Struct domain::tsig::ClientSequence
source · [−]pub struct ClientSequence<K> { /* private fields */ }
tsig
only.Expand description
TSIG client sequence state.
This type allows a client to create a signed request and later check a series of answers for being signed accordingly. It is necessary because the signatures in the second and later answers in the sequence are generated in a different way than the first one.
Much like with ClientTransaction
, you can sign a request via the
request
method provding the signing key and receiving the signed
version of the message and a client transaction value. You can then use
this value to validate a sequence of answers as they are received by
giving them to the answer
method.
Once you have received the last answer, you call the done
method to
check whether the sequence was allowed to end. This is necessary because
TSIG allows intermediary messages to be unsigned but demands the last
message to be signed.
Implementations
sourceimpl<K: AsRef<Key>> ClientSequence<K>
impl<K: AsRef<Key>> ClientSequence<K>
sourcepub fn request<Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>>(
key: K,
message: &mut AdditionalBuilder<Target>
) -> Result<Self, ShortBuf>
pub fn request<Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>>(
key: K,
message: &mut AdditionalBuilder<Target>
) -> Result<Self, ShortBuf>
Creates a sequence for a request.
The function will sign the message as it has been built so far using the given key and add a corresponding TSIG record to it. If this fails because there wasn’t enough space left in the message builder, returns the builder untouched as the error case. Otherwise, it will freeze the message and return both it and a new value of a client sequence.
sourcepub fn request_with_fudge<Target>(
key: K,
message: &mut AdditionalBuilder<Target>,
fudge: u16
) -> Result<Self, ShortBuf>where
Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>,
pub fn request_with_fudge<Target>(
key: K,
message: &mut AdditionalBuilder<Target>,
fudge: u16
) -> Result<Self, ShortBuf>where
Target: OctetsBuilder + AsRef<[u8]> + AsMut<[u8]>,
Creates a sequence for a request with a specific fudge.
This is almost identical to request
but allows you to explicitely
specify a value of fudge which describes the number of seconds the
recipients clock may differ from this system’s current time when
checking the request. The default value used by request
is 300
seconds.
sourcepub fn answer<Octets>(
&mut self,
message: &mut Message<Octets>
) -> Result<(), ValidationError>where
Octets: AsRef<[u8]> + AsMut<[u8]>,
for<'a> &'a Octets: OctetsRef,
pub fn answer<Octets>(
&mut self,
message: &mut Message<Octets>
) -> Result<(), ValidationError>where
Octets: AsRef<[u8]> + AsMut<[u8]>,
for<'a> &'a Octets: OctetsRef,
Validates an answer.
If the answer contains exactly one TSIG record as its last record, removes this record and checks that it correctly signs this message as part of the sequence.
If it doesn’t or if there had been more than 99 unsigned messages in the sequence since the last signed one, returns an error.
Trait Implementations
sourceimpl<K: Clone> Clone for ClientSequence<K>
impl<K: Clone> Clone for ClientSequence<K>
sourcefn clone(&self) -> ClientSequence<K>
fn clone(&self) -> ClientSequence<K>
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more