[PR #2964] [MERGED] proto & server: update message signature repr #3453

New issue

Closed

opened 2026-03-16 11:44:26 +03:00 by kerem · 0 comments

kerem commented

2026-03-16 11:44:26 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hickory-dns/hickory-dns/pull/2964
Author: @cpu
Created: 5/4/2025
Status: ✅ Merged
Merged: 5/5/2025
Merged by: @djc

Base: main ← Head: cpu-update-message-sig_dev

📝 Commits (8)

96719d6 proto: fix query_count() rustdoc comment
cd67653 server/store: fix InMemoryAuthority comment typo
94145ea server/store: remove commented out SqliteAuthority code
227974e proto: rename MessageParts sig0 field -> signature
0f704f4 proto: UpdateMessage sig0 fn -> signature
6cb2cf7 server: MessageRequest/UpdateRequest sig0 -> signature
2bff2fd server: MessageResponse(Builder) sig0 -> signature
ed656e1 proto & server: update message signature repr

📊 Changes

11 files changed (+627 additions, -201 deletions)

View changed files

📝 crates/proto/src/dnssec/rdata/tsig.rs (+3 -6)
📝 crates/proto/src/dnssec/signer.rs (+18 -6)
📝 crates/proto/src/dnssec/tsig.rs (+9 -7)
📝 crates/proto/src/op/header.rs (+1 -1)
📝 crates/proto/src/op/message.rs (+519 -103)
📝 crates/proto/src/op/mod.rs (+3 -1)
📝 crates/proto/src/op/update_message.rs (+6 -6)
📝 crates/server/src/authority/message_request.rs (+13 -12)
📝 crates/server/src/authority/message_response.rs (+10 -10)
📝 crates/server/src/store/in_memory/mod.rs (+1 -1)
📝 crates/server/src/store/sqlite/mod.rs (+44 -48)

📄 Description

This branch refactors Message signature representation with an enum.

Previously message signatures were represented by a Vec<Record> that (based on the parsing logic) could hold:

Nothing, for unsigned messages or builds w/o dnssec
One TSIG record
One SIG(0) record

The existing API for accessing the fields referred to SIG(0) RRs even when it could return TSIG RRs (based on this comment I believe this was an intentional choice to maintain semver). It also used a Vec even when only one sig record of a given type would be present.

This branch refactors to add a new MessageSignature enum that better encapsulates the valid states at the cost of a breaking API change. As a result, the Message::read_records() parsing logic , and the Sqlite authority SIG(0) verifying logic can also be simplified. Some small & insignificant tidying commits come along for the ride and are separated up front.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hickory-dns/hickory-dns/pull/2964 **Author:** [@cpu](https://github.com/cpu) **Created:** 5/4/2025 **Status:** ✅ Merged **Merged:** 5/5/2025 **Merged by:** [@djc](https://github.com/djc) **Base:** `main` ← **Head:** `cpu-update-message-sig_dev` --- ### 📝 Commits (8) - [`96719d6`](https://github.com/hickory-dns/hickory-dns/commit/96719d6bc95ca18b007349a16529cfe9dd17bcc4) proto: fix query_count() rustdoc comment - [`cd67653`](https://github.com/hickory-dns/hickory-dns/commit/cd67653c09d31a97d2ee91cfa9b2d703961eba4c) server/store: fix InMemoryAuthority comment typo - [`94145ea`](https://github.com/hickory-dns/hickory-dns/commit/94145ea5288280aaf09af76dc67c6f9e14ce7ffc) server/store: remove commented out SqliteAuthority code - [`227974e`](https://github.com/hickory-dns/hickory-dns/commit/227974eff29134a5a0a5a67a415246aae4f90c01) proto: rename MessageParts sig0 field -> signature - [`0f704f4`](https://github.com/hickory-dns/hickory-dns/commit/0f704f4b3fc24b1ba353d21ba6c8c0c958440e49) proto: UpdateMessage sig0 fn -> signature - [`6cb2cf7`](https://github.com/hickory-dns/hickory-dns/commit/6cb2cf71a0a01ae005950f1e3f73c94006d4b527) server: MessageRequest/UpdateRequest sig0 -> signature - [`2bff2fd`](https://github.com/hickory-dns/hickory-dns/commit/2bff2fdafa63f2811ac916876496a5d212c82853) server: MessageResponse(Builder) sig0 -> signature - [`ed656e1`](https://github.com/hickory-dns/hickory-dns/commit/ed656e1b26a1afe74bb713b571c3f1aebbb28506) proto & server: update message signature repr ### 📊 Changes **11 files changed** (+627 additions, -201 deletions) <details> <summary>View changed files</summary> 📝 `crates/proto/src/dnssec/rdata/tsig.rs` (+3 -6) 📝 `crates/proto/src/dnssec/signer.rs` (+18 -6) 📝 `crates/proto/src/dnssec/tsig.rs` (+9 -7) 📝 `crates/proto/src/op/header.rs` (+1 -1) 📝 `crates/proto/src/op/message.rs` (+519 -103) 📝 `crates/proto/src/op/mod.rs` (+3 -1) 📝 `crates/proto/src/op/update_message.rs` (+6 -6) 📝 `crates/server/src/authority/message_request.rs` (+13 -12) 📝 `crates/server/src/authority/message_response.rs` (+10 -10) 📝 `crates/server/src/store/in_memory/mod.rs` (+1 -1) 📝 `crates/server/src/store/sqlite/mod.rs` (+44 -48) </details> ### 📄 Description This branch refactors `Message` signature representation with an `enum`. Previously message signatures were represented by a `Vec<Record>` that (based on the parsing logic) could hold: * Nothing, for unsigned messages or builds w/o dnssec * One TSIG record * One SIG(0) record The existing API for accessing the fields referred to SIG(0) RRs even when it could return TSIG RRs (_based on [this comment](https://github.com/hickory-dns/hickory-dns/blob/8f63f58fccfe2e643d6ff17c800ce9e27e770b62/crates/proto/src/op/message.rs#L826-L828) I believe this was an intentional choice to maintain semver_). It also used a `Vec` even when only one sig record of a given type would be present. This branch refactors to add a new `MessageSignature` enum that better encapsulates the valid states at the cost of a breaking API change. As a result, the `Message::read_records()` parsing logic , and the Sqlite authority SIG(0) verifying logic can also be simplified. Some small & insignificant tidying commits come along for the ride and are separated up front. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>