© 2003 - 2005 Sipura Technology, Inc
Proprietary (See Copyright Notice on Page 2)
21
3. Software Configuration
3.1. Provisioning
Please refer to the Sipura SPA Provisioning Guide document for information pertaining to
•
HTTPS provisioning features available (starting with Sipura release 2.0).
•
Setting up a provisioning system for a large number of Sipura analog telephone adapters.
•
Complete list of provisioning parameters.
3.1.1. Provisioning
Capabilities
The SPA provides for secure provisioning and remote upgrade. Provisioning is achieved through
configuration profiles transferred to the device via TFTP, HTTP or HTTPS. The SPA can be
configured to resync its internal configuration state to a remote profile periodically and on power up.
Starting with firmware release 2.0 256-bit symmetric key encryption of profiles is supported. In
addition, an unprovisioned SPA can receive an encrypted profile specifically targeted for that device
without requiring an explicit key. Version 2.0 supports a secure first-time provisioning mechanism
using SSL functionality. This functionality is explained later in this section.
Remote firmware upgrade is achieved via TFTP or HTTP. Firmware upgrades using HTTPS are not
supported. The SPA upgrade logic is capable of automating multi-stage upgrades, in case
intermediate upgrades are ever required to reach a future upgrade state from an older release.
General purpose parameters are provided as an additional aid to service providers in managing the
provisioning process.
All profile resyncs are attempted only when the SPA is idle, since they may trigger a software reboot.
User intervention is not required to initiate or complete a profile update or firmware upgrade.
3.1.2. Configuration
Profile
The SPA configuration profile is a binary file with encoded SPA parameter values and user access
permissions for those parameters. By convention, the profile is named with the extension “.cfg” (e.g.
spa2000.cfg). The Sipura Profile Compiler tool (SPC) is provided for compiling a plain-text file
containing parameter-value pairs into a properly formatted and encrypted CFG file. The spc tool is
available from Sipura for the Win32 environment (spc.exe), Linux-i386-elf environment (spc-linux-
i386-static). Availability of the SPC tool for the OpenBSD environment is available on a case-by-case
basis.
The syntax of the plain-text file accepted by the release 2.0 profile compiler is a series of parameter-
value pairs, with the value in double quotes. Each parameter-value pair is followed by a semicolon,
e.g. parameter_name “parameter_value”;. If no quoted value is specified for a parameter (or if a
parameter specification is missing entirely from the plain-text file) the value of the parameter will
remain unchanged in the SPA.
The syntax also controls the parameter’s user-level access when using the built-in web interface to
the SPA. An optional exclamation point or question mark, immediately following the parameter name,
indicates the parameter should be user read-write or read-only, respectively. If neither mark is
present, the parameter is made inaccessible to the user from the web interface. Note that this syntax
has no effect on the admin-level access to the parameters.
In this way, a service provider is given full control over which parameters become inaccessible, read-
only, or read-write following provisioning of the SPA.
