diff options
Diffstat (limited to 'bin/tests/system/chain/ns2')
| -rw-r--r-- | bin/tests/system/chain/ns2/example.db | 69 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/generic.db | 22 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/named.conf.in | 74 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/sign.sh | 55 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/sub.db | 26 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/wildcard-secure.db | 29 | ||||
| -rw-r--r-- | bin/tests/system/chain/ns2/wildcard.db | 28 |
7 files changed, 303 insertions, 0 deletions
diff --git a/bin/tests/system/chain/ns2/example.db b/bin/tests/system/chain/ns2/example.db new file mode 100644 index 0000000..c13f2d2 --- /dev/null +++ b/bin/tests/system/chain/ns2/example.db @@ -0,0 +1,69 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2 +ns2 A 10.53.0.2 + +a.short A 10.0.0.1 +short-dname DNAME short +a.longlonglonglonglonglonglonglonglonglonglonglonglong A 10.0.0.2 +long-dname DNAME longlonglonglonglonglonglonglonglonglonglonglonglong +toolong-dname DNAME longlonglonglonglonglonglonglonglonglonglonglonglong +cname CNAME a.cnamedname +cnamedname DNAME target +a.target A 10.0.0.3 + +; CNAME to delegation +; (unsigned delegations, external and internal) +sub5 NS ns5.sub5 +ns5.sub5 A 10.53.0.5 +a CNAME a.sub5 +sub2 NS ns2.sub2 +ns2.sub2 A 10.53.0.2 +b CNAME b.sub2 + +; (signed delegation, external and internal) +; note: these DS records are fake and will not validate; we're only +; testing that the resolver handles their presence in a reply correctly +signed-sub5 NS ns5.sub5 +signed-sub5 DS 44137 8 2 1CB4F54E0B4F4F85109143113A3C679716A2377D86EB0907846A03FB 0C0A3927 +c CNAME c.signed-sub5 +signed-sub2 NS ns2.sub2 +signed-sub2 DS 44137 8 2 1CB4F54E0B4F4F85109143113A3C679716A2377D86EB0907846A03FB 0C0A3927 +d CNAME d.signed-sub2 + +; long CNAME loop +loop CNAME goop +goop CNAME boop +boop CNAME soup +soup CNAME gump +gump CNAME bump +bump CNAME lump +lump CNAME rump +rump CNAME romp +romp CNAME bomp +bomp CNAME stomp +stomp CNAME clomp +clomp CNAME clump +clump CNAME hunk +hunk CNAME hank +hank CNAME bank +bank CNAME wank +wank CNAME woop +woop CNAME loop diff --git a/bin/tests/system/chain/ns2/generic.db b/bin/tests/system/chain/ns2/generic.db new file mode 100644 index 0000000..9d59378 --- /dev/null +++ b/bin/tests/system/chain/ns2/generic.db @@ -0,0 +1,22 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 86400 SOA ns2.domain0.nil. hostmaster.ns2.nil. 0 1 1 1 1 +@ 86400 NS ns2.domain0.nil. +ns2 86400 A 10.53.0.2 +ns2 86400 AAAA fd92:7065:b8e:ffff::2 + +@ 86400 A 1.2.3.4 +@ 86400 AAAA 1:2:3::4 +* 86400 A 1.2.3.4 +* 86400 AAAA 1:2:3::4 +; CVE-2021-25215 regression test data +self 86400 DNAME nil. diff --git a/bin/tests/system/chain/ns2/named.conf.in b/bin/tests/system/chain/ns2/named.conf.in new file mode 100644 index 0000000..922d2fa --- /dev/null +++ b/bin/tests/system/chain/ns2/named.conf.in @@ -0,0 +1,74 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; + notify yes; +}; + +zone "example" { + type primary; + file "example.db.signed"; + allow-update { any; }; +}; + +zone "sub2.example" { + type primary; + file "sub.db"; +}; + +zone "signed-sub2.example" { + type primary; + file "sub.db"; +}; + +zone "wildcard-secure.example" { + type primary; + file "wildcard-secure.example.db.signed"; +}; + +zone "wildcard-nsec.example" { + type primary; + file "wildcard-nsec.example.db.signed"; +}; + +zone "wildcard-nsec3.example" { + type primary; + file "wildcard-nsec3.example.db.signed"; +}; + +zone "wildcard-nsec3-optout.example" { + type primary; + file "wildcard-nsec3-optout.example.db.signed"; +}; + +zone "domain0.nil" { type primary; file "generic.db"; }; +zone "domain1.nil" { type primary; file "generic.db"; }; +zone "domain2.nil" { type primary; file "generic.db"; }; +zone "domain3.nil" { type primary; file "generic.db"; }; +zone "domain4.nil" { type primary; file "generic.db"; }; +zone "domain5.nil" { type primary; file "generic.db"; }; +zone "domain6.nil" { type primary; file "generic.db"; }; +zone "domain7.nil" { type primary; file "generic.db"; }; +zone "domain8.nil" { type primary; file "generic.db"; }; +zone "domain9.nil" { type primary; file "generic.db"; }; diff --git a/bin/tests/system/chain/ns2/sign.sh b/bin/tests/system/chain/ns2/sign.sh new file mode 100644 index 0000000..c067807 --- /dev/null +++ b/bin/tests/system/chain/ns2/sign.sh @@ -0,0 +1,55 @@ +#!/bin/sh -e + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +zone=example. +zonefile=example.db +signedfile=example.db.signed + +ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -fk $zone) +zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} $zone) +$SIGNER -S -o $zone -f $signedfile $zonefile > /dev/null + +zone=wildcard-secure.example. +zonefile=wildcard-secure.db +signedfile=wildcard-secure.example.db.signed + +ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -fk $zone) +zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} $zone) +$SIGNER -S -o $zone -f $signedfile $zonefile > /dev/null + +zone=wildcard-nsec.example. +zonefile=wildcard.db +signedfile=wildcard-nsec.example.db.signed + +ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -fk $zone) +zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} $zone) +$SIGNER -S -o $zone -f $signedfile $zonefile > /dev/null + +zone=wildcard-nsec3.example. +zonefile=wildcard.db +signedfile=wildcard-nsec3.example.db.signed + +ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -fk $zone) +zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} $zone) +$SIGNER -S -3 - -H 0 -o $zone -f $signedfile $zonefile > /dev/null + +zone=wildcard-nsec3-optout.example. +zonefile=wildcard.db +signedfile=wildcard-nsec3-optout.example.db.signed + +ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -fk $zone) +zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} $zone) +$SIGNER -S -3 - -H 0 -A -o $zone -f $signedfile $zonefile > /dev/null diff --git a/bin/tests/system/chain/ns2/sub.db b/bin/tests/system/chain/ns2/sub.db new file mode 100644 index 0000000..ad03165 --- /dev/null +++ b/bin/tests/system/chain/ns2/sub.db @@ -0,0 +1,26 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2017031001 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2 +ns2 A 10.53.0.2 + +a A 10.0.0.1 +b A 10.0.0.2 +c A 10.0.0.3 +d A 10.0.0.4 diff --git a/bin/tests/system/chain/ns2/wildcard-secure.db b/bin/tests/system/chain/ns2/wildcard-secure.db new file mode 100644 index 0000000..e39237a --- /dev/null +++ b/bin/tests/system/chain/ns2/wildcard-secure.db @@ -0,0 +1,29 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2021051901 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS localhost. + +delegation NS localhost. + DS 12345 13 2 0000000000000000000000000000000000000000000000000000000000000000 + +; CNAME pointing into a child zone +cname CNAME delegation + +; wildcard CNAME pointing at a CNAME pointing into a child zone +* CNAME cname diff --git a/bin/tests/system/chain/ns2/wildcard.db b/bin/tests/system/chain/ns2/wildcard.db new file mode 100644 index 0000000..cc39e9c --- /dev/null +++ b/bin/tests/system/chain/ns2/wildcard.db @@ -0,0 +1,28 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2021051901 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS localhost. + +delegation NS localhost. + +; CNAME pointing into a child zone +cname CNAME delegation + +; wildcard CNAME pointing at a CNAME pointing into a child zone +* CNAME cname |