letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
boulder/core
History
J.C. Jones 31aaef3f4e Only use TCP for DNS. 
Since Boulder always requests DNSSEC records, in practice DNS responses often
exceed the IP MTU.

Boulder installations expect to have a local DNS resolver, and all modern DNS
resolvers support TCP connections. Since miekg/dns does not perform an
"attempt udp, timeout, retry via tcp" approach, it's simpler and more reliable
to always use TCP for internal DNS resolution. This makes failures more
obvious as well.

Also change the integration test DNS server to TCP.
 		2015-11-18 10:54:08 -07:00
..
challenges.go Merge branch 'master' into golint 2015-10-07 10:42:36 -04:00
core_test.go Use a map and set defaults 2015-11-07 12:39:57 -05:00
dns.go Only use TCP for DNS. 2015-11-18 10:54:08 -07:00
dns_test.go Only use TCP for DNS. 2015-11-18 10:54:08 -07:00
good_key.go Do GoodKey checking in WFE. 2015-09-09 20:30:55 -04:00
good_key_test.go Do GoodKey checking in WFE. 2015-09-09 20:30:55 -04:00
interfaces.go add Google Safe Browsing API calls 2015-11-06 16:37:34 -08:00
nonce.go Merge branch 'master' into short-nonce 2015-11-16 11:21:24 -08:00
nonce_test.go Fix nonceLen and unexport const. 2015-11-07 11:18:44 -08:00
objects.go Use a map and set defaults 2015-11-07 12:39:57 -05:00
objects_test.go Change to KeyAuthorization in core 2015-10-03 12:58:05 -04:00
reverse-name.go Store a DB of issued names. 2015-09-28 19:37:50 -07:00
util.go Backoff OCSP Updater on HSM failure 2015-10-26 14:06:32 -07:00
util_test.go clean up CSRs with capitalized letters 2015-10-08 17:04:07 -07:00
va.go add Google Safe Browsing API calls 2015-11-06 16:37:34 -08:00