Struct domain::tsig::ServerSequence

pub struct ServerSequence<K> { /* private fields */ }

Available on crate feature tsig only.

TSIG server sequence state.

This type allows to verify that a request has been correctly signed with a known key and produce a sequence of answers to this request.

A sequence is created by giving a received message and a set of acceptable keys to the request function. It will produce a server sequence value if the message was correctly signed with any of keys. Each answer message is then given to answer to finalize it into a signed message.

Note that while the original RFC 2845 allows a sequence of up to 99 intermediary messages not to be signed, this is in the process of being deprecated. This implementation therefore signs each and every answer.

Implementations

impl<K: AsRef<Key>> ServerSequence<K>

pub fn request<Store, Octets>(
    store: &Store,
    message: &mut Message<Octets>
) -> Result<Option<Self>, ServerError<K>>where
    Store: KeyStore<Key = K>,
    Octets: AsRef<[u8]> + AsMut<[u8]>,
    for<'o> &'o Octets: OctetsRef,

Creates a sequence from the request.

The function checks whether the message carries exactly one TSIG record as the last record of the additional section. If this is the case, it removes the record form the message and checks whether it is correctly signing the request with any of the keys provided by the store. If that is the case, too, returns a server transaction.

If the message did not have a TSIG record, returns Ok(None) indicating the lack of signing.

If anything is wrong with the message with regards to TSIG, the function returns the error message that should be returned to the client as the error case of the result.

pub fn answer<Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>>(
    &mut self,
    message: &mut AdditionalBuilder<Target>
) -> Result<(), ShortBuf>

Produces a signed answer.

The method takes a message builder progressed into the additional section and signs it as the next answer in the sequence. To do so, it attempts to add a TSIG record to the additional section, if that fails because there wasn’t enough space in the builder, returns the unchanged builder as an error.

pub fn answer_with_fudge<Target>(
    &mut self,
    message: &mut AdditionalBuilder<Target>,
    fudge: u16
) -> Result<(), ShortBuf>where
    Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>,

Produces a signed answer with a given fudge.

This is nearly identical to answer except that it allows to specify the ‘fudge’ which declares the number of seconds the receiver’s clock may be off from this systems current time.

pub fn key(&self) -> &Key

Returns a reference to the transaction’s key.

Trait Implementations

impl<K: Clone> Clone for ServerSequence<K>

fn clone(&self) -> ServerSequence<K>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<K: Debug> Debug for ServerSequence<K>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.