res_pjsip: Update authentication realm documentation.

Using the same auth section for inbound and outbound authentication is not
recommended.  There is a difference in meaning for an empty realm setting
between inbound and outbound authentication uses.

An empty inbound auth realm represents the global section's default_realm
value when the authentication object is used to challenge an incoming
request.  An empty outgoing auth realm is treated as a don't care wildcard
when the authentication object is used to respond to an incoming
authentication challenge.

ASTERISK-26799

Change-Id: Id3952f7cfa1b6683b9954f2c5d2352d2f11059ce

1 files changed, 12 insertions, 1 deletions

diff --git a/res/res_pjsip_outbound_registration.c b/res/res_pjsip_outbound_registration.c
index d486ccd63..137f3a832 100644
--- a/res/res_pjsip_outbound_registration.c
+++ b/res/res_pjsip_outbound_registration.c
@@ -82,7 +82,18 @@
 					<synopsis>Maximum number of registration attempts.</synopsis>
 				</configOption>
 				<configOption name="outbound_auth" default="">
-					<synopsis>Authentication object to be used for outbound registrations.</synopsis>
+					<synopsis>Authentication object(s) to be used for outbound registrations.</synopsis>
+					<description><para>
+						This is a comma-delimited list of <replaceable>auth</replaceable>
+						sections defined in <filename>pjsip.conf</filename> used to respond
+						to outbound authentication challenges.</para>
+						<note><para>
+						Using the same auth section for inbound and outbound
+						authentication is not recommended.  There is a difference in
+						meaning for an empty realm setting between inbound and outbound
+						authentication uses.  See the auth realm description for details.
+						</para></note>
+					</description>
 				</configOption>
 				<configOption name="outbound_proxy" default="">
 					<synopsis>Outbound Proxy used to send registrations</synopsis>