diff options
Diffstat (limited to 'contrib/unbound/testdata/serve_expired_val_bogus.rpl')
| -rw-r--r-- | contrib/unbound/testdata/serve_expired_val_bogus.rpl | 389 |
1 files changed, 0 insertions, 389 deletions
diff --git a/contrib/unbound/testdata/serve_expired_val_bogus.rpl b/contrib/unbound/testdata/serve_expired_val_bogus.rpl deleted file mode 100644 index 54b66fe98800..000000000000 --- a/contrib/unbound/testdata/serve_expired_val_bogus.rpl +++ /dev/null @@ -1,389 +0,0 @@ -; config options -; The island of trust is at example.com -server: - trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - - serve-expired: yes - serve-expired-client-timeout: 0 - serve-expired-reply-ttl: 123 - ede: yes - ede-serve-expired: yes - - # No need for AAAA nameserver queries - do-ip6: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test serve-expired with client-timeout and bogus answer -; Scenario overview: -; - query for www.example.com. IN A -; - check the answer -; - wait for the record to expire -; - (upstream now has a bogus response) -; - query again for www.example.com. IN A -; - check that we get the immediate expired valid response -; - (prefetch response is bogus and is not cached; recursion is blocked for NORR_TTL(5) because of the failure) -; - (upstream has a valid response again) -; - query once more -; - check that we still get the immediate expired valid response (prefetch will not trigger because of NORR_TTL(5)) -; - query and check that cache was not updated -; - let NORR_TTL(5) expire -; - query once more -; - check that we still get the immediate expired valid response -; - (prefetch should be allowed to refresh the record at this point) -; - (upstream does not have the answer anymore) -; - query one last time -; - check that we get the immediate valid cache response - -; The example.com NS and ns.example.com A record are commented out. -; This to make the test succeed. It then keeps the dnssec valid lookup. -; Otherwise, the relookup of the referral would overwrite the example.com NS -; the serve expired response would no longer be valid. But this record must -; be cached, for keeping the current delegation information. -; Also the DNSKEY lookup authority and additional are cleaned to stop overwrite -; of the NS and A record. This is more likely to keep the serve expired -; information intact. - -;; -;; K.ROOT-SERVERS.NET. -;; -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - . IN NS - SECTION ANSWER - . IN NS K.ROOT-SERVERS.NET. - SECTION ADDITIONAL - K.ROOT-SERVERS.NET. IN A 193.0.14.129 - ENTRY_END - - ENTRY_BEGIN - MATCH opcode - ADJUST copy_id copy_query - REPLY QR NOERROR - SECTION QUESTION - www.example.com. IN A - SECTION AUTHORITY - com. IN NS a.gtld-servers.net. - SECTION ADDITIONAL - a.gtld-servers.net. IN A 192.5.6.30 - ENTRY_END -RANGE_END - -;; -;; a.gtld-servers.net. -;; -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - com. IN NS - SECTION ANSWER - com. IN NS a.gtld-servers.net. - SECTION ADDITIONAL - a.gtld-servers.net. IN A 192.5.6.30 - ENTRY_END - - ENTRY_BEGIN - MATCH opcode - ADJUST copy_id copy_query - REPLY QR NOERROR - SECTION QUESTION - www.example.com. IN A - SECTION AUTHORITY - example.com. IN NS ns.example.com. - SECTION ADDITIONAL - ns.example.com. IN A 1.2.3.4 - ENTRY_END -RANGE_END - -;; -;; ns.example.com. with generic data -;; -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - example.com. IN NS - SECTION ANSWER - example.com. IN NS ns.example.com. - example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} - SECTION ADDITIONAL - ns.example.com. IN A 1.2.3.4 - ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} - ENTRY_END - - ; response to DNSKEY priming query - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - example.com. IN DNSKEY - SECTION ANSWER - example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} - example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} - SECTION AUTHORITY - example.com. IN NS ns.example.com. - example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} - SECTION ADDITIONAL - ns.example.com. IN A 1.2.3.4 - ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} - ENTRY_END -RANGE_END - -;; -;; ns.example.com. with valid data -;; -RANGE_BEGIN 0 10 - ADDRESS 1.2.3.4 - ; response to query of interest - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - www.example.com. IN A - SECTION ANSWER - www.example.com. IN A 10.20.30.40 - ;ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} - SECTION AUTHORITY - ;example.com. IN NS ns.example.com. - ;example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} - SECTION ADDITIONAL - ;ns.example.com. IN A 1.2.3.4 - www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} - ENTRY_END -RANGE_END - -;; -;; ns.example.com. with bogus data -;; -RANGE_BEGIN 20 40 - ADDRESS 1.2.3.4 - ; response to query of interest (bogus answer) - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - www.example.com. IN A - SECTION ANSWER - www.example.com. IN A 10.20.30.40 - ;ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} - SECTION AUTHORITY - ;example.com. IN NS ns.example.com. - ;example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} - SECTION ADDITIONAL - ;ns.example.com. IN A 1.2.3.4 - ;; (valid signature) - ;; www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} - ;; (bogus signature) - www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. - ENTRY_END -RANGE_END - -;; -;; ns.example.com. with valid data again -;; -RANGE_BEGIN 50 100 - ADDRESS 1.2.3.4 - ; response to query of interest - ENTRY_BEGIN - MATCH opcode qtype qname - ADJUST copy_id - REPLY QR NOERROR - SECTION QUESTION - www.example.com. IN A - SECTION ANSWER - www.example.com. IN A 10.20.30.40 - ;ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} - SECTION AUTHORITY - ;example.com. IN NS ns.example.com. - ;example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} - SECTION ADDITIONAL - ;ns.example.com. IN A 1.2.3.4 - www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} - ENTRY_END -RANGE_END - - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is the valid answer -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. IN A 10.20.30.40 -www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. IN NS ns.example.com. -;example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. IN A 1.2.3.4 -;ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -STEP 11 TIME_PASSES ELAPSE 3601 - -STEP 20 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is the immediate expired cache response -STEP 30 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl ede=3 -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. 123 IN A 10.20.30.40 -www.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. 123 IN NS ns.example.com. -;example.com. 123 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. 123 IN A 1.2.3.4 -;ns.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -; query with response available on the server -STEP 40 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is still the immediate expired cache response because the previous upstream response was bogus -; upstream query did not go out because of the previous failure NORR_TTL(5). -STEP 50 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl ede=3 -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. 123 IN A 10.20.30.40 -www.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. 123 IN NS ns.example.com. -;example.com. 123 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. 123 IN A 1.2.3.4 -;ns.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -; query with response available -STEP 60 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is still the immediate expired cache response because resolution is blocked for NORR_TTL(5) -STEP 70 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl ede=3 -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. 123 IN A 10.20.30.40 -www.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. 123 IN NS ns.example.com. -;example.com. 123 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. 123 IN A 1.2.3.4 -;ns.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -; expire NORR_TTL(5) -STEP 71 TIME_PASSES ELAPSE 5 - -; query again -STEP 80 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is still the immediate expired cache response but prefetching will be allowed to update the cache -STEP 90 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl ede=3 -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. 123 IN A 10.20.30.40 -www.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. 123 IN NS ns.example.com. -;example.com. 123 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. 123 IN A 1.2.3.4 -;ns.example.com. 123 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -STEP 100 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; this is the immediate cache response because the previous upstream response was valid -STEP 110 CHECK_ANSWER -ENTRY_BEGIN -MATCH all ttl -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. IN A 10.20.30.40 -www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -;example.com. IN NS ns.example.com. -;example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -;ns.example.com. IN A 1.2.3.4 -;ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -SCENARIO_END |