Experimental option to force DNS queries to use TCP (#1843)

Co-authored-by: Fernandez Ludovic <[email protected]>

Author: reinismu

challenge/dns01/nameserver.go

@@ -4,6 +4,8 @@ import (
 	"errors"
 	"fmt"
 	"net"
+	"os"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -250,6 +252,13 @@ func createDNSMsg(fqdn string, rtype uint16, recursive bool) *dns.Msg {
 }
 
 func sendDNSQuery(m *dns.Msg, ns string) (*dns.Msg, error) {
+	if ok, _ := strconv.ParseBool(os.Getenv("LEGO_EXPERIMENTAL_DNS_TCP_ONLY")); ok {
+		tcp := &dns.Client{Net: "tcp", Timeout: dnsTimeout}
+		in, _, err := tcp.Exchange(m, ns)
+
+		return in, err
+	}
+
 	udp := &dns.Client{Net: "udp", Timeout: dnsTimeout}
 	in, _, err := udp.Exchange(m, ns)