From fbf3f07f469a99fcbb5985a41c260a3fad26f908 Mon Sep 17 00:00:00 2001
From: Jason Du <xdu@infoblox.com>
Date: Mon, 17 May 2021 13:21:08 -0700
Subject: plugin/file: Fix in wrong answers returned when wildcard and concrete
 records exist (#4599)

* plugin/file: Fix in wrong answers returned when wildcard and concrete records exist

Signed-off-by: Jason Du <xdu@infoblox.com>

* Remove superfluous change

Signed-off-by: Jason Du <xdu@infoblox.com>

* Re-implementation and new test case
If the domain's terminal is neither the matching wildcard, nor a domian directly
under the wildcard, return NXDOMAIN

Signed-off-by: Jason Du <xdu@infoblox.com>

* Fix empty non-terminal & add test case

Signed-off-by: Jason Du <xdu@infoblox.com>

* Cleanup

Signed-off-by: Jason Du <xdu@infoblox.com>

* Fix case on domain name with character before * and add more test cases

Signed-off-by: Jason Du <xdu@infoblox.com>

* Use different IPs for records in cornerCasesWildcard zone file

Signed-off-by: Jason Du <xdu@infoblox.com>
---
 plugin/file/wildcard_test.go | 80 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)

(limited to 'plugin/file/wildcard_test.go')

diff --git a/plugin/file/wildcard_test.go b/plugin/file/wildcard_test.go
index 894a088c1..e9ddcbc0e 100644
--- a/plugin/file/wildcard_test.go
+++ b/plugin/file/wildcard_test.go
@@ -266,6 +266,76 @@ func TestLookupMultiWildcard(t *testing.T) {
 	}
 }
 
+var cornerCasesWildcardTestCases = []test.Case{
+	{
+		Qname: "r.c.d.example.org.", Qtype: dns.TypeA,
+		Answer: []dns.RR{test.A(`r.c.d.example.org. 3600	IN	A 127.0.1.56`)},
+		Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)},
+	},
+	{
+		Qname: "something.d.example.org.", Qtype: dns.TypeA,
+		Answer: []dns.RR{test.A(`something.d.example.org.	3600	IN	A	127.0.1.53`)},
+		Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)},
+	},
+	{
+		Qname: "else.something.d.example.org.", Qtype: dns.TypeA,
+		Answer: []dns.RR{test.A(`else.something.d.example.org.	3600	IN	A	127.0.1.53`)},
+		Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)},
+	},
+	{
+		Qname: "something.c.d.example.org.", Qtype: dns.TypeA,
+		Ns: []dns.RR{test.SOA(`example.org.		IN	SOA	sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)},
+		Rcode: dns.RcodeNameError,
+	},
+	{
+		Qname: "something.r.c.d.example.org.", Qtype: dns.TypeA,
+		Ns: []dns.RR{test.SOA(`example.org.		IN	SOA	sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)},
+		Rcode: dns.RcodeNameError,
+	},
+	{
+		Qname: "z.+.d.example.org.", Qtype: dns.TypeA,
+		Answer: []dns.RR{test.A(`z.+.d.example.org.	3600	IN	A	127.0.1.54`)},
+		Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)},
+	},
+	{
+		Qname: "x.&.d.example.org.", Qtype: dns.TypeA,
+		Answer: []dns.RR{test.A(`x.&.d.example.org.	3600	IN	A	127.0.1.55`)},
+		Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)},
+	},
+	{
+		Qname: "something.x.&.d.example.org.", Qtype: dns.TypeA,
+		Ns: []dns.RR{test.SOA(`example.org.		IN	SOA	sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)},
+		Rcode: dns.RcodeNameError,
+	},
+}
+
+func TestLookupCornerCasesWildcard(t *testing.T) {
+	const name = "example.org."
+	zone, err := Parse(strings.NewReader(cornerCasesWildcard), name, "stdin", 0)
+	if err != nil {
+		t.Fatalf("Expect no error when reading zone, got %q", err)
+	}
+
+	fm := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{name: zone}, Names: []string{name}}}
+	ctx := context.TODO()
+
+	for _, tc := range cornerCasesWildcardTestCases {
+		m := tc.Msg()
+
+		rec := dnstest.NewRecorder(&test.ResponseWriter{})
+		_, err := fm.ServeDNS(ctx, rec, m)
+		if err != nil {
+			t.Errorf("Expected no error, got %v", err)
+			return
+		}
+
+		resp := rec.Msg
+		if err := test.SortAndCheck(resp, tc); err != nil {
+			t.Error(err)
+		}
+	}
+}
+
 const exampleOrg = `; example.org test file
 $TTL 3600
 example.org.		IN	SOA	sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
@@ -296,3 +366,13 @@ example.org.		IN	NS	b.iana-servers.net.
 *.intern.example.org.   IN      A       127.0.1.52
 foo.example.org.        IN      A       127.0.0.54
 `
+
+const cornerCasesWildcard = `; example.org test file with wildcard corner cases
+$TTL 3600
+example.org.		IN	SOA	sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
+example.org.		IN	NS	b.iana-servers.net.
+*.d.example.org.        IN      A       127.0.1.53
+z.+.d.example.org.		IN		A		127.0.1.54
+x.&.d.example.org.		IN		A		127.0.1.55
+r.c.d.example.org.      IN      A       127.0.1.56
+`
-- 
cgit v1.2.3