xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_cnametooptin.rpl (revision 16dce51364ebe8aeafbae46bc5aa167b8115bc45) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7	fake-sha1: yes
8	trust-anchor-signaling: no
9
10stub-zone:
11	name: "."
12	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
13CONFIG_END
14
15SCENARIO_BEGIN Test validator with CNAME to insecure optin NSEC3
16
17; K.ROOT-SERVERS.NET.
18RANGE_BEGIN 0 100
19	ADDRESS 193.0.14.129
20ENTRY_BEGIN
21MATCH opcode qtype qname
22ADJUST copy_id
23REPLY QR NOERROR
24SECTION QUESTION
25. IN NS
26SECTION ANSWER
27. IN NS	K.ROOT-SERVERS.NET.
28SECTION ADDITIONAL
29K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
30ENTRY_END
31
32ENTRY_BEGIN
33MATCH opcode qtype qname
34ADJUST copy_id
35REPLY QR NOERROR
36SECTION QUESTION
37www.example.com. IN A
38SECTION AUTHORITY
39com.	IN NS	a.gtld-servers.net.
40SECTION ADDITIONAL
41a.gtld-servers.net.	IN 	A	192.5.6.30
42ENTRY_END
43RANGE_END
44
45; a.gtld-servers.net.
46RANGE_BEGIN 0 100
47	ADDRESS 192.5.6.30
48ENTRY_BEGIN
49MATCH opcode qtype qname
50ADJUST copy_id
51REPLY QR NOERROR
52SECTION QUESTION
53com. IN NS
54SECTION ANSWER
55com.    IN NS   a.gtld-servers.net.
56SECTION ADDITIONAL
57a.gtld-servers.net.     IN      A       192.5.6.30
58ENTRY_END
59
60ENTRY_BEGIN
61MATCH opcode subdomain
62ADJUST copy_id copy_query
63REPLY QR NOERROR
64SECTION QUESTION
65example.com. IN A
66SECTION AUTHORITY
67example.com.	IN NS	ns.example.com.
68SECTION ADDITIONAL
69ns.example.com.		IN 	A	1.2.3.4
70ENTRY_END
71RANGE_END
72
73; ns.example.com.
74RANGE_BEGIN 0 100
75	ADDRESS 1.2.3.4
76ENTRY_BEGIN
77MATCH opcode qtype qname
78ADJUST copy_id
79REPLY QR NOERROR
80SECTION QUESTION
81example.com. IN NS
82SECTION ANSWER
83example.com.    IN NS   ns.example.com.
84example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
85SECTION ADDITIONAL
86ns.example.com.         IN      A       1.2.3.4
87ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
88ENTRY_END
89
90ENTRY_BEGIN
91MATCH opcode qtype qname
92ADJUST copy_id
93REPLY QR NOERROR
94SECTION QUESTION
95ns.example.com. IN AAAA
96SECTION ANSWER
97SECTION AUTHORITY
98example.com.    IN NS   ns.example.com.
99example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
100SECTION ADDITIONAL
101ns.example.com.         IN      A       1.2.3.4
102ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
103ENTRY_END
104
105ENTRY_BEGIN
106MATCH opcode qtype qname
107ADJUST copy_id
108REPLY QR NOERROR
109SECTION QUESTION
110ns.example.com. IN A
111SECTION ANSWER
112ns.example.com.         IN      A       1.2.3.4
113ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
114SECTION AUTHORITY
115example.com.    IN NS   ns.example.com.
116example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
117SECTION ADDITIONAL
118ENTRY_END
119
120; response to DNSKEY priming query
121ENTRY_BEGIN
122MATCH opcode qtype qname
123ADJUST copy_id
124REPLY QR NOERROR
125SECTION QUESTION
126example.com. IN DNSKEY
127SECTION ANSWER
128example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
129example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
130SECTION AUTHORITY
131example.com.	IN NS	ns.example.com.
132example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
133SECTION ADDITIONAL
134ns.example.com.		IN 	A	1.2.3.4
135ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
136ENTRY_END
137
138; response to query of interest
139ENTRY_BEGIN
140MATCH opcode qtype qname
141ADJUST copy_id
142REPLY QR NOERROR
143SECTION QUESTION
144www.example.com. IN A
145SECTION ANSWER
146www.example.com. IN CNAME www.sub.example.com.
147www.example.com.	3600	IN	RRSIG	CNAME 3 3 3600 20070926134802 20070829134802 2854 example.com. AKvv+5rFiCFiNRbdpna4rQtyARsLltUL9lXRWgpBVB5voJNJ9g/n/f4= ;{id = 2854}
148SECTION AUTHORITY
149; NSEC3PARAM 1 0 1 -
150; example.com. -> 9vq38lj9qs6s1aruer131mbtsfnvek2p.
151; sub.example.com. -> 7t1ect6t5vp0s7se8si9d07roqupr3gc.
152; www.example.com. -> 0lverorlcjoa2lji5rik0otij3lgoj3l.
1537t1ect6t5vp0s7se8si9d07roqupr3gc.example.com. IN NSEC3 1 0 1 - 7t1ect6t5vp0s7se8si9d07roqupr3gd NS
1547t1ect6t5vp0s7se8si9d07roqupr3gc.example.com.	3600	IN	RRSIG	NSEC3 3 3 3600 20070926134802 20070829134802 2854 example.com. AIiTSxI4hTDiDzo+bMaOKSvjIyoChgjY19y2NQG/Mtt80sNbDBY126I= ;{id = 2854}
155SECTION ADDITIONAL
156ENTRY_END
157
158; this server also serves the zone sub.example.com.
159ENTRY_BEGIN
160MATCH opcode qtype qname
161ADJUST copy_id
162REPLY QR NOERROR
163SECTION QUESTION
164www.sub.example.com. IN A
165SECTION AUTHORITY
166sub.example.com. IN SOA a. b. 1 2 3 4 5
167ENTRY_END
168
169RANGE_END
170
171STEP 1 QUERY
172ENTRY_BEGIN
173REPLY RD DO
174SECTION QUESTION
175www.example.com. IN A
176ENTRY_END
177
178; recursion happens here.
179STEP 10 CHECK_ANSWER
180ENTRY_BEGIN
181MATCH all
182REPLY QR RD RA DO NOERROR
183SECTION QUESTION
184www.example.com. IN A
185SECTION ANSWER
186www.example.com. IN CNAME www.sub.example.com.
187www.example.com.	3600	IN	RRSIG	CNAME 3 3 3600 20070926134802 20070829134802 2854 example.com. AKvv+5rFiCFiNRbdpna4rQtyARsLltUL9lXRWgpBVB5voJNJ9g/n/f4= ;{id = 2854}
188SECTION AUTHORITY
1897t1ect6t5vp0s7se8si9d07roqupr3gc.example.com. IN NSEC3 1 0 1 - 7t1ect6t5vp0s7se8si9d07roqupr3gd NS
1907t1ect6t5vp0s7se8si9d07roqupr3gc.example.com.	3600	IN	RRSIG	NSEC3 3 3 3600 20070926134802 20070829134802 2854 example.com. AIiTSxI4hTDiDzo+bMaOKSvjIyoChgjY19y2NQG/Mtt80sNbDBY126I= ;{id = 2854}
191sub.example.com. IN SOA a. b. 1 2 3 4 5
192ENTRY_END
193
194SCENARIO_END
195