trust-dns 0.11.0

TRust-DNS is a safe and secure DNS library. This is the Client library with DNSec support. DNSSec with NSEC validation for negative records, is complete. The client supports dynamic DNS with SIG0 authenticated requests, implementing easy to use high level funtions. TRust-DNS is based on the Tokio and Futures libraries, which means it should be easily integrated into other software that also use those libraries.
 * Copyright (C) 2015 Benjamin Fry <>
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * See the License for the specific language governing permissions and
 * limitations under the License.

//! Extended DNS options

use rr::{DNSClass, Name, Record, RecordType, RData};
use rr::rdata::OPT;
use rr::rdata::opt::{EdnsCode, EdnsOption};

/// Edns implements the higher level concepts for working with extended dns as it is used to create or be
/// created from OPT record data.
#[derive(Debug, PartialEq, Clone)]
pub struct Edns {
    // high 8 bits that make up the 12 bit total field when included with the 4bit rcode from the
    //  header (from TTL)
    rcode_high: u8,
    // Indicates the implementation level of the setter. (from TTL)
    version: u8,
    // Is DNSSec supported (from TTL)
    dnssec_ok: bool,
    // max payload size, minimum of 512, (from RR CLASS)
    max_payload: u16,

    options: OPT,

impl Edns {
    /// Creates a new extended DNS object.
    pub fn new() -> Self {
        Edns {
            rcode_high: 0,
            version: 0,
            dnssec_ok: false,
            max_payload: 512,
            options: OPT::default(),

    /// The high order bytes for the response code in the DNS Message
    pub fn rcode_high(&self) -> u8 {

    /// Returns the EDNS version
    pub fn version(&self) -> u8 {

    /// Specifies that DNSSec is supported for this Client or Server
    pub fn dnssec_ok(&self) -> bool {

    /// Maximum supported size of the DNS payload
    pub fn max_payload(&self) -> u16 {

    /// Returns the Option associated with the code
    pub fn option(&self, code: &EdnsCode) -> Option<&EdnsOption> {

    /// Returns the options portion of EDNS
    pub fn options(&self) -> &OPT {

    /// Set the high order bits for the result code.
    pub fn set_rcode_high(&mut self, rcode_high: u8) {
        self.rcode_high = rcode_high

    /// Set the EDNS version
    pub fn set_version(&mut self, version: u8) {
        self.version = version

    /// Set to true if DNSSec is supported
    pub fn set_dnssec_ok(&mut self, dnssec_ok: bool) {
        self.dnssec_ok = dnssec_ok

    /// Set the maximum payload which can be supported
    pub fn set_max_payload(&mut self, max_payload: u16) {
        self.max_payload = max_payload

    /// Set the specified EDNS option
    pub fn set_option(&mut self, option: EdnsOption) {

impl<'a> From<&'a Record> for Edns {
    fn from(value: &'a Record) -> Self {
        assert!(value.rr_type() == RecordType::OPT);

        let rcode_high: u8 = ((value.ttl() & 0xFF000000u32) >> 24) as u8;
        let version: u8 = ((value.ttl() & 0x00FF0000u32) >> 16) as u8;
        let dnssec_ok: bool = value.ttl() & 0x00008000 == 0x00008000;
        let max_payload: u16 = if u16::from(value.dns_class()) < 512 {
        } else {

        let options: OPT = match value.rdata() {
            &RData::NULL(..) => {
                // NULL, there was no data in the OPT
            &RData::OPT(ref option_data) => {
                option_data.clone() // TODO: Edns should just refer to this, have the same lifetime as the Record
            _ => {
                // this should be a coding error, as opposed to a parsing error.
                panic!("rr_type doesn't match the RData: {:?}", value.rdata()); // valid panic, never should happen

        Edns {
            rcode_high: rcode_high,
            version: version,
            dnssec_ok: dnssec_ok,
            max_payload: max_payload,
            options: options,

impl<'a> From<&'a Edns> for Record {
    /// This returns a Resource Record that is formatted for Edns(0).
    /// Note: the rcode_high value is only part of the rcode, the rest is part of the base
    fn from(value: &'a Edns) -> Record {
        let mut record: Record = Record::new();


        // rebuild the TTL field
        let mut ttl: u32 = (value.rcode_high() as u32) << 24;
        ttl |= (value.version() as u32) << 16;

        if value.dnssec_ok() {
            ttl |= 0x00008000;

        // now for each option, write out the option array
        //  also, since this is a hash, there is no guarantee that ordering will be preserved from
        //  the original binary format.
        // maybe switch to:


fn test_encode_decode() {
    use rr::dnssec::SupportedAlgorithms;

    let mut edns: Edns = Edns::new();


    let record: Record = (&edns).into();
    let edns_decode: Edns = (&record).into();

    assert_eq!(edns.dnssec_ok(), edns_decode.dnssec_ok());
    assert_eq!(edns.max_payload(), edns_decode.max_payload());
    assert_eq!(edns.version(), edns_decode.version());
    assert_eq!(edns.rcode_high(), edns_decode.rcode_high());
    assert_eq!(edns.options(), edns_decode.options());