Enhance match domain validation logic and add test cases

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2026-04-23 18:56:38 +00:00 · 2025-05-22 16:35:45 +03:00
parent 8e948739f1
commit f25b5bb987
2 changed files with 35 additions and 9 deletions
--- a/management/server/nameserver.go
+++ b/management/server/nameserver.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"regexp"
+	"strings"
 	"unicode/utf8"

 	"github.com/miekg/dns"
@@ -18,7 +19,12 @@ import (
 	"github.com/netbirdio/netbird/management/server/types"
 )

-const domainPattern = `^(?i)[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,}$`
+const (
+	domainPattern = `^(?i)[\.\*a-z0-9]+([\-\.]{1}[a-z0-9]+)*[*.a-z]{1,}$`
+	maxLabelLen   = 63
+)
+
+var invalidDomainName = errors.New("invalid domain name")

 // GetNameServerGroup gets a nameserver group object from account and nameserver group IDs
 func (am *DefaultAccountManager) GetNameServerGroup(ctx context.Context, accountID, userID, nsGroupID string) (*nbdns.NameServerGroup, error) {
@@ -320,12 +326,17 @@ func validateDomain(domain string) error {
 	}

 	labels, valid := dns.IsDomainName(domain)
-	if !valid {
-		return errors.New("invalid domain name")
+
+	// validate the TLD domains length
+	if labels == 0 && strings.HasPrefix(domain, ".") {
+		if len(domain)-1 > maxLabelLen {
+			return invalidDomainName
+		}
+		return nil
 	}

-	if labels < 2 {
-		return errors.New("domain should consists of a minimum of two labels")
+	if !valid {
+		return invalidDomainName
 	}

 	return nil