From 41a1cff0ae033e535131a214d79aae610a0ebe9d Mon Sep 17 00:00:00 2001 From: Ward Vandewege Date: Thu, 7 Feb 2019 02:13:47 -0500 Subject: [PATCH] When appending the SOA for authoritative NXDOMAIN responses, it needs to go in (#151) the Authoritative section, not the Answer section. This fixes the acme-dns validation for the lego Let's Encrypt client. --- dns.go | 2 +- dns_test.go | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dns.go b/dns.go index ba3746f..3ca0753 100644 --- a/dns.go +++ b/dns.go @@ -104,7 +104,7 @@ func (d *DNSServer) readQuery(m *dns.Msg) { m.MsgHdr.Authoritative = authoritative if authoritative { if m.MsgHdr.Rcode == dns.RcodeNameError { - m.Answer = append(m.Answer, d.SOA) + m.Ns = append(m.Ns, d.SOA) } } diff --git a/dns_test.go b/dns_test.go index 7826b27..044e9a0 100644 --- a/dns_test.go +++ b/dns_test.go @@ -140,11 +140,11 @@ func TestAuthoritative(t *testing.T) { if answer.Rcode != dns.RcodeNameError { t.Errorf("Was expecing NXDOMAIN rcode, but got [%s] instead.", dns.RcodeToString[answer.Rcode]) } - if len(answer.Answer) != 1 { - t.Errorf("Was expecting exactly one answer (SOA) for invalid subdomain, but got %d", len(answer.Answer)) + if len(answer.Ns) != 1 { + t.Errorf("Was expecting exactly one answer (SOA) for invalid subdomain, but got %d", len(answer.Ns)) } - if answer.Answer[0].Header().Rrtype != dns.TypeSOA { - t.Errorf("Was expecting SOA record as answer for NXDOMAIN but got [%s]", dns.TypeToString[answer.Answer[0].Header().Rrtype]) + if answer.Ns[0].Header().Rrtype != dns.TypeSOA { + t.Errorf("Was expecting SOA record as answer for NXDOMAIN but got [%s]", dns.TypeToString[answer.Ns[0].Header().Rrtype]) } if !answer.MsgHdr.Authoritative { t.Errorf("Was expecting authoritative bit to be set")