X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Flib.rs;h=4cf920da84cf423bb0eb70ddaebdb735b765576f;hb=HEAD;hp=c7027b0f1a36ad0310348a0c3720a4b3f6c04bf1;hpb=e4503cf90b6ad5ed9edc99389956ceffb1c35502;p=dnssec-prover diff --git a/src/lib.rs b/src/lib.rs index c7027b0..f08034f 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -14,8 +14,8 @@ //! It is no-std (but requires `alloc`) and seeks to have minimal dependencies and a reasonably //! conservative MSRV policy, allowing it to be used in as many places as possible. //! -//! Most of the crate's logic is feature-gated: -//! * By default, the `validate` feature is set, using `ring` to validate DNSSEC signatures and +//! Most of the crate's logic is feature-gated, and *all dependencies are optional*: +//! * By default, the `validation` feature is set, allowing to validate DNSSEC signatures and //! proofs using the [`validation`] module. //! * The `std` feature enables the [`query`] module, allowing for the building of proofs by //! querying a recursive resolver over TCP. @@ -24,17 +24,46 @@ //! * Finally, the crate can be built as a binary using the `build_server` feature, responding to //! queries over HTTP GET calls to `/dnssecproof?d=domain.name.&t=RecordType` with DNSSEC //! proofs. +//! +//! The `slower_smaller_binary` feature slows proof validation down by 50%+ for a very marginal +//! reduction in binary size, but those who are extremely binary size constrained may still find it +//! useful. #![deny(missing_docs)] +#![deny(rustdoc::broken_intra_doc_links)] +#![deny(rustdoc::private_intra_doc_links)] + +#![allow(clippy::new_without_default)] // why is this even a lint +#![allow(clippy::result_unit_err)] // Why in the hell is this a lint? +#![allow(clippy::get_first)] // Sometimes this improves readability +#![allow(clippy::needless_lifetimes)] // lifetimes improve readability +#![allow(clippy::needless_borrow)] // borrows indicate read-only/non-move +#![allow(clippy::too_many_arguments)] // sometimes we don't have an option +#![allow(clippy::identity_op)] // sometimes identities improve readability for repeated actions +#![allow(clippy::erasing_op)] // sometimes identities improve readability for repeated actions #![cfg_attr(not(feature = "std"), no_std)] extern crate alloc; +/// The maximum number of requests we will make when building a proof or the maximum number of +/// [`rr::RRSig`] sets we'll validate records from when validating proofs. +// Note that this is duplicated exactly in src/http.rs +pub const MAX_PROOF_STEPS: usize = 20; + +#[cfg(feature = "validation")] +mod base32; + +#[cfg(all(feature = "validation", any(fuzzing, dnssec_validate_bench)))] +pub mod crypto; +#[cfg(all(feature = "validation", not(any(fuzzing, dnssec_validate_bench))))] +mod crypto; + pub mod rr; pub mod ser; +pub mod query; #[cfg(feature = "validation")] pub mod validation; -#[cfg(feature = "std")] -pub mod query; +#[cfg(all(feature = "std", feature = "validation", test))] +mod test;