xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_cnamewctoposwc.rpl (revision 796c32c94f6e154afc9de0f63da35c91bb739b45) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	trust-anchor: "example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
6	val-override-date: "20070916134226"
7	target-fetch-policy: "0 0 0 0 0"
8
9stub-zone:
10	name: "."
11	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
12CONFIG_END
13
14SCENARIO_BEGIN Test validator with wildcard cname to positive wildcard
15
16; K.ROOT-SERVERS.NET.
17RANGE_BEGIN 0 100
18	ADDRESS 193.0.14.129
19ENTRY_BEGIN
20MATCH opcode qtype qname
21ADJUST copy_id
22REPLY QR NOERROR
23SECTION QUESTION
24. IN NS
25SECTION ANSWER
26. IN NS	K.ROOT-SERVERS.NET.
27SECTION ADDITIONAL
28K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
29ENTRY_END
30
31ENTRY_BEGIN
32MATCH opcode qtype qname
33ADJUST copy_id
34REPLY QR NOERROR
35SECTION QUESTION
36www.example.com. IN A
37SECTION AUTHORITY
38com.	IN NS	a.gtld-servers.net.
39SECTION ADDITIONAL
40a.gtld-servers.net.	IN 	A	192.5.6.30
41ENTRY_END
42
43ENTRY_BEGIN
44MATCH opcode qtype qname
45ADJUST copy_id
46REPLY QR NOERROR
47SECTION QUESTION
48www.example.net. IN A
49SECTION AUTHORITY
50net.	IN NS	a.gtld-servers.net.
51SECTION ADDITIONAL
52a.gtld-servers.net.	IN 	A	192.5.6.30
53ENTRY_END
54RANGE_END
55
56; a.gtld-servers.net.
57RANGE_BEGIN 0 100
58	ADDRESS 192.5.6.30
59ENTRY_BEGIN
60MATCH opcode qtype qname
61ADJUST copy_id
62REPLY QR NOERROR
63SECTION QUESTION
64com. IN NS
65SECTION ANSWER
66com.    IN NS   a.gtld-servers.net.
67SECTION ADDITIONAL
68a.gtld-servers.net.     IN      A       192.5.6.30
69ENTRY_END
70
71ENTRY_BEGIN
72MATCH opcode qtype qname
73ADJUST copy_id
74REPLY QR NOERROR
75SECTION QUESTION
76net. IN NS
77SECTION ANSWER
78net.    IN NS   a.gtld-servers.net.
79SECTION ADDITIONAL
80a.gtld-servers.net.     IN      A       192.5.6.30
81ENTRY_END
82
83ENTRY_BEGIN
84MATCH opcode qtype qname
85ADJUST copy_id
86REPLY QR NOERROR
87SECTION QUESTION
88www.example.com. IN A
89SECTION AUTHORITY
90example.com.	IN NS	ns.example.com.
91SECTION ADDITIONAL
92ns.example.com.		IN 	A	1.2.3.4
93ENTRY_END
94ENTRY_BEGIN
95MATCH opcode qtype qname
96ADJUST copy_id
97REPLY QR NOERROR
98SECTION QUESTION
99www.example.net. IN A
100SECTION AUTHORITY
101example.net.	IN NS	ns.example.net.
102SECTION ADDITIONAL
103ns.example.net.		IN 	A	1.2.3.5
104ENTRY_END
105RANGE_END
106
107; ns.example.com.
108RANGE_BEGIN 0 100
109	ADDRESS 1.2.3.4
110ENTRY_BEGIN
111MATCH opcode qtype qname
112ADJUST copy_id
113REPLY QR NOERROR
114SECTION QUESTION
115example.com. IN NS
116SECTION ANSWER
117example.com.    IN NS   ns.example.com.
118example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
119SECTION ADDITIONAL
120ns.example.com.         IN      A       1.2.3.4
121ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
122ENTRY_END
123
124; response to DNSKEY priming query
125ENTRY_BEGIN
126MATCH opcode qtype qname
127ADJUST copy_id
128REPLY QR NOERROR
129SECTION QUESTION
130example.com. IN DNSKEY
131SECTION ANSWER
132example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
133example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
134SECTION AUTHORITY
135example.com.	IN NS	ns.example.com.
136example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
137SECTION ADDITIONAL
138ns.example.com.		IN 	A	1.2.3.4
139ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
140ENTRY_END
141
142; response to query of interest
143ENTRY_BEGIN
144MATCH opcode qtype qname
145ADJUST copy_id
146REPLY QR NOERROR
147SECTION QUESTION
148www.example.com. IN A
149SECTION ANSWER
150; *.example.com. IN	CNAME	www.example.net.
151www.example.com.  3600    IN      CNAME   www.example.net.
152www.example.com.  3600    IN      RRSIG   CNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFCA2HhM4cInPoUZ58o6t9CVlqv+kAhRjxWXvnFecgDxnDphpEVEoc0Ps6Q== ;{id = 2854}
153SECTION AUTHORITY
154; weird NSEC that denies everything. But validly signed, so valid.
155; extreme version of 'white lies' :-)
156example.com. 	IN	NSEC	example.com. SOA NS A NSEC RRSIG DNSKEY
157example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCSPaRH721mYjuTGb6fZ+nR3pnVxAIUAxEctE1hzMQSw0CWJSMLHS/A+Xk= ;{id = 2854}
158SECTION ADDITIONAL
159ENTRY_END
160RANGE_END
161
162; ns.example.net.
163RANGE_BEGIN 0 100
164	ADDRESS 1.2.3.5
165ENTRY_BEGIN
166MATCH opcode qtype qname
167ADJUST copy_id
168REPLY QR NOERROR
169SECTION QUESTION
170example.net. IN NS
171SECTION ANSWER
172example.net.	IN NS	ns.example.net.
173example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
174SECTION ADDITIONAL
175ns.example.net.		IN 	A	1.2.3.5
176ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
177ENTRY_END
178
179; response to DNSKEY priming query
180ENTRY_BEGIN
181MATCH opcode qtype qname
182ADJUST copy_id
183REPLY QR NOERROR
184SECTION QUESTION
185example.net. IN DNSKEY
186SECTION ANSWER
187example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
188example.net.    3600    IN      RRSIG   DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899}
189SECTION AUTHORITY
190example.net.	IN NS	ns.example.net.
191example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
192SECTION ADDITIONAL
193ns.example.net.		IN 	A	1.2.3.5
194ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
195ENTRY_END
196
197; response to query of interest
198ENTRY_BEGIN
199MATCH opcode qtype qname
200ADJUST copy_id
201REPLY QR NOERROR
202SECTION QUESTION
203www.example.net. IN A
204SECTION ANSWER
205; from *.example.net.
206www.example.net. IN	A	11.12.13.14
207www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
208SECTION AUTHORITY
209wab.example.net	IN	NSEC	wzz.example.net. A NSEC RRSIG
210wab.example.net.        3600    IN      RRSIG   NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. gl8vkI3xfSWx4Pyv5OdOthiewE6u/13kclY7UG9ptuFBddamdJO3RQqyxM6Xcmq+ToO4kMCCyaKijp01gTDoGg== ;{id = 30899}
211SECTION ADDITIONAL
212ENTRY_END
213RANGE_END
214
215STEP 1 QUERY
216ENTRY_BEGIN
217REPLY RD DO
218SECTION QUESTION
219www.example.com. IN A
220ENTRY_END
221
222; recursion happens here.
223STEP 10 CHECK_ANSWER
224ENTRY_BEGIN
225MATCH all
226REPLY QR RD RA AD DO NOERROR
227SECTION QUESTION
228www.example.com. IN A
229SECTION ANSWER
230www.example.com. IN	CNAME	www.example.net.
231www.example.com.  3600    IN      RRSIG   CNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFCA2HhM4cInPoUZ58o6t9CVlqv+kAhRjxWXvnFecgDxnDphpEVEoc0Ps6Q== ;{id = 2854}
232www.example.net. IN	A	11.12.13.14
233www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
234SECTION AUTHORITY
235example.com. 	IN	NSEC	example.com. SOA NS A NSEC RRSIG DNSKEY
236example.com.    3600    IN      RRSIG   NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCSPaRH721mYjuTGb6fZ+nR3pnVxAIUAxEctE1hzMQSw0CWJSMLHS/A+Xk= ;{id = 2854}
237wab.example.net	IN	NSEC	wzz.example.net. A NSEC RRSIG
238wab.example.net.        3600    IN      RRSIG   NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. gl8vkI3xfSWx4Pyv5OdOthiewE6u/13kclY7UG9ptuFBddamdJO3RQqyxM6Xcmq+ToO4kMCCyaKijp01gTDoGg== ;{id = 30899}
239SECTION ADDITIONAL
240ENTRY_END
241
242SCENARIO_END
243