]> git.saurik.com Git - apple/network_cmds.git/blob - unbound/testdata/val_refer_unsignadd.rpl
projects / apple / network_cmds.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network_cmds-596.100.2.tar.gz
[apple/network_cmds.git] / unbound / testdata / val_refer_unsignadd.rpl
1 ; config options
2 ; The island of trust is at example.com
3 server:
4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5 trust-anchor: "example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
6 val-override-date: "20070916134226"
7 access-control: 127.0.0.1 allow_snoop
8 target-fetch-policy: "0 0 0 0 0"
9
10 stub-zone:
11 name: "."
12 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
13 CONFIG_END
14
15 SCENARIO_BEGIN Test validator with a referral with unsigned additional
16 ; but the additional record is from a signed zone,
17 ; and a proper proof for no DS or DSNKEY types is forthcoming.
18
19 ; K.ROOT-SERVERS.NET.
20 RANGE_BEGIN 0 100
21 ADDRESS 193.0.14.129
22 ENTRY_BEGIN
23 MATCH opcode qtype qname
24 ADJUST copy_id
25 REPLY QR NOERROR
26 SECTION QUESTION
27 . IN NS
28 SECTION ANSWER
29 . IN NS K.ROOT-SERVERS.NET.
30 SECTION ADDITIONAL
31 K.ROOT-SERVERS.NET. IN A 193.0.14.129
32 ENTRY_END
33
34 ENTRY_BEGIN
35 MATCH opcode qname
36 ADJUST copy_id copy_query
37 REPLY QR NOERROR
38 SECTION QUESTION
39 www.example.com. IN A
40 SECTION AUTHORITY
41 ; Skip .com, to provide unsigned referral A record for ns.example.net
42 ; and go straight to example.com.
43 example.com. IN NS ns.example.com.
44 example.com. IN NS ns.example.net.
45 SECTION ADDITIONAL
46 ns.example.com. IN A 1.2.3.4
47 ns.example.net IN A 1.2.3.5
48 ENTRY_END
49
50 ENTRY_BEGIN
51 MATCH opcode qname
52 ADJUST copy_id copy_query
53 REPLY QR NOERROR
54 SECTION QUESTION
55 example.net. IN A
56 SECTION AUTHORITY
57 net. IN NS a.gtld-servers.net.
58 SECTION ADDITIONAL
59 a.gtld-servers.net. IN A 192.5.6.30
60 ENTRY_END
61 RANGE_END
62
63 ; a.gtld-servers.net.
64 RANGE_BEGIN 0 100
65 ADDRESS 192.5.6.30
66 ENTRY_BEGIN
67 MATCH opcode qtype qname
68 ADJUST copy_id
69 REPLY QR NOERROR
70 SECTION QUESTION
71 com. IN NS
72 SECTION ANSWER
73 com. IN NS a.gtld-servers.net.
74 SECTION ADDITIONAL
75 a.gtld-servers.net. IN A 192.5.6.30
76 ENTRY_END
77
78 ENTRY_BEGIN
79 MATCH opcode qtype qname
80 ADJUST copy_id
81 REPLY QR NOERROR
82 SECTION QUESTION
83 net. IN NS
84 SECTION ANSWER
85 net. IN NS a.gtld-servers.net.
86 SECTION ADDITIONAL
87 a.gtld-servers.net. IN A 192.5.6.30
88 ENTRY_END
89
90 ENTRY_BEGIN
91 MATCH opcode qname
92 ADJUST copy_id copy_query
93 REPLY QR NOERROR
94 SECTION QUESTION
95 www.example.com. IN A
96 SECTION AUTHORITY
97 example.com. IN NS ns.example.com.
98 example.com. IN NS ns.example.net.
99 SECTION ADDITIONAL
100 ns.example.com. IN A 1.2.3.4
101 ns.example.net IN A 1.2.3.5
102 ENTRY_END
103 ENTRY_BEGIN
104 MATCH opcode qname
105 ADJUST copy_id copy_query
106 REPLY QR NOERROR
107 SECTION QUESTION
108 example.net. IN A
109 SECTION AUTHORITY
110 example.net. IN NS ns.example.net.
111 SECTION ADDITIONAL
112 ns.example.net. IN A 1.2.3.5
113 ENTRY_END
114 RANGE_END
115
116 ; ns.example.com.
117 RANGE_BEGIN 0 100
118 ADDRESS 1.2.3.4
119 ENTRY_BEGIN
120 MATCH opcode qtype qname
121 ADJUST copy_id
122 REPLY QR NOERROR
123 SECTION QUESTION
124 example.com. IN NS
125 SECTION ANSWER
126 example.com. IN NS ns.example.com.
127 example.com. IN NS ns.example.net.
128 example.com. 3600 IN RRSIG NS 3 2 3600 20070926135752 20070829135752 2854 example.com. MCwCFEsWNXjGDFwH/0NGClonWUQlBaiFAhR/dt0asVj8M0VKs7PdTEKN/Y9i5w== ;{id = 2854}
129 SECTION ADDITIONAL
130 ns.example.com. IN A 1.2.3.4
131 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
132 ENTRY_END
133
134 ; response to example.com. DNSKEY priming query
135 ENTRY_BEGIN
136 MATCH opcode qtype qname
137 ADJUST copy_id
138 REPLY QR NOERROR
139 SECTION QUESTION
140 example.com. IN DNSKEY
141 SECTION ANSWER
142 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
143 example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
144 SECTION AUTHORITY
145 example.com. IN NS ns.example.com.
146 example.com. IN NS ns.example.net.
147 example.com. 3600 IN RRSIG NS 3 2 3600 20070926135752 20070829135752 2854 example.com. MCwCFEsWNXjGDFwH/0NGClonWUQlBaiFAhR/dt0asVj8M0VKs7PdTEKN/Y9i5w== ;{id = 2854}
148 SECTION ADDITIONAL
149 ns.example.com. IN A 1.2.3.4
150 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
151 ENTRY_END
152
153 ENTRY_BEGIN
154 MATCH opcode qtype qname
155 ADJUST copy_id
156 REPLY QR NOERROR
157 SECTION QUESTION
158 www.example.com. IN A
159 SECTION ANSWER
160 www.example.com. IN A 11.12.13.14
161 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFC6+BbFcL95vH6SOhMLGotcBospIAhUAhjfof+1VY5GsCp5b9UOD7UydBzI= ;{id = 2854}
162 SECTION AUTHORITY
163 SECTION ADDITIONAL
164 ENTRY_END
165 RANGE_END
166
167 ; ns.example.net.
168 RANGE_BEGIN 0 100
169 ADDRESS 1.2.3.5
170 ENTRY_BEGIN
171 MATCH opcode qtype qname
172 ADJUST copy_id
173 REPLY QR NOERROR
174 SECTION QUESTION
175 example.com. IN NS
176 SECTION ANSWER
177 example.com. IN NS ns.example.com.
178 example.com. IN NS ns.example.net.
179 example.com. 3600 IN RRSIG NS 3 2 3600 20070926135752 20070829135752 2854 example.com. MCwCFEsWNXjGDFwH/0NGClonWUQlBaiFAhR/dt0asVj8M0VKs7PdTEKN/Y9i5w== ;{id = 2854}
180 SECTION ADDITIONAL
181 ns.example.com. IN A 1.2.3.4
182 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
183 ENTRY_END
184
185 ; example.com zone in ns.example.net.
186 ; response to example.com. DNSKEY priming query
187 ENTRY_BEGIN
188 MATCH opcode qtype qname
189 ADJUST copy_id
190 REPLY QR NOERROR
191 SECTION QUESTION
192 example.com. IN DNSKEY
193 SECTION ANSWER
194 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
195 example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
196 SECTION AUTHORITY
197 example.com. IN NS ns.example.com.
198 example.com. IN NS ns.example.net.
199 example.com. 3600 IN RRSIG NS 3 2 3600 20070926135752 20070829135752 2854 example.com. MCwCFEsWNXjGDFwH/0NGClonWUQlBaiFAhR/dt0asVj8M0VKs7PdTEKN/Y9i5w== ;{id = 2854}
200 SECTION ADDITIONAL
201 ns.example.com. IN A 1.2.3.4
202 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
203 ENTRY_END
204
205 ENTRY_BEGIN
206 MATCH opcode qtype qname
207 ADJUST copy_id
208 REPLY QR NOERROR
209 SECTION QUESTION
210 www.example.com. IN A
211 SECTION ANSWER
212 www.example.com. IN A 11.12.13.14
213 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFC6+BbFcL95vH6SOhMLGotcBospIAhUAhjfof+1VY5GsCp5b9UOD7UydBzI= ;{id = 2854}
214 SECTION AUTHORITY
215 SECTION ADDITIONAL
216 ENTRY_END
217
218 ; example.net zone in ns.example.net.
219 ENTRY_BEGIN
220 MATCH opcode qtype qname
221 ADJUST copy_id
222 REPLY QR NOERROR
223 SECTION QUESTION
224 example.net. IN NS
225 SECTION ANSWER
226 example.net. IN NS ns.example.net.
227 example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
228 SECTION ADDITIONAL
229 ns.example.net. IN A 1.2.3.5
230 ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
231 ENTRY_END
232
233 ; response to DNSKEY priming query
234 ENTRY_BEGIN
235 MATCH opcode qtype qname
236 ADJUST copy_id
237 REPLY QR NOERROR
238 SECTION QUESTION
239 example.net. IN DNSKEY
240 SECTION ANSWER
241 example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
242 example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899}
243 SECTION AUTHORITY
244 example.net. IN NS ns.example.net.
245 example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
246 SECTION ADDITIONAL
247 ns.example.net. IN A 1.2.3.5
248 ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
249 ENTRY_END
250
251 ; deny DS and DNSKEY types
252 ENTRY_BEGIN
253 MATCH opcode qtype qname
254 ADJUST copy_id
255 REPLY QR NOERROR
256 SECTION QUESTION
257 ns.example.net. IN DS
258 SECTION AUTHORITY
259 example.net. IN SOA ns-pri.ripe.net. ops.ripe.net. 2007092101 3600 7200 1209600 7200
260 example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. E1T+LAsAk7rtA6mnKRlgca5Lk+NJYUNNkfco1CrUp5IZZ1+QL7u7CINQBcndJkvoBwKhdVI8rz2LLW19wIywTw== ;{id = 30899}
261 ns.example.net IN NSEC ns-new.example.net. A AAAA RRSIG NSEC
262 ns.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. HLkPBWA8Hstub8e/zdp/A8xyI6+fnnMsA9oiZ20VBuSTaBknX0SXmVulNhVGfdmz9fYmYFUr1zjqvPFG+ErO8A== ;{id = 30899}
263 ENTRY_END
264
265 ENTRY_BEGIN
266 MATCH opcode qtype qname
267 ADJUST copy_id
268 REPLY QR NOERROR
269 SECTION QUESTION
270 ns.example.net. IN DNSKEY
271 SECTION AUTHORITY
272 example.net. IN SOA ns-pri.ripe.net. ops.ripe.net. 2007092101 3600 7200 1209600 7200
273 example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. E1T+LAsAk7rtA6mnKRlgca5Lk+NJYUNNkfco1CrUp5IZZ1+QL7u7CINQBcndJkvoBwKhdVI8rz2LLW19wIywTw== ;{id = 30899}
274 ns.example.net IN NSEC ns-new.example.net. A RRSIG NSEC
275 ns.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. fAbDxuMP6lMqi71Wa9nsByG7buoJpfxyQhjps6HXOPzOC24UCCjdvZfZltlRy7Yrfrs28MjHwYEmHFmCeFpfPw== ;{id = 30899}
276 ENTRY_END
277
278 ENTRY_BEGIN
279 MATCH opcode qtype qname
280 ADJUST copy_id
281 REPLY QR NOERROR
282 SECTION QUESTION
283 ns.example.net. IN A
284 SECTION ANSWER
285 ns.example.net. IN A 1.2.3.5
286 ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
287 ENTRY_END
288
289 ENTRY_BEGIN
290 MATCH opcode qtype qname
291 ADJUST copy_id
292 REPLY QR NOERROR
293 SECTION QUESTION
294 ns.example.net. IN AAAA
295 SECTION AUTHORITY
296 example.net. IN SOA ns-pri.ripe.net. ops.ripe.net. 2007092101 3600 7200 1209600 7200
297 example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. E1T+LAsAk7rtA6mnKRlgca5Lk+NJYUNNkfco1CrUp5IZZ1+QL7u7CINQBcndJkvoBwKhdVI8rz2LLW19wIywTw== ;{id = 30899}
298 ns.example.net IN NSEC ns-new.example.net. A RRSIG NSEC
299 ns.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. fAbDxuMP6lMqi71Wa9nsByG7buoJpfxyQhjps6HXOPzOC24UCCjdvZfZltlRy7Yrfrs28MjHwYEmHFmCeFpfPw== ;{id = 30899}
300 ENTRY_END
301
302 RANGE_END
303
304 ; prime cache with example.com. NS rrset.
305 STEP 1 QUERY
306 ENTRY_BEGIN
307 REPLY RD DO
308 SECTION QUESTION
309 www.example.com. IN A
310 ENTRY_END
311
312 ; recursion happens here.
313 STEP 10 CHECK_ANSWER
314 ENTRY_BEGIN
315 MATCH all
316 REPLY QR RD RA AD DO NOERROR
317 SECTION QUESTION
318 www.example.com. IN A
319 SECTION ANSWER
320 www.example.com. IN A 11.12.13.14
321 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFC6+BbFcL95vH6SOhMLGotcBospIAhUAhjfof+1VY5GsCp5b9UOD7UydBzI= ;{id = 2854}
322 SECTION AUTHORITY
323 SECTION ADDITIONAL
324 ENTRY_END
325
326 ; test nonrec referral validation
327 STEP 11 QUERY
328 ENTRY_BEGIN
329 REPLY DO
330 SECTION QUESTION
331 bla.example.com. IN A
332 ENTRY_END
333
334 STEP 12 CHECK_ANSWER
335 ENTRY_BEGIN
336 MATCH all
337 REPLY QR RA AD DO NOERROR
338 SECTION QUESTION
339 bla.example.com. IN A
340 SECTION ANSWER
341 SECTION AUTHORITY
342 example.com. IN NS ns.example.com.
343 example.com. IN NS ns.example.net.
344 example.com. 3600 IN RRSIG NS 3 2 3600 20070926135752 20070829135752 2854 example.com. MCwCFEsWNXjGDFwH/0NGClonWUQlBaiFAhR/dt0asVj8M0VKs7PdTEKN/Y9i5w== ;{id = 2854}
345 SECTION ADDITIONAL
346 ns.example.com. IN A 1.2.3.4
347 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
348 ENTRY_END
349
350 SCENARIO_END
mirror of network_cmds