fix: ensure case-insensitive comparison of CNAME records (#1956)

Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>

challenge/dns01/cname.go

@@ -1,12 +1,16 @@
 package dns01
 
-import "github.com/miekg/dns"
+import (
+	"strings"
+
+	"github.com/miekg/dns"
+)
 
 // Update FQDN with CNAME if any.
 func updateDomainWithCName(r *dns.Msg, fqdn string) string {
 	for _, rr := range r.Answer {
 		if cn, ok := rr.(*dns.CNAME); ok {
-			if cn.Hdr.Name == fqdn {
+			if strings.EqualFold(cn.Hdr.Name, fqdn) {
 				return cn.Target
 			}
 		}

challenge/dns01/cname_test.go

@@ -0,0 +1,35 @@
+package dns01
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/miekg/dns"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_updateDomainWithCName_caseInsensitive(t *testing.T) {
+	qname := "_acme-challenge.uppercase-test.example.com."
+	cnameTarget := "_acme-challenge.uppercase-test.cname-target.example.com."
+
+	msg := &dns.Msg{
+		MsgHdr: dns.MsgHdr{
+			Authoritative: true,
+		},
+		Answer: []dns.RR{
+			&dns.CNAME{
+				Hdr: dns.RR_Header{
+					Name:   strings.ToUpper(qname), // CNAME names are case-insensitive
+					Rrtype: dns.TypeCNAME,
+					Class:  dns.ClassINET,
+					Ttl:    3600,
+				},
+				Target: cnameTarget,
+			},
+		},
+	}
+
+	fqdn := updateDomainWithCName(msg, qname)
+
+	assert.Equal(t, cnameTarget, fqdn)
+}