Bump version to 0.6.5 for new less-code-size feature

[dnssec-prover] / src / lib.rs

diff --git a/src/lib.rs b/src/lib.rs
index 0cabe0177671153f0cc8ce4b9ca03c8e912ba46f..f08034f687b1bdba1f43d34f30a1e2667a335f41 100644 (file)
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -15,7 +15,7 @@
 //! conservative MSRV policy, allowing it to be used in as many places as possible.
 //!
 //! Most of the crate's logic is feature-gated, and *all dependencies are optional*:
 //! conservative MSRV policy, allowing it to be used in as many places as possible.
 //!
 //! Most of the crate's logic is feature-gated, and *all dependencies are optional*:

-//!  * By default, the `validate` feature is set, using `ring` to validate DNSSEC signatures and
+//!  * By default, the `validation` feature is set, allowing to validate DNSSEC signatures and

 //!    proofs using the [`validation`] module.
 //!  * The `std` feature enables the [`query`] module, allowing for the building of proofs by
 //!    querying a recursive resolver over TCP.
 //!    proofs using the [`validation`] module.
 //!  * The `std` feature enables the [`query`] module, allowing for the building of proofs by
 //!    querying a recursive resolver over TCP.


@@ -24,17 +24,46 @@
 //!  * Finally, the crate can be built as a binary using the `build_server` feature, responding to
 //!    queries over HTTP GET calls to `/dnssecproof?d=domain.name.&t=RecordType` with DNSSEC
 //!    proofs.
 //!  * Finally, the crate can be built as a binary using the `build_server` feature, responding to
 //!    queries over HTTP GET calls to `/dnssecproof?d=domain.name.&t=RecordType` with DNSSEC
 //!    proofs.

+//!
+//! The `slower_smaller_binary` feature slows proof validation down by 50%+ for a very marginal
+//! reduction in binary size, but those who are extremely binary size constrained may still find it
+//! useful.

 
 #![deny(missing_docs)]
 
 #![deny(missing_docs)]

+#![deny(rustdoc::broken_intra_doc_links)]
+#![deny(rustdoc::private_intra_doc_links)]
+
+#![allow(clippy::new_without_default)] // why is this even a lint
+#![allow(clippy::result_unit_err)] // Why in the hell is this a lint?
+#![allow(clippy::get_first)] // Sometimes this improves readability
+#![allow(clippy::needless_lifetimes)] // lifetimes improve readability
+#![allow(clippy::needless_borrow)] // borrows indicate read-only/non-move
+#![allow(clippy::too_many_arguments)] // sometimes we don't have an option
+#![allow(clippy::identity_op)] // sometimes identities improve readability for repeated actions
+#![allow(clippy::erasing_op)] // sometimes identities improve readability for repeated actions

 
 #![cfg_attr(not(feature = "std"), no_std)]
 extern crate alloc;
 
 
 #![cfg_attr(not(feature = "std"), no_std)]
 extern crate alloc;
 

+/// The maximum number of requests we will make when building a proof or the maximum number of
+/// [`rr::RRSig`] sets we'll validate records from when validating proofs.
+// Note that this is duplicated exactly in src/http.rs
+pub const MAX_PROOF_STEPS: usize = 20;
+
+#[cfg(feature = "validation")]
+mod base32;
+
+#[cfg(all(feature = "validation", any(fuzzing, dnssec_validate_bench)))]
+pub mod crypto;
+#[cfg(all(feature = "validation", not(any(fuzzing, dnssec_validate_bench))))]
+mod crypto;
+

 pub mod rr;
 pub mod ser;
 pub mod rr;
 pub mod ser;

+pub mod query;

 
 #[cfg(feature = "validation")]
 pub mod validation;
 
 
 #[cfg(feature = "validation")]
 pub mod validation;
 

-#[cfg(feature = "std")]
-pub mod query;
+#[cfg(all(feature = "std", feature = "validation", test))]
+mod test;