xref: /netbsd-src/external/bsd/unbound/dist/testdata/svcb.tdir/svcb.success-cases.zone (revision 91f7d55fb697b5e0475da4718fa34c3a3ebeac85) 
1$ORIGIN success-cases.
2$TTL 3600
3
4@       SOA     primary admin 0 0 0 0 0
5
6
7; A particular key does not need to have a value
8
9s01	SVCB   0 . key123
10
11
12; echconfig does not need to have a value
13
14s02	SVCB   0 . echconfig
15
16
17; When "no-default-alpn" is specified in an RR, "alpn" must also be specified
18; in order for the RR to be "self-consistent"
19
20s03	HTTPS	0 . alpn="h2,h3" no-default-alpn
21
22
23; SHOULD is not MUST (so allowed)
24; Zone-file implementations SHOULD enforce self-consistency
25
26s04	HTTPS	0 . no-default-alpn
27
28
29; SHOULD is not MUST (so allowed)
30; (port and no-default-alpn are automatically mandatory keys with HTTPS)
31; Other automatically mandatory keys SHOULD NOT appear in the list either.
32
33s05	HTTPS	0 . alpn="dot" no-default-alpn port=853 mandatory=port
34
35; Any valid base64 is okay for ech
36s06     HTTPS   0 . ech="aGVsbG93b3JsZCE="
37
38; echconfig is an alias for ech
39s07     HTTPS   0 . echconfig="aGVsbG93b3JsZCE="
40
41; maximum size allowed in a svcb rdata set (63 SvcParams)
42
43s08     HTTPS   0 . ( key11=a key12=a key13=a key14=a key15=a key16=a key17=a key18=a key19=a key110=a key111=a key112=a key113=a key114=a key115=a key116=a key117=a key118=a key119=a key120=a key121=a key122=a key123=a key124=a key125=a key126=a key127=a key128=a key129=a key130=a key131=a key132=a key133=a key134=a key135=a key136=a key137=a key138=a key139=a key140=a key141=a key142=a key143=a key144=a key145=a key146=a key147=a key148=a key149=a key150=a key151=a key152=a key153=a key154=a key155=a key156=a key157=a key158=a key159=a key160=a key161=a key162=a key163=a)
44
45; maximum alpn size allowed (255 characters)
46
47s09     HTTPS   0 . ( alpn="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" )
48
49; dohpath can be (non-)quoted and MUST contain "?dns"
50; currently there is no validation from Unbound, it can be anything
51; maybe needs changing if Unbound is the primary authoritative for SVCB records.
52; Then SVCB_SEMANTIC_CHECKS parts of the code could be used per authoritative role.
53
54_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath
55_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath=
56_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath=""
57_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath="/"
58_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath="/dns-query{?dns}"
59_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath=/dns-query{?abcd}{!abcd}{?dns}
60_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath=/dns-query{?abcdabcd?dns?defedf}
61_dns.doh.example. 7200 IN SVCB 1 doh.example. alpn=h2 dohpath=/dns-queryéè{?dns}
62