From 8b5c8cf7143b7c153278ea9e1dff384cfc75aafe Mon Sep 17 00:00:00 2001 From: Arjan H Date: Wed, 16 Jun 2021 20:17:12 +0200 Subject: [PATCH 1/5] Do not allocate pseudo-TTY for mysql maintenance (#19) --- install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install b/install index 95886cd..8ad0660 100755 --- a/install +++ b/install @@ -573,7 +573,7 @@ config_boulder() { cp sa/_db/migrations/20210223140000_CombinedSchema.sql "$boulderLabCADir/.backup/" mkdir -p $baseDir/backup - [ -z "$(docker ps | grep boulder_bmysql_1)" ] || docker exec -it boulder_bmysql_1 mysqldump boulder_sa_integration >$baseDir/backup/dbdata-${runId}.sql + [ -z "$(docker ps | grep boulder_bmysql_1)" ] || docker exec -i boulder_bmysql_1 mysqldump boulder_sa_integration >$baseDir/backup/dbdata-${runId}.sql cd "$boulderLabCADir" sed -i -e "s/test-ca2.pem/test-ca.pem/" config/ocsp-responder.json @@ -722,7 +722,7 @@ startup() { wait_up $PS_MYSQL &>>$installLog wait_up $PS_LABCA &>>$installLog - docker exec -it boulder_bmysql_1 mysql_upgrade &>>$installLog + docker exec -i boulder_bmysql_1 mysql_upgrade &>>$installLog [ -f "$boulderLabCADir/setup_complete" ] && wait_up $PS_BOULDER $PS_BOULDER_COUNT &>>$installLog || /bin/true msg_ok "$msg" From 62280b2938eea8c1ef1f9b91e90468981ee97a0c Mon Sep 17 00:00:00 2001 From: Arjan H Date: Fri, 18 Jun 2021 20:07:50 +0200 Subject: [PATCH 2/5] Stay on non-master branches when updating via gui --- commander | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/commander b/commander index 17cf037..783fbf0 100755 --- a/commander +++ b/commander @@ -190,7 +190,13 @@ case $txt in halt ;; "version-update") - /home/labca/labca/install &>>$LOGFILE + cd $dn + branch="$(git symbolic-ref --short HEAD 2>/dev/null)" || branch="(none)" + if [ "$branch" == "master" ] || [ "$branch" == "main" ] || [ "$branch" == "(none)" ]; then + /home/labca/labca/install &>>$LOGFILE + else + /home/labca/labca/install -b $branch &>>$LOGFILE + fi ;; *) echo "Unknown command '$txt'. ERROR!" From 55cc8904aef91f1bf0bda1cae367d5ae37c5990c Mon Sep 17 00:00:00 2001 From: Arjan H Date: Thu, 15 Jul 2021 20:17:53 +0200 Subject: [PATCH 3/5] Bump boulder version to release-2021-07-12 --- bad-key-revoker_main.patch | 12 ++++++------ contact-auditor_main.patch | 26 ++++++++++++++++++++++++++ core_interfaces.patch | 4 ++-- docker-compose.patch | 4 ++-- install | 6 +++++- mail_mailer.patch | 12 ++++++------ notify-mailer_main.patch | 36 ++++++++++++++++++------------------ ra_ra.patch | 4 ++-- 8 files changed, 67 insertions(+), 37 deletions(-) create mode 100644 contact-auditor_main.patch diff --git a/bad-key-revoker_main.patch b/bad-key-revoker_main.patch index a69d503..b4c6ee6 100644 --- a/bad-key-revoker_main.patch +++ b/bad-key-revoker_main.patch @@ -1,5 +1,5 @@ diff --git a/cmd/bad-key-revoker/main.go b/cmd/bad-key-revoker/main.go -index 17704c41..e2a060b1 100644 +index a78efee19..1c08b7035 100644 --- a/cmd/bad-key-revoker/main.go +++ b/cmd/bad-key-revoker/main.go @@ -14,6 +14,7 @@ import ( @@ -9,8 +9,8 @@ index 17704c41..e2a060b1 100644 + "github.com/letsencrypt/boulder/bdns" "github.com/letsencrypt/boulder/cmd" "github.com/letsencrypt/boulder/core" - corepb "github.com/letsencrypt/boulder/core/proto" -@@ -346,6 +347,9 @@ func main() { + "github.com/letsencrypt/boulder/db" +@@ -345,6 +346,9 @@ func main() { TLS cmd.TLSConfig RAService *cmd.GRPCClientConfig @@ -20,7 +20,7 @@ index 17704c41..e2a060b1 100644 // MaximumRevocations specifies the maximum number of certificates associated with // a key hash that bad-key-revoker will attempt to revoke. If the number of certificates // is higher than MaximumRevocations bad-key-revoker will error out and refuse to -@@ -373,6 +377,12 @@ func main() { +@@ -372,6 +376,12 @@ func main() { Syslog cmd.SyslogConfig Beeline cmd.BeelineConfig @@ -33,7 +33,7 @@ index 17704c41..e2a060b1 100644 } configPath := flag.String("config", "", "File path to the configuration file for this service") flag.Parse() -@@ -418,6 +428,30 @@ func main() { +@@ -417,6 +427,30 @@ func main() { cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to RA") rac := rapb.NewRegistrationAuthorityClient(conn) @@ -64,7 +64,7 @@ index 17704c41..e2a060b1 100644 var smtpRoots *x509.CertPool if config.BadKeyRevoker.Mailer.SMTPTrustedRootFile != "" { pem, err := ioutil.ReadFile(config.BadKeyRevoker.Mailer.SMTPTrustedRootFile) -@@ -439,6 +473,7 @@ func main() { +@@ -438,6 +472,7 @@ func main() { config.BadKeyRevoker.Mailer.Username, smtpPassword, smtpRoots, diff --git a/contact-auditor_main.patch b/contact-auditor_main.patch new file mode 100644 index 0000000..4a02d4f --- /dev/null +++ b/contact-auditor_main.patch @@ -0,0 +1,26 @@ +diff --git a/cmd/contact-auditor/main.go b/cmd/contact-auditor/main.go +index 88792e42a..26dfed7e5 100644 +--- a/cmd/contact-auditor/main.go ++++ b/cmd/contact-auditor/main.go +@@ -12,6 +12,7 @@ import ( + "time" + + "github.com/go-sql-driver/mysql" ++ "github.com/letsencrypt/boulder/core" + "github.com/letsencrypt/boulder/cmd" + blog "github.com/letsencrypt/boulder/log" + "github.com/letsencrypt/boulder/policy" +@@ -49,9 +50,12 @@ func validateContacts(id int64, createdAt string, contacts []string) error { + fmt.Fprintf(&probsBuff, "%d\t%s\tvalidation\t%q\t%q\n", id, createdAt, contact, prob) + } + ++ var pa *policy.AuthorityImpl ++ pa, _ = policy.New(map[core.AcmeChallenge]bool{}) ++ + for _, contact := range contacts { + if strings.HasPrefix(contact, "mailto:") { +- err := policy.ValidEmail(strings.TrimPrefix(contact, "mailto:")) ++ err := pa.ValidEmail(strings.TrimPrefix(contact, "mailto:")) + if err != nil { + writeProb(contact, err.Error()) + } diff --git a/core_interfaces.patch b/core_interfaces.patch index 2c54808..7fab6b9 100644 --- a/core_interfaces.patch +++ b/core_interfaces.patch @@ -1,8 +1,8 @@ diff --git a/core/interfaces.go b/core/interfaces.go -index 06576845c..a854745fd 100644 +index edbf531fa..1de27cc82 100644 --- a/core/interfaces.go +++ b/core/interfaces.go -@@ -95,6 +95,7 @@ type PolicyAuthority interface { +@@ -96,6 +96,7 @@ type PolicyAuthority interface { WillingToIssueWildcards(identifiers []identifier.ACMEIdentifier) error ChallengesFor(domain identifier.ACMEIdentifier) ([]Challenge, error) ChallengeTypeEnabled(t AcmeChallenge) bool diff --git a/docker-compose.patch b/docker-compose.patch index 31cfe5a..2fe0737 100644 --- a/docker-compose.patch +++ b/docker-compose.patch @@ -1,9 +1,9 @@ diff --git a/docker-compose.yml b/docker-compose.yml -index 1a4dd8295..d2c105ec4 100644 +index ec5150a2a..ea23aa838 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,10 +4,11 @@ services: - image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.4_2021-05-06} + image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.5_2021-06-11} environment: FAKE_DNS: 10.77.77.77 - BOULDER_CONFIG_DIR: test/config diff --git a/install b/install index 8ad0660..9bb9519 100755 --- a/install +++ b/install @@ -24,7 +24,7 @@ dockerComposeVersion="1.28.5" labcaUrl="https://github.com/hakwerk/labca/" boulderUrl="https://github.com/letsencrypt/boulder/" -boulderTag="release-2021-06-01" +boulderTag="release-2021-07-12" # # Color configuration @@ -544,6 +544,9 @@ config_boulder() { sudo -u labca -H patch -p1 < $cloneDir/notify-mailer_main.patch &>>$installLog cp cmd/notify-mailer/main.go "$boulderLabCADir/.backup/" + sudo -u labca -H patch -p1 < $cloneDir/contact-auditor_main.patch &>>$installLog + cp cmd/contact-auditor/main.go "$boulderLabCADir/.backup/" + sudo -u labca -H patch -p1 < $cloneDir/bad-key-revoker_main.patch &>>$installLog cp cmd/bad-key-revoker/main.go "$boulderLabCADir/.backup/" @@ -631,6 +634,7 @@ config_boulder() { rm test-ca2.pem ([ -e mock-vendor.go ] && rm mock-vendor.go) || /bin/true + ([ -e test-tools.go ] && rm test-tools.go) || /bin/true local have_config=$(grep restarted $adminDir/data/config.json | grep true) if [ "$have_config" != "" ]; then diff --git a/mail_mailer.patch b/mail_mailer.patch index a5e5b48..1cbe25f 100644 --- a/mail_mailer.patch +++ b/mail_mailer.patch @@ -1,8 +1,8 @@ diff --git a/mail/mailer.go b/mail/mailer.go -index bb5bacaf2..946992dca 100644 +index 864cdbd51..21b2417f4 100644 --- a/mail/mailer.go +++ b/mail/mailer.go -@@ -20,10 +20,14 @@ import ( +@@ -21,10 +21,14 @@ import ( "time" "github.com/jmhodges/clock" @@ -17,7 +17,7 @@ index bb5bacaf2..946992dca 100644 ) type idGenerator interface { -@@ -121,6 +125,7 @@ func New( +@@ -122,6 +126,7 @@ func New( username, password string, rootCAs *x509.CertPool, @@ -25,7 +25,7 @@ index bb5bacaf2..946992dca 100644 from mail.Address, logger blog.Logger, stats prometheus.Registerer, -@@ -140,6 +145,7 @@ func New( +@@ -141,6 +146,7 @@ func New( server: server, port: port, rootCAs: rootCAs, @@ -33,7 +33,7 @@ index bb5bacaf2..946992dca 100644 }, log: logger, from: from, -@@ -180,7 +186,7 @@ func (m *MailerImpl) generateMessage(to []string, subject, body string) ([]byte, +@@ -181,7 +187,7 @@ func (m *MailerImpl) generateMessage(to []string, subject, body string) ([]byte, fmt.Sprintf("To: %s", strings.Join(addrs, ", ")), fmt.Sprintf("From: %s", m.from.String()), fmt.Sprintf("Subject: %s", subject), @@ -42,7 +42,7 @@ index bb5bacaf2..946992dca 100644 fmt.Sprintf("Message-Id: <%s.%s.%s>", now.Format("20060102T150405"), mid.String(), m.from.Address), "MIME-Version: 1.0", "Content-Type: text/plain; charset=UTF-8", -@@ -237,23 +243,32 @@ func (m *MailerImpl) Connect() error { +@@ -238,23 +244,32 @@ func (m *MailerImpl) Connect() error { type dialerImpl struct { username, password, server, port string rootCAs *x509.CertPool diff --git a/notify-mailer_main.patch b/notify-mailer_main.patch index 0a679fc..c21c450 100644 --- a/notify-mailer_main.patch +++ b/notify-mailer_main.patch @@ -1,36 +1,36 @@ diff --git a/cmd/notify-mailer/main.go b/cmd/notify-mailer/main.go -index f4a25a78..68b23dc7 100644 +index fa2aac74e..08430ee10 100644 --- a/cmd/notify-mailer/main.go +++ b/cmd/notify-mailer/main.go -@@ -38,6 +38,7 @@ type mailer struct { - destinations []recipient +@@ -37,6 +37,7 @@ type mailer struct { + recipients []recipient targetRange interval sleepInterval time.Duration + pa *policy.AuthorityImpl } - // interval defines a range of email addresses to send to, alphabetically. -@@ -147,7 +148,7 @@ func (m *mailer) run() error { - m.log.Debugf("skipping %q: out of target range") + // interval defines a range of email addresses to send to in alphabetical order. +@@ -151,7 +152,7 @@ func (m *mailer) run() error { continue } + - if err := policy.ValidEmail(address); err != nil { + if err := m.pa.ValidEmail(address); err != nil { - m.log.Infof("skipping %q: %s", address, err) + m.log.Infof("Skipping %q due to policy violation: %s", address, err) continue } -@@ -410,7 +411,9 @@ func main() { - cmd.PasswordConfig +@@ -477,7 +478,9 @@ func main() { + NotifyMailer struct { + DB cmd.DBConfig cmd.SMTPConfig - Features map[string]bool + cmd.HostnamePolicyConfig } + PA cmd.PAConfig Syslog cmd.SyslogConfig } - configFile := flag.String("config", "", "File containing a JSON config.") -@@ -464,6 +467,14 @@ func main() { - end: *end, + +@@ -531,6 +534,14 @@ func main() { + log.Infof("While reading the recipient list file %s", probs) } + // Validate PA config and set defaults if needed @@ -43,8 +43,8 @@ index f4a25a78..68b23dc7 100644 + var mailClient bmail.Mailer if *dryRun { - log.Infof("Doing a dry run.") -@@ -477,6 +488,7 @@ func main() { + log.Infof("Starting %s in dry-run mode", cmd.VersionString()) +@@ -546,6 +557,7 @@ func main() { cfg.NotifyMailer.Username, smtpPassword, nil, @@ -52,9 +52,9 @@ index f4a25a78..68b23dc7 100644 *address, log, metrics.NoopRegisterer, -@@ -494,6 +506,7 @@ func main() { - emailTemplate: template, - targetRange: targetRange, +@@ -566,6 +578,7 @@ func main() { + end: *end, + }, sleepInterval: *sleep, + pa: pa, } diff --git a/ra_ra.patch b/ra_ra.patch index 257c631..c67edef 100644 --- a/ra_ra.patch +++ b/ra_ra.patch @@ -1,5 +1,5 @@ diff --git a/ra/ra.go b/ra/ra.go -index 1fd47d29..ccc5aef8 100644 +index 58fa25ca8..09d2a3579 100644 --- a/ra/ra.go +++ b/ra/ra.go @@ -31,7 +31,6 @@ import ( @@ -10,7 +10,7 @@ index 1fd47d29..ccc5aef8 100644 "github.com/letsencrypt/boulder/probs" pubpb "github.com/letsencrypt/boulder/publisher/proto" rapb "github.com/letsencrypt/boulder/ra/proto" -@@ -443,7 +442,7 @@ func (ra *RegistrationAuthorityImpl) validateContacts(ctx context.Context, conta +@@ -446,7 +445,7 @@ func (ra *RegistrationAuthorityImpl) validateContacts(ctx context.Context, conta contact, ) } From 7c023df90acfa0a0c0a407dc7c1ae9f3636786d4 Mon Sep 17 00:00:00 2001 From: Arjan H Date: Wed, 28 Jul 2021 19:27:48 +0200 Subject: [PATCH 4/5] Make labca user member of the docker group (#7) --- install | 3 +++ 1 file changed, 3 insertions(+) diff --git a/install b/install index 9bb9519..e39c8e1 100755 --- a/install +++ b/install @@ -394,6 +394,9 @@ install_extra() { apt update &>>$installLog install_pkg "docker-ce" + # Make sure the labca user has docker permissions + usermod -aG docker labca + msg_info "Install binary 'docker-compose'" local dcver="" [ -x /usr/local/bin/docker-compose ] && dcver="`/usr/local/bin/docker-compose --version`" From 21856c97f7000585cc464ea289d3440f529fa1b1 Mon Sep 17 00:00:00 2001 From: Arjan H Date: Thu, 5 Aug 2021 17:49:54 +0200 Subject: [PATCH 5/5] Bump boulder version to release-2021-08-02 --- bad-key-revoker_main.patch | 20 +++++++++++--------- core_interfaces.patch | 4 ++-- docker-compose.patch | 4 ++-- expiration-mailer_main.patch | 12 +++++++----- install | 2 +- mail-tester.go | 6 ++++-- 6 files changed, 27 insertions(+), 21 deletions(-) diff --git a/bad-key-revoker_main.patch b/bad-key-revoker_main.patch index b4c6ee6..9795b52 100644 --- a/bad-key-revoker_main.patch +++ b/bad-key-revoker_main.patch @@ -1,16 +1,16 @@ diff --git a/cmd/bad-key-revoker/main.go b/cmd/bad-key-revoker/main.go -index a78efee19..1c08b7035 100644 +index 2d6d17f16..e09948cfc 100644 --- a/cmd/bad-key-revoker/main.go +++ b/cmd/bad-key-revoker/main.go -@@ -14,6 +14,7 @@ import ( - "time" +@@ -15,6 +15,7 @@ import ( "github.com/honeycombio/beeline-go" + "github.com/jmhodges/clock" + "github.com/letsencrypt/boulder/bdns" "github.com/letsencrypt/boulder/cmd" "github.com/letsencrypt/boulder/core" "github.com/letsencrypt/boulder/db" -@@ -345,6 +346,9 @@ func main() { +@@ -348,6 +349,9 @@ func main() { TLS cmd.TLSConfig RAService *cmd.GRPCClientConfig @@ -20,7 +20,7 @@ index a78efee19..1c08b7035 100644 // MaximumRevocations specifies the maximum number of certificates associated with // a key hash that bad-key-revoker will attempt to revoke. If the number of certificates // is higher than MaximumRevocations bad-key-revoker will error out and refuse to -@@ -372,6 +376,12 @@ func main() { +@@ -375,6 +379,12 @@ func main() { Syslog cmd.SyslogConfig Beeline cmd.BeelineConfig @@ -33,7 +33,7 @@ index a78efee19..1c08b7035 100644 } configPath := flag.String("config", "", "File path to the configuration file for this service") flag.Parse() -@@ -417,6 +427,30 @@ func main() { +@@ -424,6 +434,32 @@ func main() { cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to RA") rac := rapb.NewRegistrationAuthorityClient(conn) @@ -47,24 +47,26 @@ index a78efee19..1c08b7035 100644 + if len(config.Common.DNSResolver) != 0 { + config.BadKeyRevoker.DNSResolvers = append(config.BadKeyRevoker.DNSResolvers, config.Common.DNSResolver) + } ++ servers, err := bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers) ++ cmd.FailOnError(err, "Couldn't parse static DNS server(s)") + if !config.Common.DNSAllowLoopbackAddresses { + r := bdns.New( + dnsTimeout, -+ bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers), ++ servers, + scope, + clk, + dnsTries, + logger) + resolver = r + } else { -+ r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers), scope, clk, dnsTries, logger) ++ r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger) + resolver = r + } + var smtpRoots *x509.CertPool if config.BadKeyRevoker.Mailer.SMTPTrustedRootFile != "" { pem, err := ioutil.ReadFile(config.BadKeyRevoker.Mailer.SMTPTrustedRootFile) -@@ -438,6 +472,7 @@ func main() { +@@ -445,6 +481,7 @@ func main() { config.BadKeyRevoker.Mailer.Username, smtpPassword, smtpRoots, diff --git a/core_interfaces.patch b/core_interfaces.patch index 7fab6b9..e529adc 100644 --- a/core_interfaces.patch +++ b/core_interfaces.patch @@ -1,8 +1,8 @@ diff --git a/core/interfaces.go b/core/interfaces.go -index edbf531fa..1de27cc82 100644 +index 4e03131cb..43468ca3b 100644 --- a/core/interfaces.go +++ b/core/interfaces.go -@@ -96,6 +96,7 @@ type PolicyAuthority interface { +@@ -94,6 +94,7 @@ type PolicyAuthority interface { WillingToIssueWildcards(identifiers []identifier.ACMEIdentifier) error ChallengesFor(domain identifier.ACMEIdentifier) ([]Challenge, error) ChallengeTypeEnabled(t AcmeChallenge) bool diff --git a/docker-compose.patch b/docker-compose.patch index 2fe0737..2bd7a87 100644 --- a/docker-compose.patch +++ b/docker-compose.patch @@ -1,9 +1,9 @@ diff --git a/docker-compose.yml b/docker-compose.yml -index ec5150a2a..ea23aa838 100644 +index 713667d60..0a384c8ab 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,10 +4,11 @@ services: - image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.5_2021-06-11} + image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.6_2021-07-12} environment: FAKE_DNS: 10.77.77.77 - BOULDER_CONFIG_DIR: test/config diff --git a/expiration-mailer_main.patch b/expiration-mailer_main.patch index 3ed6803..0834469 100644 --- a/expiration-mailer_main.patch +++ b/expiration-mailer_main.patch @@ -1,5 +1,5 @@ diff --git a/cmd/expiration-mailer/main.go b/cmd/expiration-mailer/main.go -index 95c8a035..2ff70d7d 100644 +index 9f56157dd..8cc77676c 100644 --- a/cmd/expiration-mailer/main.go +++ b/cmd/expiration-mailer/main.go @@ -20,6 +20,7 @@ import ( @@ -42,7 +42,7 @@ index 95c8a035..2ff70d7d 100644 } func initStats(stats prometheus.Registerer) mailerStats { -@@ -507,6 +517,30 @@ func main() { +@@ -510,6 +520,32 @@ func main() { cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA") sac := bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn)) @@ -56,24 +56,26 @@ index 95c8a035..2ff70d7d 100644 + if len(c.Common.DNSResolver) != 0 { + c.Mailer.DNSResolvers = append(c.Mailer.DNSResolvers, c.Common.DNSResolver) + } ++ servers, err := bdns.NewStaticProvider(c.Mailer.DNSResolvers) ++ cmd.FailOnError(err, "Couldn't parse static DNS server(s)") + if !c.Common.DNSAllowLoopbackAddresses { + r := bdns.New( + dnsTimeout, -+ bdns.NewStaticProvider(c.Mailer.DNSResolvers), ++ servers, + scope, + clk, + dnsTries, + logger) + resolver = r + } else { -+ r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(c.Mailer.DNSResolvers), scope, clk, dnsTries, logger) ++ r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger) + resolver = r + } + var smtpRoots *x509.CertPool if c.Mailer.SMTPTrustedRootFile != "" { pem, err := ioutil.ReadFile(c.Mailer.SMTPTrustedRootFile) -@@ -542,6 +576,7 @@ func main() { +@@ -545,6 +581,7 @@ func main() { c.Mailer.Username, smtpPassword, smtpRoots, diff --git a/install b/install index e39c8e1..db5d3fa 100755 --- a/install +++ b/install @@ -24,7 +24,7 @@ dockerComposeVersion="1.28.5" labcaUrl="https://github.com/hakwerk/labca/" boulderUrl="https://github.com/letsencrypt/boulder/" -boulderTag="release-2021-07-12" +boulderTag="release-2021-08-02" # # Color configuration diff --git a/mail-tester.go b/mail-tester.go index 4d2e605..3658f21 100644 --- a/mail-tester.go +++ b/mail-tester.go @@ -83,17 +83,19 @@ func main() { if len(c.Common.DNSResolver) != 0 { c.Mailer.DNSResolvers = append(c.Mailer.DNSResolvers, c.Common.DNSResolver) } + servers, err := bdns.NewStaticProvider(c.Mailer.DNSResolvers) + cmd.FailOnError(err, "Couldn't parse static DNS server(s)") if !c.Common.DNSAllowLoopbackAddresses { r := bdns.New( dnsTimeout, - bdns.NewStaticProvider(c.Mailer.DNSResolvers), + servers, scope, clk, dnsTries, logger) resolver = r } else { - r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(c.Mailer.DNSResolvers), scope, clk, dnsTries, logger) + r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger) resolver = r }