diff --git a/challenge/dns01/nameserver.go b/challenge/dns01/nameserver.go index 4762dc57..f346246b 100644 --- a/challenge/dns01/nameserver.go +++ b/challenge/dns01/nameserver.go @@ -4,6 +4,8 @@ import ( "errors" "fmt" "net" + "os" + "strconv" "strings" "sync" "time" @@ -250,6 +252,13 @@ func createDNSMsg(fqdn string, rtype uint16, recursive bool) *dns.Msg { } func sendDNSQuery(m *dns.Msg, ns string) (*dns.Msg, error) { + if ok, _ := strconv.ParseBool(os.Getenv("LEGO_EXPERIMENTAL_DNS_TCP_ONLY")); ok { + tcp := &dns.Client{Net: "tcp", Timeout: dnsTimeout} + in, _, err := tcp.Exchange(m, ns) + + return in, err + } + udp := &dns.Client{Net: "udp", Timeout: dnsTimeout} in, _, err := udp.Exchange(m, ns)