xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_cnametooptin.rpl (revision b2c35e17b976cf7ccd7250c86c6f5e95090ed636) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7	qname-minimisation: "no"
8	fake-sha1: yes
9	trust-anchor-signaling: no
10
11stub-zone:
12	name: "."
13	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
14CONFIG_END
15
16SCENARIO_BEGIN Test validator with CNAME to insecure optin NSEC3
17
18; K.ROOT-SERVERS.NET.
19RANGE_BEGIN 0 100
20	ADDRESS 193.0.14.129
21ENTRY_BEGIN
22MATCH opcode qtype qname
23ADJUST copy_id
24REPLY QR NOERROR
25SECTION QUESTION
26. IN NS
27SECTION ANSWER
28. IN NS	K.ROOT-SERVERS.NET.
29SECTION ADDITIONAL
30K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
31ENTRY_END
32
33ENTRY_BEGIN
34MATCH opcode qtype qname
35ADJUST copy_id
36REPLY QR NOERROR
37SECTION QUESTION
38www.example.com. IN A
39SECTION AUTHORITY
40com.	IN NS	a.gtld-servers.net.
41SECTION ADDITIONAL
42a.gtld-servers.net.	IN 	A	192.5.6.30
43ENTRY_END
44RANGE_END
45
46; a.gtld-servers.net.
47RANGE_BEGIN 0 100
48	ADDRESS 192.5.6.30
49ENTRY_BEGIN
50MATCH opcode qtype qname
51ADJUST copy_id
52REPLY QR NOERROR
53SECTION QUESTION
54com. IN NS
55SECTION ANSWER
56com.    IN NS   a.gtld-servers.net.
57SECTION ADDITIONAL
58a.gtld-servers.net.     IN      A       192.5.6.30
59ENTRY_END
60
61ENTRY_BEGIN
62MATCH opcode subdomain
63ADJUST copy_id copy_query
64REPLY QR NOERROR
65SECTION QUESTION
66example.com. IN A
67SECTION AUTHORITY
68example.com.	IN NS	ns.example.com.
69SECTION ADDITIONAL
70ns.example.com.		IN 	A	1.2.3.4
71ENTRY_END
72RANGE_END
73
74; ns.example.com.
75RANGE_BEGIN 0 100
76	ADDRESS 1.2.3.4
77ENTRY_BEGIN
78MATCH opcode qtype qname
79ADJUST copy_id
80REPLY QR NOERROR
81SECTION QUESTION
82example.com. IN NS
83SECTION ANSWER
84example.com.    IN NS   ns.example.com.
85example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
86SECTION ADDITIONAL
87ns.example.com.         IN      A       1.2.3.4
88ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
89ENTRY_END
90
91ENTRY_BEGIN
92MATCH opcode qtype qname
93ADJUST copy_id
94REPLY QR NOERROR
95SECTION QUESTION
96ns.example.com. IN AAAA
97SECTION ANSWER
98SECTION AUTHORITY
99example.com.    IN NS   ns.example.com.
100example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
101SECTION ADDITIONAL
102ns.example.com.         IN      A       1.2.3.4
103ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
104ENTRY_END
105
106ENTRY_BEGIN
107MATCH opcode qtype qname
108ADJUST copy_id
109REPLY QR NOERROR
110SECTION QUESTION
111ns.example.com. IN A
112SECTION ANSWER
113ns.example.com.         IN      A       1.2.3.4
114ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
115SECTION AUTHORITY
116example.com.    IN NS   ns.example.com.
117example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
118SECTION ADDITIONAL
119ENTRY_END
120
121; response to DNSKEY priming query
122ENTRY_BEGIN
123MATCH opcode qtype qname
124ADJUST copy_id
125REPLY QR NOERROR
126SECTION QUESTION
127example.com. IN DNSKEY
128SECTION ANSWER
129example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
130example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
131SECTION AUTHORITY
132example.com.	IN NS	ns.example.com.
133example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
134SECTION ADDITIONAL
135ns.example.com.		IN 	A	1.2.3.4
136ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
137ENTRY_END
138
139; response to query of interest
140ENTRY_BEGIN
141MATCH opcode qtype qname
142ADJUST copy_id
143REPLY QR NOERROR
144SECTION QUESTION
145www.example.com. IN A
146SECTION ANSWER
147www.example.com. IN CNAME www.sub.example.com.
148www.example.com.	3600	IN	RRSIG	CNAME 3 3 3600 20070926134802 20070829134802 2854 example.com. AKvv+5rFiCFiNRbdpna4rQtyARsLltUL9lXRWgpBVB5voJNJ9g/n/f4= ;{id = 2854}
149SECTION AUTHORITY
150; NSEC3PARAM 1 0 1 -
151; example.com. -> 9vq38lj9qs6s1aruer131mbtsfnvek2p.
152; sub.example.com. -> 7t1ect6t5vp0s7se8si9d07roqupr3gc.
153; www.example.com. -> 0lverorlcjoa2lji5rik0otij3lgoj3l.
1547t1ect6t5vp0s7se8si9d07roqupr3gc.example.com. IN NSEC3 1 0 1 - 7t1ect6t5vp0s7se8si9d07roqupr3gd NS
1557t1ect6t5vp0s7se8si9d07roqupr3gc.example.com.	3600	IN	RRSIG	NSEC3 3 3 3600 20070926134802 20070829134802 2854 example.com. AIiTSxI4hTDiDzo+bMaOKSvjIyoChgjY19y2NQG/Mtt80sNbDBY126I= ;{id = 2854}
156SECTION ADDITIONAL
157ENTRY_END
158
159; this server also serves the zone sub.example.com.
160ENTRY_BEGIN
161MATCH opcode qtype qname
162ADJUST copy_id
163REPLY QR NOERROR
164SECTION QUESTION
165www.sub.example.com. IN A
166SECTION AUTHORITY
167sub.example.com. IN SOA a. b. 1 2 3 4 5
168ENTRY_END
169
170RANGE_END
171
172STEP 1 QUERY
173ENTRY_BEGIN
174REPLY RD DO
175SECTION QUESTION
176www.example.com. IN A
177ENTRY_END
178
179; recursion happens here.
180STEP 10 CHECK_ANSWER
181ENTRY_BEGIN
182MATCH all
183REPLY QR RD RA DO NOERROR
184SECTION QUESTION
185www.example.com. IN A
186SECTION ANSWER
187www.example.com. IN CNAME www.sub.example.com.
188www.example.com.	3600	IN	RRSIG	CNAME 3 3 3600 20070926134802 20070829134802 2854 example.com. AKvv+5rFiCFiNRbdpna4rQtyARsLltUL9lXRWgpBVB5voJNJ9g/n/f4= ;{id = 2854}
189SECTION AUTHORITY
1907t1ect6t5vp0s7se8si9d07roqupr3gc.example.com. IN NSEC3 1 0 1 - 7t1ect6t5vp0s7se8si9d07roqupr3gd NS
1917t1ect6t5vp0s7se8si9d07roqupr3gc.example.com.	3600	IN	RRSIG	NSEC3 3 3 3600 20070926134802 20070829134802 2854 example.com. AIiTSxI4hTDiDzo+bMaOKSvjIyoChgjY19y2NQG/Mtt80sNbDBY126I= ;{id = 2854}
192sub.example.com. IN SOA a. b. 1 2 3 4 5
193ENTRY_END
194
195SCENARIO_END
196