nameserver: correct owner of answered CNAME from wildcard expansion

fixes #715

src/knot/nameserver/process_query.c

@@ -883,8 +883,8 @@ int process_query_put_rr(knot_pkt_t *pkt, knotd_qdata_t *qdata,
 	/* Wildcard expansion applies only for answers. */
 	bool expand = false;
 	if (pkt->current == KNOT_ANSWER) {
-		/* Expand if RR is wildcard & we didn't query for wildcard. */
-		expand = (knot_dname_is_wildcard(rr->owner) && !knot_dname_is_wildcard(qdata->name));
+		/* Expand if RR is wildcard. TRICK: if the asterix node is queried directly, we behave like if wildcard would be expanded. It's the same. */
+		expand = knot_dname_is_wildcard(rr->owner);
 	}
 
 	int ret = KNOT_EOK;

tests-extra/data/flags.zone

@@ -104,6 +104,10 @@ sub.*.wildcard	A	6.7.8.9
 ; Wildcard to CNAME
 *.wildcard-cname CNAME	cname
 
+; CNAME to asterix-leading expansion
+wild-cname	CNAME	*.expanded.wildcard-cname2
+*.wildcard-cname2 CNAME	*.expanded.wildcard-cname
+
 ; Wildcard to delegation
 *.wildcard-deleg CNAME	cname-ns
 

tests-extra/tests/basic/query/test.py

@@ -304,6 +304,14 @@ def query_test(knot, bind, dnssec):
     else:
         resp.cmp(bind, additional=True)
 
+    # Wildcard CNAME with asterisk query
+    resp = knot.dig("*.a.wildcard-cname.flags", "A", udp=True)
+    resp.cmp(bind)
+
+    # Double wildcard expansion
+    resp = knot.dig("wild-cname.flags", "TXT", udp=True)
+    resp.cmp(bind)
+
     # Wildcard leading out
     resp = knot.dig("a.wildcard-out.flags", "A", udp=True, dnssec=dnssec)
     resp.cmp(bind)