xref: /netbsd-src/external/bsd/unbound/dist/testdata/black_ds.rpl (revision 7cd94d692f099dff0c03996f61fd7a476e40159b) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7	qname-minimisation: "no"
8	fake-sha1: yes
9	trust-anchor-signaling: no
10
11stub-zone:
12	name: "."
13	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
14CONFIG_END
15
16SCENARIO_BEGIN Test validator with blacklist for DS response
17
18; K.ROOT-SERVERS.NET.
19RANGE_BEGIN 0 100
20	ADDRESS 193.0.14.129
21ENTRY_BEGIN
22MATCH opcode qtype qname
23ADJUST copy_id
24REPLY QR NOERROR
25SECTION QUESTION
26. IN NS
27SECTION ANSWER
28. IN NS	K.ROOT-SERVERS.NET.
29SECTION ADDITIONAL
30K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
31ENTRY_END
32
33ENTRY_BEGIN
34MATCH opcode subdomain
35ADJUST copy_id copy_query
36REPLY QR NOERROR
37SECTION QUESTION
38com. IN A
39SECTION AUTHORITY
40com.	IN NS	a.gtld-servers.net.
41SECTION ADDITIONAL
42a.gtld-servers.net.	IN 	A	192.5.6.30
43ENTRY_END
44RANGE_END
45
46; a.gtld-servers.net.
47RANGE_BEGIN 0 100
48	ADDRESS 192.5.6.30
49ENTRY_BEGIN
50MATCH opcode qtype qname
51ADJUST copy_id
52REPLY QR NOERROR
53SECTION QUESTION
54com. IN NS
55SECTION ANSWER
56com.    IN NS   a.gtld-servers.net.
57SECTION ADDITIONAL
58a.gtld-servers.net.     IN      A       192.5.6.30
59ENTRY_END
60
61ENTRY_BEGIN
62MATCH opcode qtype qname
63ADJUST copy_id
64REPLY QR NOERROR
65SECTION QUESTION
66ns.blabla.com. IN A
67SECTION ANSWER
68ns.blabla.com. IN A 1.2.3.5
69ENTRY_END
70
71ENTRY_BEGIN
72MATCH opcode qtype qname
73ADJUST copy_id
74REPLY QR NOERROR
75SECTION QUESTION
76ns.blabla.com. IN AAAA
77SECTION AUTHORITY
78com. IN SOA com. com. 2009100100 28800 7200 604800 3600
79ENTRY_END
80
81ENTRY_BEGIN
82MATCH opcode subdomain
83ADJUST copy_id copy_query
84REPLY QR NOERROR
85SECTION QUESTION
86example.com. IN NS
87SECTION AUTHORITY
88example.com.	IN NS	ns.example.com.
89example.com.	IN NS	ns.blabla.com.
90SECTION ADDITIONAL
91ns.example.com.		IN 	A	1.2.3.4
92; no ns.blabla.com, try that later
93ENTRY_END
94RANGE_END
95
96; ns.example.com.
97RANGE_BEGIN 0 100
98	ADDRESS 1.2.3.4
99ENTRY_BEGIN
100MATCH opcode qtype qname
101ADJUST copy_id
102REPLY QR NOERROR
103SECTION QUESTION
104example.com. IN NS
105SECTION ANSWER
106example.com.    IN NS   ns.example.com.
107example.com.    IN NS   ns.blabla.com.
108example.com.	3600	IN	RRSIG	NS 3 2 3600 20030926134150 20030829134150 2854 example.com. AKJ3xUBdSrCiOFkYajsy93d+h06rewpbmBHItTkL8R/26rw57b1gCIg= ;{id = 2854}
109SECTION ADDITIONAL
110ns.example.com.         IN      A       1.2.3.4
111ns.example.com.	3600	IN	RRSIG	A 3 3 3600 20030926134150 20030829134150 2854 example.com. AHNj99mBmP4np19V01nSq990ZIFlIiLWoeHijm/HcOG/o8+DuIp4fL8= ;{id = 2854}
112ENTRY_END
113
114ENTRY_BEGIN
115MATCH opcode qtype qname
116ADJUST copy_id
117REPLY QR NOERROR
118SECTION QUESTION
119ns.example.com. IN A
120SECTION ANSWER
121ns.example.com.         IN      A       1.2.3.4
122ns.example.com.	3600	IN	RRSIG	A 3 3 3600 20030926134150 20030829134150 2854 example.com. AHNj99mBmP4np19V01nSq990ZIFlIiLWoeHijm/HcOG/o8+DuIp4fL8= ;{id = 2854}
123SECTION ADDITIONAL
124ENTRY_END
125
126ENTRY_BEGIN
127MATCH opcode qtype qname
128ADJUST copy_id
129REPLY QR NOERROR
130SECTION QUESTION
131ns.example.com. IN AAAA
132SECTION ANSWER
133SECTION ADDITIONAL
134ns.example.com. IN NSEC oof.example.com. NSEC RRSIG A
135ns.example.com.	3600	IN	RRSIG	NSEC 3 3 3600 20030926134150 20030829134150 2854 example.com. ACFVLLBtuSX/1z3461tbOwDz9zTHe5S9DbVtwnSO1f2x06fYbMpzSDE= ;{id = 2854}
136ENTRY_END
137
138; response to DNSKEY priming query
139ENTRY_BEGIN
140MATCH opcode qtype qname
141ADJUST copy_id
142REPLY QR NOERROR
143SECTION QUESTION
144example.com. IN DNSKEY
145SECTION ANSWER
146example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
147; make priming query succeed
148example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
149;example.com.	3600	IN	RRSIG	DNSKEY 3 2 3600 20030926134150 20030829134150 2854 example.com. AG21xE8CFQzTq6XtHErg28b9EAmqPsoYCUcFPEAoAjFybM6AY4/bMOo= ;{id = 2854}
150SECTION AUTHORITY
151;example.com.    IN NS   ns.example.com.
152;example.com.    IN NS   ns.blabla.com.
153;example.com.	3600	IN	RRSIG	NS 3 2 3600 20030926134150 20030829134150 2854 example.com. ACiWu7zjBHqgEX3iUoOF7rfpOmIAHj1npKQ+XDIaNlmdkfJxoCwFl04= ;{id = 2854}
154SECTION ADDITIONAL
155;ns.example.com.		IN 	A	1.2.3.4
156;ns.example.com.	3600	IN	RRSIG	A 3 3 3600 20030926134150 20030829134150 2854 example.com. ACmAsKTf7hqDaYK8CQ7FL1cGYPW+blTCnzZGkExFtEUAGrHeze87o+A= ;{id = 2854}
157ENTRY_END
158
159ENTRY_BEGIN
160MATCH opcode qtype qname
161ADJUST copy_id
162REPLY QR NOERROR
163SECTION QUESTION
164www.example.com. IN A
165SECTION ANSWER
166www.example.com. IN A	10.20.30.40
167www.example.com.	3600	IN	RRSIG	A 3 3 3600 20030926134150 20030829134150 2854 example.com. AGj9kE8oW3OhOLhkmJ3HBaNIOpvGf3S8zSd5gWmhpxAMc5hh6cxZfpQ= ;{id = 2854}
168SECTION AUTHORITY
169example.com.    IN NS   ns.example.com.
170example.com.    IN NS   ns.blabla.com.
171example.com.	3600	IN	RRSIG	NS 3 2 3600 20030926134150 20030829134150 2854 example.com. ACHETweBNPgbmRoNRdKvxuw4X9qNUUTEpSuwV+HhuiBE83gbB98asAc= ;{id = 2854}
172SECTION ADDITIONAL
173ns.example.com.		IN 	A	1.2.3.4
174ns.example.com.	3600	IN	RRSIG	A 3 3 3600 20030926134150 20030829134150 2854 example.com. AGvu9A/nGsbatxJCmnObioIhKg2Tm0Apr0eo+DO1kIDrAHco/bt/EdY= ;{id = 2854}
175ENTRY_END
176
177; DS request
178ENTRY_BEGIN
179MATCH opcode qtype qname
180ADJUST copy_id
181REPLY QR AA NOERROR
182SECTION QUESTION
183sub.example.com. IN DS
184SECTION ANSWER
185sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
186sub.example.com.	3600	IN	RRSIG	DS 3 3 3600 20030926134150 20030829134150 2854 example.com. AAT/7XwtMjHiT1GFHfV6Wvv4n+oOkqxllNdf9bLnpTHw/8h586yBgwg= ;{id = 2854}
187ENTRY_END
188
189ENTRY_BEGIN
190MATCH opcode subdomain
191ADJUST copy_id copy_query
192REPLY QR AA NOERROR
193SECTION QUESTION
194sub.example.com. IN NS
195SECTION AUTHORITY
196sub.example.com. IN NS ns.sub.example.com.
197sub.example.com. IN NS ns.foo.com.
198sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
199sub.example.com.	3600	IN	RRSIG	DS 3 3 3600 20030926134150 20030829134150 2854 example.com. AAT/7XwtMjHiT1GFHfV6Wvv4n+oOkqxllNdf9bLnpTHw/8h586yBgwg= ;{id = 2854}
200SECTION ADDITIONAL
201ns.sub.example.com. IN A 1.2.4.6
202ENTRY_END
203
204RANGE_END
205
206; ns.blabla.com.
207RANGE_BEGIN 0 100
208	ADDRESS 1.2.3.5
209ENTRY_BEGIN
210MATCH opcode qtype qname
211ADJUST copy_id
212REPLY QR NOERROR
213SECTION QUESTION
214example.com. IN NS
215SECTION ANSWER
216example.com.    IN NS   ns.example.com.
217example.com.    IN NS   ns.blabla.com.
218example.com.	3600	IN	RRSIG	NS 3 2 3600 20070926134150 20070829134150 2854 example.com. AAJHNhPYVG6+550zQga9ZgV8McQZHLboOWjfbdiq2ZC+gUcQeQDDlFs= ;{id = 2854}
219SECTION ADDITIONAL
220ns.example.com.         IN      A       1.2.3.4
221ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
222ENTRY_END
223
224ENTRY_BEGIN
225MATCH opcode qtype qname
226ADJUST copy_id
227REPLY QR NOERROR
228SECTION QUESTION
229ns.example.com. IN A
230SECTION ANSWER
231ns.example.com.         IN      A       1.2.3.4
232ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
233SECTION ADDITIONAL
234ENTRY_END
235
236ENTRY_BEGIN
237MATCH opcode qtype qname
238ADJUST copy_id
239REPLY QR NOERROR
240SECTION QUESTION
241ns.example.com. IN AAAA
242SECTION ANSWER
243SECTION ADDITIONAL
244ns.example.com. IN NSEC oof.example.com. NSEC RRSIG A
245ns.example.com.	3600	IN	RRSIG	NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. ABhDNtJramb2a4R1SK5gb/CTYJybQts6mZ++z3kLiwsrUSZInA4ikeQ= ;{id = 2854}
246ENTRY_END
247
248; response to DNSKEY priming query
249ENTRY_BEGIN
250MATCH opcode qtype qname
251ADJUST copy_id
252REPLY QR NOERROR
253SECTION QUESTION
254example.com. IN DNSKEY
255SECTION ANSWER
256example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
257example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
258SECTION AUTHORITY
259example.com.    IN NS   ns.example.com.
260example.com.    IN NS   ns.blabla.com.
261example.com.	3600	IN	RRSIG	NS 3 2 3600 20070926134150 20070829134150 2854 example.com. AAJHNhPYVG6+550zQga9ZgV8McQZHLboOWjfbdiq2ZC+gUcQeQDDlFs= ;{id = 2854}
262SECTION ADDITIONAL
263ns.example.com.		IN 	A	1.2.3.4
264ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
265ENTRY_END
266
267ENTRY_BEGIN
268MATCH opcode qtype qname
269ADJUST copy_id
270REPLY QR NOERROR
271SECTION QUESTION
272www.example.com. IN A
273SECTION ANSWER
274www.example.com. IN A	10.20.30.40
275ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
276SECTION AUTHORITY
277example.com.    IN NS   ns.example.com.
278example.com.    IN NS   ns.blabla.com.
279example.com.	3600	IN	RRSIG	NS 3 2 3600 20070926134150 20070829134150 2854 example.com. AAJHNhPYVG6+550zQga9ZgV8McQZHLboOWjfbdiq2ZC+gUcQeQDDlFs= ;{id = 2854}
280SECTION ADDITIONAL
281ns.example.com.		IN 	A	1.2.3.4
282www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
283ENTRY_END
284
285; DS request
286ENTRY_BEGIN
287MATCH opcode qtype qname
288ADJUST copy_id
289REPLY QR AA NOERROR
290SECTION QUESTION
291sub.example.com. IN DS
292SECTION ANSWER
293sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
294sub.example.com.	3600	IN	RRSIG	DS 3 3 3600 20070926134150 20070829134150 2854 example.com. AKslZ9oXcoyeOkPfGkTB3/hxnpdgU5ahzElLyK6B0n6+BdIXeirIEtE= ;{id = 2854}
295ENTRY_END
296
297ENTRY_BEGIN
298MATCH opcode subdomain
299ADJUST copy_id copy_query
300REPLY QR AA NOERROR
301SECTION QUESTION
302sub.example.com. IN NS
303SECTION AUTHORITY
304sub.example.com. IN NS ns.sub.example.com.
305sub.example.com. IN NS ns.foo.com.
306sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
307sub.example.com.	3600	IN	RRSIG	DS 3 3 3600 20070926134150 20070829134150 2854 example.com. AKslZ9oXcoyeOkPfGkTB3/hxnpdgU5ahzElLyK6B0n6+BdIXeirIEtE= ;{id = 2854}
308SECTION ADDITIONAL
309ns.sub.example.com. IN A 1.2.4.6
310ENTRY_END
311
312RANGE_END
313
314; ns.sub.example.com.
315RANGE_BEGIN 0 100
316	ADDRESS 1.2.4.6
317ENTRY_BEGIN
318MATCH opcode qtype qname
319ADJUST copy_id
320REPLY QR AA NOERROR
321SECTION QUESTION
322sub.example.com. IN DNSKEY
323SECTION ANSWER
324sub.example.com.	3600	IN	DNSKEY	256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
325sub.example.com.	3600	IN	RRSIG	DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899}
326ENTRY_END
327
328ENTRY_BEGIN
329MATCH opcode qtype qname
330ADJUST copy_id
331REPLY QR AA NOERROR
332SECTION QUESTION
333sub.example.com. IN NS
334SECTION ANSWER
335sub.example.com. IN NS ns.sub.example.com.
336sub.example.com. IN NS ns.foo.com.
337sub.example.com.	3600	IN	RRSIG	NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. hJ3nkrfyBwPcfpwc9wEwzhF5+ZKUddKBHQuZuHPZBjBwb1BsT7B7ryadttbGE3keQJiwNmK9AqvE0Zb+WkDceg== ;{id = 30899}
338SECTION ADDITIONAL
339ns.sub.example.com. IN A 1.2.4.6
340ns.sub.example.com.	3600	IN	RRSIG	A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. fMRshSYDWgvGAwc24Lzg6746jnoG5shlK+o9CgzU7CQbkeNWmj3oO/0TJGP/zxp52JiDBpzRuTmBlrcJYV/gBA== ;{id = 30899}
341ENTRY_END
342
343ENTRY_BEGIN
344MATCH opcode qtype qname
345ADJUST copy_id
346REPLY QR AA NOERROR
347SECTION QUESTION
348ns.sub.example.com. IN A
349SECTION ANSWER
350ns.sub.example.com. IN A 1.2.4.6
351ns.sub.example.com.	3600	IN	RRSIG	A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. fMRshSYDWgvGAwc24Lzg6746jnoG5shlK+o9CgzU7CQbkeNWmj3oO/0TJGP/zxp52JiDBpzRuTmBlrcJYV/gBA== ;{id = 30899}
352ENTRY_END
353
354ENTRY_BEGIN
355MATCH opcode qtype qname
356ADJUST copy_id
357REPLY QR AA NOERROR
358SECTION QUESTION
359ns.sub.example.com. IN AAAA
360SECTION AUTHORITY
361ns.sub.example.com. IN NSEC nt.sub.example.com. NSEC RRSIG A
362ns.sub.example.com.	3600	IN	RRSIG	NSEC 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. qwUibvlPTFnxgiyCNtEJCYqJIgA8WFDqypmsO6TSYje2Rqhq4AaWEVxQwU4bdjmipCGVqtlP8mMyMQHaYNMGKA== ;{id = 30899}
363sub.example.com. IN SOA sub.example.com. hostmaster.sub.example.com. 1 2 3 4 5
364sub.example.com.	3600	IN	RRSIG	SOA 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. sZQEMd0ys2mxPRajzBuvy4XdLNVvXMmJSnmfTHUL41d9IxbGN/ifpiIWs2MXOFPnbab05aYadrzZpT/cpDTxmQ== ;{id = 30899}
365ENTRY_END
366
367ENTRY_BEGIN
368MATCH opcode qtype qname
369ADJUST copy_id
370REPLY QR AA NOERROR
371SECTION QUESTION
372www.sub.example.com. IN A
373SECTION ANSWER
374www.sub.example.com. IN A 10.20.30.40
375www.sub.example.com.	3600	IN	RRSIG	A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. deNzEy9Hq+6gDZhafC0M7UDuRBm51AA1/FAIauAitNuQlYUzOvWLVHFQ95bn308rCVPqrb4rFDV+gNzxkzm1rw== ;{id = 30899}
376ENTRY_END
377
378RANGE_END
379
380STEP 1 QUERY
381ENTRY_BEGIN
382REPLY RD DO
383SECTION QUESTION
384www.sub.example.com. IN A
385ENTRY_END
386
387; recursion happens here.
388STEP 10 CHECK_ANSWER
389ENTRY_BEGIN
390MATCH all
391REPLY QR RD RA AD DO NOERROR
392SECTION QUESTION
393www.sub.example.com. IN A
394SECTION ANSWER
395www.sub.example.com. IN A 10.20.30.40
396www.sub.example.com.	3600	IN	RRSIG	A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. deNzEy9Hq+6gDZhafC0M7UDuRBm51AA1/FAIauAitNuQlYUzOvWLVHFQ95bn308rCVPqrb4rFDV+gNzxkzm1rw== ;{id = 30899}
397ENTRY_END
398
399; remove pending ns.blabla.com AAAA msg
400STEP 30 QUERY
401ENTRY_BEGIN
402REPLY RD DO CD
403SECTION QUESTION
404ns.blabla.com. IN AAAA
405ENTRY_END
406
407; recursion happens here.
408STEP 40 CHECK_ANSWER
409ENTRY_BEGIN
410MATCH all
411REPLY QR RD CD RA DO NOERROR
412SECTION QUESTION
413ns.blabla.com. IN AAAA
414SECTION ANSWER
415SECTION AUTHORITY
416com. IN SOA com. com. 2009100100 28800 7200 604800 3600
417ENTRY_END
418
419SCENARIO_END
420