Fix dns timeout - it have to be less, then full timeout for cert requ…

…est.

dns.go

@@ -174,6 +174,9 @@ func getIPsFromDNS(ctx context.Context, domain, dnsServer string, recordType uin
 
 	if deadline, hasDeadline := ctx.Deadline(); hasDeadline {
 		ctxTimeout := time.Until(deadline)
+		if *dnsTimeout < ctxTimeout {
+			ctxTimeout = *dnsTimeout
+		}
 		dnsClient.DialTimeout = ctxTimeout
 		dnsClient.ReadTimeout = ctxTimeout
 		dnsClient.WriteTimeout = ctxTimeout

flags.go

@@ -24,6 +24,7 @@ var (
 	cryptoCurvePreferences        = flag.String("crypto-curves", "", "Names or integer values of CurveID, separated by comma. If empty - default usage. https://golang.org/pkg/crypto/tls/#CurveID")
 	daemonFlag                    = flag.Bool(DAEMON_KEY_NAME, false, "Start as background daemon. Supported in Unix OS only.")
 	defaultDomain                 = flag.String("default-domain", "", "Usage when SNI domain isn't available (has zero length). For example client doesn't support SNI. It is used to obtain a certificate only. It isn't force set header HOST in request.")
+	dnsTimeout                    = flag.Duration("dns-timeout", time.Second*3, "Timeout for dns request")
 	getIPByExternalRequestTimeout = flag.Duration("get-ip-by-external-request-timeout", 10*time.Second, "Timeout for request to external service for ip detection. For example when server behind NAT.")
 	inMemoryCertCount             = flag.Int("in-memory-cnt", 100, "How many certificates should be cached in memory, to preveent parsing from file")
 	initOnly                      = flag.Bool("init-only", false, "Exit after initialize, generate self keys. Need for auto-test environment.")