xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_cnamewctoposwc.rpl (revision 7cd94d692f099dff0c03996f61fd7a476e40159b) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	trust-anchor: "example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
6	val-override-date: "20070916134226"
7	target-fetch-policy: "0 0 0 0 0"
8	qname-minimisation: "no"
9	fake-sha1: yes
10	trust-anchor-signaling: no
11
12stub-zone:
13	name: "."
14	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
15CONFIG_END
16
17SCENARIO_BEGIN Test validator with wildcard cname to positive wildcard
18
19; K.ROOT-SERVERS.NET.
20RANGE_BEGIN 0 100
21	ADDRESS 193.0.14.129
22ENTRY_BEGIN
23MATCH opcode qtype qname
24ADJUST copy_id
25REPLY QR NOERROR
26SECTION QUESTION
27. IN NS
28SECTION ANSWER
29. IN NS	K.ROOT-SERVERS.NET.
30SECTION ADDITIONAL
31K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
32ENTRY_END
33
34ENTRY_BEGIN
35MATCH opcode qtype qname
36ADJUST copy_id
37REPLY QR NOERROR
38SECTION QUESTION
39www.example.com. IN A
40SECTION AUTHORITY
41com.	IN NS	a.gtld-servers.net.
42SECTION ADDITIONAL
43a.gtld-servers.net.	IN 	A	192.5.6.30
44ENTRY_END
45
46ENTRY_BEGIN
47MATCH opcode qtype qname
48ADJUST copy_id
49REPLY QR NOERROR
50SECTION QUESTION
51www.example.net. IN A
52SECTION AUTHORITY
53net.	IN NS	a.gtld-servers.net.
54SECTION ADDITIONAL
55a.gtld-servers.net.	IN 	A	192.5.6.30
56ENTRY_END
57RANGE_END
58
59; a.gtld-servers.net.
60RANGE_BEGIN 0 100
61	ADDRESS 192.5.6.30
62ENTRY_BEGIN
63MATCH opcode qtype qname
64ADJUST copy_id
65REPLY QR NOERROR
66SECTION QUESTION
67com. IN NS
68SECTION ANSWER
69com.    IN NS   a.gtld-servers.net.
70SECTION ADDITIONAL
71a.gtld-servers.net.     IN      A       192.5.6.30
72ENTRY_END
73
74ENTRY_BEGIN
75MATCH opcode qtype qname
76ADJUST copy_id
77REPLY QR NOERROR
78SECTION QUESTION
79net. IN NS
80SECTION ANSWER
81net.    IN NS   a.gtld-servers.net.
82SECTION ADDITIONAL
83a.gtld-servers.net.     IN      A       192.5.6.30
84ENTRY_END
85
86ENTRY_BEGIN
87MATCH opcode qtype qname
88ADJUST copy_id
89REPLY QR NOERROR
90SECTION QUESTION
91www.example.com. IN A
92SECTION AUTHORITY
93example.com.	IN NS	ns.example.com.
94SECTION ADDITIONAL
95ns.example.com.		IN 	A	1.2.3.4
96ENTRY_END
97ENTRY_BEGIN
98MATCH opcode qtype qname
99ADJUST copy_id
100REPLY QR NOERROR
101SECTION QUESTION
102www.example.net. IN A
103SECTION AUTHORITY
104example.net.	IN NS	ns.example.net.
105SECTION ADDITIONAL
106ns.example.net.		IN 	A	1.2.3.5
107ENTRY_END
108RANGE_END
109
110; ns.example.com.
111RANGE_BEGIN 0 100
112	ADDRESS 1.2.3.4
113ENTRY_BEGIN
114MATCH opcode qtype qname
115ADJUST copy_id
116REPLY QR NOERROR
117SECTION QUESTION
118example.com. IN NS
119SECTION ANSWER
120example.com.    IN NS   ns.example.com.
121example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
122SECTION ADDITIONAL
123ns.example.com.         IN      A       1.2.3.4
124ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
125ENTRY_END
126
127; response to DNSKEY priming query
128ENTRY_BEGIN
129MATCH opcode qtype qname
130ADJUST copy_id
131REPLY QR NOERROR
132SECTION QUESTION
133example.com. IN DNSKEY
134SECTION ANSWER
135example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
136example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
137SECTION AUTHORITY
138example.com.	IN NS	ns.example.com.
139example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
140SECTION ADDITIONAL
141ns.example.com.		IN 	A	1.2.3.4
142ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
143ENTRY_END
144
145; response to query of interest
146ENTRY_BEGIN
147MATCH opcode qtype qname
148ADJUST copy_id
149REPLY QR NOERROR
150SECTION QUESTION
151www.example.com. IN A
152SECTION ANSWER
153; *.example.com. IN	CNAME	www.example.net.
154www.example.com.  3600    IN      CNAME   www.example.net.
155www.example.com.  3600    IN      RRSIG   CNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFCA2HhM4cInPoUZ58o6t9CVlqv+kAhRjxWXvnFecgDxnDphpEVEoc0Ps6Q== ;{id = 2854}
156SECTION AUTHORITY
157; weird NSEC that denies everything. But validly signed, so valid.
158; extreme version of 'white lies' :-)
159example.com. 	IN	NSEC	example.com. SOA NS A NSEC RRSIG DNSKEY
160example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCSPaRH721mYjuTGb6fZ+nR3pnVxAIUAxEctE1hzMQSw0CWJSMLHS/A+Xk= ;{id = 2854}
161SECTION ADDITIONAL
162ENTRY_END
163RANGE_END
164
165; ns.example.net.
166RANGE_BEGIN 0 100
167	ADDRESS 1.2.3.5
168ENTRY_BEGIN
169MATCH opcode qtype qname
170ADJUST copy_id
171REPLY QR NOERROR
172SECTION QUESTION
173example.net. IN NS
174SECTION ANSWER
175example.net.	IN NS	ns.example.net.
176example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
177SECTION ADDITIONAL
178ns.example.net.		IN 	A	1.2.3.5
179ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
180ENTRY_END
181
182; response to DNSKEY priming query
183ENTRY_BEGIN
184MATCH opcode qtype qname
185ADJUST copy_id
186REPLY QR NOERROR
187SECTION QUESTION
188example.net. IN DNSKEY
189SECTION ANSWER
190example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
191example.net.    3600    IN      RRSIG   DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899}
192SECTION AUTHORITY
193example.net.	IN NS	ns.example.net.
194example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
195SECTION ADDITIONAL
196ns.example.net.		IN 	A	1.2.3.5
197ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
198ENTRY_END
199
200; response to query of interest
201ENTRY_BEGIN
202MATCH opcode qtype qname
203ADJUST copy_id
204REPLY QR NOERROR
205SECTION QUESTION
206www.example.net. IN A
207SECTION ANSWER
208; from *.example.net.
209www.example.net. IN	A	11.12.13.14
210www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
211SECTION AUTHORITY
212wab.example.net	IN	NSEC	wzz.example.net. A NSEC RRSIG
213wab.example.net.        3600    IN      RRSIG   NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. gl8vkI3xfSWx4Pyv5OdOthiewE6u/13kclY7UG9ptuFBddamdJO3RQqyxM6Xcmq+ToO4kMCCyaKijp01gTDoGg== ;{id = 30899}
214SECTION ADDITIONAL
215ENTRY_END
216RANGE_END
217
218STEP 1 QUERY
219ENTRY_BEGIN
220REPLY RD DO
221SECTION QUESTION
222www.example.com. IN A
223ENTRY_END
224
225; recursion happens here.
226STEP 10 CHECK_ANSWER
227ENTRY_BEGIN
228MATCH all
229REPLY QR RD RA AD DO NOERROR
230SECTION QUESTION
231www.example.com. IN A
232SECTION ANSWER
233www.example.com. IN	CNAME	www.example.net.
234www.example.com.  3600    IN      RRSIG   CNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFCA2HhM4cInPoUZ58o6t9CVlqv+kAhRjxWXvnFecgDxnDphpEVEoc0Ps6Q== ;{id = 2854}
235www.example.net. IN	A	11.12.13.14
236www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
237SECTION AUTHORITY
238example.com. 	IN	NSEC	example.com. SOA NS A NSEC RRSIG DNSKEY
239example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCSPaRH721mYjuTGb6fZ+nR3pnVxAIUAxEctE1hzMQSw0CWJSMLHS/A+Xk= ;{id = 2854}
240wab.example.net	IN	NSEC	wzz.example.net. A NSEC RRSIG
241wab.example.net.        3600    IN      RRSIG   NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. gl8vkI3xfSWx4Pyv5OdOthiewE6u/13kclY7UG9ptuFBddamdJO3RQqyxM6Xcmq+ToO4kMCCyaKijp01gTDoGg== ;{id = 30899}
242SECTION ADDITIONAL
243ENTRY_END
244
245SCENARIO_END
246