xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_cnametoposnowc.rpl (revision 7bdf38e5b7a28439665f2fdeff81e36913eef7dd) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	trust-anchor: "example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
6	val-override-date: "20070916134226"
7	target-fetch-policy: "0 0 0 0 0"
8	qname-minimisation: "no"
9	fake-sha1: yes
10	trust-anchor-signaling: no
11	ede: yes
12	access-control: 127.0.0.0/8 allow_snoop
13
14stub-zone:
15	name: "."
16	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
17CONFIG_END
18
19SCENARIO_BEGIN Test validator with a cname to positive wildcard without proof
20
21; K.ROOT-SERVERS.NET.
22RANGE_BEGIN 0 100
23	ADDRESS 193.0.14.129
24ENTRY_BEGIN
25MATCH opcode qtype qname
26ADJUST copy_id
27REPLY QR NOERROR
28SECTION QUESTION
29. IN NS
30SECTION ANSWER
31. IN NS	K.ROOT-SERVERS.NET.
32SECTION ADDITIONAL
33K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
34ENTRY_END
35
36ENTRY_BEGIN
37MATCH opcode qtype qname
38ADJUST copy_id
39REPLY QR NOERROR
40SECTION QUESTION
41www.example.com. IN A
42SECTION AUTHORITY
43com.	IN NS	a.gtld-servers.net.
44SECTION ADDITIONAL
45a.gtld-servers.net.	IN 	A	192.5.6.30
46ENTRY_END
47
48ENTRY_BEGIN
49MATCH opcode qtype qname
50ADJUST copy_id
51REPLY QR NOERROR
52SECTION QUESTION
53www.example.net. IN A
54SECTION AUTHORITY
55net.	IN NS	a.gtld-servers.net.
56SECTION ADDITIONAL
57a.gtld-servers.net.	IN 	A	192.5.6.30
58ENTRY_END
59RANGE_END
60
61; a.gtld-servers.net.
62RANGE_BEGIN 0 100
63	ADDRESS 192.5.6.30
64ENTRY_BEGIN
65MATCH opcode qtype qname
66ADJUST copy_id
67REPLY QR NOERROR
68SECTION QUESTION
69com. IN NS
70SECTION ANSWER
71com.    IN NS   a.gtld-servers.net.
72SECTION ADDITIONAL
73a.gtld-servers.net.     IN      A       192.5.6.30
74ENTRY_END
75
76ENTRY_BEGIN
77MATCH opcode qtype qname
78ADJUST copy_id
79REPLY QR NOERROR
80SECTION QUESTION
81net. IN NS
82SECTION ANSWER
83net.    IN NS   a.gtld-servers.net.
84SECTION ADDITIONAL
85a.gtld-servers.net.     IN      A       192.5.6.30
86ENTRY_END
87
88ENTRY_BEGIN
89MATCH opcode subdomain
90ADJUST copy_id copy_query
91REPLY QR NOERROR
92SECTION QUESTION
93example.com. IN A
94SECTION AUTHORITY
95example.com.	IN NS	ns.example.com.
96SECTION ADDITIONAL
97ns.example.com.		IN 	A	1.2.3.4
98ENTRY_END
99ENTRY_BEGIN
100MATCH opcode subdomain
101ADJUST copy_id copy_query
102REPLY QR NOERROR
103SECTION QUESTION
104example.net. IN A
105SECTION AUTHORITY
106example.net.	IN NS	ns.example.net.
107SECTION ADDITIONAL
108ns.example.net.		IN 	A	1.2.3.5
109ENTRY_END
110RANGE_END
111
112; ns.example.com.
113RANGE_BEGIN 0 100
114	ADDRESS 1.2.3.4
115ENTRY_BEGIN
116MATCH opcode qtype qname
117ADJUST copy_id
118REPLY QR NOERROR
119SECTION QUESTION
120example.com. IN NS
121SECTION ANSWER
122example.com.    IN NS   ns.example.com.
123example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
124SECTION ADDITIONAL
125ns.example.com.         IN      A       1.2.3.4
126ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
127ENTRY_END
128
129; response to DNSKEY priming query
130ENTRY_BEGIN
131MATCH opcode qtype qname
132ADJUST copy_id
133REPLY QR NOERROR
134SECTION QUESTION
135example.com. IN DNSKEY
136SECTION ANSWER
137example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
138example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
139SECTION AUTHORITY
140example.com.	IN NS	ns.example.com.
141example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
142SECTION ADDITIONAL
143ns.example.com.		IN 	A	1.2.3.4
144ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
145ENTRY_END
146
147; response to query of interest
148ENTRY_BEGIN
149MATCH opcode qtype qname
150ADJUST copy_id
151REPLY QR NOERROR
152SECTION QUESTION
153www.example.com. IN A
154SECTION ANSWER
155www.example.com. IN	CNAME	www.example.net.
156www.example.com.        3600    IN      RRSIG   CNAME DSA 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFGcJxnNxpWCBzXejiSdl4p1BKRMnAhUApoJrugVBRwFgAoYAhhqlZFac7fE= ;{id = 2854}
157SECTION AUTHORITY
158SECTION ADDITIONAL
159ENTRY_END
160
161ENTRY_BEGIN
162MATCH opcode qname qtype
163ADJUST copy_id
164REPLY QR AA REFUSED
165SECTION QUESTION
166ns.example.com. IN AAAA
167ENTRY_END
168
169ENTRY_BEGIN
170MATCH opcode qname qtype
171ADJUST copy_id
172REPLY QR AA REFUSED
173SECTION QUESTION
174ns.example.com. IN A
175ENTRY_END
176RANGE_END
177
178; ns.example.net.
179RANGE_BEGIN 0 100
180	ADDRESS 1.2.3.5
181ENTRY_BEGIN
182MATCH opcode qtype qname
183ADJUST copy_id
184REPLY QR NOERROR
185SECTION QUESTION
186example.net. IN NS
187SECTION ANSWER
188example.net.	IN NS	ns.example.net.
189example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
190SECTION ADDITIONAL
191ns.example.net.		IN 	A	1.2.3.5
192ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
193ENTRY_END
194
195; response to DNSKEY priming query
196ENTRY_BEGIN
197MATCH opcode qtype qname
198ADJUST copy_id
199REPLY QR NOERROR
200SECTION QUESTION
201example.net. IN DNSKEY
202SECTION ANSWER
203example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
204example.net.    3600    IN      RRSIG   DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899}
205SECTION AUTHORITY
206example.net.	IN NS	ns.example.net.
207example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
208SECTION ADDITIONAL
209ns.example.net.		IN 	A	1.2.3.5
210ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
211ENTRY_END
212
213; response to query of interest
214ENTRY_BEGIN
215MATCH opcode qtype qname
216ADJUST copy_id
217REPLY QR NOERROR
218SECTION QUESTION
219www.example.net. IN A
220SECTION ANSWER
221; from *.example.net.
222www.example.net. IN	A	11.12.13.14
223www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
224SECTION AUTHORITY
225; missing proof
226;wab.example.net	IN	NSEC	wzz.example.net. A NSEC RRSIG
227;wab.example.net.        3600    IN      RRSIG   NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. gl8vkI3xfSWx4Pyv5OdOthiewE6u/13kclY7UG9ptuFBddamdJO3RQqyxM6Xcmq+ToO4kMCCyaKijp01gTDoGg== ;{id = 30899}
228SECTION ADDITIONAL
229ENTRY_END
230
231ENTRY_BEGIN
232MATCH opcode qname qtype
233ADJUST copy_id
234REPLY QR AA REFUSED
235SECTION QUESTION
236ns.example.net. IN A
237ENTRY_END
238
239ENTRY_BEGIN
240MATCH opcode qname qtype
241ADJUST copy_id
242REPLY QR AA REFUSED
243SECTION QUESTION
244ns.example.net. IN AAAA
245ENTRY_END
246RANGE_END
247
248STEP 1 QUERY
249ENTRY_BEGIN
250REPLY RD DO
251SECTION QUESTION
252www.example.com. IN A
253ENTRY_END
254
255; recursion happens here.
256STEP 10 CHECK_ANSWER
257ENTRY_BEGIN
258MATCH all ede=6
259REPLY QR RD RA DO SERVFAIL
260SECTION QUESTION
261www.example.com. IN A
262SECTION ANSWER
263ENTRY_END
264
265; Redo the query without RD to check EDE caching.
266STEP 11 QUERY
267ENTRY_BEGIN
268REPLY DO
269SECTION QUESTION
270www.example.com. IN A
271ENTRY_END
272
273STEP 12 CHECK_ANSWER
274ENTRY_BEGIN
275MATCH all ede=6
276REPLY QR RA DO SERVFAIL
277SECTION QUESTION
278www.example.com. IN A
279SECTION ANSWER
280ENTRY_END
281
282SCENARIO_END
283