Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: detect Comcast et al DNS and auto-skip DNS tests #17884

bradfitz opened this issue Nov 10, 2016 · 5 comments

net/http: detect Comcast et al DNS and auto-skip DNS tests #17884

bradfitz opened this issue Nov 10, 2016 · 5 comments


Copy link

@bradfitz bradfitz commented Nov 10, 2016

Follow-up to #17670 ...

Some net and net/http tests verify that Go does the right thing upon getting a DNS NXDOMAIN (no DNS name found) error.

But Comcast at al have DNS servers which return fake results pointing you to search engines instead.

Maybe we can detect those DNS servers or DNS results and make those tests auto-skip (t.Skip)

/cc @odeke-em

Copy link

@odeke-em odeke-em commented Nov 11, 2016

Aha interesting, AT&T does this for me too

Thanks for the ping, I am interested.

Copy link

@mxplusb mxplusb commented Nov 30, 2016

You could do something like this:

// all fake DNS tests
func TestNonResolvingDNS(t *testing.T) {
	tr := &http.Transport{}
	c := &http.Client{Transport: tr, CheckRedirect: func(next *http.Response, prev []*http.Request) bool {
		if len(prev) > 1 {
			return false
		} else {
			return true
	req, _ := http.NewRequest("GET", "unresolving.dns", nil)
	resp, _ := c.Do(req)
	if !c.CheckRedirect(req, resp) {
		t.Skip("TestWithRealDNS", TestSomethingWithRealDNS1)
		t.Skip("TestWithRealDNS2", TestSomethingWithRealDNS2)

That would allow you basic segregation for the tests without having to do too much logic. Without a mostly full-featured DNS library, checking for redirections is the easiest method. That being said, an ISC-compliant library in the sub-repo library could be useful to a lot of people.

Copy link

@vcabbage vcabbage commented Dec 18, 2016

@bradfitz Making a request for a known nonexistent domain and checking that no addresses were returned should be a reasonably accurate.

For this purpose the error from net.LookupHost can likely be ignored since the DNS tests will fail anyway if there are issues unrelated to NXDOMAIN responses.

I can create a CL if this approach seems reasonable.

var (
	isShadyDNSOnce sync.Once
	isShadyDNS     bool

func IsShadyDNS() bool {
	isShadyDNSOnce.Do(func() {
		addrs, _ := net.LookupHost("dns-should-not-resolve.golang")
		isShadyDNS = len(addrs) != 0
	return isShadyDNS

For testing, some of the public providers on this list exhibit the bad behavior.

Example querying "Comodo Secure DNS."

# nslookup dns-should-not-resolve.golang

Non-authoritative answer:
Name:	dns-should-not-resolve.golang
Copy link
Contributor Author

@bradfitz bradfitz commented Dec 18, 2016

Copy link

@gopherbot gopherbot commented Dec 18, 2016

CL mentions this issue.

@bradfitz bradfitz modified the milestones: Go1.9, Unplanned Feb 1, 2017
@gopherbot gopherbot closed this in 4aa7b14 Feb 1, 2017
@golang golang locked and limited conversation to collaborators Feb 2, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants