hickory_proto::rr::dnssec::rdata

Enum DNSSECRData

Source
#[non_exhaustive]
pub enum DNSSECRData { CDNSKEY(CDNSKEY), CDS(CDS), DNSKEY(DNSKEY), DS(DS), KEY(KEY), NSEC(NSEC), NSEC3(NSEC3), NSEC3PARAM(NSEC3PARAM), RRSIG(RRSIG), SIG(SIG), TSIG(TSIG), Unknown { code: u16, rdata: NULL, }, }
Available on crate feature dnssec only.
Expand description

Record data enum variants for DNSSEC-specific records.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

CDNSKEY(CDNSKEY)

RFC 7344              Delegation Trust Maintenance        September 2014

3.2.  CDNSKEY Resource Record Format

   The wire and presentation format of the CDNSKEY ("Child DNSKEY")
   resource record is identical to the DNSKEY record.  IANA has
   allocated RR code 60 for the CDNSKEY resource record via Expert
   Review.  The CDNSKEY RR uses the same registries as DNSKEY for its
   fields.

   No special processing is performed by authoritative servers or by
   resolvers, when serving or resolving.  For all practical purposes,
   CDNSKEY is a regular RR type.
§

CDS(CDS)

RFC 7344              Delegation Trust Maintenance        September 2014

3.1.  CDS Resource Record Format
   The wire and presentation format of the Child DS (CDS) resource
   record is identical to the DS record [RFC4034].  IANA has allocated
   RR code 59 for the CDS resource record via Expert Review
   [DNS-TRANSPORT].  The CDS RR uses the same registries as DS for its
   fields.

   No special processing is performed by authoritative servers or by
   resolvers, when serving or resolving.  For all practical purposes,
   CDS is a regular RR type.
§

DNSKEY(DNSKEY)

RFC 4034                DNSSEC Resource Records               March 2005

2.1.  DNSKEY RDATA Wire Format

   The RDATA for a DNSKEY RR consists of a 2 octet Flags Field, a 1
   octet Protocol Field, a 1 octet Algorithm Field, and the Public Key
   Field.

                        1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Flags            |    Protocol   |   Algorithm   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   /                                                               /
   /                            Public Key                         /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

2.1.1.  The Flags Field

   Bit 7 of the Flags field is the Zone Key flag.  If bit 7 has value 1,
   then the DNSKEY record holds a DNS zone key, and the DNSKEY RR's
   owner name MUST be the name of a zone.  If bit 7 has value 0, then
   the DNSKEY record holds some other type of DNS public key and MUST
   NOT be used to verify RRSIGs that cover RRsets.

   Bit 15 of the Flags field is the Secure Entry Point flag, described
   in [RFC3757].  If bit 15 has value 1, then the DNSKEY record holds a
   key intended for use as a secure entry point.  This flag is only
   intended to be a hint to zone signing or debugging software as to the
   intended use of this DNSKEY record; validators MUST NOT alter their
   behavior during the signature validation process in any way based on
   the setting of this bit.  This also means that a DNSKEY RR with the
   SEP bit set would also need the Zone Key flag set in order to be able
   to generate signatures legally.  A DNSKEY RR with the SEP set and the
   Zone Key flag not set MUST NOT be used to verify RRSIGs that cover
   RRsets.

   Bits 0-6 and 8-14 are reserved: these bits MUST have value 0 upon
   creation of the DNSKEY RR and MUST be ignored upon receipt.

RFC 5011                  Trust Anchor Update             September 2007

7.  IANA Considerations

  The IANA has assigned a bit in the DNSKEY flags field (see Section 7
  of [RFC4034]) for the REVOKE bit (8).
§

DS(DS)

5.1.  DS RDATA Wire Format

The RDATA for a DS RR consists of a 2 octet Key Tag field, a 1 octet
          Algorithm field, a 1 octet Digest Type field, and a Digest field.

                         1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |           Key Tag             |  Algorithm    |  Digest Type  |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    /                                                               /
    /                            Digest                             /
    /                                                               /
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

5.1.1.  The Key Tag Field

   The Key Tag field lists the key tag of the DNSKEY RR referred to by
   the DS record, in network byte order.

   The Key Tag used by the DS RR is identical to the Key Tag used by
   RRSIG RRs.  Appendix B describes how to compute a Key Tag.

5.1.2.  The Algorithm Field

   The Algorithm field lists the algorithm number of the DNSKEY RR
   referred to by the DS record.

   The algorithm number used by the DS RR is identical to the algorithm
   number used by RRSIG and DNSKEY RRs.  Appendix A.1 lists the
   algorithm number types.

5.1.3.  The Digest Type Field

   The DS RR refers to a DNSKEY RR by including a digest of that DNSKEY
   RR.  The Digest Type field identifies the algorithm used to construct
   the digest.  Appendix A.2 lists the possible digest algorithm types.

5.1.4.  The Digest Field

   The DS record refers to a DNSKEY RR by including a digest of that
   DNSKEY RR.

   The digest is calculated by concatenating the canonical form of the
   fully qualified owner name of the DNSKEY RR with the DNSKEY RDATA,
   and then applying the digest algorithm.

     digest = digest_algorithm( DNSKEY owner name | DNSKEY RDATA);

      "|" denotes concatenation

     DNSKEY RDATA = Flags | Protocol | Algorithm | Public Key.

   The size of the digest may vary depending on the digest algorithm and
   DNSKEY RR size.  As of the time of this writing, the only defined
   digest algorithm is SHA-1, which produces a 20 octet digest.
§

KEY(KEY)

RFC 2535                DNS Security Extensions               March 1999

3.1 KEY RDATA format

 The RDATA for a KEY RR consists of flags, a protocol octet, the
 algorithm number octet, and the public key itself.  The format is as
 follows:

                      1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |             flags             |    protocol   |   algorithm   |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                                                               /
 /                          public key                           /
 /                                                               /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|

 The KEY RR is not intended for storage of certificates and a separate
 certificate RR has been developed for that purpose, defined in [RFC
 2538].

 The meaning of the KEY RR owner name, flags, and protocol octet are
 described in Sections 3.1.1 through 3.1.5 below.  The flags and
 algorithm must be examined before any data following the algorithm
 octet as they control the existence and format of any following data.
 The algorithm and public key fields are described in Section 3.2.
 The format of the public key is algorithm dependent.

 KEY RRs do not specify their validity period but their authenticating
 SIG RR(s) do as described in Section 4 below.
§

NSEC(NSEC)

RFC 4034                DNSSEC Resource Records               March 2005

4.1.  NSEC RDATA Wire Format

 The RDATA of the NSEC RR is as shown below:

                      1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 /                      Next Domain Name                         /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 /                       Type Bit Maps                           /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
§

NSEC3(NSEC3)

RFC 5155                         NSEC3                        March 2008

3.2.  NSEC3 RDATA Wire Format

 The RDATA of the NSEC3 RR is as shown below:

                      1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |   Hash Alg.   |     Flags     |          Iterations           |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |  Salt Length  |                     Salt                      /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |  Hash Length  |             Next Hashed Owner Name            /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 /                         Type Bit Maps                         /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

 Hash Algorithm is a single octet.

 Flags field is a single octet, the Opt-Out flag is the least
 significant bit, as shown below:

  0 1 2 3 4 5 6 7
 +-+-+-+-+-+-+-+-+
 |             |O|
 +-+-+-+-+-+-+-+-+

 Iterations is represented as a 16-bit unsigned integer, with the most
 significant bit first.

 Salt Length is represented as an unsigned octet.  Salt Length
 represents the length of the Salt field in octets.  If the value is
 zero, the following Salt field is omitted.

 Salt, if present, is encoded as a sequence of binary octets.  The
 length of this field is determined by the preceding Salt Length
 field.

 Hash Length is represented as an unsigned octet.  Hash Length
 represents the length of the Next Hashed Owner Name field in octets.

 The next hashed owner name is not base32 encoded, unlike the owner
 name of the NSEC3 RR.  It is the unmodified binary hash value.  It
 does not include the name of the containing zone.  The length of this
 field is determined by the preceding Hash Length field.

3.2.1.  Type Bit Maps Encoding

 The encoding of the Type Bit Maps field is the same as that used by
 the NSEC RR, described in [RFC4034].  It is explained and clarified
 here for clarity.

 The RR type space is split into 256 window blocks, each representing
 the low-order 8 bits of the 16-bit RR type space.  Each block that
 has at least one active RR type is encoded using a single octet
 window number (from 0 to 255), a single octet bitmap length (from 1
 to 32) indicating the number of octets used for the bitmap of the
 window block, and up to 32 octets (256 bits) of bitmap.

 Blocks are present in the NSEC3 RR RDATA in increasing numerical
 order.

    Type Bit Maps Field = ( Window Block # | Bitmap Length | Bitmap )+

    where "|" denotes concatenation.

 Each bitmap encodes the low-order 8 bits of RR types within the
 window block, in network bit order.  The first bit is bit 0.  For
 window block 0, bit 1 corresponds to RR type 1 (A), bit 2 corresponds
 to RR type 2 (NS), and so forth.  For window block 1, bit 1
 corresponds to RR type 257, bit 2 to RR type 258.  If a bit is set to
 1, it indicates that an RRSet of that type is present for the
 original owner name of the NSEC3 RR.  If a bit is set to 0, it
 indicates that no RRSet of that type is present for the original
 owner name of the NSEC3 RR.

 Since bit 0 in window block 0 refers to the non-existing RR type 0,
 it MUST be set to 0.  After verification, the validator MUST ignore
 the value of bit 0 in window block 0.

 Bits representing Meta-TYPEs or QTYPEs as specified in Section 3.1 of
 [RFC2929] or within the range reserved for assignment only to QTYPEs
 and Meta-TYPEs MUST be set to 0, since they do not appear in zone
 data.  If encountered, they must be ignored upon reading.

 Blocks with no types present MUST NOT be included.  Trailing zero
 octets in the bitmap MUST be omitted.  The length of the bitmap of
 each block is determined by the type code with the largest numerical
 value, within that block, among the set of RR types present at the
 original owner name of the NSEC3 RR.  Trailing octets not specified
 MUST be interpreted as zero octets.
§

NSEC3PARAM(NSEC3PARAM)

RFC 5155                         NSEC3                        March 2008

4.2.  NSEC3PARAM RDATA Wire Format

 The RDATA of the NSEC3PARAM RR is as shown below:

                      1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |   Hash Alg.   |     Flags     |          Iterations           |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |  Salt Length  |                     Salt                      /
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

 Hash Algorithm is a single octet.

 Flags field is a single octet.

 Iterations is represented as a 16-bit unsigned integer, with the most
 significant bit first.

 Salt Length is represented as an unsigned octet.  Salt Length
 represents the length of the following Salt field in octets.  If the
 value is zero, the Salt field is omitted.

 Salt, if present, is encoded as a sequence of binary octets.  The
 length of this field is determined by the preceding Salt Length
 field.
§

RRSIG(RRSIG)

RFC 2535 & 2931   DNS Security Extensions               March 1999
RFC 4034          DNSSEC Resource Records               March 2005

3.1.  RRSIG RDATA Wire Format

   The RDATA for an RRSIG RR consists of a 2 octet Type Covered field, a
   1 octet Algorithm field, a 1 octet Labels field, a 4 octet Original
   TTL field, a 4 octet Signature Expiration field, a 4 octet Signature
   Inception field, a 2 octet Key tag, the Signer's Name field, and the
   Signature field.

                        1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |        Type Covered           |  Algorithm    |     Labels    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                         Original TTL                          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Signature Expiration                     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Signature Inception                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |            Key Tag            |                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+         Signer's Name         /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   /                                                               /
   /                            Signature                          /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
§

SIG(SIG)

RFC 2535 & 2931   DNS Security Extensions               March 1999
RFC 4034          DNSSEC Resource Records               March 2005

3.1.  RRSIG RDATA Wire Format

   The RDATA for an RRSIG RR consists of a 2 octet Type Covered field, a
   1 octet Algorithm field, a 1 octet Labels field, a 4 octet Original
   TTL field, a 4 octet Signature Expiration field, a 4 octet Signature
   Inception field, a 2 octet Key tag, the Signer's Name field, and the
   Signature field.

                        1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |        Type Covered           |  Algorithm    |     Labels    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                         Original TTL                          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Signature Expiration                     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Signature Inception                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |            Key Tag            |                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+         Signer's Name         /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   /                                                               /
   /                            Signature                          /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
§

TSIG(TSIG)

RFC 8945, Secret Key Transaction Authentication for DNS

4.2.  TSIG Record Format

  The fields of the TSIG RR are described below.  All multi-octet
  integers in the record are sent in network byte order (see
  Section 2.3.2 of [RFC1035]).

  NAME:  The name of the key used, in domain name syntax.  The name
     should reflect the names of the hosts and uniquely identify the
     key among a set of keys these two hosts may share at any given
     time.  For example, if hosts A.site.example and B.example.net
     share a key, possibilities for the key name include
     <id>.A.site.example, <id>.B.example.net, and
     <id>.A.site.example.B.example.net.  It should be possible for more
     than one key to be in simultaneous use among a set of interacting
     hosts.  This allows for periodic key rotation as per best
     operational practices, as well as algorithm agility as indicated
     by [RFC7696].

     The name may be used as a local index to the key involved, but it
     is recommended that it be globally unique.  Where a key is just
     shared between two hosts, its name actually need only be
     meaningful to them, but it is recommended that the key name be
     mnemonic and incorporate the names of participating agents or
     resources as suggested above.

  TYPE:  This MUST be TSIG (250: Transaction SIGnature).

  CLASS:  This MUST be ANY.

  TTL:  This MUST be 0.

  RDLENGTH:  (variable)

  RDATA:  The RDATA for a TSIG RR consists of a number of fields,
     described below:

                           1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      /                         Algorithm Name                        /
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                                                               |
      |          Time Signed          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                               |            Fudge              |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |          MAC Size             |                               /
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+             MAC               /
      /                                                               /
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |          Original ID          |            Error              |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |          Other Len            |                               /
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+           Other Data          /
      /                                                               /
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  The contents of the RDATA fields are:

  Algorithm Name:
     an octet sequence identifying the TSIG algorithm in the domain
     name syntax.  (Allowed names are listed in Table 3.)  The name is
     stored in the DNS name wire format as described in [RFC1034].  As
     per [RFC3597], this name MUST NOT be compressed.

  Time Signed:
     an unsigned 48-bit integer containing the time the message was
     signed as seconds since 00:00 on 1970-01-01 UTC, ignoring leap
     seconds.

  Fudge:
     an unsigned 16-bit integer specifying the allowed time difference
     in seconds permitted in the Time Signed field.

  MAC Size:
     an unsigned 16-bit integer giving the length of the MAC field in
     octets.  Truncation is indicated by a MAC Size less than the size
     of the keyed hash produced by the algorithm specified by the
     Algorithm Name.

  MAC:
     a sequence of octets whose contents are defined by the TSIG
     algorithm used, possibly truncated as specified by the MAC Size.
     The length of this field is given by the MAC Size.  Calculation of
     the MAC is detailed in Section 4.3.

  Original ID:
     an unsigned 16-bit integer holding the message ID of the original
     request message.  For a TSIG RR on a request, it is set equal to
     the DNS message ID.  In a TSIG attached to a response -- or in
     cases such as the forwarding of a dynamic update request -- the
     field contains the ID of the original DNS request.

  Error:
     in responses, an unsigned 16-bit integer containing the extended
     RCODE covering TSIG processing.  In requests, this MUST be zero.

  Other Len:
     an unsigned 16-bit integer specifying the length of the Other Data
     field in octets.

  Other Data:
     additional data relevant to the TSIG record.  In responses, this
     will be empty (i.e., Other Len will be zero) unless the content of
     the Error field is BADTIME, in which case it will be a 48-bit
     unsigned integer containing the server's current time as the
     number of seconds since 00:00 on 1970-01-01 UTC, ignoring leap
     seconds (see Section 5.2.3).  This document assigns no meaning to
     its contents in requests.
§

Unknown

Unknown or unsupported DNSSEC record data

Fields

§code: u16

RecordType code

§rdata: NULL

RData associated to the record

Implementations§

Source§

impl DNSSECRData

Source

pub fn is_cdnskey(&self) -> bool

Returns true if this is a DNSSECRData::CDNSKEY, otherwise false

Source

pub fn as_cdnskey_mut(&mut self) -> Option<&mut CDNSKEY>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::CDNSKEY, otherwise None

Source

pub fn as_cdnskey(&self) -> Option<&CDNSKEY>

Optionally returns references to the inner fields if this is a DNSSECRData::CDNSKEY, otherwise None

Source

pub fn into_cdnskey(self) -> Result<CDNSKEY, Self>

Returns the inner fields if this is a DNSSECRData::CDNSKEY, otherwise returns back the enum in the Err case of the result

Source

pub fn is_cds(&self) -> bool

Returns true if this is a DNSSECRData::CDS, otherwise false

Source

pub fn as_cds_mut(&mut self) -> Option<&mut CDS>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::CDS, otherwise None

Source

pub fn as_cds(&self) -> Option<&CDS>

Optionally returns references to the inner fields if this is a DNSSECRData::CDS, otherwise None

Source

pub fn into_cds(self) -> Result<CDS, Self>

Returns the inner fields if this is a DNSSECRData::CDS, otherwise returns back the enum in the Err case of the result

Source

pub fn is_dnskey(&self) -> bool

Returns true if this is a DNSSECRData::DNSKEY, otherwise false

Source

pub fn as_dnskey_mut(&mut self) -> Option<&mut DNSKEY>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::DNSKEY, otherwise None

Source

pub fn as_dnskey(&self) -> Option<&DNSKEY>

Optionally returns references to the inner fields if this is a DNSSECRData::DNSKEY, otherwise None

Source

pub fn into_dnskey(self) -> Result<DNSKEY, Self>

Returns the inner fields if this is a DNSSECRData::DNSKEY, otherwise returns back the enum in the Err case of the result

Source

pub fn is_ds(&self) -> bool

Returns true if this is a DNSSECRData::DS, otherwise false

Source

pub fn as_ds_mut(&mut self) -> Option<&mut DS>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::DS, otherwise None

Source

pub fn as_ds(&self) -> Option<&DS>

Optionally returns references to the inner fields if this is a DNSSECRData::DS, otherwise None

Source

pub fn into_ds(self) -> Result<DS, Self>

Returns the inner fields if this is a DNSSECRData::DS, otherwise returns back the enum in the Err case of the result

Source

pub fn is_key(&self) -> bool

Returns true if this is a DNSSECRData::KEY, otherwise false

Source

pub fn as_key_mut(&mut self) -> Option<&mut KEY>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::KEY, otherwise None

Source

pub fn as_key(&self) -> Option<&KEY>

Optionally returns references to the inner fields if this is a DNSSECRData::KEY, otherwise None

Source

pub fn into_key(self) -> Result<KEY, Self>

Returns the inner fields if this is a DNSSECRData::KEY, otherwise returns back the enum in the Err case of the result

Source

pub fn is_nsec(&self) -> bool

Returns true if this is a DNSSECRData::NSEC, otherwise false

Source

pub fn as_nsec_mut(&mut self) -> Option<&mut NSEC>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::NSEC, otherwise None

Source

pub fn as_nsec(&self) -> Option<&NSEC>

Optionally returns references to the inner fields if this is a DNSSECRData::NSEC, otherwise None

Source

pub fn into_nsec(self) -> Result<NSEC, Self>

Returns the inner fields if this is a DNSSECRData::NSEC, otherwise returns back the enum in the Err case of the result

Source

pub fn is_nsec3(&self) -> bool

Returns true if this is a DNSSECRData::NSEC3, otherwise false

Source

pub fn as_nsec3_mut(&mut self) -> Option<&mut NSEC3>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::NSEC3, otherwise None

Source

pub fn as_nsec3(&self) -> Option<&NSEC3>

Optionally returns references to the inner fields if this is a DNSSECRData::NSEC3, otherwise None

Source

pub fn into_nsec3(self) -> Result<NSEC3, Self>

Returns the inner fields if this is a DNSSECRData::NSEC3, otherwise returns back the enum in the Err case of the result

Source

pub fn is_nsec3param(&self) -> bool

Returns true if this is a DNSSECRData::NSEC3PARAM, otherwise false

Source

pub fn as_nsec3param_mut(&mut self) -> Option<&mut NSEC3PARAM>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::NSEC3PARAM, otherwise None

Source

pub fn as_nsec3param(&self) -> Option<&NSEC3PARAM>

Optionally returns references to the inner fields if this is a DNSSECRData::NSEC3PARAM, otherwise None

Source

pub fn into_nsec3param(self) -> Result<NSEC3PARAM, Self>

Returns the inner fields if this is a DNSSECRData::NSEC3PARAM, otherwise returns back the enum in the Err case of the result

Source

pub fn is_rrsig(&self) -> bool

Returns true if this is a DNSSECRData::RRSIG, otherwise false

Source

pub fn as_rrsig_mut(&mut self) -> Option<&mut RRSIG>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::RRSIG, otherwise None

Source

pub fn as_rrsig(&self) -> Option<&RRSIG>

Optionally returns references to the inner fields if this is a DNSSECRData::RRSIG, otherwise None

Source

pub fn into_rrsig(self) -> Result<RRSIG, Self>

Returns the inner fields if this is a DNSSECRData::RRSIG, otherwise returns back the enum in the Err case of the result

Source

pub fn is_sig(&self) -> bool

Returns true if this is a DNSSECRData::SIG, otherwise false

Source

pub fn as_sig_mut(&mut self) -> Option<&mut SIG>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::SIG, otherwise None

Source

pub fn as_sig(&self) -> Option<&SIG>

Optionally returns references to the inner fields if this is a DNSSECRData::SIG, otherwise None

Source

pub fn into_sig(self) -> Result<SIG, Self>

Returns the inner fields if this is a DNSSECRData::SIG, otherwise returns back the enum in the Err case of the result

Source

pub fn is_tsig(&self) -> bool

Returns true if this is a DNSSECRData::TSIG, otherwise false

Source

pub fn as_tsig_mut(&mut self) -> Option<&mut TSIG>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::TSIG, otherwise None

Source

pub fn as_tsig(&self) -> Option<&TSIG>

Optionally returns references to the inner fields if this is a DNSSECRData::TSIG, otherwise None

Source

pub fn into_tsig(self) -> Result<TSIG, Self>

Returns the inner fields if this is a DNSSECRData::TSIG, otherwise returns back the enum in the Err case of the result

Source

pub fn is_unknown(&self) -> bool

Returns true if this is a DNSSECRData::Unknown, otherwise false

Source

pub fn as_unknown_mut(&mut self) -> Option<(&mut u16, &mut NULL)>

Optionally returns mutable references to the inner fields if this is a DNSSECRData::Unknown, otherwise None

Source

pub fn as_unknown(&self) -> Option<(&u16, &NULL)>

Optionally returns references to the inner fields if this is a DNSSECRData::Unknown, otherwise None

Source

pub fn into_unknown(self) -> Result<(u16, NULL), Self>

Returns the inner fields if this is a DNSSECRData::Unknown, otherwise returns back the enum in the Err case of the result

Trait Implementations§

Source§

impl Clone for DNSSECRData

Source§

fn clone(&self) -> DNSSECRData

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for DNSSECRData

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for DNSSECRData

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Display for DNSSECRData

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl From<DNSSECRData> for RData

Source§

fn from(rdata: DNSSECRData) -> Self

Converts to this type from the input type.
Source§

impl PartialEq for DNSSECRData

Source§

fn eq(&self, other: &DNSSECRData) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for DNSSECRData

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for DNSSECRData

Source§

impl StructuralPartialEq for DNSSECRData

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T