mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
test and cleanup.
git-svn-id: file:///svn/unbound/trunk@2360 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
15b14306ed
commit
003658eea0
4 changed files with 37 additions and 48 deletions
22
testdata/val_ta_algo_dnskey.rpl
vendored
22
testdata/val_ta_algo_dnskey.rpl
vendored
|
|
@ -2,7 +2,7 @@
|
||||||
; The island of trust is at example.com
|
; The island of trust is at example.com
|
||||||
server:
|
server:
|
||||||
trust-anchor: "example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}"
|
trust-anchor: "example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}"
|
||||||
trust-anchor: "example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
|
trust-anchor: "example.com. 3600 IN DS 30899 5 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
|
||||||
val-override-date: "20070916134226"
|
val-override-date: "20070916134226"
|
||||||
target-fetch-policy: "0 0 0 0 0"
|
target-fetch-policy: "0 0 0 0 0"
|
||||||
|
|
||||||
|
|
@ -11,7 +11,7 @@ stub-zone:
|
||||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||||
CONFIG_END
|
CONFIG_END
|
||||||
|
|
||||||
SCENARIO_BEGIN Test validator with multiple algorithm DS trust anchor
|
SCENARIO_BEGIN Test validator with multiple algorithm trust anchor
|
||||||
|
|
||||||
; K.ROOT-SERVERS.NET.
|
; K.ROOT-SERVERS.NET.
|
||||||
RANGE_BEGIN 0 100
|
RANGE_BEGIN 0 100
|
||||||
|
|
@ -81,9 +81,11 @@ example.com. IN NS
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
ENTRY_BEGIN
|
ENTRY_BEGIN
|
||||||
|
|
@ -96,9 +98,11 @@ SECTION ANSWER
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -110,14 +114,18 @@ REPLY QR NOERROR
|
||||||
SECTION QUESTION
|
SECTION QUESTION
|
||||||
example.com. IN DNSKEY
|
example.com. IN DNSKEY
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
|
example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
|
||||||
example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
|
example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 512b}
|
||||||
|
example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134150 20070829134150 2854 example.com. AKIIYDOGHogglFqJK94ZtOnF7EfGikgAyloMNRSMCrQgFaFkmcOyjrc= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20070926134150 20070829134150 30899 example.com. J55fsz1GGMnngc4r50xvXDUdaVMlfcLKLVsfMhwNLF+ERac5XV/lLRAc/aSER+qQdsSo0CrjYjy1wat7YQpDAA== ;{id = 30899}
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
; response to query of interest
|
; response to query of interest
|
||||||
|
|
@ -130,12 +138,15 @@ www.example.com. IN A
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
www.example.com. IN A 10.20.30.40
|
www.example.com. IN A 10.20.30.40
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
||||||
|
www.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. JNWECShNE+nCLQwOXJJ3xpUkh2G+FCh5nk8uYAHIVQRse/BIvCMSlvRrtVyw9RnXvk5RR2bEgN0pRdLWW7ug5Q== ;{id = 30899}
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
RANGE_END
|
RANGE_END
|
||||||
|
|
||||||
|
|
@ -155,13 +166,16 @@ SECTION QUESTION
|
||||||
www.example.com. IN A
|
www.example.com. IN A
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
www.example.com. IN A 10.20.30.40
|
www.example.com. IN A 10.20.30.40
|
||||||
|
www.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. JNWECShNE+nCLQwOXJJ3xpUkh2G+FCh5nk8uYAHIVQRse/BIvCMSlvRrtVyw9RnXvk5RR2bEgN0pRdLWW7ug5Q== ;{id = 30899}
|
||||||
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
SCENARIO_END
|
SCENARIO_END
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,9 @@
|
||||||
; config options
|
; config options
|
||||||
; The island of trust is at example.com
|
; The island of trust is at example.com
|
||||||
server:
|
server:
|
||||||
trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
|
trust-anchor: "example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}"
|
||||||
trust-anchor: "example.com. 3600 IN DS 30899 5 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
|
trust-anchor: "example.com. 3600 IN DS 30899 5 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
|
||||||
|
trust-anchor: "example.com. 3600 IN DS 30899 7 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
|
||||||
val-override-date: "20070916134226"
|
val-override-date: "20070916134226"
|
||||||
target-fetch-policy: "0 0 0 0 0"
|
target-fetch-policy: "0 0 0 0 0"
|
||||||
|
|
||||||
|
|
@ -11,7 +12,7 @@ stub-zone:
|
||||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||||
CONFIG_END
|
CONFIG_END
|
||||||
|
|
||||||
SCENARIO_BEGIN Test validator with multiple algorithm DS trust anchor
|
SCENARIO_BEGIN Test validator with multiple algorithm missing one
|
||||||
|
|
||||||
; K.ROOT-SERVERS.NET.
|
; K.ROOT-SERVERS.NET.
|
||||||
RANGE_BEGIN 0 100
|
RANGE_BEGIN 0 100
|
||||||
|
|
@ -81,9 +82,11 @@ example.com. IN NS
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
ENTRY_BEGIN
|
ENTRY_BEGIN
|
||||||
|
|
@ -96,9 +99,11 @@ SECTION ANSWER
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -110,14 +115,18 @@ REPLY QR NOERROR
|
||||||
SECTION QUESTION
|
SECTION QUESTION
|
||||||
example.com. IN DNSKEY
|
example.com. IN DNSKEY
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
|
example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
|
||||||
example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
|
example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 512b}
|
||||||
|
example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134150 20070829134150 2854 example.com. AKIIYDOGHogglFqJK94ZtOnF7EfGikgAyloMNRSMCrQgFaFkmcOyjrc= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20070926134150 20070829134150 30899 example.com. J55fsz1GGMnngc4r50xvXDUdaVMlfcLKLVsfMhwNLF+ERac5XV/lLRAc/aSER+qQdsSo0CrjYjy1wat7YQpDAA== ;{id = 30899}
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
; response to query of interest
|
; response to query of interest
|
||||||
|
|
@ -130,12 +139,15 @@ www.example.com. IN A
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
www.example.com. IN A 10.20.30.40
|
www.example.com. IN A 10.20.30.40
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
||||||
|
www.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. JNWECShNE+nCLQwOXJJ3xpUkh2G+FCh5nk8uYAHIVQRse/BIvCMSlvRrtVyw9RnXvk5RR2bEgN0pRdLWW7ug5Q== ;{id = 30899}
|
||||||
SECTION AUTHORITY
|
SECTION AUTHORITY
|
||||||
example.com. IN NS ns.example.com.
|
example.com. IN NS ns.example.com.
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
||||||
|
example.com. 3600 IN RRSIG NS 5 2 3600 20070926134150 20070829134150 30899 example.com. YTqtYba73HIOQuPr5oDyIX9pfmz1ybEBjwlD/jUgcPmFINUOZ9FeqG6ywgRKwn4AizkKTK00p1sxZYMKxl91wg== ;{id = 30899}
|
||||||
SECTION ADDITIONAL
|
SECTION ADDITIONAL
|
||||||
ns.example.com. IN A 1.2.3.4
|
ns.example.com. IN A 1.2.3.4
|
||||||
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
||||||
|
ns.example.com. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.com. Dn1ziMKrc3NdJkSv8g61Y9WNk3+BAuwCwnYzAZiHmkejkSCPViLJN7+f4Conp9l8LkTl50ZnLgoYrrUYNhMj6w== ;{id = 30899}
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
RANGE_END
|
RANGE_END
|
||||||
|
|
||||||
|
|
@ -150,18 +162,10 @@ ENTRY_END
|
||||||
STEP 10 CHECK_ANSWER
|
STEP 10 CHECK_ANSWER
|
||||||
ENTRY_BEGIN
|
ENTRY_BEGIN
|
||||||
MATCH all
|
MATCH all
|
||||||
REPLY QR RD RA AD NOERROR
|
REPLY QR RD RA SERVFAIL
|
||||||
SECTION QUESTION
|
SECTION QUESTION
|
||||||
www.example.com. IN A
|
www.example.com. IN A
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
www.example.com. IN A 10.20.30.40
|
|
||||||
www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
|
|
||||||
SECTION AUTHORITY
|
|
||||||
example.com. IN NS ns.example.com.
|
|
||||||
example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
|
|
||||||
SECTION ADDITIONAL
|
|
||||||
ns.example.com. IN A 1.2.3.4
|
|
||||||
ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
|
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
SCENARIO_END
|
SCENARIO_END
|
||||||
|
|
@ -453,26 +453,6 @@ int dnskey_algo_is_supported(struct ub_packed_rrset_key* dnskey_rrset,
|
||||||
dnskey_idx));
|
dnskey_idx));
|
||||||
}
|
}
|
||||||
|
|
||||||
void algo_needs_init_dnskey(struct algo_needs* n,
|
|
||||||
struct ub_packed_rrset_key* dnskey)
|
|
||||||
{
|
|
||||||
uint8_t algo;
|
|
||||||
size_t i, total = 0;
|
|
||||||
size_t num = rrset_get_count(dnskey);
|
|
||||||
|
|
||||||
memset(n->needs, 0, sizeof(uint8_t)*ALGO_NEEDS_MAX);
|
|
||||||
for(i=0; i<num; i++) {
|
|
||||||
algo = (uint8_t)dnskey_get_algo(dnskey, i);
|
|
||||||
if(!dnskey_algo_id_is_supported((int)algo))
|
|
||||||
continue;
|
|
||||||
if(n->needs[algo] == 0) {
|
|
||||||
n->needs[algo] = 1;
|
|
||||||
total++;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
n->num = total;
|
|
||||||
}
|
|
||||||
|
|
||||||
void algo_needs_init_dnskey_add(struct algo_needs* n,
|
void algo_needs_init_dnskey_add(struct algo_needs* n,
|
||||||
struct ub_packed_rrset_key* dnskey, uint8_t* sigalg)
|
struct ub_packed_rrset_key* dnskey, uint8_t* sigalg)
|
||||||
{
|
{
|
||||||
|
|
@ -500,12 +480,11 @@ void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg)
|
||||||
size_t total = 0;
|
size_t total = 0;
|
||||||
|
|
||||||
memset(n->needs, 0, sizeof(uint8_t)*ALGO_NEEDS_MAX);
|
memset(n->needs, 0, sizeof(uint8_t)*ALGO_NEEDS_MAX);
|
||||||
while( (algo=*sigalg) != 0) {
|
while( (algo=*sigalg++) != 0) {
|
||||||
log_assert(dnskey_algo_id_is_supported((int)algo));
|
log_assert(dnskey_algo_id_is_supported((int)algo));
|
||||||
log_assert(n->needs[algo] == 0);
|
log_assert(n->needs[algo] == 0);
|
||||||
n->needs[algo] = 1;
|
n->needs[algo] = 1;
|
||||||
total++;
|
total++;
|
||||||
sigalg++;
|
|
||||||
}
|
}
|
||||||
n->num = total;
|
n->num = total;
|
||||||
}
|
}
|
||||||
|
|
@ -667,7 +646,7 @@ dnskey_verify_rrset(struct module_env* env, struct val_env* ve,
|
||||||
numchecked ++;
|
numchecked ++;
|
||||||
}
|
}
|
||||||
verbose(VERB_ALGO, "rrset failed to verify: all signatures are bogus");
|
verbose(VERB_ALGO, "rrset failed to verify: all signatures are bogus");
|
||||||
if(!numchecked) *reason = "signatures from unknown keys";
|
if(!numchecked) *reason = "signature missing";
|
||||||
return sec_status_bogus;
|
return sec_status_bogus;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -68,14 +68,6 @@ struct algo_needs {
|
||||||
size_t num;
|
size_t num;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
|
||||||
* Initialize algo needs structure, set algos from rrset as needed.
|
|
||||||
* @param n: struct with storage.
|
|
||||||
* @param dnskey: algos from this struct set as necessary. DNSKEY set.
|
|
||||||
*/
|
|
||||||
void algo_needs_init_dnskey(struct algo_needs* n,
|
|
||||||
struct ub_packed_rrset_key* dnskey);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initialize algo needs structure, set algos from rrset as needed.
|
* Initialize algo needs structure, set algos from rrset as needed.
|
||||||
* Results are added to an existing need structure.
|
* Results are added to an existing need structure.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue