Browse Source

[1357] Update documentation and interface of TSIGContext

Preparation for the upcoming changes:
 * Remove the TODO that'll be solved by this branch.
 * Add a method needed to use it correctly.
Michal 'vorner' Vaner 12 years ago
parent
commit
40e0500ef5
1 changed files with 13 additions and 1 deletions
  1. 13 1
      src/lib/dns/tsig.h

+ 13 - 1
src/lib/dns/tsig.h

@@ -339,7 +339,6 @@ public:
     /// returns (without an exception being thrown), the internal state of
     /// the \c TSIGContext won't be modified.
     ///
-    /// \todo Support intermediate TCP DNS messages without TSIG (RFC2845 4.4)
     /// \todo Signature truncation support based on RFC4635
     ///
     /// \exception TSIGContextError Context already signed a response.
@@ -353,6 +352,19 @@ public:
     TSIGError verify(const TSIGRecord* const record, const void* const data,
                      const size_t data_len);
 
+    /// \brief If the last verified message was signed.
+    ///
+    /// The RFC2845 allows for some of the messages not to be signed. However,
+    /// the last message must be signed and the class has knowledge if a given
+    /// message is last, therefore it can't check that.
+    ///
+    /// It is up to the caller to check if the last verified message was signed
+    /// after all are verified by calling this function.
+    ///
+    /// \return If the last message was signed or not.
+    /// \exception TSIGContextError if no message was verified yet.
+    bool lastHadSignature() const;
+
     /// Return the expected length of TSIG RR after \c sign()
     ///
     /// This method returns the length of the TSIG RR that would be