toluol_proto/
error.rs

1//! Custom error type definitions.
2
3use thiserror::Error;
4
5use crate::Name;
6
7/// High-level errors.
8#[derive(Debug, Error)]
9pub enum ToluolError {
10    #[error("Tried to create a non-OPT record with OPT RDATA.")]
11    OptRdataForNonOptRecord,
12
13    #[error("Error during parsing.")]
14    Parsing(#[from] ParseError),
15
16    #[error("Error during encoding.")]
17    Encoding(#[from] EncodeError),
18
19    #[error("Could not validate DNSSEC signature.")]
20    Dnssec(#[from] DnssecError),
21}
22
23/// Errors that may arise during parsing.
24#[derive(Debug, Error)]
25pub enum ParseError {
26    #[error("Invalid opcode: valid are 0 to 2 and 4 to 6, got {0}.")]
27    InvalidOpcode(u8),
28
29    #[error("Invalid rcode: valid are 0 to 11 and 16 to 23, got {0}.")]
30    InvalidRcode(u16),
31
32    #[error("Invalid class: valid are 1, 3, 4, 254 or 255, got {0}.")]
33    InvalidClass(u16),
34
35    #[error("Invalid name in OPT record: must be root, is {0}.")]
36    InvalidOptName(Name),
37
38    #[error("Invalid name length: must be smaller than 255, is {0}.")]
39    NameTooLong(usize),
40
41    #[error("Invalid label length in name: must be smaller than 64, is {0}.")]
42    LabelTooLong(usize),
43
44    #[error("Invalid name: labels must contain only a-z, A-Z, 0-9, underscores, and hyphens, and must not start or end with a hyphen.")]
45    NameInvalidChars,
46
47    #[error("Invalid name: contains an empty label.")]
48    EmptyLabel,
49
50    #[error("Invalid label type: must be 192 (i.e. extended) or 0, is {0}.")]
51    InvalidLabelType(u8),
52
53    #[error("Received truncated message: if possible, resend query via TCP.")]
54    TruncatedMessage,
55
56    #[error("Encountered name compression where it is explicitly prohibited.")]
57    CompressionProhibited,
58
59    #[error("Non-ASCII string in message: {0}.")]
60    NonAsciiString(String),
61
62    #[error("Invalid DNSKEY protocol field: must be 3, is {0}.")]
63    InvalidDnskeyProtocol(u8),
64
65    #[error("Invalid LOC version: must be 0, is {0}.")]
66    InvalidLocVersion(u8),
67
68    #[error("Non-ASCII tag or value in CAA record: {0}.")]
69    NonAsciiCaa(String),
70
71    #[error("Invalid issue/issuewild name in CAA record: {0}.")]
72    InvalidCaaIssueName(String),
73
74    #[error("Invalid URL in CAA iodef record.")]
75    InvalidCaaIodefUrl(#[from] url::ParseError),
76
77    #[error("Invalid CAA parameter in value: {0}.")]
78    InvalidCaaParameter(String),
79
80    #[error("IO error.")]
81    IoError(#[from] std::io::Error),
82}
83
84/// Errors that may arise during encoding.
85#[derive(Debug, Error)]
86pub enum EncodeError {
87    #[error("Domain name too long: allowed are up to 255 bytes, got {0}.")]
88    DomainTooLong(usize),
89
90    #[error("Label too long: allowed are up to 63 bytes, got {0}.")]
91    LabelTooLong(usize),
92
93    #[error("AA or RA flag set in a query.")]
94    AaOrRaInQuery,
95
96    #[error("Tried to encode non-ASCII string: {0}.")]
97    NonAsciiString(String),
98
99    #[error("IO error.")]
100    IoError(#[from] std::io::Error),
101}
102
103/// Errors that may arise during DNSSEC validation.
104///
105/// These stem either from incorrect usage (e.g. passing an A record where an RRSIG record was
106/// expected) or are actual validation errors (e.g. the signature has expired).
107#[derive(Debug, Error)]
108pub enum DnssecError {
109    #[error("Invalid RRSIG label count: the record has {0} labels, but the RRSIG labels field has value {1}.")]
110    InvalidRrsigLabelCount(u8, u8),
111
112    #[error("Invalid record set: no records given.")]
113    EmptyRrset,
114
115    #[error("Invalid record set: not all records have the same owner name and record type.")]
116    InvalidRrSet,
117
118    #[error("Tried to use a record other than RRSIG for validation.")]
119    NonRrsigRecordGiven,
120
121    #[error("Tried to use a record other than DNSKEY for validation.")]
122    NonDnskeyRecordGiven,
123
124    #[error("The RRSIG does not cover the record set's type.")]
125    RrsigDoesNotCoverType,
126
127    #[error("The RRSIG record's owner is different from the record set's owner.")]
128    RrsigHasDifferentOwner,
129
130    #[error("The RRSIG record's class is different from the record set's class.")]
131    RrsigHasDifferentClass,
132
133    #[error("The RRSIG signature expiration lies before the signature inception.")]
134    RrsigExpirationBeforeInception,
135
136    #[error("The RRSIG signature is not valid yet.")]
137    RrsigNotValidYet,
138
139    #[error("The RRSIG signature has expired.")]
140    RrsigExpired,
141
142    #[error("The RRSIG signer's name is not in the record set's (parent) zone.")]
143    RrsigSignerNotInParentZone,
144
145    #[error("The RRSIG signer's name is different from the DNSKEY record's owner name.")]
146    RrsigSignerDoesNotMatchDnskey,
147
148    #[error("The RRSIG's key tag is different from the DNSKEY record's calculated key tag.")]
149    RrsigKeyTagDoesNotMatchDnskey,
150
151    #[error("The RRSIG's algorithm is different from the DNSKEY record's algorithm.")]
152    RrsigAlgorithmDoesNotMatchDnskey,
153
154    #[error("The DNSKEY record does not have the zone flag set.")]
155    DnskeyNoZoneFlag,
156
157    #[error("The DNSKEY record has been revoked.")]
158    DnskeyRevoked,
159
160    #[error("Unsupported DNSSEC algorithm.")]
161    UnsupportedAlgorithm,
162
163    #[error("Could not parse the DNSKEY public key data.")]
164    ParseKey,
165
166    #[error("Could not parse the RRSIG signature data.")]
167    ParseSignature,
168
169    #[error("The signature is invalid.")]
170    InvalidSignature,
171
172    #[error("Encoding during validation failed.")]
173    EncodingFailed(#[from] EncodeError),
174}
toluol_proto/error.rs

toluol_proto/
error.rs
