From 830407e88f9d40d954356c3754f2647f91d5c06a Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:26:00 +0200 Subject: Adding upstream version 5.6.0. Signed-off-by: Daniel Baumann --- .../deckard/sets/resolver/iter_lame_noaa.rpl | 126 +++++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100644 tests/integration/deckard/sets/resolver/iter_lame_noaa.rpl (limited to 'tests/integration/deckard/sets/resolver/iter_lame_noaa.rpl') diff --git a/tests/integration/deckard/sets/resolver/iter_lame_noaa.rpl b/tests/integration/deckard/sets/resolver/iter_lame_noaa.rpl new file mode 100644 index 0000000..af964fb --- /dev/null +++ b/tests/integration/deckard/sets/resolver/iter_lame_noaa.rpl @@ -0,0 +1,126 @@ +do-ip6: no + +; config options +; harden-referral-path: no +; target-fetch-policy: "0 0 0 0 0" +; name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. + ; test with pre-scripted replies does not make sense with qmin + query-minimization: off +CONFIG_END + +SCENARIO_BEGIN Test lame detection if AA bit is omitted +; the query is answered with a reply that has +; no AA bit +; no SOA record +; noanswer/noerror +; NS record in there which is not a down delegation (==). +; the query is not sent to a forward zone + +STEP 10 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; root prime is sent +STEP 30 REPLY +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR AA NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +; query sent to root server +STEP 50 REPLY +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +; query sent to .com server +STEP 70 REPLY +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns1.example.com. +example.com. IN NS ns2.example.com. +SECTION ADDITIONAL +ns1.example.com. IN A 168.192.2.2 +ns2.example.com. IN A 168.192.3.3 +ENTRY_END + +; no matter which one the iterator tries first, we present it as 'lame' +; query to ns1.example.com or ns2.example.com. +STEP 90 REPLY +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +; This is the BROKEN ANSWER here. +; it is lame. A delegation to example.com. itself. +example.com. IN NS ns1.example.com. +example.com. IN NS ns2.example.com. +SECTION ADDITIONAL +ns1.example.com. IN A 168.192.2.2 +ns2.example.com. IN A 168.192.3.3 +ENTRY_END + +; iterator should try again and ask the other nameserver. +STEP 110 REPLY +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR AA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns1.example.com. +example.com. IN NS ns2.example.com. +SECTION ADDITIONAL +ns1.example.com. IN A 168.192.2.2 +ns2.example.com. IN A 168.192.3.3 +ENTRY_END + + +; is the final answer correct? +STEP 200 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +;SECTION AUTHORITY +;example.com. IN NS ns1.example.com. +;example.com. IN NS ns2.example.com. +;SECTION ADDITIONAL +;ns1.example.com. IN A 168.192.2.2 +;ns2.example.com. IN A 168.192.3.3 +ENTRY_END + +SCENARIO_END -- cgit v1.2.3