xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_anchor_nx_nosig.rpl (revision 796c32c94f6e154afc9de0f63da35c91bb739b45) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "sub.example.com.    3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7
8stub-zone:
9	name: "."
10	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
11CONFIG_END
12
13SCENARIO_BEGIN Test validator with unsigned denial of trust anchor
14
15; K.ROOT-SERVERS.NET.
16RANGE_BEGIN 0 100
17	ADDRESS 193.0.14.129
18ENTRY_BEGIN
19MATCH opcode qtype qname
20ADJUST copy_id
21REPLY QR NOERROR
22SECTION QUESTION
23. IN NS
24SECTION ANSWER
25. IN NS	K.ROOT-SERVERS.NET.
26SECTION ADDITIONAL
27K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
28ENTRY_END
29
30ENTRY_BEGIN
31MATCH opcode qtype qname
32ADJUST copy_id
33REPLY QR NOERROR
34SECTION QUESTION
35www.sub.example.com. IN A
36SECTION AUTHORITY
37com.	IN NS	a.gtld-servers.net.
38SECTION ADDITIONAL
39a.gtld-servers.net.	IN 	A	192.5.6.30
40ENTRY_END
41RANGE_END
42
43; a.gtld-servers.net.
44RANGE_BEGIN 0 100
45	ADDRESS 192.5.6.30
46ENTRY_BEGIN
47MATCH opcode qtype qname
48ADJUST copy_id
49REPLY QR NOERROR
50SECTION QUESTION
51com. IN NS
52SECTION ANSWER
53com.    IN NS   a.gtld-servers.net.
54SECTION ADDITIONAL
55a.gtld-servers.net.     IN      A       192.5.6.30
56ENTRY_END
57
58ENTRY_BEGIN
59MATCH opcode qtype qname
60ADJUST copy_id
61REPLY QR NOERROR
62SECTION QUESTION
63www.sub.example.com. IN A
64SECTION AUTHORITY
65example.com.	IN NS	ns.example.com.
66SECTION ADDITIONAL
67ns.example.com.		IN 	A	1.2.3.4
68ENTRY_END
69RANGE_END
70
71; ns.example.com.
72RANGE_BEGIN 0 100
73	ADDRESS 1.2.3.4
74ENTRY_BEGIN
75MATCH opcode qtype qname
76ADJUST copy_id
77REPLY QR NOERROR
78SECTION QUESTION
79example.com. IN NS
80SECTION ANSWER
81example.com.    IN NS   ns.example.com.
82example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
83SECTION ADDITIONAL
84ns.example.com.         IN      A       1.2.3.4
85ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
86ENTRY_END
87
88; response to DNSKEY priming query
89ENTRY_BEGIN
90MATCH opcode qtype qname
91ADJUST copy_id
92REPLY QR NOERROR
93SECTION QUESTION
94example.com. IN DNSKEY
95SECTION ANSWER
96example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
97example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
98SECTION AUTHORITY
99example.com.	IN NS	ns.example.com.
100example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
101SECTION ADDITIONAL
102ns.example.com.		IN 	A	1.2.3.4
103ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
104ENTRY_END
105
106; response for sub.example.com.
107ENTRY_BEGIN
108MATCH opcode qtype qname
109ADJUST copy_id
110REPLY QR NXDOMAIN
111SECTION QUESTION
112www.sub.example.com. IN A
113SECTION AUTHORITY
114example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
115example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
116blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
117blub.example.com.       3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
118example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
119example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
120ENTRY_END
121
122ENTRY_BEGIN
123MATCH opcode qtype qname
124ADJUST copy_id
125REPLY QR NXDOMAIN
126SECTION QUESTION
127www.sub.example.com. IN DS
128SECTION AUTHORITY
129example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
130example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
131blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
132blub.example.com.       3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
133example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
134example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
135ENTRY_END
136
137ENTRY_BEGIN
138MATCH opcode qtype qname
139ADJUST copy_id
140REPLY QR NXDOMAIN
141SECTION QUESTION
142sub.example.com. IN DNSKEY
143SECTION AUTHORITY
144example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
145example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
146blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
147blub.example.com.       3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
148example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
149example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
150ENTRY_END
151RANGE_END
152
153; ns.sub.example.com.
154RANGE_BEGIN 0 100
155	ADDRESS 1.2.3.6
156
157; response to DNSKEY priming query
158; sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
159ENTRY_BEGIN
160MATCH opcode qtype qname
161ADJUST copy_id
162REPLY QR NOERROR
163SECTION QUESTION
164sub.example.com. IN DNSKEY
165SECTION ANSWER
166sub.example.com.        3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
167sub.example.com.        3600    IN      RRSIG   DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899}
168SECTION AUTHORITY
169sub.example.com. IN	NS ns.sub.example.com.
170sub.example.com.        3600    IN      RRSIG   NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899}
171SECTION ADDITIONAL
172ns.sub.example.com. IN A 1.2.3.6
173ns.sub.example.com.     3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899}
174ENTRY_END
175
176; response to query of interest
177ENTRY_BEGIN
178MATCH opcode qtype qname
179ADJUST copy_id
180REPLY QR NOERROR
181SECTION QUESTION
182www.sub.example.com. IN A
183SECTION ANSWER
184www.sub.example.com. IN A	11.11.11.11
185www.sub.example.com.    3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899}
186SECTION AUTHORITY
187SECTION ADDITIONAL
188ENTRY_END
189RANGE_END
190
191STEP 1 QUERY
192ENTRY_BEGIN
193REPLY RD DO
194SECTION QUESTION
195www.sub.example.com. IN A
196ENTRY_END
197
198; recursion happens here.
199STEP 10 CHECK_ANSWER
200ENTRY_BEGIN
201MATCH all
202REPLY QR RD RA DO NXDOMAIN
203SECTION QUESTION
204www.sub.example.com. IN A
205SECTION ANSWER
206SECTION AUTHORITY
207example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
208example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
209blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
210blub.example.com.       3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
211example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
212example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
213SECTION ADDITIONAL
214ENTRY_END
215
216SCENARIO_END
217