Wildcards match only one label

Question

Wildcards match only one label

SivaKesava1 opened this issue 3 years ago · comments

Siva Kesava R Kakarla commented 3 years ago

Hello,

Wildcards can match not only one label but multiple whole labels (RFC 1034). Trust-DNS accepts wildcard records but matches only one label.

Consider the following example:


example.com.	500	SOA	ns1.outside.com. root.example.com. 3 604800 86400 2419200 604800
example.com.	500	NS	ns1.outside.com.
*example.com.	500	A	1.1.1.1

For queries of the kind, <something.example.com., A>, the server returns the A record. But if the query has more than one label before example.com, then the A record is not returned; instead, an NXDOMAIN is returned. Wildcards are pervasive in DNS - Surveying DNS Wildcard Usage Among the Good, the Bad, and the Ugly.

Benjamin Fry · Answer 1 · Thu Jan 14 2021 00:50:05 GMT+0800 (China Standard Time)

Thanks for the report. This should be fixable, but will need some attention to detail as it's going to require changing lookup logic in the zones, etc.