Comments (11)
My Update code looks like this:
fn build_update(se: &services::ServiceEvent) -> Message
{
use std::str::FromStr;
use domain_core::bits::{Dname, MessageBuilder, SectionBuilder, RecordSectionBuilder};
use domain_core::iana::opcode;
use domain_core::iana::Rtype;
let mut msg = MessageBuilder::new_udp();
msg.header_mut().set_opcode(opcode::Opcode::Update);
// Zone section
let name = Dname::from_str(&se.subdomain).unwrap();
msg.push((&name, Rtype::Soa)).unwrap();
// skip prereq sections
let msg = msg.answer();
// add to Update section
let mut msg = msg.authority();
msg.push((&se.sname, 86400, se.sdata.clone())).unwrap();
let mut msg = msg.opt().unwrap();
msg.freeze()
}
For the API, I could use something like:
msg.set_tsig();
in the OPT section or would you prefer something else?
from domain.
Oops, I think I remembered that wrong. It's just the last record, not in the OPT but after the OPT.
from domain.
Or maybe the API should be more like:
msg.push(msg.tsig());
from domain.
There’s two parts to this. First you need to add core::rdata::rfc2845.rs
with the Tsig
record data. Once you have that, the most simple way is to push the record in the additional builder.
The more advance version is also more complex to implement. It would take a key and some parameters (like fuzz), calculate the signature and the TSIG record, add that to the additional section, and freeze the message (assuming TSIG is always last). That would require some trait for the algorithms. I think it would look something like the one we did for rpki-rs. except it should also allow validation.
For validation, it would be cool if Message
had a method to validate a TSIG and produce another Message
on success.
from domain.
Addendum: If you prefer me taking a stab at the implementation, I’d be happy to. I want to get started at implementing zone signing, anyway, so this might be a good time to lay out the underlying infrastructure for swapping out signers etc.
from domain.
Yes, please do. I welcome the assistance.
from domain.
Quick question: Do you need to support HMAC-MD5 or is the SHA family sufficient. Background is that ring doesn’t seem support MD5 but I would like to only depend on ring.
from domain.
No, I will not need MD5. Probably only use SHA-256 for the foreseeable future.
from domain.
Quick update: I have an initial implementation. Cleaning this up now and hoping to have it ready tomorrow.
from domain.
Nice! I will try it out at the IETF Hackathon if not before.
from domain.
This has been implemented in #16 which has been merged.
from domain.
Related Issues (20)
- Domains
- Change `qr` bit HOT 3
- domain::zonefile::inplace::Zonefile adds two extra bytes to the public key of a DNSKEY record HOT 2
- Rename variants of `base::name::FromStrError`.
- `FoundSrvs::into_srvs` missing from v0.8.0
- function dname_from_addr HOT 3
- Difference between domain::base::name::Dname and domain::rdata::dname::Dname? HOT 2
- Make it easier to manipulate messages. HOT 4
- Ns record extraction HOT 2
- The TXT record concatenates and outputs all character strings HOT 4
- Reject empty TXT record data.
- Update the README
- Mistake in Dname::from_slice doc example HOT 1
- Stable/core RRSet type HOT 6
- serde_json round-trip of TXT record fails with spaces HOT 2
- ZoneRecordData should include CAA records HOT 1
- Change IANA types from an enum into a struct wrapping an integer.
- Switch `ToDname` et al. to have a `try_to_dname`/`to_dname` pair.
- idns: report redundant statistics
- Using pre-release version HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from domain.