package dns-server

  1. Overview
  2. Docs

DNS Server implementation

module Authentication : sig ... end

Authentication, stored in a Dns_trie with privileges to operations embedded in the name.

type t = private {
  1. data : Dns_trie.t;
  2. auth : Authentication.t;
  3. unauthenticated_zone_transfer : bool;
  4. rng : int -> Cstruct.t;
  5. tsig_verify : Dns.Tsig_op.verify;
  6. tsig_sign : Dns.Tsig_op.sign;
}

The state of a DNS server.

val create : ?unauthenticated_zone_transfer:bool -> ?tsig_verify:Dns.Tsig_op.verify -> ?tsig_sign:Dns.Tsig_op.sign -> ?auth:Authentication.t -> Dns_trie.t -> (int -> Cstruct.t) -> t

create ~unauthenticated_zone_transfer ~tsig_verify ~tsig_sign ~auth data rng constructs a t. See Primary.create and Secondary.create for the logic running a primary or secondary server.

val with_data : t -> Dns_trie.t -> t

with_data t data is t' where the data field is updated with the provided value.

val text : 'a Domain_name.t -> Dns_trie.t -> (string, [> `Msg of string ]) Stdlib.result

text name trie results in a string representation (zonefile) of the trie.

val handle_question : t -> Dns.Packet.Question.t -> (Dns.Packet.Flags.t * Dns.Packet.Answer.t * Dns.Name_rr_map.t option, Dns.Rcode.t * Dns.Packet.Answer.t option) Stdlib.result

handle_question t question handles the DNS query question by looking it up in the trie of t.

val handle_update : t -> Dns.proto -> [ `raw ] Domain_name.t option -> Dns.Packet.Question.t -> Dns.Packet.Update.t -> (Dns_trie.t * ([ `raw ] Domain_name.t * Dns.Soa.t) list, Dns.Rcode.t) Stdlib.result

handle_update t proto keyname question update authenticates the update request and processes the update.

val handle_axfr_request : t -> Dns.proto -> [ `raw ] Domain_name.t option -> Dns.Packet.Question.t -> (Dns.Packet.Axfr.t, Dns.Rcode.t) Stdlib.result

handle_axfr_request t proto keyname question authenticates the zone transfer request and processes it. If the request is valid, and the zone available, a zone transfer is returned.

type trie_cache
val handle_ixfr_request : t -> trie_cache -> Dns.proto -> [ `raw ] Domain_name.t option -> Dns.Packet.Question.t -> Dns.Soa.t -> (Dns.Packet.Ixfr.t, Dns.Rcode.t) Stdlib.result

handle_ixfr_request t cache proto keyname question soa authenticates the incremental zone transfer request and processes it. If valid, an incremental zone transfer is returned.

val handle_tsig : ?mac:Cstruct.t -> t -> Ptime.t -> Dns.Packet.t -> Cstruct.t -> (([ `raw ] Domain_name.t * Dns.Tsig.t * Cstruct.t * Dns.Dnskey.t) option, Dns.Tsig_op.e * Cstruct.t option) Stdlib.result

handle_tsig ~mac t now packet buffer verifies the tsig signature if present, returning the keyname, tsig, mac, and used key.

module Primary : sig ... end
module Secondary : sig ... end
OCaml

Innovation. Community. Security.