|
@@ -339,7 +339,6 @@ public:
|
|
|
/// returns (without an exception being thrown), the internal state of
|
|
|
/// the \c TSIGContext won't be modified.
|
|
|
///
|
|
|
- /// \todo Support intermediate TCP DNS messages without TSIG (RFC2845 4.4)
|
|
|
/// \todo Signature truncation support based on RFC4635
|
|
|
///
|
|
|
/// \exception TSIGContextError Context already signed a response.
|
|
@@ -353,6 +352,19 @@ public:
|
|
|
TSIGError verify(const TSIGRecord* const record, const void* const data,
|
|
|
const size_t data_len);
|
|
|
|
|
|
+ /// \brief If the last verified message was signed.
|
|
|
+ ///
|
|
|
+ /// The RFC2845 allows for some of the messages not to be signed. However,
|
|
|
+ /// the last message must be signed and the class has knowledge if a given
|
|
|
+ /// message is last, therefore it can't check that.
|
|
|
+ ///
|
|
|
+ /// It is up to the caller to check if the last verified message was signed
|
|
|
+ /// after all are verified by calling this function.
|
|
|
+ ///
|
|
|
+ /// \return If the last message was signed or not.
|
|
|
+ /// \exception TSIGContextError if no message was verified yet.
|
|
|
+ bool lastHadSignature() const;
|
|
|
+
|
|
|
/// Return the expected length of TSIG RR after \c sign()
|
|
|
///
|
|
|
/// This method returns the length of the TSIG RR that would be
|