net/http: detect Comcast et al DNS and auto-skip DNS tests

[bradfitz]

Follow-up to #17670 ...

Some net and net/http tests verify that Go does the right thing upon getting a DNS NXDOMAIN (no DNS name found) error.

But Comcast at al have DNS servers which return fake results pointing you to search engines instead.

Maybe we can detect those DNS servers or DNS results and make those tests auto-skip (t.Skip)

/cc @odeke-em

[odeke-em]

Aha interesting, AT&T does this for me too http://dnserrorassist.att.net/search/?q=http%3A//dns-should-not-resolve.golang/&r=&t=0.

Thanks for the ping, I am interested.

[siennathesane]

You could do something like this:

// all fake DNS tests
func TestNonResolvingDNS(t *testing.T) {
	tr := &http.Transport{}
	c := &http.Client{Transport: tr, CheckRedirect: func(next *http.Response, prev []*http.Request) bool {
		if len(prev) > 1 {
			return false
		} else {
			return true
		}
	},
	}
	req, _ := http.NewRequest("GET", "unresolving.dns", nil)
	resp, _ := c.Do(req)
	if !c.CheckRedirect(req, resp) {
		t.Skip("TestWithRealDNS", TestSomethingWithRealDNS1)
		t.Skip("TestWithRealDNS2", TestSomethingWithRealDNS2)
	}
	
}

That would allow you basic segregation for the tests without having to do too much logic. Without a mostly full-featured DNS library, checking for redirections is the easiest method. That being said, an ISC-compliant library in the sub-repo library could be useful to a lot of people.

[vcabbage]

@bradfitz Making a request for a known nonexistent domain and checking that no addresses were returned should be a reasonably accurate.

For this purpose the error from net.LookupHost can likely be ignored since the DNS tests will fail anyway if there are issues unrelated to NXDOMAIN responses.

I can create a CL if this approach seems reasonable.

var (
	isShadyDNSOnce sync.Once
	isShadyDNS     bool
)

func IsShadyDNS() bool {
	isShadyDNSOnce.Do(func() {
		addrs, _ := net.LookupHost("dns-should-not-resolve.golang")
		isShadyDNS = len(addrs) != 0
	})
	return isShadyDNS
}

For testing, some of the public providers on this list exhibit the bad behavior.

Example querying "Comodo Secure DNS."

# nslookup dns-should-not-resolve.golang 8.26.56.26
Server:		8.26.56.26
Address:	8.26.56.26#53

Non-authoritative answer:
Name:	dns-should-not-resolve.golang
Address: 92.242.144.50

[bradfitz]

LGTM

[gopherbot]

CL https://golang.org/cl/34516 mentions this issue.