fix dnssec warnings
This commit is contained in:
Benjamin Fry
parent
eb46623d30
commit
c9523a8695
@ -1040,7 +1040,6 @@ and there is no easy way to migrate the original Server to use ServerFuture.
|
||||
- library documentation examples
|
||||
- test coverage for resolver
|
||||
|
||||
|
||||
## 0.2.0 (Client/Server 2015-09-07)
|
||||
|
||||
### Added
|
||||
|
||||
@ -21,21 +21,19 @@ use tokio::runtime::{self, Runtime};
|
||||
use trust_dns_proto::xfer::DnsRequest;
|
||||
|
||||
use crate::client::async_client::ClientStreamXfr;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::client::AsyncDnssecClient;
|
||||
use crate::client::{AsyncClient, ClientConnection, ClientHandle, Signer};
|
||||
use crate::error::*;
|
||||
use crate::proto::{
|
||||
error::ProtoError,
|
||||
xfer::{DnsExchangeSend, DnsHandle, DnsResponse},
|
||||
};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::dnssec::tsig::TSigner;
|
||||
use crate::rr::dnssec::SigSigner;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::dnssec::TrustAnchor;
|
||||
use crate::rr::rdata::SOA;
|
||||
use crate::rr::{DNSClass, Name, Record, RecordSet, RecordType};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use {
|
||||
crate::client::AsyncDnssecClient,
|
||||
crate::rr::dnssec::{tsig::TSigner, SigSigner, TrustAnchor},
|
||||
};
|
||||
|
||||
use super::ClientStreamingResponse;
|
||||
|
||||
@ -463,6 +461,8 @@ impl<CC: ClientConnection> SyncClient<CC> {
|
||||
///
|
||||
/// * `conn` - the [`ClientConnection`] to use for all communication
|
||||
/// * `signer` - signer to use, this needs an associated private key
|
||||
#[cfg(feature = "dnssec")]
|
||||
#[cfg_attr(docsrs, doc(cfg(feature = "dnssec")))]
|
||||
pub fn with_signer(conn: CC, signer: SigSigner) -> Self {
|
||||
SyncClient {
|
||||
conn,
|
||||
|
||||
@ -31,8 +31,11 @@ use crate::proto::op::Message;
|
||||
use crate::proto::rr::Record;
|
||||
|
||||
/// List of currently supported signers
|
||||
#[allow(missing_copy_implementations)]
|
||||
pub enum Signer {
|
||||
/// A Sig0 based signer
|
||||
#[cfg(feature = "dnssec")]
|
||||
#[cfg_attr(docsrs, doc(cfg(feature = "dnssec")))]
|
||||
Sig0(SigSigner),
|
||||
/// A TSIG based signer
|
||||
#[cfg(feature = "dnssec")]
|
||||
@ -57,7 +60,7 @@ impl From<TSigner> for Signer {
|
||||
}
|
||||
|
||||
impl MessageFinalizer for Signer {
|
||||
#[allow(unreachable_patterns)]
|
||||
#[allow(unreachable_patterns, unused_variables)]
|
||||
fn finalize_message(
|
||||
&self,
|
||||
message: &Message,
|
||||
|
||||
@ -6,33 +6,21 @@
|
||||
// copied, modified, or distributed except according to those terms.
|
||||
|
||||
//! signer is a structure for performing many of the signing processes of the DNSSec specification
|
||||
#[cfg(any(feature = "openssl", feature = "ring"))]
|
||||
#[cfg(feature = "dnssec")]
|
||||
use chrono::Duration;
|
||||
|
||||
use crate::proto::error::{ProtoErrorKind, ProtoResult};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::proto::rr::dnssec::{tbs, TBS};
|
||||
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::error::DnsSecResult;
|
||||
use crate::op::{Message, MessageFinalizer, MessageVerifier};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::dnssec::Private;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::dnssec::{Algorithm, KeyPair};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::rdata::DNSSECRData;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::rdata::SIG;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::rdata::{DNSSECRecordType, DNSKEY, KEY};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::RData;
|
||||
use crate::proto::error::{ProtoErrorKind, ProtoResult};
|
||||
use crate::rr::Record;
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::rr::{DNSClass, Name, RecordType};
|
||||
#[cfg(feature = "dnssec")]
|
||||
use crate::serialize::binary::BinEncoder;
|
||||
use {
|
||||
crate::error::DnsSecResult,
|
||||
crate::proto::rr::dnssec::{tbs, TBS},
|
||||
crate::rr::dnssec::{Algorithm, KeyPair, Private},
|
||||
crate::rr::rdata::{DNSSECRData, DNSSECRecordType, DNSKEY, KEY, SIG},
|
||||
crate::rr::{DNSClass, Name, RData, RecordType},
|
||||
crate::serialize::binary::BinEncoder,
|
||||
};
|
||||
|
||||
/// Use for performing signing and validation of DNSSec based components. The SigSigner can be used for singing requests and responses with SIG0, or DNSSEC RRSIG records. The format is based on the SIG record type.
|
||||
///
|
||||
@ -235,8 +223,8 @@ use crate::serialize::binary::BinEncoder;
|
||||
/// Note that the response received by the resolver should include all
|
||||
/// NSEC RRs needed to authenticate the response (see Section 3.1.3).
|
||||
/// ```
|
||||
#[cfg(any(feature = "openssl", feature = "ring"))]
|
||||
#[cfg_attr(docsrs, doc(cfg(any(feature = "openssl", feature = "ring"))))]
|
||||
#[cfg(feature = "dnssec")]
|
||||
#[cfg_attr(docsrs, doc(cfg(feature = "dnssec")))]
|
||||
pub struct SigSigner {
|
||||
// TODO: this should really be a trait and generic struct over KEY and DNSKEY
|
||||
key_rdata: RData,
|
||||
@ -248,16 +236,16 @@ pub struct SigSigner {
|
||||
}
|
||||
|
||||
/// Placeholder type for when OpenSSL and *ring* are disabled; enable OpenSSL and Ring for support
|
||||
#[cfg(not(any(feature = "openssl", feature = "ring")))]
|
||||
#[derive(Clone, Copy)]
|
||||
#[cfg(not(feature = "dnssec"))]
|
||||
#[allow(missing_copy_implementations)]
|
||||
pub struct SigSigner;
|
||||
|
||||
/// See [`SigSigner`](crate::rr::dnssec::SigSigner)
|
||||
#[deprecated(note = "renamed to SigSigner")]
|
||||
pub type Signer = SigSigner;
|
||||
|
||||
#[cfg(any(feature = "openssl", feature = "ring"))]
|
||||
#[cfg_attr(docsrs, doc(cfg(any(feature = "openssl", feature = "ring"))))]
|
||||
#[cfg(feature = "dnssec")]
|
||||
#[cfg_attr(docsrs, doc(cfg(feature = "dnssec")))]
|
||||
impl SigSigner {
|
||||
/// Version of Signer for verifying RRSIGs and SIG0 records.
|
||||
///
|
||||
@ -522,7 +510,7 @@ impl SigSigner {
|
||||
}
|
||||
|
||||
impl MessageFinalizer for SigSigner {
|
||||
#[cfg(any(feature = "openssl", feature = "ring"))]
|
||||
#[cfg(feature = "dnssec")]
|
||||
fn finalize_message(
|
||||
&self,
|
||||
message: &Message,
|
||||
@ -573,7 +561,7 @@ impl MessageFinalizer for SigSigner {
|
||||
Ok((vec![sig0], None))
|
||||
}
|
||||
|
||||
#[cfg(not(any(feature = "openssl", feature = "ring")))]
|
||||
#[cfg(not(feature = "dnssec"))]
|
||||
fn finalize_message(
|
||||
&self,
|
||||
_: &Message,
|
||||
|
||||
@ -90,6 +90,7 @@ impl<C: DnsHandle<Error = ResolveError>, P: ConnectionProvider<Conn = C>> NameSe
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn is_connected(&self) -> bool {
|
||||
!self.state.is_failed()
|
||||
&& if let Some(client) = self.client.try_lock() {
|
||||
|
||||
@ -148,6 +148,7 @@ where
|
||||
|
||||
#[cfg(test)]
|
||||
#[cfg(not(feature = "mdns"))]
|
||||
#[allow(dead_code)]
|
||||
fn from_nameservers_test(
|
||||
options: &ResolverOpts,
|
||||
datagram_conns: Arc<[NameServer<C, P>]>,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user