From 0af7df2aecee73a9f5929c1d431190c802659fb7 Mon Sep 17 00:00:00 2001
From: Marcus Butler <marcusb@marcusb.org>
Date: Mon, 12 Feb 2024 20:24:58 -0600
Subject: [PATCH] Simplified get_wildcards. Re-added missing blocklist test
 files.

---
 .../server/src/store/blocklist/authority.rs   | 24 ++++-------
 .../test_configs/default/blocklist.txt        |  5 +++
 .../test_configs/default/blocklist2.txt       |  2 +
 .../example_chained_recursor.toml             | 42 +++++++++++++++++++
 4 files changed, 56 insertions(+), 17 deletions(-)
 create mode 100644 tests/test-data/test_configs/default/blocklist.txt
 create mode 100644 tests/test-data/test_configs/default/blocklist2.txt
 create mode 100644 tests/test-data/test_configs/example_chained_recursor.toml

diff --git a/crates/server/src/store/blocklist/authority.rs b/crates/server/src/store/blocklist/authority.rs
index 54cbd53784..befea1259f 100644
--- a/crates/server/src/store/blocklist/authority.rs
+++ b/crates/server/src/store/blocklist/authority.rs
@@ -104,20 +104,12 @@ impl BlocklistAuthority {
     }
 
     /// Build a wildcard match list for a given host
-    pub fn get_wildcards(&self, host: &LowerName) -> Vec<LowerName> {
-        let mut wildcards = vec![];
-        let mut host = Name::from(host);
-
-        if host.num_labels() > self.min_wildcard_depth {
-            for _ in 0..host.num_labels() - self.min_wildcard_depth {
-                wildcards.push(host.clone().into_wildcard().into());
-                host = host.trim_to((host.num_labels() - 1) as usize);
-            }
-        }
-
-        debug!("Built wildcard list: {wildcards:?}");
-
-        wildcards
+    pub fn get_wildcards(&self, host: &Name) -> Vec<LowerName> {
+        host.iter()
+            .enumerate()
+            .filter(|(i, _x)| *i > (self.min_wildcard_depth - 1) as usize)
+            .map(|(i, _x)| host.trim_to(i + 1).into_wildcard().into())
+            .collect::<Vec<LowerName>>()
     }
 }
 
@@ -159,7 +151,7 @@ impl Authority for BlocklistAuthority {
 
         let mut match_list = vec![name.to_owned()];
         if self.wildcard_match {
-            match_list.append(&mut self.get_wildcards(name));
+            match_list.append(&mut self.get_wildcards(&Name::from(name)));
         }
         debug!("Blocklist match list: {match_list:?}");
 
@@ -239,7 +231,6 @@ mod test {
             Name::from_str(".").unwrap(),
             ZoneType::Hint,
             &config,
-
             Some(Path::new("../../tests/test-data/test_configs/")),
         );
 
@@ -361,7 +352,6 @@ mod test {
             Name::from_str(".").unwrap(),
             ZoneType::Hint,
             &config,
-
             Some(Path::new("../../tests/test-data/test_configs/")),
         );
 
diff --git a/tests/test-data/test_configs/default/blocklist.txt b/tests/test-data/test_configs/default/blocklist.txt
new file mode 100644
index 0000000000..112737efd2
--- /dev/null
+++ b/tests/test-data/test_configs/default/blocklist.txt
@@ -0,0 +1,5 @@
+# This is a test list for the blocklist authority.  It should not be used for production purposes.
+baddomain.com
+foo.com. #Inline Comment
+*.foo.com
+example.com
diff --git a/tests/test-data/test_configs/default/blocklist2.txt b/tests/test-data/test_configs/default/blocklist2.txt
new file mode 100644
index 0000000000..a5bbe805bf
--- /dev/null
+++ b/tests/test-data/test_configs/default/blocklist2.txt
@@ -0,0 +1,2 @@
+malware.com.
+malc0de.com
diff --git a/tests/test-data/test_configs/example_chained_recursor.toml b/tests/test-data/test_configs/example_chained_recursor.toml
new file mode 100644
index 0000000000..ec3a84085a
--- /dev/null
+++ b/tests/test-data/test_configs/example_chained_recursor.toml
@@ -0,0 +1,42 @@
+## Default zones, these should be present on all nameservers, except in rare
+##  configuration cases
+[[zones]]
+zone = "localhost"
+zone_type = "Primary"
+file = "default/localhost.zone"
+
+[[zones]]
+zone = "0.0.127.in-addr.arpa"
+zone_type = "Primary"
+file = "default/127.0.0.1.zone"
+
+[[zones]]
+zone = "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
+zone_type = "Primary"
+file = "default/ipv6_1.zone"
+
+[[zones]]
+zone = "255.in-addr.arpa"
+zone_type = "Primary"
+file = "default/255.zone"
+
+[[zones]]
+zone = "0.in-addr.arpa"
+zone_type = "Primary"
+file = "default/0.zone"
+
+[[zones]]
+## zone: this is the ORIGIN of the zone, aka the base name, '.' is implied on the end
+##  specifying something other than '.' here, will restrict this recursor to only queries
+##  where the search name is a subzone of the name, e.g. if zone is "example.com.", then
+##  queries for "www.example.com" or "example.com" would be recursively queried.
+zone = "."
+
+## zone_type: Primary, Secondary, Hint, Forward
+zone_type = "Hint"
+
+## remember the port, defaults: 53 for Udp & Tcp, 853 for Tls and 443 for Https.
+##   Tls and/or Https require features dns-over-tls and/or dns-over-https
+
+## Example chained recursor configuration with two block lists.
+stores = [{ type = "blocklist", wildcard_match = true, min_wildcard_depth = 2, lists = ["default/blocklist.txt", "default/blocklist2.txt"]}, { type = "recursor", roots = "default/root.zone"}]