[][src]Trait trust_dns_server::authority::Authority

pub trait Authority: Send {
    type Lookup: Send + Sized + 'static;
    type LookupFuture: Future<Output = Result<Self::Lookup, LookupError>> + Send;
    fn zone_type(&self) -> ZoneType;

    fn is_axfr_allowed(&self) -> bool;

    fn update(&mut self, update: &MessageRequest) -> UpdateResult<bool>;

    fn origin(&self) -> &LowerName;

    fn lookup(
        &self, 
        name: &LowerName, 
        rtype: RecordType, 
        is_secure: bool, 
        supported_algorithms: SupportedAlgorithms
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>;

    fn search(
        &self, 
        query: &LowerQuery, 
        is_secure: bool, 
        supported_algorithms: SupportedAlgorithms
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>;

    fn get_nsec_records(
        &self, 
        name: &LowerName, 
        is_secure: bool, 
        supported_algorithms: SupportedAlgorithms
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>;

    fn ns(
        &self, 
        is_secure: bool, 
        supported_algorithms: SupportedAlgorithms
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>> { ... }

    fn soa(
        &self
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>> { ... }

    fn soa_secure(
        &self, 
        is_secure: bool, 
        supported_algorithms: SupportedAlgorithms
    ) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>> { ... }

    fn add_update_auth_key(
        &mut self, 
        _name: Name, 
        _key: KEY
    ) -> DnsSecResult<()> { ... }

    fn add_zone_signing_key(&mut self, _signer: Signer) -> DnsSecResult<()> { ... }

    fn secure_zone(&mut self) -> DnsSecResult<()> { ... }
}

Authority implementations can be used with a Catalog

Associated Types

type Lookup: Send + Sized + 'static

Result of a lookup

type LookupFuture: Future<Output = Result<Self::Lookup, LookupError>> + Send

The future type that will resolve to a Lookup

Loading content...

Required methods

fn zone_type(&self) -> ZoneType

What type is this zone

fn is_axfr_allowed(&self) -> bool

Return true if AXFR is allowed

fn update(&mut self, update: &MessageRequest) -> UpdateResult<bool>

Perform a dynamic update of a zone

fn origin(&self) -> &LowerName

Get the origin of this zone, i.e. example.com is the origin for www.example.com

fn lookup(
    &self,
    name: &LowerName,
    rtype: RecordType,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Looks up all Resource Records matching the giving Name and RecordType.

Arguments

  • name - The Name, label, to lookup.
  • rtype - The RecordType, to lookup. RecordType::ANY will return all records matching name. RecordType::AXFR will return all record types except RecordType::SOA due to the requirements that on zone transfers the RecordType::SOA must both precede and follow all other records.
  • is_secure - If the DO bit is set on the EDNS OPT record, then return RRSIGs as well.

Return value

None if there are no matching records, otherwise a Vec containing the found records.

fn search(
    &self,
    query: &LowerQuery,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Using the specified query, perform a lookup against this zone.

Arguments

  • query - the query to perform the lookup with.
  • is_secure - if true, then RRSIG records (if this is a secure zone) will be returned.

Return value

Returns a vectory containing the results of the query, it will be empty if not found. If is_secure is true, in the case of no records found then NSEC records will be returned.

fn get_nsec_records(
    &self,
    name: &LowerName,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Return the NSEC records based on the given name

Arguments

  • name - given this name (i.e. the lookup name), return the NSEC record that is less than this
  • is_secure - if true then it will return RRSIG records as well
Loading content...

Provided methods

fn ns(
    &self,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Get the NS, NameServer, record for the zone

fn soa(
    &self
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Returns the SOA of the authority.

Note: This will only return the SOA, if this is fulfilling a request, a standard lookup should be used, see soa_secure(), which will optionally return RRSIGs.

fn soa_secure(
    &self,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>

Returns the SOA record for the zone

fn add_update_auth_key(&mut self, _name: Name, _key: KEY) -> DnsSecResult<()>

Add a (Sig0) key that is authorized to perform updates against this authority

fn add_zone_signing_key(&mut self, _signer: Signer) -> DnsSecResult<()>

Add Signer

fn secure_zone(&mut self) -> DnsSecResult<()>

Sign the zone for DNSSEC

Loading content...

Implementors

impl Authority for FileAuthority[src]

type Lookup = <InMemoryAuthority as Authority>::Lookup

type LookupFuture = <InMemoryAuthority as Authority>::LookupFuture

fn zone_type(&self) -> ZoneType[src]

What type is this zone

fn is_axfr_allowed(&self) -> bool[src]

Return true if AXFR is allowed

fn update(&mut self, _update: &MessageRequest) -> UpdateResult<bool>[src]

Perform a dynamic update of a zone

fn origin(&self) -> &LowerName[src]

Get the origin of this zone, i.e. example.com is the origin for www.example.com

fn lookup(
    &self,
    name: &LowerName,
    rtype: RecordType,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Looks up all Resource Records matching the giving Name and RecordType.

Arguments

  • name - The Name, label, to lookup.
  • rtype - The RecordType, to lookup. RecordType::ANY will return all records matching name. RecordType::AXFR will return all record types except RecordType::SOA due to the requirements that on zone transfers the RecordType::SOA must both precede and follow all other records.
  • is_secure - If the DO bit is set on the EDNS OPT record, then return RRSIGs as well.

Return value

None if there are no matching records, otherwise a Vec containing the found records.

fn search(
    &self,
    query: &LowerQuery,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Using the specified query, perform a lookup against this zone.

Arguments

  • query - the query to perform the lookup with.
  • is_secure - if true, then RRSIG records (if this is a secure zone) will be returned.

Return value

Returns a vectory containing the results of the query, it will be empty if not found. If is_secure is true, in the case of no records found then NSEC records will be returned.

fn ns(
    &self,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Get the NS, NameServer, record for the zone

fn get_nsec_records(
    &self,
    name: &LowerName,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Return the NSEC records based on the given name

Arguments

  • name - given this name (i.e. the lookup name), return the NSEC record that is less than this
  • is_secure - if true then it will return RRSIG records as well

fn soa(
    &self
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Returns the SOA of the authority.

Note: This will only return the SOA, if this is fulfilling a request, a standard lookup should be used, see soa_secure(), which will optionally return RRSIGs.

fn soa_secure(
    &self,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Returns the SOA record for the zone

fn add_update_auth_key(&mut self, name: Name, key: KEY) -> DnsSecResult<()>[src]

Add a (Sig0) key that is authorized to perform updates against this authority

fn add_zone_signing_key(&mut self, signer: Signer) -> DnsSecResult<()>[src]

Add Signer

fn secure_zone(&mut self) -> DnsSecResult<()>[src]

Sign the zone for DNSSEC

impl Authority for InMemoryAuthority[src]

type Lookup = AuthLookup

type LookupFuture = Ready<Result<Self::Lookup, LookupError>>

fn zone_type(&self) -> ZoneType[src]

What type is this zone

fn is_axfr_allowed(&self) -> bool[src]

Return true if AXFR is allowed

fn update(&mut self, _update: &MessageRequest) -> UpdateResult<bool>[src]

Takes the UpdateMessage, extracts the Records, and applies the changes to the record set.

RFC 2136, DNS Update, April 1997


3.4 - Process Update Section

  Next, the Update Section is processed as follows.

3.4.2 - Update

  The Update Section is parsed into RRs and these RRs are processed in
  order.

3.4.2.1. If any system failure (such as an out of memory condition,
  or a hardware error in persistent storage) occurs during the
  processing of this section, signal SERVFAIL to the requestor and undo
  all updates applied to the zone during this transaction.

3.4.2.2. Any Update RR whose CLASS is the same as ZCLASS is added to
  the zone.  In case of duplicate RDATAs (which for SOA RRs is always
  the case, and for WKS RRs is the case if the ADDRESS and PROTOCOL
  fields both match), the Zone RR is replaced by Update RR.  If the
  TYPE is SOA and there is no Zone SOA RR, or the new SOA.SERIAL is
  lower (according to [RFC1982]) than or equal to the current Zone SOA
  RR's SOA.SERIAL, the Update RR is ignored.  In the case of a CNAME
  Update RR and a non-CNAME Zone RRset or vice versa, ignore the CNAME
  Update RR, otherwise replace the CNAME Zone RR with the CNAME Update
  RR.

3.4.2.3. For any Update RR whose CLASS is ANY and whose TYPE is ANY,
  all Zone RRs with the same NAME are deleted, unless the NAME is the
  same as ZNAME in which case only those RRs whose TYPE is other than
  SOA or NS are deleted.  For any Update RR whose CLASS is ANY and
  whose TYPE is not ANY all Zone RRs with the same NAME and TYPE are
  deleted, unless the NAME is the same as ZNAME in which case neither
  SOA or NS RRs will be deleted.

3.4.2.4. For any Update RR whose class is NONE, any Zone RR whose
  NAME, TYPE, RDATA and RDLENGTH are equal to the Update RR is deleted,
  unless the NAME is the same as ZNAME and either the TYPE is SOA or
  the TYPE is NS and the matching Zone RR is the only NS remaining in
  the RRset, in which case this Update RR is ignored.

3.4.2.5. Signal NOERROR to the requestor.

Arguments

  • update - The UpdateMessage records will be extracted and used to perform the update actions as specified in the above RFC.

Return value

true if any of additions, updates or deletes were made to the zone, false otherwise. Err is returned in the case of bad data, etc.

fn origin(&self) -> &LowerName[src]

Get the origin of this zone, i.e. example.com is the origin for www.example.com

fn lookup(
    &self,
    name: &LowerName,
    query_type: RecordType,
    is_secure: bool,
    supported_algorithms: SupportedAlgorithms
) -> Pin<Box<dyn Future<Output = Result<Self::Lookup, LookupError>> + Send>>[src]

Looks up all Resource Records matching the giving Name and RecordType.

Arguments

  • name - The Name, label, to lookup.
  • rtype - The RecordType, to lookup. RecordType::ANY will return all records matching name. RecordType::AXFR will return all record types except RecordType::SOA due to the requirements that on zone transfers the RecordType::SOA must both precede and follow all other records.
  • is_secure - If the DO bit is set on the EDNS OPT record, then return RRSIGs as well.

Return value

None if there are no matching records, otherwise a Vec containing the found records.

fn add_zone_signing_key(&mut self, _signer: Signer) -> DnsSecResult<()>[src]

This will fail, the dnssec feature must be enabled

fn secure_zone(&mut self) -> DnsSecResult<()>[src]

(Re)generates the nsec records, increments the serial number and signs the zone

Loading content...