Struct domain::tsig::ServerTransaction

pub struct ServerTransaction<K> { /* private fields */ }

Available on crate feature tsig only.

TSIG Server Transaction State.

This type allows checking a received request and sign an answer to it before sending it out.

A received request is given to request together with a set of acceptable keys via a key store which will produce a server transaction value if the message was signed. Once an answer is ready, it can be given to that transaction value to sign it, thereby producing a message that can be returned to the client.

Implementations

impl<K: AsRef<Key>> ServerTransaction<K>

pub fn request<Store, Octets>(
    store: &Store,
    message: &mut Message<Octets>
) -> Result<Option<Self>, ServerError<K>>where
    Store: KeyStore<Key = K>,
    Octets: AsRef<[u8]> + AsMut<[u8]>,
    for<'o> &'o Octets: OctetsRef,

Creates a transaction for a request.

The function checks whether the message carries exactly one TSIG record as the last record of the additional section. If this is the case, it removes the record form the message and checks whether it is correctly signing the request with any of the keys provided by the store. If that is the case, too, returns a server transaction.

If the message did not have a TSIG record, returns Ok(None) indicating the lack of signing.

If anything is wrong with the message with regards to TSIG, the function returns the error message that should be returned to the client as the error case of the result.

pub fn answer<Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>>(
    self,
    message: &mut AdditionalBuilder<Target>
) -> Result<(), ShortBuf>

Produces a signed answer.

The method takes a message builder that has been processed to the additional stage already. It will then produce a signature for this message using the key and additional information derived from the original request. It tries to add this signature to the message as a TSIG record. If this succeeds, it freezes the message since the TSIG record must be the last record and returns it.

If appending the TSIG record fails, which can only happen if there isn’t enough space left, it returns the builder unchanged as the error case.

pub fn answer_with_fudge<Target>(
    self,
    message: &mut AdditionalBuilder<Target>,
    fudge: u16
) -> Result<(), ShortBuf>where
    Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>,

Produces a signed answer with a given fudge.

This method is similar to answer but lets you explicitely state the fudge, i.e., the number of seconds the recipient’s clock is allowed to differ from your current time when checking the signature. The default, suggested by the RFC, is 300.

pub fn key(&self) -> &Key

Returns a reference to the transaction’s key.

Trait Implementations

impl<K: Clone> Clone for ServerTransaction<K>

fn clone(&self) -> ServerTransaction<K>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<K: Debug> Debug for ServerTransaction<K>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.