Refactor based on feedback and add an initial test

jsumners · jsumners · commit a4199250546f · 2023-01-16T16:25:23.000-05:00
diff --git a/challenge/dns01/nameserver.go b/challenge/dns01/nameserver.go
@@ -26,17 +26,23 @@ var defaultNameservers = []string{
 // recursiveNameservers are used to pre-check DNS propagation.
 var recursiveNameservers = getNameservers(defaultResolvConf, defaultNameservers)
 
-type networkStack int
+// NetworkStack is used to indicate which IP stack should be used for DNS
+// queries. Valid values are DefaultNetworkStack, IPv4Only, and IPv6Only.
+type NetworkStack int
 
 const (
-	defaultNetworkStack networkStack = iota
-	ipv4Only
-	ipv6Only
+	// DefaultNetworkStack indicates that both IPv4 and IPv6 should be allowed.
+	// This setting lets the OS determine which IP stack to use.
+	DefaultNetworkStack NetworkStack = iota
+	// IPv4Only forces DNS queries to only happen over the IPv4 stack.
+	IPv4Only
+	// IPv6Only forces DNS queries to only happen over the IPv6 stack.
+	IPv6Only
 )
 
 // currentNetworkStack is used to define which IP stack will be used. The default is
-// both IPv4 and IPv6. Set to ipv4Only or ipv6Only to select either version.
-var currentNetworkStack = defaultNetworkStack
+// both IPv4 and IPv6. Set to IPv4Only or IPv6Only to select either version.
+var currentNetworkStack = DefaultNetworkStack
 
 // soaCacheEntry holds a cached SOA record (only selected fields).
 type soaCacheEntry struct {
@@ -80,18 +86,8 @@ func AddRecursiveNameservers(nameservers []string) ChallengeOption {
 }
 
 // SetNetworkStack defines the IP stack that will be used for DNS queries.
-// Accepts "both", "ipv4", or "ipv6".
-func SetNetworkStack(network string) {
-	switch network {
-	case "ipv4":
-		currentNetworkStack = ipv4Only
-
-	case "ipv6":
-		currentNetworkStack = ipv6Only
-
-	default:
-		currentNetworkStack = defaultNetworkStack
-	}
+func SetNetworkStack(network NetworkStack) {
+	currentNetworkStack = network
 }
 
 // getNameservers attempts to get systems nameservers before falling back to the defaults.
@@ -276,17 +272,17 @@ func createDNSMsg(fqdn string, rtype uint16, recursive bool) *dns.Msg {
 	return m
 }
 
-// getNetwork interprets the networkStack setting in relation to the desired
+// getNetwork interprets the NetworkStack setting in relation to the desired
 // protocol. The proto value should be either "udp" or "tcp".
 func getNetwork(proto string) string {
 	// The dns client passes whatever value is set in [dns.Client.Net] to
 	// the [net.Dialer] (https://github.com/miekg/dns/blob/fe20d5d/client.go#L119-L141).
 	// And the [net.Dialer] accepts strings such as "udp4" or "tcp6"
 	// (https://cs.opensource.google/go/go/+/refs/tags/go1.18.9:src/net/dial.go;l=167-182).
-	if currentNetworkStack == ipv4Only {
+	if currentNetworkStack == IPv4Only {
 		return proto + "4"
 	}
-	if currentNetworkStack == ipv6Only {
+	if currentNetworkStack == IPv6Only {
 		return proto + "6"
 	}
 	return proto
diff --git a/challenge/dns01/nameserver_test.go b/challenge/dns01/nameserver_test.go
@@ -1,13 +1,99 @@
 package dns01
 
 import (
+	getport "github.com/jsumners/go-getport"
+	"github.com/miekg/dns"
+	"net"
 	"sort"
+	"sync"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
+type testDnsHandler struct{}
+
+func (handler *testDnsHandler) ServeDNS(writer dns.ResponseWriter, reply *dns.Msg) {
+	msg := dns.Msg{}
+	msg.SetReply(reply)
+
+	switch reply.Question[0].Qtype {
+	case dns.TypeA:
+		msg.Authoritative = true
+		domain := msg.Question[0].Name
+		msg.Answer = append(
+			msg.Answer,
+			&dns.A{
+				Hdr: dns.RR_Header{
+					Name:   domain,
+					Rrtype: dns.TypeA,
+					Class:  dns.ClassINET,
+					Ttl:    60,
+				},
+				A: net.ParseIP("127.0.0.1"),
+			},
+		)
+	}
+
+	writer.WriteMsg(&msg)
+}
+
+func getTestNameserver(t *testing.T, network string) *dns.Server {
+	server := &dns.Server{
+		Handler: new(testDnsHandler),
+		Net:     network,
+	}
+
+	var protocol getport.Protocol
+	switch network {
+	case "tcp":
+		protocol = getport.TCP
+	case "tcp4":
+		protocol = getport.TCP4
+	case "tcp6":
+		protocol = getport.TCP6
+	case "udp":
+		protocol = getport.UDP
+	case "udp4":
+		protocol = getport.UDP4
+	case "udp6":
+		protocol = getport.UDP6
+	}
+	portResult, portError := getport.GetPort(protocol, "127.0.0.1")
+	if portError != nil {
+		t.Error(portError)
+		return server
+	}
+	server.Addr = getport.PortResultToAddress(portResult)
+
+	waitLock := sync.Mutex{}
+	waitLock.Lock()
+	server.NotifyStartedFunc = waitLock.Unlock
+
+	fin := make(chan error, 1)
+	go func() {
+		fin <- server.ListenAndServe()
+	}()
+
+	waitLock.Lock()
+	return server
+}
+
+func TestSendDNSQuery(t *testing.T) {
+	t.Run("does udp4 only", func(t *testing.T) {
+		SetNetworkStack(IPv4Only)
+		nameserver := getTestNameserver(t, getNetwork("udp"))
+		defer nameserver.Shutdown()
+
+		recursiveNameservers = ParseNameservers([]string{nameserver.Addr})
+		msg := createDNSMsg("example.com.", dns.TypeA, true)
+		result, queryError := sendDNSQuery(msg, nameserver.Addr)
+		assert.NoError(t, queryError)
+		assert.Equal(t, result.Answer[0].(*dns.A).A.String(), "127.0.0.1")
+	})
+}
+
 func TestLookupNameserversOK(t *testing.T) {
 	testCases := []struct {
 		fqdn string
diff --git a/cmd/setup_challenges.go b/cmd/setup_challenges.go
@@ -115,13 +115,13 @@ func setupDNS(ctx *cli.Context, client *lego.Client) {
 	case ctx.IsSet("ipv4only") && ctx.IsSet("ipv6only"):
 		// If both flags are set then it's as good as not providing either flag,
 		// so we default to the OS choice.
-		dns01.SetNetworkStack("both")
+		dns01.SetNetworkStack(dns01.DefaultNetworkStack)
 
 	case ctx.IsSet("ipv4only"):
-		dns01.SetNetworkStack("ipv4")
+		dns01.SetNetworkStack(dns01.IPv4Only)
 
 	case ctx.IsSet("ipv6only"):
-		dns01.SetNetworkStack("ipv6")
+		dns01.SetNetworkStack(dns01.IPv6Only)
 	}
 
 	servers := ctx.StringSlice("dns.resolvers")
diff --git a/go.mod b/go.mod
@@ -51,7 +51,7 @@ require (
 	github.com/sacloud/iaas-api-go v1.3.2
 	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.9
 	github.com/softlayer/softlayer-go v1.0.6
-	github.com/stretchr/testify v1.8.0
+	github.com/stretchr/testify v1.8.1
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.490
 	github.com/transip/gotransip/v6 v6.17.0
@@ -71,6 +71,8 @@ require (
 	software.sslmate.com/src/go-pkcs12 v0.2.0
 )
 
+require github.com/jsumners/go-getport v1.0.0
+
 require (
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect
@@ -117,8 +119,8 @@ require (
 	github.com/smartystreets/assertions v1.0.1 // indirect
 	github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
 	github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
-	github.com/spf13/cast v1.3.1 // indirect
-	github.com/stretchr/objx v0.4.0 // indirect
+	github.com/spf13/cast v1.5.0 // indirect
+	github.com/stretchr/objx v0.5.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	go.opencensus.io v0.22.3 // indirect
 	go.uber.org/ratelimit v0.2.0 // indirect
diff --git a/go.sum b/go.sum
@@ -132,6 +132,7 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv
 github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
 github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
+github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
@@ -308,6 +309,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
+github.com/jsumners/go-getport v1.0.0 h1:d11eDaP25dKKoJRAFeBrchCayceft735pDSTFCEdkb4=
+github.com/jsumners/go-getport v1.0.0/go.mod h1:KpeJgwNSkpuXuoGhJ2Hgl5QJqWbLG1m0jY2rQsYUTIE=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 h1:qGQQKEcAR99REcMpsXCp3lJ03zYT1PkRd3kQGPn9GVg=
@@ -515,8 +518,9 @@ github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasO
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/afero v1.4.1/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
-github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng=
 github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
+github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
+github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
 github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
@@ -526,17 +530,19 @@ github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5q
 github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0 h1:M2gUjqZET1qApGOWNSnZ49BAIMX4F/1plDv3+l31EJ4=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490 h1:mmz27tVi2r70JYnm5y0Zk8w0Qzsx+vfUw3oqSyrEfP8=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
