
| michael@144 | 32 | |
| michael@144 | 33 | # authenticate against LDAP (bind|custom|fastbind) |
| michael@144 | 34 | ldap_auth_method: bind |
| michael@144 | 35 | |
| michael@144 | 36 | # Filter LDAP records, %u = username, %r = realm |
| michael@144 | 37 | # if ldap_auth_method is 'bind' the filter searches for the DN |
| michael@144 | 38 | # otherwise the filter searches for the userPassword attribute |
| michael@144 | 39 | #ldap_filter: uid=%u |
| michael@144 | 40 | |
| michael@144 | 41 | # debugging LDAP operation |
| michael@144 | 42 | #ldap_debug 0 |
| michael@144 | 43 | |
| michael@144 | 44 | # require and verify server certificate |
| michael@144 | 45 | #ldap_tls_check_peer: no |
| michael@144 | 46 | #ldap_tls_cacert_file: |
| michael@144 | 47 | #ldap_tls_cacert_dir: |
| michael@144 | 48 | |
| michael@144 | 49 | # list of SSL/TLS ciphers to allow |
| michael@144 | 50 | #ldap_tls_ciphers: DEFAULT |
| michael@144 | 51 | |
| michael@144 | 52 | # files containing client certificate and key |
| michael@144 | 53 | #ldap_tls_cert: |
| michael@144 | 54 | #ldap_tls_key: |
| michael@144 | 55 |
