Allow configuration of multiple DNS resolvers (#3612)

* Allow configuration of multiple DNS resolvers * Use multiple DNS resolvers in integration tests Fixes #3611.
2018-04-05 16:51:22 +01:00 · 2018-04-05 16:51:22 +01:00 · cc5ec34539
parent 9e24cad3bb
commit cc5ec34539
5 changed files with 43 additions and 21 deletions
--- a/cmd/boulder-ra/main.go
+++ b/cmd/boulder-ra/main.go
@ -36,7 +36,8 @@ type config struct {
 		// The number of times to try a DNS query (that has a temporary error)
 		// before giving up. May be short-circuited by deadlines. A zero value
 		// will be turned into 1.
-		DNSTries int
+		DNSTries     int
+		DNSResolvers []string

 		SAService        *cmd.GRPCClientConfig
 		VAService        *cmd.GRPCClientConfig
@ -221,17 +222,20 @@ func main() {
 	if dnsTries < 1 {
 		dnsTries = 1
 	}
+	if len(c.Common.DNSResolver) != 0 {
+		c.RA.DNSResolvers = append(c.RA.DNSResolvers, c.Common.DNSResolver)
+	}
 	if !c.Common.DNSAllowLoopbackAddresses {
 		rai.DNSClient = bdns.NewDNSClientImpl(
 			raDNSTimeout,
-			[]string{c.Common.DNSResolver},
+			c.RA.DNSResolvers,
 			scope,
 			cmd.Clock(),
 			dnsTries)
 	} else {
 		rai.DNSClient = bdns.NewTestDNSClientImpl(
 			raDNSTimeout,
-			[]string{c.Common.DNSResolver},
+			c.RA.DNSResolvers,
 			scope,
 			cmd.Clock(),
 			dnsTries)
--- a/cmd/boulder-va/main.go
+++ b/cmd/boulder-va/main.go
@ -31,7 +31,8 @@ type config struct {
 		// The number of times to try a DNS query (that has a temporary error)
 		// before giving up. May be short-circuited by deadlines. A zero value
 		// will be turned into 1.
-		DNSTries int
+		DNSTries     int
+		DNSResolvers []string

 		RemoteVAs                   []cmd.GRPCClientConfig
 		MaxRemoteValidationFailures int
@ -93,16 +94,19 @@ func main() {
 	}
 	clk := cmd.Clock()
 	var resolver bdns.DNSClient
+	if len(c.Common.DNSResolver) != 0 {
+		c.VA.DNSResolvers = append(c.VA.DNSResolvers, c.Common.DNSResolver)
+	}
 	if !c.Common.DNSAllowLoopbackAddresses {
 		r := bdns.NewDNSClientImpl(
 			dnsTimeout,
-			[]string{c.Common.DNSResolver},
+			c.VA.DNSResolvers,
 			scope,
 			clk,
 			dnsTries)
 		resolver = r
 	} else {
-		r := bdns.NewTestDNSClientImpl(dnsTimeout, []string{c.Common.DNSResolver}, scope, clk, dnsTries)
+		r := bdns.NewTestDNSClientImpl(dnsTimeout, c.VA.DNSResolvers, scope, clk, dnsTries)
 		resolver = r
 	}

--- a/test/config-next/ra.json
+++ b/test/config-next/ra.json
@ -4,6 +4,10 @@
    "maxConcurrentRPCServerRequests": 100000,
    "maxContactsPerRegistration": 100,
    "dnsTries": 3,
+    "dnsResolvers": [
+      "127.0.0.1:8053",
+      "127.0.0.1:8054"
+    ],
    "debugAddr": ":8002",
    "hostnamePolicyFile": "test/hostname-policy.json",
    "maxNames": 100,
@ -101,7 +105,6 @@
  },

  "common": {
-    "dnsResolver": "127.0.0.1:8053",
    "dnsTimeout": "1s",
    "dnsAllowLoopbackAddresses": true
  }
--- a/test/config-next/va.json
+++ b/test/config-next/va.json
@ -9,6 +9,10 @@
    },
    "maxConcurrentRPCServerRequests": 100000,
    "dnsTries": 3,
+    "dnsResolvers": [
+      "127.0.0.1:8053",
+      "127.0.0.1:8054"
+    ],
    "issuerDomain": "happy-hacker-ca.invalid",
    "tls": {
      "caCertfile": "test/grpc-creds/minica.pem",
@ -48,7 +52,6 @@
  },

  "common": {
-    "dnsResolver": "127.0.0.1:8053",
    "dnsTimeout": "1s",
    "dnsAllowLoopbackAddresses": true
  }
--- a/test/dns-test-srv/main.go
+++ b/test/dns-test-srv/main.go
@ -167,29 +167,25 @@ func (ts *testSrv) dnsHandler(w dns.ResponseWriter, r *dns.Msg) {
 	return
 }

-func (ts *testSrv) serveTestResolver() {
+type server interface {
+	ListenAndServe() error
+}
+
+func (ts *testSrv) serveTestResolver(dnsAddr string) {
 	dns.HandleFunc(".", ts.dnsHandler)
-	type server interface {
-		ListenAndServe() error
-	}
 	udpServer := server(&dns.Server{
-		Addr:         "0.0.0.0:8053",
+		Addr:         dnsAddr,
 		Net:          "udp",
 		ReadTimeout:  time.Second,
 		WriteTimeout: time.Second,
 	})
 	tcpServer := server(&dns.Server{
-		Addr:         "0.0.0.0:8053",
+		Addr:         dnsAddr,
 		Net:          "tcp",
 		ReadTimeout:  time.Second,
 		WriteTimeout: time.Second,
 	})
-	webServer := server(&http.Server{
-		Addr: "0.0.0.0:8055",
-	})
-	http.HandleFunc("/set-txt", ts.setTXT)
-	http.HandleFunc("/clear-txt", ts.clearTXT)
-	for _, s := range []server{udpServer, tcpServer, webServer} {
+	for _, s := range []server{udpServer, tcpServer} {
 		go func(s server) {
 			err := s.ListenAndServe()
 			if err != nil {
@ -201,6 +197,18 @@ func (ts *testSrv) serveTestResolver() {

 func main() {
 	ts := testSrv{mu: new(sync.RWMutex), txtRecords: make(map[string][]string)}
-	ts.serveTestResolver()
+	ts.serveTestResolver("0.0.0.0:8053")
+	ts.serveTestResolver("0.0.0.0:8054")
+	webServer := server(&http.Server{
+		Addr: "0.0.0.0:8055",
+	})
+	http.HandleFunc("/set-txt", ts.setTXT)
+	http.HandleFunc("/clear-txt", ts.clearTXT)
+	go func(s server) {
+		err := s.ListenAndServe()
+		if err != nil {
+			log.Fatal(err)
+		}
+	}(webServer)
 	cmd.CatchSignals(nil, nil)
 }