#!/bin/sh

# This patch fixes some bugs with the anally strict RFC compliance

# PLEASE APPLY THE star_collision MEMLEAK PATCH BEFORE THIS PATCH

cat > mararc << EOF
ipv4_bind_addresses = "127.0.0.1"
verbose_level=3
chroot_dir = "$( pwd )"
csv2 = {}
bind_star_handling = 2
csv2["example.net."] = "db.example.net"
EOF
cat > db.example.net << EOF
ns.example.net. 127.0.0.1
a.example.net. 127.0.0.2
*.example.net. 127.0.0.3
EOF
maradns -f ./mararc
exit 0

# EOF

Now, do this in another window:

askmara Aa.example.net.

Expected result: a.example.net. +60 a 127.0.0.2

askmara Ab.example.net. 

Expected result: b.example.net. +60 a 127.0.0.3

askmara Ac.example.net.

Expected result: c.example.net. +60 a 127.0.0.3

askmara Aa.a.example.net.

Expected result: NXDOMAIN

askmara Aa.b.example.net.

Expected result: a.b.example.net. +60 a 127.0.0.3

askmara Aa.a.a.example.net.

Expected result: NXDOMAIN

askmara Aa.a.b.example.net.

Expected result: a.a.b.example.net. +60 a 127.0.0.3

askmara @a.example.net.

Expected result: "not there", no NX

askmara @b.example.net.

Expected result: "not there", no NX

askmara @c.example.net.

Expected result: "not there", no NX

askmara @a.a.example.net.

Expected result: NXDOMAIN

askmara @a.b.example.net.

Expected result: "not there", no NX

askmara @a.a.a.example.net.

Expected result: NXDOMAIN

askmara @a.a.b.example.net.

Expected result: "not there", no NX

--- maradns-1.3.06/server/MaraDNS.c.orig	2007-06-12 10:44:40.000000000 -0500
+++ maradns-1.3.06/server/MaraDNS.c	2007-06-12 11:59:24.000000000 -0500
@@ -3667,7 +3667,7 @@
 	    goto serv_fail;
 	} else if(r == 1) {
 	    udpnotfound(nxstore,header.id,sock,0,origq,0,desires_recursion,
-                        ect,(always_not_there & 3));
+                        ect,always_not_there);
 	    js_destroy(lookfor); js_destroy(origq); js_destroy(lc);
             return JS_SUCCESS;
         }
@@ -3679,21 +3679,6 @@
     while(bobbit_starlabel(lookfor) > 0) {
         int rtype_saver = 1;
 
-        /* If bind_star_handling is really high, look for any collision
-         * that breaks RFC1034 section 4.3.3 compliance */
-        if(bind_star_handling == 2) {
-	    int r;
-	    r = star_collision(lookfor,bighash);
-	    if(r == -1) {
-	        goto serv_fail;
-	    } else if(r == 1) {
-	        udpnotfound(nxstore,header.id,sock,0,origq,0,desires_recursion,
-                        ect,(always_not_there & 3));
-	        js_destroy(lookfor); js_destroy(origq); js_destroy(lc);
-                return JS_SUCCESS;
-            }
-        }
-
         if(bind_star_handling >= 1) {
             rtype_saver = get_rtype(lookfor);
         }
@@ -3717,12 +3702,30 @@
                 if(spot_data.value != 0 && 
                      spot_data.datatype == MARA_DNS_LIST) {
                     always_not_there = 4;
-                }
+                } else
+
+        /* If bind_star_handling is really high, look for any collision
+         * that breaks RFC1034 section 4.3.3 compliance */
+        if(bind_star_handling == 2) {
+	    int r;
+	    r = star_collision(lookfor,bighash);
+	    if(r == -1) {
+	        goto serv_fail;
+	    } else if(r == 1) {
+	        udpnotfound(nxstore,header.id,sock,0,origq,0,desires_recursion,
+                        ect,(always_not_there & 3));
+	        js_destroy(lookfor); js_destroy(origq); js_destroy(lc);
+                return JS_SUCCESS;
+            }
+          }
+
                 if(change_rtype(lookfor,rtype_saver) == JS_ERROR) {
                     goto serv_fail;
                 }
               }
             }
+
+
         }
 
     /* Perhaps they have a star record which points to a CNAME (yes,