Struct trust_dns_proto::xfer::dns_response::DnsResponse

source ·
pub struct DnsResponse { /* private fields */ }
Expand description

A DNS response object

For Most DNS requests, only one response is expected, the exception is a multicast request.

Implementations§

source§

impl DnsResponse

source

pub fn new(message: Message, buffer: Vec<u8>) -> Self

Constructs a new DnsResponse

source

pub fn from_message(message: Message) -> Result<Self, ProtoError>

Constructs a new DnsResponse with a buffer synthesized from the message

source

pub fn soa(&self) -> Option<RecordRef<'_, SOA>>

Retrieves the SOA from the response. This will only exist if it was an authoritative response.

source

pub fn negative_ttl(&self) -> Option<u32>

Looks in the authority section for an SOA record from the response, and returns the negative_ttl, None if not available.

[RFC 2308](https://tools.ietf.org/html/rfc2308#section-5) DNS NCACHE March 1998

5 - Caching Negative Answers

  Like normal answers negative answers have a time to live (TTL).  As
  there is no record in the answer section to which this TTL can be
  applied, the TTL must be carried by another method.  This is done by
  including the SOA record from the zone in the authority section of
  the reply.  When the authoritative server creates this record its TTL
  is taken from the minimum of the SOA.MINIMUM field and SOA's TTL.
  This TTL decrements in a similar manner to a normal cached answer and
  upon reaching zero (0) indicates the cached negative answer MUST NOT
  be used again.

  A negative answer that resulted from a name error (NXDOMAIN) should
  be cached such that it can be retrieved and returned in response to
  another query for the same <QNAME, QCLASS> that resulted in the
  cached negative response.

  A negative answer that resulted from a no data error (NODATA) should
  be cached such that it can be retrieved and returned in response to
  another query for the same <QNAME, QTYPE, QCLASS> that resulted in
  the cached negative response.

  The NXT record, if it exists in the authority section of a negative
  answer received, MUST be stored such that it can be be located and
  returned with SOA record in the authority section, as should any SIG
  records in the authority section.  For NXDOMAIN answers there is no
  "necessary" obvious relationship between the NXT records and the
  QNAME.  The NXT record MUST have the same owner name as the query
  name for NODATA responses.

  Negative responses without SOA records SHOULD NOT be cached as there
  is no way to prevent the negative responses looping forever between a
  pair of servers even with a short TTL.

  Despite the DNS forming a tree of servers, with various mis-
  configurations it is possible to form a loop in the query graph, e.g.
  two servers listing each other as forwarders, various lame server
  configurations.  Without a TTL count down a cache negative response
  when received by the next server would have its TTL reset.  This
  negative indication could then live forever circulating between the
  servers involved.

  As with caching positive responses it is sensible for a resolver to
  limit for how long it will cache a negative response as the protocol
  supports caching for up to 68 years.  Such a limit should not be
  greater than that applied to positive answers and preferably be
  tunable.  Values of one to three hours have been found to work well
  and would make sensible a default.  Values exceeding one day have
  been found to be problematic.
source

pub fn contains_answer(&self) -> bool

Does the response contain any records matching the query name and type?

source

pub fn negative_type(&self) -> Option<NegativeType>

Retrieve the type of the negative response. The Various types should be handled when caching or otherwise differently.

See NegativeType

source

pub fn as_buffer(&self) -> &[u8]

Borrow the inner buffer from the response

source

pub fn into_buffer(self) -> Vec<u8>

Take the inner buffer from the response

source

pub fn into_message(self) -> Message

Take the inner Message from the response

source

pub fn into_parts(self) -> (Message, Vec<u8>)

Take the inner Message and buffer from the response

Methods from Deref<Target = Message>§

source

pub fn truncate(&self) -> Self

Truncates a Message, this blindly removes all response fields and sets truncated to true

source

pub fn header(&self) -> &Header

Gets the header of the Message

source

pub fn id(&self) -> u16

see Header::id()

source

pub fn message_type(&self) -> MessageType

see Header::message_type()

source

pub fn op_code(&self) -> OpCode

see Header::op_code()

source

pub fn authoritative(&self) -> bool

see Header::authoritative()

source

pub fn truncated(&self) -> bool

see Header::truncated()

source

pub fn recursion_desired(&self) -> bool

see Header::recursion_desired()

source

pub fn recursion_available(&self) -> bool

see Header::recursion_available()

source

pub fn authentic_data(&self) -> bool

see Header::authentic_data()

source

pub fn checking_disabled(&self) -> bool

see Header::checking_disabled()

source

pub fn response_code(&self) -> ResponseCode

§Return value

The ResponseCode, if this is an EDNS message then this will join the section from the OPT record to create the EDNS ResponseCode

source

pub fn query(&self) -> Option<&Query>

Returns the query from this Message.

In almost all cases, a Message will only contain one query. This is a convenience function to get the single query. See the alternative queries* methods for the raw set of queries in the Message

source

pub fn queries(&self) -> &[Query]

Question        Carries the query name and other query parameters.
source

pub fn answers(&self) -> &[Record]

Answer          Carries RRs which directly answer the query.
source

pub fn name_servers(&self) -> &[Record]

Authority       Carries RRs which describe other authoritative servers.
                May optionally carry the SOA RR for the authoritative
                data in the answer section.
source

pub fn additionals(&self) -> &[Record]

Additional      Carries RRs which may be helpful in using the RRs in the
                other sections.
source

pub fn all_sections(&self) -> impl Iterator<Item = &Record>

All sections chained

source

pub fn edns(&self) -> Option<&Edns>

👎Deprecated: Please use extensions()

RFC 6891, EDNS(0) Extensions, April 2013

6.1.1.  Basic Elements

 An OPT pseudo-RR (sometimes called a meta-RR) MAY be added to the
 additional data section of a request.

 The OPT RR has RR type 41.

 If an OPT record is present in a received request, compliant
 responders MUST include an OPT record in their respective responses.

 An OPT record does not carry any DNS data.  It is used only to
 contain control information pertaining to the question-and-answer
 sequence of a specific transaction.  OPT RRs MUST NOT be cached,
 forwarded, or stored in or loaded from Zone Files.

 The OPT RR MAY be placed anywhere within the additional data section.
 When an OPT RR is included within any DNS message, it MUST be the
 only OPT RR in that message.  If a query message with more than one
 OPT RR is received, a FORMERR (RCODE=1) MUST be returned.  The
 placement flexibility for the OPT RR does not override the need for
 the TSIG or SIG(0) RRs to be the last in the additional section
 whenever they are present.
§Return value

Optionally returns a reference to EDNS section

source

pub fn extensions(&self) -> &Option<Edns>

Returns reference of Edns section

source

pub fn max_payload(&self) -> u16

§Return value

the max payload value as it’s defined in the EDNS section.

source

pub fn version(&self) -> u8

§Return value

the version as defined in the EDNS record

source

pub fn sig0(&self) -> &[Record]

RFC 2535, Domain Name System Security Extensions, March 1999

A DNS request may be optionally signed by including one or more SIGs
 at the end of the query. Such SIGs are identified by having a "type
 covered" field of zero. They sign the preceding DNS request message
 including DNS header but not including the IP header or any request
 SIGs at the end and before the request RR counts have been adjusted
 for the inclusions of any request SIG(s).
§Return value

The sig0 and tsig, i.e. signed record, for verifying the sending and package integrity

source

pub fn signature(&self) -> &[Record]

RFC 2535, Domain Name System Security Extensions, March 1999

A DNS request may be optionally signed by including one or more SIGs
 at the end of the query. Such SIGs are identified by having a "type
 covered" field of zero. They sign the preceding DNS request message
 including DNS header but not including the IP header or any request
 SIGs at the end and before the request RR counts have been adjusted
 for the inclusions of any request SIG(s).
§Return value

The sig0 and tsig, i.e. signed record, for verifying the sending and package integrity

source

pub fn to_vec(&self) -> Result<Vec<u8>, ProtoError>

Encodes the Message into a buffer

Methods from Deref<Target = Header>§

source

pub fn flags(&self) -> Flags

A method to get all header flags (useful for Display purposes)

source

pub fn id(&self) -> u16

ID              A 16 bit identifier assigned by the program that
                generates any kind of query.  This identifier is copied
                the corresponding reply and can be used by the requester
                to match up replies to outstanding queries.
source

pub fn message_type(&self) -> MessageType

QR              A one bit field that specifies whether this message is a
                query (0), or a response (1).
source

pub fn op_code(&self) -> OpCode

OPCODE          A four bit field that specifies kind of query in this
                message.  This value is set by the originator of a query
                and copied into the response.  The values are: <see super::op_code>
source

pub fn authoritative(&self) -> bool

AA              Authoritative Answer - this bit is valid in responses,
                and specifies that the responding name server is an
                authority for the domain name in question section.

                Note that the contents of the answer section may have
                multiple owner names because of aliases.  The AA bit
                corresponds to the name which matches the query name, or
                the first owner name in the answer section.
source

pub fn truncated(&self) -> bool

TC              TrunCation - specifies that this message was truncated
                due to length greater than that permitted on the
                transmission channel.
source

pub fn recursion_desired(&self) -> bool

RD              Recursion Desired - this bit may be set in a query and
                is copied into the response.  If RD is set, it directs
                the name server to pursue the query recursively.
                Recursive query support is optional.
source

pub fn recursion_available(&self) -> bool

RA              Recursion Available - this be is set or cleared in a
                response, and denotes whether recursive query support is
                available in the name server.
source

pub fn authentic_data(&self) -> bool

RFC 4035, DNSSEC Resource Records, March 2005


3.1.6.  The AD and CD Bits in an Authoritative Response

  The CD and AD bits are designed for use in communication between
  security-aware resolvers and security-aware recursive name servers.
  These bits are for the most part not relevant to query processing by
  security-aware authoritative name servers.

  A security-aware name server does not perform signature validation
  for authoritative data during query processing, even when the CD bit
  is clear.  A security-aware name server SHOULD clear the CD bit when
  composing an authoritative response.

  A security-aware name server MUST NOT set the AD bit in a response
  unless the name server considers all RRsets in the Answer and
  Authority sections of the response to be authentic.  A security-aware
  name server's local policy MAY consider data from an authoritative
  zone to be authentic without further validation.  However, the name
  server MUST NOT do so unless the name server obtained the
  authoritative zone via secure means (such as a secure zone transfer
  mechanism) and MUST NOT do so unless this behavior has been
  configured explicitly.

  A security-aware name server that supports recursion MUST follow the
  rules for the CD and AD bits given in Section 3.2 when generating a
  response that involves data obtained via recursion.
source

pub fn checking_disabled(&self) -> bool

see is_authentic_data()

source

pub fn response_code(&self) -> ResponseCode

RCODE           Response code - this 4 bit field is set as part of
                responses.  The values have the following
                interpretation: <see super::response_code>
source

pub fn query_count(&self) -> u16

QDCOUNT         an unsigned 16 bit integer specifying the number of
                entries in the question section.
§Return value

If this is a query, this will return the number of queries in the query section of the

source

pub fn answer_count(&self) -> u16

ANCOUNT         an unsigned 16 bit integer specifying the number of
                resource records in the answer section.
§Return value

For query responses this is the number of records in the answer section, should be 0 for requests, for updates this is the count of prerequisite records.

source

pub fn name_server_count(&self) -> u16

for queries this is the nameservers which are authorities for the SOA of the Record for updates this is the update record count

NSCOUNT         an unsigned 16 bit integer specifying the number of name
                server resource records in the authority records
                section.
§Return value

For query responses this is the number of authorities, or nameservers, in the name server section, for updates this is the number of update records being sent.

source

pub fn additional_count(&self) -> u16

ARCOUNT         an unsigned 16 bit integer specifying the number of
                resource records in the additional records section.
§Return value

This is the additional record section count, this section may include EDNS options.

Trait Implementations§

source§

impl Clone for DnsResponse

source§

fn clone(&self) -> DnsResponse

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for DnsResponse

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Deref for DnsResponse

§

type Target = Message

The resulting type after dereferencing.
source§

fn deref(&self) -> &Self::Target

Dereferences the value.
source§

impl From<DnsResponse> for Message

source§

fn from(response: DnsResponse) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

default unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more