- Use the origin (DNAME) TTL for syntesized CNAMEs as per RFC 6672.

diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c
index 5f2e303372298cd9effe8ba8ca5aecd36a2a2749..48867e50c5573cdd9bb900ea8e5d2ae9251c3c52 100644 (file)
--- a/iterator/iter_scrub.c
+++ b/iterator/iter_scrub.c
@@ -283,7 +283,8 @@ synth_cname_rrset(uint8_t** sname, size_t* snamelen, uint8_t* alias,
                sizeof(uint32_t)+sizeof(uint16_t)+aliaslen);
        if(!cn->rr_first->ttl_data)
                return NULL;
-       sldns_write_uint32(cn->rr_first->ttl_data, 0); /* TTL = 0 */
+       memmove(cn->rr_first->ttl_data, rrset->rr_first->ttl_data,
+               sizeof(uint32_t)); /* RFC6672: synth CNAME TTL == DNAME TTL */
        sldns_write_uint16(cn->rr_first->ttl_data+4, aliaslen);
        memmove(cn->rr_first->ttl_data+6, alias, aliaslen);
        cn->rr_first->size = sizeof(uint16_t)+aliaslen;

diff --git a/services/authzone.c b/services/authzone.c
index a1b3d22787d22e01a21dcaa0465bde541a70678e..3ae8668c50a3c24f123ea3374c2d34c48ebda59f 100644 (file)
--- a/services/authzone.c
+++ b/services/authzone.c
@@ -2702,7 +2702,7 @@ create_synth_cname(uint8_t* qname, size_t qname_len, struct regional* region,
        if(!d)
                return 0; /* out of memory */
        (*cname)->entry.data = d;
-       d->ttl = 0; /* 0 for synthesized CNAME TTL */
+       d->ttl = dname->data->ttl; /* RFC6672: synth CNAME TTL == DNAME TTL */
        d->count = 1;
        d->rrsig_count = 0;
        d->trust = rrset_trust_ans_noAA;

diff --git a/services/cache/dns.c b/services/cache/dns.c
index 9b4ad5888721615446ebe24ba71541975e1d3fd5..fa57697a43b3ab2fc11119ca18a0ade1fc13ebe7 100644 (file)
--- a/services/cache/dns.c
+++ b/services/cache/dns.c
@@ -796,7 +796,7 @@ synth_dname_msg(struct ub_packed_rrset_key* rrset, struct regional* region,
        if(!newd)
                return NULL;
        ck->entry.data = newd;
-       newd->ttl = 0; /* 0 for synthesized CNAME TTL */
+       newd->ttl = d->ttl; /* RFC6672: synth CNAME TTL == DNAME TTL */
        newd->count = 1;
        newd->rrsig_count = 0;
        newd->trust = rrset_trust_ans_noAA;

diff --git a/services/localzone.c b/services/localzone.c
index 44da22d785d96dbfac27e1a6aa33e3ef1cb0249e..9c8e3c7acb16c6e580e4b21793f37e27a514d485 100644 (file)
--- a/services/localzone.c
+++ b/services/localzone.c
@@ -1532,7 +1532,7 @@ local_data_answer(struct local_zone* z, struct module_env* env,
                        return 0; /* invalid cname */
                if(dname_is_wild(ctarget)) {
                        /* synthesize cname target */
-                       struct packed_rrset_data* d;
+                       struct packed_rrset_data* d, *lr_d;
                        /* -3 for wildcard label and root label from qname */
                        size_t newtargetlen = qinfo->qname_len + ctargetlen - 3;
 
@@ -1560,8 +1560,10 @@ local_data_answer(struct local_zone* z, struct module_env* env,
                                + newtargetlen);
                        if(!d)
                                return 0; /* out of memory */
+                       lr_d = (struct packed_rrset_data*)lr->rrset->entry.data;
                        qinfo->local_alias->rrset->entry.data = d;
-                       d->ttl = 0; /* 0 for synthesized CNAME TTL */
+                       d->ttl = lr_d->rr_ttl[0]; /* RFC6672-like behavior:
+                                           synth CNAME TTL uses original TTL*/
                        d->count = 1;
                        d->rrsig_count = 0;
                        d->trust = rrset_trust_ans_noAA;

diff --git a/testcode/unitauth.c b/testcode/unitauth.c
index 11eeb43b21637b6207609fc50c5dcee76cf292b5..23c57e095e971d1eb7fdf496ab1c60ca1a82d43e 100644 (file)
--- a/testcode/unitauth.c
+++ b/testcode/unitauth.c
@@ -279,14 +279,14 @@ static struct q_ans example_com_queries[] = {
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir.example.com.    3600    IN      DNAME   redir.example.org.\n"
-"abc.redir.example.com.        0       IN      CNAME   abc.redir.example.org.\n"
+"abc.redir.example.com.        3600    IN      CNAME   abc.redir.example.org.\n"
        },
 
        { "example.com", "foo.abc.redir.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir.example.com.    3600    IN      DNAME   redir.example.org.\n"
-"foo.abc.redir.example.com.    0       IN      CNAME   foo.abc.redir.example.org.\n"
+"foo.abc.redir.example.com.    3600    IN      CNAME   foo.abc.redir.example.org.\n"
        },
 
        { "example.com", "redir2.example.com. DNAME", "",
@@ -299,42 +299,42 @@ static struct q_ans example_com_queries[] = {
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"abc.redir2.example.com.       0       IN      CNAME   abc.redir2.example.org.\n"
+"abc.redir2.example.com.       3600    IN      CNAME   abc.redir2.example.org.\n"
        },
 
        { "example.com", "obscured.redir2.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"obscured.redir2.example.com.  0       IN      CNAME   obscured.redir2.example.org.\n"
+"obscured.redir2.example.com.  3600    IN      CNAME   obscured.redir2.example.org.\n"
        },
 
        { "example.com", "under2.redir2.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"under2.redir2.example.com.    0       IN      CNAME   under2.redir2.example.org.\n"
+"under2.redir2.example.com.    3600    IN      CNAME   under2.redir2.example.org.\n"
        },
 
        { "example.com", "doubleobscured.under2.redir2.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"doubleobscured.under2.redir2.example.com.     0       IN      CNAME   doubleobscured.under2.redir2.example.org.\n"
+"doubleobscured.under2.redir2.example.com.     3600    IN      CNAME   doubleobscured.under2.redir2.example.org.\n"
        },
 
        { "example.com", "foo.doubleobscured.under2.redir2.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"foo.doubleobscured.under2.redir2.example.com. 0       IN      CNAME   foo.doubleobscured.under2.redir2.example.org.\n"
+"foo.doubleobscured.under2.redir2.example.com. 3600    IN      CNAME   foo.doubleobscured.under2.redir2.example.org.\n"
        },
 
        { "example.com", "foo.under2.redir2.example.com. A", "",
 ";flags QR AA rcode NOERROR\n"
 ";answer section\n"
 "redir2.example.com.   3600    IN      DNAME   redir2.example.org.\n"
-"foo.under2.redir2.example.com.        0       IN      CNAME   foo.under2.redir2.example.org.\n"
+"foo.under2.redir2.example.com.        3600    IN      CNAME   foo.under2.redir2.example.org.\n"
        },
 
        { "example.com", "sub.example.com. NS", "",

diff --git a/testdata/iter_dname_insec.rpl b/testdata/iter_dname_insec.rpl
index ce593ba5c20a8c7e3d6b763462d7aa9861305fe9..051363bd2e8f71136e139baa63d8260949bca20f 100644 (file)
--- a/testdata/iter_dname_insec.rpl
+++ b/testdata/iter_dname_insec.rpl
@@ -397,7 +397,7 @@ ENTRY_END
 
 STEP 220302 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 a.example.com. IN A
@@ -420,7 +420,7 @@ ENTRY_END
 
 STEP 220402 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 a.b.example.com. IN A
@@ -523,7 +523,7 @@ ENTRY_END
 
 STEP 220702 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 a.x.example.com. IN A
@@ -607,7 +607,7 @@ ENTRY_END
 
 STEP 220802 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 a2.example.com. IN A
@@ -691,14 +691,14 @@ ENTRY_END
 ; CNAME chains should be followed and CNAME loops signalled as an error
 STEP 220902 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 REPLY NOERROR
 SECTION QUESTION
 cyc.example.com. IN A
 SECTION ANSWER
-example.com.   0       IN      DNAME   example.com.
-cyc.example.com.       0       IN      CNAME   cyc.example.com.
+example.com.   3600    IN      DNAME   example.com.
+cyc.example.com.       3600    IN      CNAME   cyc.example.com.
 ENTRY_END
 
 ; ns1.example.com.
@@ -857,7 +857,7 @@ ENTRY_END
 
 STEP 221102 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 shortloop.x.x. IN TXT
@@ -885,7 +885,7 @@ ENTRY_END
 
 STEP 221202 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 shortloop.x.   IN TXT
@@ -999,7 +999,7 @@ ENTRY_END
 ; query returning maximal permissible length - should work
 STEP 229002 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA DO
 SECTION QUESTION
 x.long.        IN A

diff --git a/testdata/iter_dname_yx.rpl b/testdata/iter_dname_yx.rpl
index 18b9725cc66f75e7b3e42b6291ee1190392222ca..00d77de047ccd5959abe7f4d3c9fca149f42dc4b 100644 (file)
--- a/testdata/iter_dname_yx.rpl
+++ b/testdata/iter_dname_yx.rpl
@@ -2,6 +2,8 @@
 server:
        harden-referral-path: no
        target-fetch-policy: "0 0 0 0 0"
+       qname-minimisation: "no"
+       minimal-responses: no
 
 stub-zone:
         name: "."
@@ -321,680 +323,6 @@ ENTRY_END
 RANGE_END
 ; end of a.gtld-servers.net.
 
-; RFC 6672 section 2.2. The DNAME Substitution table tests
-;#  QNAME            owner  DNAME   target         result
-;-- ---------------- -------------- -------------- -----------------
-;1  com.             example.com.   example.net.   <no match>
-;2  example.com.     example.com.   example.net.   [0]
-;3  a.example.com.   example.com.   example.net.   a.example.net.
-;4  a.b.example.com. example.com.   example.net.   a.b.example.net.
-;5  ab.example.com.  b.example.com. example.net.   <no match>
-;6  foo.example.com. example.com.   example.net.   foo.example.net.
-;7  a.x.example.com. x.example.com. example.net.   a.example.net.
-;8  a.example.com.   example.com.   y.example.net. a.y.example.net.
-;9  cyc.example.com. example.com.   example.com.   cyc.example.com.
-;10 cyc.example.com. example.com.   c.example.com. cyc.c.example.com.
-;11 shortloop.x.x.   x.             .              shortloop.x.
-;12 shortloop.x.     x.             .              shortloop.
-;
-;  [0] The result depends on the QTYPE.  If the QTYPE = DNAME, then
-;      the result is "example.com.", else "<no match>".
-;
-;                  Table 1. DNAME Substitution Examples
-
-;        ; line no. 1 is mostly for authoritative server
-;        ; line no. 2 QTYPE != DNAME
-;        STEP 220201 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        example.com. IN NS
-;        ENTRY_END
-;        
-;        STEP 220202 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode answer
-;        REPLY QR RD RA DO
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        ENTRY_END
-;        
-;        ; line no. 2 QTYPE == DNAME
-;        STEP 220203 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        ENTRY_END
-;        
-;        STEP 220204 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        REPLY QR RD RA DO
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        ENTRY_END
-;        
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;3  a.example.com.   example.com.   example.net.   a.example.net.
-;        
-;        STEP 220301 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        a.example.com. IN A
-;        ENTRY_END
-;        
-;        STEP 220302 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        a.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        a.example.com. IN CNAME a.example.net.
-;        a.example.net. IN A 10.0.0.97
-;        ENTRY_END
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;4  a.b.example.com. example.com.   example.net.   a.b.example.net.
-;        
-;        STEP 220401 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        a.b.example.com. IN A
-;        ENTRY_END
-;        
-;        STEP 220402 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        a.b.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        a.b.example.com. IN CNAME a.b.example.net.
-;        a.b.example.net. IN A 10.0.97.98
-;        ENTRY_END
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;5  ab.example.com.  b.example.com. example.net.   <no match>
-;        ;6  foo.example.com. example.com.   example.net.   foo.example.net.
-;        
-;        ; line no. 5 is mostly for authoritative server
-;        ; line no. 6 is basically the same as line no. 3
-;        
-;        ; ns1.example.com.
-;        RANGE_BEGIN 220000 220699
-;              ADDRESS 168.192.2.2
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        SECTION ADDITIONAL
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN A
-;        SECTION ANSWER
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 2 DNAME
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        ENTRY_END
-;        
-;        ; line 3
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        a.example.com. IN CNAME a.example.net.
-;        ENTRY_END
-;        
-;        ; line 4
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a.b.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME example.net.
-;        a.b.example.com. IN CNAME a.b.example.net.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.com.
-;        
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;7  a.x.example.com. x.example.com. example.net.   a.example.net.
-;        
-;        STEP 220701 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        a.x.example.com. IN A
-;        ENTRY_END
-;        
-;        STEP 220702 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        a.x.example.com. IN A
-;        SECTION ANSWER
-;        x.example.com. IN DNAME example.net.
-;        a.x.example.com. IN CNAME a.example.net.
-;        a.example.net. IN A 10.0.0.97
-;        ENTRY_END
-;        
-;        ; ns1.example.com.
-;        RANGE_BEGIN 220700 220799
-;              ADDRESS 168.192.2.2
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        SECTION ADDITIONAL
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN A
-;        SECTION ANSWER
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 7 DNAME
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        x.example.com. IN DNAME example.net.
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a.x.example.com. IN A
-;        SECTION ANSWER
-;        x.example.com. IN DNAME example.net.
-;        a.x.example.com. IN CNAME a.example.net.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.com.
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;8  a.example.com.   example.com.   y.example.net. a.y.example.net.
-;        ;
-;        ; a.example.com. was renamed to a2.example.com. to avoid cache clashes
-;        ; on the synthetized CNAME (caching CNAMEs is allowed by RFC 6672 section 3.4)
-;        
-;        STEP 220801 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        a2.example.com. IN A
-;        ENTRY_END
-;        
-;        STEP 220802 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        a2.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME y.example.net.
-;        a2.example.com. IN CNAME a2.y.example.net.
-;        a2.y.example.net. IN A 10.97.50.121
-;        ENTRY_END
-;        
-;        ; ns1.example.com.
-;        RANGE_BEGIN 220800 220899
-;              ADDRESS 168.192.2.2
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        SECTION ADDITIONAL
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN A
-;        SECTION ANSWER
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 8 DNAME
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        example.com. IN DNAME y.example.net.
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a2.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME y.example.net.
-;        a2.example.com. IN CNAME a2.y.example.net.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.com.
-;        
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;9  cyc.example.com. example.com.   example.com.   cyc.example.com.
-;        
-;        STEP 220901 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        cyc.example.com. IN A
-;        ENTRY_END
-;        
-;        ; Expected result is defined by RFC 1034 section 3.6.2:
-;        ; CNAME chains should be followed and CNAME loops signalled as an error
-;        STEP 220902 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        REPLY SERVFAIL
-;        SECTION QUESTION
-;        cyc.example.com. IN A
-;        ENTRY_END
-;        
-;        ; ns1.example.com.
-;        RANGE_BEGIN 220900 220999
-;              ADDRESS 168.192.2.2
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        SECTION ADDITIONAL
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN A
-;        SECTION ANSWER
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 9 DNAME
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        example.com. IN DNAME example.com.
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        cyc.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME example.com.
-;        cyc.example.com. IN CNAME cyc.example.com.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.com.
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;10 cyc.example.com. example.com.   c.example.com. cyc.c.example.com.
-;        ;
-;        ; cyc.example.com. was renamed to cyc2.example.com. to avoid cache clashes
-;        ; on the synthetized CNAME (caching CNAMEs is allowed by RFC 6672 section 3.4)
-;        ;
-;        ; target c.example.com. was renamed to cyc2.example.net.
-;        ; to limit number of pre-canned answers required for the test
-;        
-;        STEP 221001 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        cyc2.example.com. IN A
-;        ENTRY_END
-;        
-;        ; Expected result is defined by RFC 1034 section 3.6.2:
-;        ; CNAME chains should be followed and CNAME loops signalled as an error
-;        STEP 221002 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        REPLY SERVFAIL
-;        SECTION QUESTION
-;        cyc2.example.com. IN A
-;        ENTRY_END
-;        
-;        ; ns1.example.com.
-;        RANGE_BEGIN 221000 221099
-;              ADDRESS 168.192.2.2
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN NS
-;        SECTION ANSWER
-;        example.com. IN NS ns1.example.com.
-;        SECTION ADDITIONAL
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN A
-;        SECTION ANSWER
-;        ns1.example.com. IN A 168.192.2.2
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.com. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 10 DNAME
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.com. IN DNAME
-;        SECTION ANSWER
-;        example.com. IN DNAME cyc2.example.net.
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        cyc2.example.com. IN A
-;        SECTION ANSWER
-;        example.com. IN DNAME cyc2.example.net.
-;        cyc2.example.com. IN CNAME cyc2.cyc2.example.net.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.com.
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;11 shortloop.x.x.   x.             .              shortloop.x.
-;        
-;        STEP 221101 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        shortloop.x.x.        TXT
-;        ENTRY_END
-;        
-;        STEP 221102 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        shortloop.x.x.        IN TXT
-;        SECTION ANSWER
-;        x.            IN DNAME        .
-;        ; unbound hack
-;        x.            IN DNAME        .
-;        shortloop.x.x.        IN CNAME        shortloop.x.
-;        shortloop.x.  IN CNAME        shortloop.
-;        shortloop.    IN TXT          "shortloop end"
-;        ENTRY_END
-;        
-;        ;#  QNAME            owner  DNAME   target         result
-;        ;-- ---------------- -------------- -------------- -----------------
-;        ;12 shortloop.x.     x.             .              shortloop.
-;        
-;        ; expire potentically cached CNAMEs for shortloop.x. from cache
-;        STEP 221200 TIME_PASSES ELAPSE 10000
-;        
-;        STEP 221201 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        shortloop.x.  TXT
-;        ENTRY_END
-;        
-;        STEP 221202 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        shortloop.x.  IN TXT
-;        SECTION ANSWER
-;        x.            IN DNAME        .
-;        shortloop.x.  IN CNAME        shortloop.
-;        shortloop.    IN TXT          "shortloop end"
-;        ENTRY_END
-;        
-;        
-;        ; ns1.example.net. (data shared by whole 22xxxx range)
-;        RANGE_BEGIN 220000 229999
-;              ADDRESS 168.192.3.3
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        example.net. IN NS
-;        SECTION ANSWER
-;        example.net. IN NS ns1.example.net.
-;        SECTION ADDITIONAL
-;        example.net. IN A 168.192.3.3
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.net. IN A
-;        SECTION ANSWER
-;        ns1.example.net. IN A 168.192.3.3
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        ns1.example.net. IN AAAA
-;        SECTION ANSWER
-;        ENTRY_END
-;        
-;        ; line 3
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a.example.net. IN A
-;        SECTION ANSWER
-;        a.example.net. IN A 10.0.0.97
-;        ENTRY_END
-;        
-;        ; line 4
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a.b.example.net. IN A
-;        SECTION ANSWER
-;        a.b.example.net. IN A 10.0.97.98
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        a2.y.example.net. IN A
-;        SECTION ANSWER
-;        a2.y.example.net. IN A 10.97.50.121
-;        ENTRY_END
-;        
-;        ; line 10
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        cyc2.example.net. IN DNAME
-;        SECTION ANSWER
-;        cyc2.example.net. IN DNAME example.com.
-;        ENTRY_END
-;        
-;        ENTRY_BEGIN
-;        MATCH opcode qtype qname
-;        ADJUST copy_id
-;        REPLY QR AA NOERROR
-;        SECTION QUESTION
-;        cyc2.cyc2.example.net. IN A
-;        SECTION ANSWER
-;        cyc2.example.net. IN DNAME example.com.
-;        cyc2.cyc2.example.com. IN CNAME cyc2.example.com.
-;        ENTRY_END
-;        RANGE_END
-;        ; end of ns1.example.net.
-;        
-;        
-;        ; RFC 6672 section 2.2: YXDOMAIN answers for too long results for substitution
-;        ; RFC 6672 section 2.3: DNAME can be at zone apex: zone apex = long.
-;        STEP 229001 QUERY
-;        ENTRY_BEGIN
-;        REPLY RD DO
-;        SECTION QUESTION
-;        x.long.       IN A
-;        ENTRY_END
-;        
-;        ; query returning maximal permissible length - should work
-;        STEP 229002 CHECK_ANSWER
-;        ENTRY_BEGIN
-;        MATCH rcode question answer
-;        SECTION QUESTION
-;        x.long.       IN A
-;        SECTION ANSWER
-;        long.                 3600    IN      DNAME   63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
-;        x.long.                       3600    IN      CNAME   x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
-;        x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.        3600    IN      A       192.0.2.1
-;        ENTRY_END
-
 ; result of substitution has too long name
 ; YXDOMAIN should be propagated to the client
 ; Unbound SEVFAILs: https://www.ietf.org/mail-archive/web/dnsext/current/msg11282.html
@@ -1015,27 +343,4 @@ SECTION ANSWER
 long.                  3600    IN      DNAME   63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
 ENTRY_END
 
-    ; ; YXDOMAIN should work even if the cache is empty
-    ; STEP 229005 TIME_PASSES ELAPSE 4000
-    ; 
-    ; STEP 229006 QUERY
-    ; ENTRY_BEGIN
-    ; REPLY RD DO
-    ; SECTION QUESTION
-    ; too.long.        IN A
-    ; ENTRY_END
-    ; 
-    ; STEP 229007 CHECK_ANSWER
-    ; ENTRY_BEGIN
-    ; MATCH rcode question answer
-    ; REPLY QR YXDOMAIN
-    ; SECTION QUESTION
-    ; x.long.  IN A
-    ; SECTION ANSWER
-    ; long.                    3600    IN      DNAME   63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
-    ; ENTRY_END
-
-
-
-
 SCENARIO_END

diff --git a/testdata/iter_scrub_dname_insec.rpl b/testdata/iter_scrub_dname_insec.rpl
index 921abe628f7fa4eee70cb0863ef52f382dd8e917..826d89e29e6dd3ce97dc5855a09c6966f388b0b7 100644 (file)
--- a/testdata/iter_scrub_dname_insec.rpl
+++ b/testdata/iter_scrub_dname_insec.rpl
@@ -166,7 +166,7 @@ ENTRY_END
 ; answer to first query (simply puts DNAME in cache)
 STEP 120 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA
 SECTION QUESTION
 x.y.example.com. IN A
@@ -235,7 +235,7 @@ ENTRY_END
 
 STEP 250 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA
 SECTION QUESTION
 other.y.example.com. IN A

diff --git a/testdata/local_cname.rpl b/testdata/local_cname.rpl
index b8c4a56013edb2eca79c7f930e960cfbe602296a..d68a2c40e3c0debf5affc650fbe49195e4d54c79 100644 (file)
--- a/testdata/local_cname.rpl
+++ b/testdata/local_cname.rpl
@@ -52,6 +52,10 @@ server:
        local-zone: example.net redirect
        local-data: "example.net. IN CNAME cname.example.org."
 
+       # Test setup for synthesized CNAMEs
+       local-zone: synth.cname redirect
+       local-data: "synth.cname. IN CNAME *.from.resolution."
+
        ### template zone and tag intended to be used for tests with CNAME and
        ### other data.
        ##local-zone: ambiguous.example.com redirect
@@ -133,6 +137,18 @@ SECTION AUTHORITY
 SECTION ADDITIONAL
 ENTRY_END
 
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+www.synth.cname.from.resolution. IN A
+SECTION ANSWER
+www.synth.cname.from.resolution. IN A 192.0.2.3
+SECTION AUTHORITY
+SECTION ADDITIONAL
+ENTRY_END
+
 ENTRY_BEGIN
 MATCH opcode qtype qname
 ADJUST copy_id
@@ -396,6 +412,26 @@ SECTION AUTHORITY
 SECTION ADDITIONAL
 ENTRY_END
 
+; Check CNAME synthesis
+STEP 201 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+www.synth.cname. IN A
+ENTRY_END
+
+STEP 202 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ttl
+REPLY QR RD RA AA NOERROR
+SECTION QUESTION
+www.synth.cname. IN A
+SECTION ANSWER
+www.synth.cname. IN CNAME www.synth.cname.from.resolution.
+www.synth.cname.from.resolution. IN A 192.0.2.3
+SECTION AUTHORITY
+SECTION ADDITIONAL
+ENTRY_END
 
 ; Relatively minor cases follow
 

diff --git a/testdata/val_cnametodnametocnametopos.rpl b/testdata/val_cnametodnametocnametopos.rpl
index 280e557b8acbf7da9022415bb091bac26eaba39f..b8a1159acb29b0a5357bec700f742186f33ba54f 100644 (file)
--- a/testdata/val_cnametodnametocnametopos.rpl
+++ b/testdata/val_cnametodnametocnametopos.rpl
@@ -400,7 +400,7 @@ ENTRY_END
 ; recursion happens here.
 STEP 10 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA AD DO NOERROR
 SECTION QUESTION
 www.example.com. IN A
@@ -409,7 +409,7 @@ www.example.com.    3600    IN      CNAME   www.sub.example.net.
 www.example.com.        3600    IN      RRSIG   CNAME 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFEv1gOb7KEskzkJNtFKKVBxY+Hb2AhUAqKJDIZJvNl+AdzqAt+JgdvnYAF0= ;{id = 2854}
 sub.example.net.       3600    IN      DNAME   sub.example.com.
 sub.example.net.        3600    IN      RRSIG   DNAME 5 3 3600 20070926134150 20070829134150 30899 example.net. G/UmcL1VmCF2mjB1O9IeNM2DnvayxEy6vOrvA+Ic/Gqcsgnq/f4VTCV9soQQIAWEir2v5Vt8hqPDP8rCRbMnyA== ;{id = 30899}
-www.sub.example.net.   0       IN      CNAME   www.sub.example.com.
+www.sub.example.net.   3600    IN      CNAME   www.sub.example.com.
 www.sub.example.com.   3600    IN      CNAME   www.example.org.
 www.sub.example.com.    3600    IN      RRSIG   CNAME 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. ZE6A4pkyeUpNCscu2oeBv/3JbbirdwUaAMgmQ/ighzacUJCC6Lh8vAL5aYDEyTk7oktb8uS7gmYan171aM9/tg== ;{id = 30899}
 www.example.org.       3600    IN      A       11.11.11.11

diff --git a/testdata/val_dnametopos.rpl b/testdata/val_dnametopos.rpl
index c0ccc5977903beca8c8621af38c00c74f3efe5d2..f314f3d9e43170e85565836274b28772ee5bf260 100644 (file)
--- a/testdata/val_dnametopos.rpl
+++ b/testdata/val_dnametopos.rpl
@@ -220,14 +220,14 @@ ENTRY_END
 ; recursion happens here.
 STEP 10 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA AD DO NOERROR
 SECTION QUESTION
 www.example.com. IN A
 SECTION ANSWER
 example.com.    3600    IN      DNAME   example.net.
 example.com.    3600    IN      RRSIG   DNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFH1xw24Hswia3g10AVL1yFUHUPdFAhQDrA+qZJwqXRPg2C1oiNPk9fosGg== ;{id = 2854}
-www.example.com.        0       IN      CNAME   www.example.net.
+www.example.com.        3600    IN      CNAME   www.example.net.
 www.example.net.        3600    IN      A       11.12.13.14
 www.example.net.        3600    IN      RRSIG   A 5 3 3600 20070926134150 20070829134150 30899 example.net. CPxF5hK9Kg5eT7W6LgZwr0ePYEm9HMcSY4vvqCS6gDWB4X9jvXLCfBkCLhsNybPBpGWlsLi5wM6MTdJXuPpsRA== ;{id = 30899}
 SECTION AUTHORITY

diff --git a/testdata/val_dnametoposwc.rpl b/testdata/val_dnametoposwc.rpl
index 16481d17f704fd9a5df3f00bb21162b67cdd4ee6..3132e9ad1182d8d51924d95769ac7f4b592203c5 100644 (file)
--- a/testdata/val_dnametoposwc.rpl
+++ b/testdata/val_dnametoposwc.rpl
@@ -222,14 +222,14 @@ ENTRY_END
 ; recursion happens here.
 STEP 10 CHECK_ANSWER
 ENTRY_BEGIN
-MATCH all
+MATCH all ttl
 REPLY QR RD RA AD DO NOERROR
 SECTION QUESTION
 www.example.com. IN A
 SECTION ANSWER
 example.com. 3600 IN   DNAME   example.net.
 example.com.    3600    IN      RRSIG   DNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFH1xw24Hswia3g10AVL1yFUHUPdFAhQDrA+qZJwqXRPg2C1oiNPk9fosGg== ;{id = 2854}
-www.example.com. 0     IN      CNAME   www.example.net.
+www.example.com. 3600  IN      CNAME   www.example.net.
 www.example.net. 3600 IN       A       11.12.13.14
 www.example.net.  3600    IN      RRSIG   A 5 2 3600 20070926134150 20070829134150 30899 example.net. quSyDbSeHRvyMmanqq5rW+APC9MKOswbRLB5QP/G+C2iyokQFLuRTlX9Wmo/jo1Oo1MGBefJUmP9NdRd2EqABA== ;{id = 30899}
 SECTION AUTHORITY