github-personal/labca
1
0
Fork 0
mirror of https://github.com/outbackdingo/labca.git synced 2026-01-27 10:19:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
78b63c2b9b3d80fee390c4e2e06fd9f33224f8bd
labca/patches/bdns_dns.patch
Arjan H 78b63c2b9b Bump boulder version to v0.20251110.0
2025-11-14 15:09:09 +01:00

82 lines
2.9 KiB
Diff
Raw Blame History

diff --git a/bdns/dns.go b/bdns/dns.go
index 5fee207b8..f147da8e9 100644
--- a/bdns/dns.go
+++ b/bdns/dns.go
@@ -20,6 +20,7 @@ import (
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promauto"
+ "github.com/letsencrypt/boulder/features"
"github.com/letsencrypt/boulder/iana"
blog "github.com/letsencrypt/boulder/log"
"github.com/letsencrypt/boulder/metrics"
@@ -75,22 +76,30 @@ func New(
) Client {
var client exchanger
- // Clone the default transport because it comes with various settings
- // that we like, which are different from the zero value of an
- // `http.Transport`.
- transport := http.DefaultTransport.(*http.Transport).Clone()
- transport.TLSClientConfig = tlsConfig
- // The default transport already sets this field, but it isn't
- // documented that it will always be set. Set it again to be sure,
- // because Unbound will reject non-HTTP/2 DoH requests.
- transport.ForceAttemptHTTP2 = true
- client = &dohExchanger{
- clk: clk,
- hc: http.Client{
- Timeout: readTimeout,
- Transport: transport,
- },
- userAgent: userAgent,
+ if features.Get().DOH {
+ // Clone the default transport because it comes with various settings
+ // that we like, which are different from the zero value of an
+ // `http.Transport`.
+ transport := http.DefaultTransport.(*http.Transport).Clone()
+ transport.TLSClientConfig = tlsConfig
+ // The default transport already sets this field, but it isn't
+ // documented that it will always be set. Set it again to be sure,
+ // because Unbound will reject non-HTTP/2 DoH requests.
+ transport.ForceAttemptHTTP2 = true
+ client = &dohExchanger{
+ clk: clk,
+ hc: http.Client{
+ Timeout: readTimeout,
+ Transport: transport,
+ },
+ userAgent: userAgent,
+ }
+ } else {
+ client = &dns.Client{
+ // Set timeout for underlying net.Conn
+ ReadTimeout: readTimeout,
+ Net: "udp",
+ }
}
queryTime := promauto.With(stats).NewHistogramVec(
@@ -260,10 +269,17 @@ func (dnsClient *impl) exchangeOne(ctx context.Context, hostname string, qtype u
case r := <-ch:
if r.err != nil {
var isRetryable bool
- // Check if the error is a timeout error. Network errors
- // that can timeout implement the net.Error interface.
- var netErr net.Error
- isRetryable = errors.As(r.err, &netErr) && netErr.Timeout()
+ if features.Get().DOH {
+ // Check if the error is a timeout error. Network errors
+ // that can timeout implement the net.Error interface.
+ var netErr net.Error
+ isRetryable = errors.As(r.err, &netErr) && netErr.Timeout()
+ } else {
+ // According to the net package documentation, retryable
+ // errors emitted by the net package are of type *net.OpError.
+ var opErr *net.OpError
+ isRetryable = errors.As(r.err, &opErr) && opErr.Temporary()
+ }
hasRetriesLeft := tries < dnsClient.maxTries
if isRetryable && hasRetriesLeft {
tries++
Reference in New Issue View Git Blame Copy Permalink