Documentation
¶
Index ¶
- func TsigGenerate(m *dns.Msg, secret, requestMAC string, timersOnly bool) ([]byte, string, error)
- func TsigGenerateByAlgorithm(m *dns.Msg, cb tsigAlgorithmGenerate, name, secret, requestMAC string, ...) ([]byte, string, error)
- func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error
- func TsigVerifyByAlgorithm(msg []byte, cb tsigAlgorithmVerify, name, secret, requestMAC string, ...) error
- type Client
- type Conn
- type Error
- type TSIG
- type TsigAlgorithm
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func TsigGenerate ¶
TsigGenerate fills out the TSIG record attached to the message. The message should contain a "stub" TSIG RR with the algorithm, key name (owner name of the RR), time fudge (defaults to 300 seconds) and the current time The TSIG MAC is saved in that Tsig RR. When TsigGenerate is called for the first time requestMAC is set to the empty string and timersOnly is false. If something goes wrong an error is returned, otherwise it is nil.
func TsigGenerateByAlgorithm ¶
func TsigGenerateByAlgorithm(m *dns.Msg, cb tsigAlgorithmGenerate, name, secret, requestMAC string, timersOnly bool) ([]byte, string, error)
TsigGenerateByAlgorithm fills out the TSIG record attached to the message using a callback to implement the algorithm-specific generation. The message should contain a "stub" TSIG RR with the algorithm, key name (owner name of the RR), time fudge (defaults to 300 seconds) and the current time The TSIG MAC is saved in that Tsig RR. When TsigGenerate is called for the first time requestMAC is set to the empty string and timersOnly is false. If something goes wrong an error is returned, otherwise it is nil.
func TsigVerify ¶
TsigVerify verifies the TSIG on a message. If the signature does not validate err contains the error, otherwise it is nil.
func TsigVerifyByAlgorithm ¶
func TsigVerifyByAlgorithm(msg []byte, cb tsigAlgorithmVerify, name, secret, requestMAC string, timersOnly bool) error
TsigVerifyByAlgorithm verifies the TSIG on a message using a callback to implement the algorithm-specific verification. If the signature does not validate err contains the error, otherwise it is nil.
Types ¶
type Client ¶
type Client struct {
dns.Client
TsigAlgorithm map[string]*TsigAlgorithm
// contains filtered or unexported fields
}
A Client defines parameters for a DNS client.
func (*Client) ExchangeWithConn ¶
func (c *Client) ExchangeWithConn(m *dns.Msg, conn *Conn) (r *dns.Msg, rtt time.Duration, err error)
ExchangeWithConn has the same behavior as Exchange, just with a predetermined connection that will be used instead of creating a new one. Usage pattern with a *dns.Client:
c := new(dns.Client) // connection management logic goes here conn := c.Dial(address) in, rtt, err := c.ExchangeWithConn(message, conn) This allows users of the library to implement their own connection management, as opposed to Exchange, which will always use new connections and incur the added overhead that entails when using "tcp" and especially "tcp-tls" clients.
type Conn ¶
type Conn struct {
dns.Conn
TsigAlgorithm map[string]*TsigAlgorithm
// contains filtered or unexported fields
}
A Conn represents a connection to a DNS server.
func (*Conn) ReadMsg ¶
ReadMsg reads a message from the connection co. If the received message contains a TSIG record the transaction signature is verified. This method always tries to return the message, however if an error is returned there are no guarantees that the returned message is a valid representation of the packet read.
type Error ¶
type Error struct {
// contains filtered or unexported fields
}
Error represents a DNS error.
type TSIG ¶
TSIG is the RR the holds the transaction signature of a message. See RFC 2845 and RFC 4635.
type TsigAlgorithm ¶
type TsigAlgorithm struct {
Generate tsigAlgorithmGenerate
Verify tsigAlgorithmVerify
}
TsigAlgorithm holds the two callbacks used to generate and verify the transaction signature of a message.
Source Files