From 3b9b6d0b8e7f798023c9d109c490449d528fde80 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:59:48 +0200 Subject: Adding upstream version 1:9.18.19. Signed-off-by: Daniel Baumann --- bin/tests/system/dnssec/ns3/named.conf.in | 383 ++++++++++++++++++++++++++++++ 1 file changed, 383 insertions(+) create mode 100644 bin/tests/system/dnssec/ns3/named.conf.in (limited to 'bin/tests/system/dnssec/ns3/named.conf.in') diff --git a/bin/tests/system/dnssec/ns3/named.conf.in b/bin/tests/system/dnssec/ns3/named.conf.in new file mode 100644 index 0000000..cdc6e02 --- /dev/null +++ b/bin/tests/system/dnssec/ns3/named.conf.in @@ -0,0 +1,383 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS3 + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-validation yes; + session-keyfile "session.key"; + minimal-responses no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm @DEFAULT_HMAC@; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type secondary; + primaries { 10.53.0.2; }; + file "example.bk"; +}; + +zone "secure.example" { + type primary; + file "secure.example.db.signed"; + allow-update { any; }; +}; + +zone "bogus.example" { + type primary; + file "bogus.example.db.signed"; + allow-update { any; }; +}; + +zone "badds.example" { + type primary; + file "badds.example.db.signed"; + allow-update { any; }; +}; + +zone "dynamic.example" { + type primary; + file "dynamic.example.db.signed"; + allow-update { any; }; +}; + +zone "insecure.example" { + type primary; + file "insecure.example.db"; + allow-update { any; }; +}; + +zone "insecure2.example" { + type primary; + file "insecure2.example.db"; + allow-update { any; }; +}; + +zone "insecure.nsec3.example" { + type primary; + file "insecure.nsec3.example.db"; + allow-update { any; }; +}; + +zone "insecure.optout.example" { + type primary; + file "insecure.optout.example.db"; + allow-update { any; }; +}; + +zone "keyless.example" { + type primary; + file "keyless.example.db.signed"; +}; + +zone "nsec3.example" { + type primary; + file "nsec3.example.db.signed"; +}; + +zone "optout.nsec3.example" { + type primary; + file "optout.nsec3.example.db.signed"; +}; + +zone "nsec3.nsec3.example" { + type primary; + file "nsec3.nsec3.example.db.signed"; +}; + +zone "secure.nsec3.example" { + type primary; + file "secure.nsec3.example.db.signed"; +}; + +zone "optout.example" { + type primary; + file "optout.example.db.signed"; +}; + +zone "secure.optout.example" { + type primary; + file "secure.optout.example.db.signed"; +}; + +zone "nsec3.optout.example" { + type primary; + file "nsec3.optout.example.db.signed"; +}; + +zone "optout.optout.example" { + type primary; + file "optout.optout.example.db.signed"; +}; + +zone "nsec3-unknown.example" { + type primary; + nsec3-test-zone yes; + file "nsec3-unknown.example.db.signed"; +}; + +zone "optout-unknown.example" { + type primary; + nsec3-test-zone yes; + file "optout-unknown.example.db.signed"; +}; + +zone "dnskey-unknown.example" { + type primary; + file "dnskey-unknown.example.db.signed"; +}; + +zone "dnskey-unsupported.example" { + type primary; + file "dnskey-unsupported.example.db.signed"; +}; + +zone "dnskey-unsupported-2.example" { + type primary; + file "dnskey-unsupported-2.example.db.signed"; +}; + +zone "dnskey-nsec3-unknown.example" { + type primary; + nsec3-test-zone yes; + file "dnskey-nsec3-unknown.example.db.signed"; +}; + +zone "multiple.example" { + type primary; + file "multiple.example.db.signed"; + allow-update { any; }; +}; + +zone "rfc2335.example" { + type secondary; + primaries { 10.53.0.2; }; + file "rfc2335.example.bk"; +}; + +zone "rsasha256.example" { + type primary; + file "rsasha256.example.db.signed"; +}; + +zone "rsasha512.example" { + type primary; + file "rsasha512.example.db.signed"; +}; + +zone "kskonly.example" { + type primary; + file "kskonly.example.db.signed"; +}; + +zone "expired.example" { + type primary; + allow-update { none; }; + file "expired.example.db.signed"; +}; + +zone "update-nsec3.example" { + type primary; + allow-update { any; }; + file "update-nsec3.example.db.signed"; +}; + +zone "auto-nsec.example" { + type primary; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec.example.db.signed"; +}; + +zone "auto-nsec3.example" { + type primary; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec3.example.db.signed"; +}; + +zone "insecure.below-cname.example" { + type primary; + file "insecure.below-cname.example.db"; +}; + +zone "secure.below-cname.example" { + type primary; + file "secure.below-cname.example.db.signed"; +}; + +zone "ttlpatch.example" { + type primary; + file "ttlpatch.example.db.patched"; +}; + +zone "split-dnssec.example" { + type primary; + file "split-dnssec.example.db"; +}; + +zone "split-smart.example" { + type primary; + file "split-smart.example.db"; +}; + +zone "nsec3chain-test" { + type secondary; + file "nsec3chain-test.bk"; + primaries { 10.53.0.2; }; +}; + +zone "expiring.example" { + type primary; + allow-update { any; }; + file "expiring.example.db.signed"; +}; + +zone "nosign.example" { + type primary; + allow-update { any; }; + dnssec-update-mode no-resign; + file "nosign.example.db.signed"; +}; + +zone "upper.example" { + type primary; + file "upper.example.db.signed"; +}; + +zone "LOWER.EXAMPLE" { + type primary; + file "lower.example.db.signed"; +}; + +zone "inline.example" { + type primary; + file "inline.example.db"; + inline-signing yes; + auto-dnssec maintain; +}; + +zone "publish-inactive.example" { + type primary; + file "publish-inactive.example.db"; + auto-dnssec maintain; + dnssec-dnskey-kskonly no; + update-policy local; +}; + +zone "future.example" { + type primary; + file "future.example.db.signed"; +}; + +zone "managed-future.example" { + type primary; + file "managed-future.example.db.signed"; + allow-update { any; }; +}; + +zone "revkey.example" { + type primary; + file "revkey.example.db.signed"; +}; + +zone "dname-at-apex-nsec3.example" { + type primary; + file "dname-at-apex-nsec3.example.db.signed"; +}; + +zone "occluded.example" { + type primary; + file "occluded.example.db.signed"; +}; + +zone "secure.managed" { + type primary; + file "secure.managed.db.signed"; +}; + +zone "disabled.managed" { + type primary; + file "disabled.managed.db.signed"; +}; + +zone "enabled.managed" { + type primary; + file "enabled.managed.db.signed"; +}; + +zone "unsupported.managed" { + type primary; + file "unsupported.managed.db.signed"; +}; + +zone "revoked.managed" { + type primary; + file "revoked.managed.db.signed"; +}; + +zone "secure.trusted" { + type primary; + file "secure.trusted.db.signed"; +}; + +zone "disabled.trusted" { + type primary; + file "disabled.trusted.db.signed"; +}; + +zone "enabled.trusted" { + type primary; + file "enabled.trusted.db.signed"; +}; + +zone "unsupported.trusted" { + type primary; + file "unsupported.trusted.db.signed"; +}; + +zone "revoked.trusted" { + type primary; + file "revoked.trusted.db.signed"; +}; + +zone "too-many-iterations" { + type secondary; + primaries { 10.53.0.2; }; + file "too-many-iterations.bk"; +}; + +include "siginterval.conf"; + +include "trusted.conf"; -- cgit v1.2.3