Struct domain::tsig::ClientSequence

pub struct ClientSequence<K> { /* private fields */ }

Available on crate feature tsig only.

TSIG client sequence state.

This type allows a client to create a signed request and later check a series of answers for being signed accordingly. It is necessary because the signatures in the second and later answers in the sequence are generated in a different way than the first one.

Much like with ClientTransaction, you can sign a request via the request method provding the signing key and receiving the signed version of the message and a client transaction value. You can then use this value to validate a sequence of answers as they are received by giving them to the answer method.

Once you have received the last answer, you call the done method to check whether the sequence was allowed to end. This is necessary because TSIG allows intermediary messages to be unsigned but demands the last message to be signed.

Implementations

impl<K: AsRef<Key>> ClientSequence<K>

pub fn request<Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>>(
    key: K,
    message: &mut AdditionalBuilder<Target>
) -> Result<Self, ShortBuf>

Creates a sequence for a request.

The function will sign the message as it has been built so far using the given key and add a corresponding TSIG record to it. If this fails because there wasn’t enough space left in the message builder, returns the builder untouched as the error case. Otherwise, it will freeze the message and return both it and a new value of a client sequence.

pub fn request_with_fudge<Target>(
    key: K,
    message: &mut AdditionalBuilder<Target>,
    fudge: u16
) -> Result<Self, ShortBuf>where
    Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>,

Creates a sequence for a request with a specific fudge.

This is almost identical to request but allows you to explicitely specify a value of fudge which describes the number of seconds the recipients clock may differ from this system’s current time when checking the request. The default value used by request is 300 seconds.

pub fn answer<Octets>(
    &mut self,
    message: &mut Message<Octets>
) -> Result<(), ValidationError>where
    Octets: AsRef<[u8]> + AsMut<[u8]>,
    for<'a> &'a Octets: OctetsRef,

Validates an answer.

If the answer contains exactly one TSIG record as its last record, removes this record and checks that it correctly signs this message as part of the sequence.

If it doesn’t or if there had been more than 99 unsigned messages in the sequence since the last signed one, returns an error.

pub fn done(self) -> Result<(), ValidationError>

Validates the end of the sequence.

Specifically, this checks that the last message given to answer had been signed.

pub fn key(&self) -> &Key

Returns a reference to the transaction’s key.

Trait Implementations

impl<K: Clone> Clone for ClientSequence<K>

fn clone(&self) -> ClientSequence<K>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<K: Debug> Debug for ClientSequence<K>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.