search

TechnitiumSoftware / DnsServer

Technitium DNS Server
https://technitium.com/dns/
GNU General Public License v3.0
3.84k stars 400 forks source link

Improper use of wildcard record #792

Closed SivaKesava1 closed 4 months ago

SivaKesava1 commented 7 months ago

Hello,

Consider the following simple zone:

test.   500     IN      SOA     ns1.outside.edu. root.campus.edu. 3 6048 4000 2419200 6048
test.   500     IN      NS      ns1.outside.edu.
*.test. 500     IN      A       1.1.1.1

For the query <a.*.test, A> Technitium returns the response as:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15038
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;a.*.test.                      IN      A

;; ANSWER SECTION:
a.*.test.               500     IN      A       1.1.1.1

The response should be an empty response with RCODE as NXDOMAIN. The wildcard record should not be used here. If you walk down the DNS tree, the * in the query will match with the * in the IP record as character * and you are left with label a. Since there is no a or wildcard * now, it should return an NXDOMAIN response.

ShreyasZare commented 4 months ago

Technitium DNS Server v12 is now available that fixes this issue. Do update and let me know your feedback.