From 04770218ac449f1d31d8499065c1cc7d60ea4b0d Mon Sep 17 00:00:00 2001
From: Richard Barnes <rlb@ipv.sx>
Date: Tue, 23 Jun 2015 23:33:48 -0700
Subject: [PATCH] Remove DNSSEC from simpleHttp and dvsni

---
 va/validation-authority.go | 38 --------------------------------------
 1 file changed, 38 deletions(-)

diff --git a/va/validation-authority.go b/va/validation-authority.go
index 03722e8b3..c961c26ca 100644
--- a/va/validation-authority.go
+++ b/va/validation-authority.go
@@ -79,25 +79,6 @@ func (va ValidationAuthorityImpl) validateSimpleHTTP(identifier core.AcmeIdentif
 	}
 	hostName := identifier.Value
 
-	// Check for DNSSEC failures for A/AAAA records
-	_, _, err := va.DNSResolver.LookupHost(hostName)
-	if err != nil {
-		if dnssecErr, ok := err.(core.DNSSECError); ok {
-			challenge.Error = &core.ProblemDetails{
-				Type:   core.DNSSECProblem,
-				Detail: dnssecErr.Error(),
-			}
-		} else {
-			challenge.Error = &core.ProblemDetails{
-				Type:   core.ServerInternalProblem,
-				Detail: "Unable to communicate with DNS server",
-			}
-		}
-		challenge.Status = core.StatusInvalid
-		va.log.Debug(fmt.Sprintf("SimpleHTTP [%s] DNS failure: %s", identifier, err))
-		return challenge, challenge.Error
-	}
-
 	var scheme string
 	if input.TLS == nil || (input.TLS != nil && *input.TLS) {
 		scheme = "https"
@@ -227,25 +208,6 @@ func (va ValidationAuthorityImpl) validateDvsni(identifier core.AcmeIdentifier,
 	z := sha256.Sum256(RS)
 	zName := fmt.Sprintf("%064x.acme.invalid", z)
 
-	// Check for DNSSEC failures for A/AAAA records
-	_, _, err = va.DNSResolver.LookupHost(identifier.Value)
-	if err != nil {
-		if dnssecErr, ok := err.(core.DNSSECError); ok {
-			challenge.Error = &core.ProblemDetails{
-				Type:   core.DNSSECProblem,
-				Detail: dnssecErr.Error(),
-			}
-		} else {
-			challenge.Error = &core.ProblemDetails{
-				Type:   core.ServerInternalProblem,
-				Detail: "Unable to communicate with DNS server",
-			}
-		}
-		challenge.Status = core.StatusInvalid
-		va.log.Debug(fmt.Sprintf("DVSNI [%s] DNS failure: %s", identifier, err))
-		return challenge, challenge.Error
-	}
-
 	// Make a connection with SNI = nonceName
 	hostPort := identifier.Value + ":443"
 	if va.TestMode {