Skip to content

Commit acdb058

Browse files
aarongableaarongable
committed
Include AD bit in ValidationRecords
1 parent 0b83e3e commit acdb058

File tree

12 files changed

+147
-126
lines changed

12 files changed

+147
-126
lines changed

bdns/dns.go

Lines changed: 19 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -34,9 +34,9 @@ type ResolverAddrs []string
3434

3535
// Client queries for DNS records
3636
type Client interface {
37-
LookupTXT(context.Context, string) (txts []string, resolver ResolverAddrs, err error)
38-
LookupHost(context.Context, string) ([]netip.Addr, ResolverAddrs, error)
39-
LookupCAA(context.Context, string) ([]*dns.CAA, string, ResolverAddrs, error)
37+
LookupTXT(context.Context, string) (txts []string, resolver ResolverAddrs, ad bool, err error)
38+
LookupHost(context.Context, string) ([]netip.Addr, ResolverAddrs, bool, error)
39+
LookupCAA(context.Context, string) ([]*dns.CAA, string, ResolverAddrs, bool, error)
4040
}
4141

4242
// impl represents a client that talks to an external resolver
@@ -322,13 +322,13 @@ type dnsResp struct {
322322
// LookupTXT sends a DNS query to find all TXT records associated with
323323
// the provided hostname which it returns along with the returned
324324
// DNS authority section.
325-
func (dnsClient *impl) LookupTXT(ctx context.Context, hostname string) ([]string, ResolverAddrs, error) {
325+
func (dnsClient *impl) LookupTXT(ctx context.Context, hostname string) ([]string, ResolverAddrs, bool, error) {
326326
var txt []string
327327
dnsType := dns.TypeTXT
328328
r, resolver, err := dnsClient.exchangeOne(ctx, hostname, dnsType)
329329
errWrap := wrapErr(dnsType, hostname, r, err)
330330
if errWrap != nil {
331-
return nil, ResolverAddrs{resolver}, errWrap
331+
return nil, ResolverAddrs{resolver}, false, errWrap
332332
}
333333

334334
for _, answer := range r.Answer {
@@ -339,10 +339,10 @@ func (dnsClient *impl) LookupTXT(ctx context.Context, hostname string) ([]string
339339
}
340340
}
341341

342-
return txt, ResolverAddrs{resolver}, err
342+
return txt, ResolverAddrs{resolver}, r.AuthenticatedData, err
343343
}
344344

345-
func (dnsClient *impl) lookupIP(ctx context.Context, hostname string, ipType uint16) ([]dns.RR, string, error) {
345+
func (dnsClient *impl) lookupIP(ctx context.Context, hostname string, ipType uint16) ([]dns.RR, string, bool, error) {
346346
resp, resolver, err := dnsClient.exchangeOne(ctx, hostname, ipType)
347347
switch ipType {
348348
case dns.TypeA:
@@ -356,27 +356,28 @@ func (dnsClient *impl) lookupIP(ctx context.Context, hostname string, ipType uin
356356
}
357357
errWrap := wrapErr(ipType, hostname, resp, err)
358358
if errWrap != nil {
359-
return nil, resolver, errWrap
359+
return nil, resolver, false, errWrap
360360
}
361-
return resp.Answer, resolver, nil
361+
return resp.Answer, resolver, resp.AuthenticatedData, nil
362362
}
363363

364364
// LookupHost sends a DNS query to find all A and AAAA records associated with
365365
// the provided hostname. This method assumes that the external resolver will
366366
// chase CNAME/DNAME aliases and return relevant records. It will retry
367367
// requests in the case of temporary network errors. It returns an error if
368368
// both the A and AAAA lookups fail or are empty, but succeeds otherwise.
369-
func (dnsClient *impl) LookupHost(ctx context.Context, hostname string) ([]netip.Addr, ResolverAddrs, error) {
369+
func (dnsClient *impl) LookupHost(ctx context.Context, hostname string) ([]netip.Addr, ResolverAddrs, bool, error) {
370370
var recordsA, recordsAAAA []dns.RR
371371
var errA, errAAAA error
372372
var resolverA, resolverAAAA string
373+
var adA, adAAAA bool
373374
var wg sync.WaitGroup
374375

375376
wg.Go(func() {
376-
recordsA, resolverA, errA = dnsClient.lookupIP(ctx, hostname, dns.TypeA)
377+
recordsA, resolverA, adA, errA = dnsClient.lookupIP(ctx, hostname, dns.TypeA)
377378
})
378379
wg.Go(func() {
379-
recordsAAAA, resolverAAAA, errAAAA = dnsClient.lookupIP(ctx, hostname, dns.TypeAAAA)
380+
recordsAAAA, resolverAAAA, adAAAA, errAAAA = dnsClient.lookupIP(ctx, hostname, dns.TypeAAAA)
380381
})
381382
wg.Wait()
382383

@@ -427,17 +428,17 @@ func (dnsClient *impl) LookupHost(ctx context.Context, hostname string) ([]netip
427428
// branching. We don't use ProblemDetails and SubProblemDetails here, because
428429
// this error will get wrapped in a DNSError and further munged by higher
429430
// layers in the stack.
430-
return nil, resolvers, fmt.Errorf("%w; %s", errA, errAAAA)
431+
return nil, resolvers, false, fmt.Errorf("%w; %s", errA, errAAAA)
431432
}
432433

433-
return append(addrsA, addrsAAAA...), resolvers, nil
434+
return append(addrsA, addrsAAAA...), resolvers, adA && adAAAA, nil
434435
}
435436

436437
// LookupCAA sends a DNS query to find all CAA records associated with
437438
// the provided hostname and the complete dig-style RR `response`. This
438439
// response is quite verbose, however it's only populated when the CAA
439440
// response is non-empty.
440-
func (dnsClient *impl) LookupCAA(ctx context.Context, hostname string) ([]*dns.CAA, string, ResolverAddrs, error) {
441+
func (dnsClient *impl) LookupCAA(ctx context.Context, hostname string) ([]*dns.CAA, string, ResolverAddrs, bool, error) {
441442
dnsType := dns.TypeCAA
442443
r, resolver, err := dnsClient.exchangeOne(ctx, hostname, dnsType)
443444

@@ -448,12 +449,12 @@ func (dnsClient *impl) LookupCAA(ctx context.Context, hostname string) ([]*dns.C
448449
// rechecking. But allow NXDOMAIN for TLDs to fall through to the error code
449450
// below, so we don't issue for gTLDs that have been removed by ICANN.
450451
if err == nil && r.Rcode == dns.RcodeNameError && strings.Contains(hostname, ".") {
451-
return nil, "", ResolverAddrs{resolver}, nil
452+
return nil, "", ResolverAddrs{resolver}, false, nil
452453
}
453454

454455
errWrap := wrapErr(dnsType, hostname, r, err)
455456
if errWrap != nil {
456-
return nil, "", ResolverAddrs{resolver}, errWrap
457+
return nil, "", ResolverAddrs{resolver}, false, errWrap
457458
}
458459

459460
var CAAs []*dns.CAA
@@ -466,7 +467,7 @@ func (dnsClient *impl) LookupCAA(ctx context.Context, hostname string) ([]*dns.C
466467
if len(CAAs) > 0 {
467468
response = r.String()
468469
}
469-
return CAAs, response, ResolverAddrs{resolver}, nil
470+
return CAAs, response, ResolverAddrs{resolver}, r.AuthenticatedData, nil
470471
}
471472

472473
// logDNSError logs the provided err result from making a query for hostname to

bdns/dns_test.go

Lines changed: 31 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -287,14 +287,14 @@ func TestDNSNoServers(t *testing.T) {
287287

288288
obj := New(time.Hour, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
289289

290-
_, resolvers, err := obj.LookupHost(context.Background(), "letsencrypt.org")
290+
_, resolvers, _, err := obj.LookupHost(context.Background(), "letsencrypt.org")
291291
test.AssertEquals(t, len(resolvers), 0)
292292
test.AssertError(t, err, "No servers")
293293

294-
_, _, err = obj.LookupTXT(context.Background(), "letsencrypt.org")
294+
_, _, _, err = obj.LookupTXT(context.Background(), "letsencrypt.org")
295295
test.AssertError(t, err, "No servers")
296296

297-
_, _, _, err = obj.LookupCAA(context.Background(), "letsencrypt.org")
297+
_, _, _, _, err = obj.LookupCAA(context.Background(), "letsencrypt.org")
298298
test.AssertError(t, err, "No servers")
299299
}
300300

@@ -304,7 +304,7 @@ func TestDNSOneServer(t *testing.T) {
304304

305305
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
306306

307-
_, resolvers, err := obj.LookupHost(context.Background(), "cps.letsencrypt.org")
307+
_, resolvers, _, err := obj.LookupHost(context.Background(), "cps.letsencrypt.org")
308308
test.AssertEquals(t, len(resolvers), 2)
309309
slices.Sort(resolvers)
310310
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
@@ -317,7 +317,7 @@ func TestDNSDuplicateServers(t *testing.T) {
317317

318318
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
319319

320-
_, resolvers, err := obj.LookupHost(context.Background(), "cps.letsencrypt.org")
320+
_, resolvers, _, err := obj.LookupHost(context.Background(), "cps.letsencrypt.org")
321321
test.AssertEquals(t, len(resolvers), 2)
322322
slices.Sort(resolvers)
323323
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
@@ -331,13 +331,13 @@ func TestDNSServFail(t *testing.T) {
331331
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
332332
bad := "servfail.com"
333333

334-
_, _, err = obj.LookupTXT(context.Background(), bad)
334+
_, _, _, err = obj.LookupTXT(context.Background(), bad)
335335
test.AssertError(t, err, "LookupTXT didn't return an error")
336336

337-
_, _, err = obj.LookupHost(context.Background(), bad)
337+
_, _, _, err = obj.LookupHost(context.Background(), bad)
338338
test.AssertError(t, err, "LookupHost didn't return an error")
339339

340-
emptyCaa, _, _, err := obj.LookupCAA(context.Background(), bad)
340+
emptyCaa, _, _, _, err := obj.LookupCAA(context.Background(), bad)
341341
test.Assert(t, len(emptyCaa) == 0, "Query returned non-empty list of CAA records")
342342
test.AssertError(t, err, "LookupCAA should have returned an error")
343343
}
@@ -348,11 +348,11 @@ func TestDNSLookupTXT(t *testing.T) {
348348

349349
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
350350

351-
a, _, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
351+
a, _, _, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
352352
t.Logf("A: %v", a)
353353
test.AssertNotError(t, err, "No message")
354354

355-
a, _, err = obj.LookupTXT(context.Background(), "split-txt.letsencrypt.org")
355+
a, _, _, err = obj.LookupTXT(context.Background(), "split-txt.letsencrypt.org")
356356
t.Logf("A: %v ", a)
357357
test.AssertNotError(t, err, "No message")
358358
test.AssertEquals(t, len(a), 1)
@@ -366,44 +366,44 @@ func TestDNSLookupHost(t *testing.T) {
366366

367367
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
368368

369-
ip, resolvers, err := obj.LookupHost(context.Background(), "servfail.com")
369+
ip, resolvers, _, err := obj.LookupHost(context.Background(), "servfail.com")
370370
t.Logf("servfail.com - IP: %s, Err: %s", ip, err)
371371
test.AssertError(t, err, "Server failure")
372372
test.Assert(t, len(ip) == 0, "Should not have IPs")
373373
slices.Sort(resolvers)
374374
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
375375

376-
ip, resolvers, err = obj.LookupHost(context.Background(), "nonexistent.letsencrypt.org")
376+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "nonexistent.letsencrypt.org")
377377
t.Logf("nonexistent.letsencrypt.org - IP: %s, Err: %s", ip, err)
378378
test.AssertError(t, err, "No valid A or AAAA records should error")
379379
test.Assert(t, len(ip) == 0, "Should not have IPs")
380380
slices.Sort(resolvers)
381381
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
382382

383383
// Single IPv4 address
384-
ip, resolvers, err = obj.LookupHost(context.Background(), "cps.letsencrypt.org")
384+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "cps.letsencrypt.org")
385385
t.Logf("cps.letsencrypt.org - IP: %s, Err: %s", ip, err)
386386
test.AssertNotError(t, err, "Not an error to exist")
387387
test.Assert(t, len(ip) == 1, "Should have IP")
388388
slices.Sort(resolvers)
389389
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
390-
ip, resolvers, err = obj.LookupHost(context.Background(), "cps.letsencrypt.org")
390+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "cps.letsencrypt.org")
391391
t.Logf("cps.letsencrypt.org - IP: %s, Err: %s", ip, err)
392392
test.AssertNotError(t, err, "Not an error to exist")
393393
test.Assert(t, len(ip) == 1, "Should have IP")
394394
slices.Sort(resolvers)
395395
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
396396

397397
// Single IPv6 address
398-
ip, resolvers, err = obj.LookupHost(context.Background(), "v6.letsencrypt.org")
398+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "v6.letsencrypt.org")
399399
t.Logf("v6.letsencrypt.org - IP: %s, Err: %s", ip, err)
400400
test.AssertNotError(t, err, "Not an error to exist")
401401
test.Assert(t, len(ip) == 1, "Should not have IPs")
402402
slices.Sort(resolvers)
403403
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
404404

405405
// Both IPv6 and IPv4 address
406-
ip, resolvers, err = obj.LookupHost(context.Background(), "dualstack.letsencrypt.org")
406+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "dualstack.letsencrypt.org")
407407
t.Logf("dualstack.letsencrypt.org - IP: %s, Err: %s", ip, err)
408408
test.AssertNotError(t, err, "Not an error to exist")
409409
test.Assert(t, len(ip) == 2, "Should have 2 IPs")
@@ -415,7 +415,7 @@ func TestDNSLookupHost(t *testing.T) {
415415
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
416416

417417
// IPv6 error, IPv4 success
418-
ip, resolvers, err = obj.LookupHost(context.Background(), "v6error.letsencrypt.org")
418+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "v6error.letsencrypt.org")
419419
t.Logf("v6error.letsencrypt.org - IP: %s, Err: %s", ip, err)
420420
test.AssertNotError(t, err, "Not an error to exist")
421421
test.Assert(t, len(ip) == 1, "Should have 1 IP")
@@ -425,7 +425,7 @@ func TestDNSLookupHost(t *testing.T) {
425425
test.AssertDeepEquals(t, resolvers, ResolverAddrs{"A:127.0.0.1:4053", "AAAA:127.0.0.1:4053"})
426426

427427
// IPv6 success, IPv4 error
428-
ip, resolvers, err = obj.LookupHost(context.Background(), "v4error.letsencrypt.org")
428+
ip, resolvers, _, err = obj.LookupHost(context.Background(), "v4error.letsencrypt.org")
429429
t.Logf("v4error.letsencrypt.org - IP: %s, Err: %s", ip, err)
430430
test.AssertNotError(t, err, "Not an error to exist")
431431
test.Assert(t, len(ip) == 1, "Should have 1 IP")
@@ -437,7 +437,7 @@ func TestDNSLookupHost(t *testing.T) {
437437
// IPv6 error, IPv4 error
438438
// Should return both the IPv4 error (Refused) and the IPv6 error (NotImplemented)
439439
hostname := "dualstackerror.letsencrypt.org"
440-
ip, resolvers, err = obj.LookupHost(context.Background(), hostname)
440+
ip, resolvers, _, err = obj.LookupHost(context.Background(), hostname)
441441
t.Logf("%s - IP: %s, Err: %s", hostname, ip, err)
442442
test.AssertError(t, err, "Should be an error")
443443
test.AssertContains(t, err.Error(), "REFUSED looking up A for")
@@ -453,11 +453,11 @@ func TestDNSNXDOMAIN(t *testing.T) {
453453
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
454454

455455
hostname := "nxdomain.letsencrypt.org"
456-
_, _, err = obj.LookupHost(context.Background(), hostname)
456+
_, _, _, err = obj.LookupHost(context.Background(), hostname)
457457
test.AssertContains(t, err.Error(), "NXDOMAIN looking up A for")
458458
test.AssertContains(t, err.Error(), "NXDOMAIN looking up AAAA for")
459459

460-
_, _, err = obj.LookupTXT(context.Background(), hostname)
460+
_, _, _, err = obj.LookupTXT(context.Background(), hostname)
461461
expected := Error{dns.TypeTXT, hostname, nil, dns.RcodeNameError, nil}
462462
test.AssertDeepEquals(t, err, expected)
463463
}
@@ -469,7 +469,7 @@ func TestDNSLookupCAA(t *testing.T) {
469469
obj := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), 1, "", blog.UseMock(), tlsConfig)
470470
removeIDExp := regexp.MustCompile(" id: [[:digit:]]+")
471471

472-
caas, resp, resolvers, err := obj.LookupCAA(context.Background(), "bracewel.net")
472+
caas, resp, resolvers, _, err := obj.LookupCAA(context.Background(), "bracewel.net")
473473
test.AssertNotError(t, err, "CAA lookup failed")
474474
test.Assert(t, len(caas) > 0, "Should have CAA records")
475475
test.AssertEquals(t, len(resolvers), 1)
@@ -485,22 +485,22 @@ bracewel.net. 0 IN CAA 1 issue "letsencrypt.org"
485485
`
486486
test.AssertEquals(t, removeIDExp.ReplaceAllString(resp, " id: XXXX"), expectedResp)
487487

488-
caas, resp, resolvers, err = obj.LookupCAA(context.Background(), "nonexistent.letsencrypt.org")
488+
caas, resp, resolvers, _, err = obj.LookupCAA(context.Background(), "nonexistent.letsencrypt.org")
489489
test.AssertNotError(t, err, "CAA lookup failed")
490490
test.Assert(t, len(caas) == 0, "Shouldn't have CAA records")
491491
test.AssertEquals(t, resolvers[0], "127.0.0.1:4053")
492492
expectedResp = ""
493493
test.AssertEquals(t, resp, expectedResp)
494494

495-
caas, resp, resolvers, err = obj.LookupCAA(context.Background(), "nxdomain.letsencrypt.org")
495+
caas, resp, resolvers, _, err = obj.LookupCAA(context.Background(), "nxdomain.letsencrypt.org")
496496
slices.Sort(resolvers)
497497
test.AssertNotError(t, err, "CAA lookup failed")
498498
test.Assert(t, len(caas) == 0, "Shouldn't have CAA records")
499499
test.AssertEquals(t, resolvers[0], "127.0.0.1:4053")
500500
expectedResp = ""
501501
test.AssertEquals(t, resp, expectedResp)
502502

503-
caas, resp, resolvers, err = obj.LookupCAA(context.Background(), "cname.example.com")
503+
caas, resp, resolvers, _, err = obj.LookupCAA(context.Background(), "cname.example.com")
504504
test.AssertNotError(t, err, "CAA lookup failed")
505505
test.Assert(t, len(caas) > 0, "Should follow CNAME to find CAA")
506506
test.AssertEquals(t, resolvers[0], "127.0.0.1:4053")
@@ -515,7 +515,7 @@ caa.example.com. 0 IN CAA 1 issue "letsencrypt.org"
515515
`
516516
test.AssertEquals(t, removeIDExp.ReplaceAllString(resp, " id: XXXX"), expectedResp)
517517

518-
_, _, resolvers, err = obj.LookupCAA(context.Background(), "gonetld")
518+
_, _, resolvers, _, err = obj.LookupCAA(context.Background(), "gonetld")
519519
test.AssertError(t, err, "should fail for TLD NXDOMAIN")
520520
test.AssertContains(t, err.Error(), "NXDOMAIN")
521521
test.AssertEquals(t, resolvers[0], "127.0.0.1:4053")
@@ -678,7 +678,7 @@ func TestRetry(t *testing.T) {
678678
testClient := New(time.Second*10, staticProvider, metrics.NoopRegisterer, clock.NewFake(), tc.maxTries, "", blog.UseMock(), tlsConfig)
679679
dr := testClient.(*impl)
680680
dr.dnsClient = tc.te
681-
_, _, err = dr.LookupTXT(context.Background(), "example.com")
681+
_, _, _, err = dr.LookupTXT(context.Background(), "example.com")
682682
if err == errTooManyRequests {
683683
t.Errorf("#%d, sent more requests than the test case handles", i)
684684
}
@@ -711,7 +711,7 @@ func TestRetry(t *testing.T) {
711711
dr.dnsClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
712712
ctx, cancel := context.WithCancel(context.Background())
713713
cancel()
714-
_, _, err = dr.LookupTXT(ctx, "example.com")
714+
_, _, _, err = dr.LookupTXT(ctx, "example.com")
715715
if err == nil ||
716716
err.Error() != "DNS problem: query timed out (and was canceled) looking up TXT for example.com" {
717717
t.Errorf("expected %s, got %s", context.Canceled, err)
@@ -720,7 +720,7 @@ func TestRetry(t *testing.T) {
720720
dr.dnsClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
721721
ctx, cancel = context.WithTimeout(context.Background(), -10*time.Hour)
722722
defer cancel()
723-
_, _, err = dr.LookupTXT(ctx, "example.com")
723+
_, _, _, err = dr.LookupTXT(ctx, "example.com")
724724
if err == nil ||
725725
err.Error() != "DNS problem: query timed out looking up TXT for example.com" {
726726
t.Errorf("expected %s, got %s", context.DeadlineExceeded, err)
@@ -729,7 +729,7 @@ func TestRetry(t *testing.T) {
729729
dr.dnsClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
730730
ctx, deadlineCancel := context.WithTimeout(context.Background(), -10*time.Hour)
731731
deadlineCancel()
732-
_, _, err = dr.LookupTXT(ctx, "example.com")
732+
_, _, _, err = dr.LookupTXT(ctx, "example.com")
733733
if err == nil ||
734734
err.Error() != "DNS problem: query timed out looking up TXT for example.com" {
735735
t.Errorf("expected %s, got %s", context.DeadlineExceeded, err)
@@ -829,7 +829,7 @@ func TestRotateServerOnErr(t *testing.T) {
829829
// servers *all* queries should eventually succeed by being retried against
830830
// server "[2606:4700:4700::1111]:53".
831831
for range maxTries * 2 {
832-
_, resolvers, err := client.LookupTXT(context.Background(), "example.com")
832+
_, resolvers, _, err := client.LookupTXT(context.Background(), "example.com")
833833
test.AssertEquals(t, len(resolvers), 1)
834834
test.AssertEquals(t, resolvers[0], "[2606:4700:4700::1111]:53")
835835
// Any errors are unexpected - server "[2606:4700:4700::1111]:53" should

0 commit comments

Comments
 (0)