TUN-813: Clean up cloudflared dependencies

2025-07-27 22:49:58 +00:00 · 2018-07-24 18:04:33 -05:00
parent d06fc520c7
commit 0468866626
3310 changed files with 993 additions and 1223303 deletions
--- a/vendor/github.com/miekg/dns/client_test.go
+++ b/vendor/github.com/miekg/dns/client_test.go
@@ -1,612 +0,0 @@
-package dns
-
-import (
-	"context"
-	"crypto/tls"
-	"fmt"
-	"net"
-	"strconv"
-	"strings"
-	"sync"
-	"testing"
-	"time"
-)
-
-func TestDialUDP(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	c := new(Client)
-	conn, err := c.Dial(addrstr)
-	if err != nil {
-		t.Fatalf("failed to dial: %v", err)
-	}
-	if conn == nil {
-		t.Fatalf("conn is nil")
-	}
-}
-
-func TestClientSync(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	c := new(Client)
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-	if r == nil {
-		t.Fatal("response is nil")
-	}
-	if r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-	// And now with plain Exchange().
-	r, err = Exchange(m, addrstr)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-	if r == nil || r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-}
-
-func TestClientLocalAddress(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServerEchoAddrPort)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	c := new(Client)
-	laddr := net.UDPAddr{IP: net.ParseIP("0.0.0.0"), Port: 12345, Zone: ""}
-	c.Dialer = &net.Dialer{LocalAddr: &laddr}
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-	if r != nil && r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-	if len(r.Extra) != 1 {
-		t.Errorf("failed to get additional answers\n%v", r)
-	}
-	txt := r.Extra[0].(*TXT)
-	if txt == nil {
-		t.Errorf("invalid TXT response\n%v", txt)
-	}
-	if len(txt.Txt) != 1 || !strings.Contains(txt.Txt[0], ":12345") {
-		t.Errorf("invalid TXT response\n%v", txt.Txt)
-	}
-}
-
-func TestClientTLSSyncV4(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-
-	cert, err := tls.X509KeyPair(CertPEMBlock, KeyPEMBlock)
-	if err != nil {
-		t.Fatalf("unable to build certificate: %v", err)
-	}
-
-	config := tls.Config{
-		Certificates: []tls.Certificate{cert},
-	}
-
-	s, addrstr, err := RunLocalTLSServer(":0", &config)
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	c := new(Client)
-
-	// test tcp-tls
-	c.Net = "tcp-tls"
-	c.TLSConfig = &tls.Config{
-		InsecureSkipVerify: true,
-	}
-
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-	if r == nil {
-		t.Fatal("response is nil")
-	}
-	if r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-
-	// test tcp4-tls
-	c.Net = "tcp4-tls"
-	c.TLSConfig = &tls.Config{
-		InsecureSkipVerify: true,
-	}
-
-	r, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-	if r == nil {
-		t.Fatal("response is nil")
-	}
-	if r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-}
-
-func TestClientSyncBadID(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServerBadID)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	c := new(Client)
-	if _, _, err := c.Exchange(m, addrstr); err != ErrId {
-		t.Errorf("did not find a bad Id")
-	}
-	// And now with plain Exchange().
-	if _, err := Exchange(m, addrstr); err != ErrId {
-		t.Errorf("did not find a bad Id")
-	}
-}
-
-func TestClientEDNS0(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeDNSKEY)
-
-	m.SetEdns0(2048, true)
-
-	c := new(Client)
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-
-	if r != nil && r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get a valid answer\n%v", r)
-	}
-}
-
-// Validates the transmission and parsing of local EDNS0 options.
-func TestClientEDNS0Local(t *testing.T) {
-	optStr1 := "1979:0x0707"
-	optStr2 := strconv.Itoa(EDNS0LOCALSTART) + ":0x0601"
-
-	handler := func(w ResponseWriter, req *Msg) {
-		m := new(Msg)
-		m.SetReply(req)
-
-		m.Extra = make([]RR, 1, 2)
-		m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello local edns"}}
-
-		// If the local options are what we expect, then reflect them back.
-		ec1 := req.Extra[0].(*OPT).Option[0].(*EDNS0_LOCAL).String()
-		ec2 := req.Extra[0].(*OPT).Option[1].(*EDNS0_LOCAL).String()
-		if ec1 == optStr1 && ec2 == optStr2 {
-			m.Extra = append(m.Extra, req.Extra[0])
-		}
-
-		w.WriteMsg(m)
-	}
-
-	HandleFunc("miek.nl.", handler)
-	defer HandleRemove("miek.nl.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %s", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-
-	// Add two local edns options to the query.
-	ec1 := &EDNS0_LOCAL{Code: 1979, Data: []byte{7, 7}}
-	ec2 := &EDNS0_LOCAL{Code: EDNS0LOCALSTART, Data: []byte{6, 1}}
-	o := &OPT{Hdr: RR_Header{Name: ".", Rrtype: TypeOPT}, Option: []EDNS0{ec1, ec2}}
-	m.Extra = append(m.Extra, o)
-
-	c := new(Client)
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %s", err)
-	}
-
-	if r == nil {
-		t.Fatal("response is nil")
-	}
-	if r.Rcode != RcodeSuccess {
-		t.Fatal("failed to get a valid answer")
-	}
-
-	txt := r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello local edns" {
-		t.Error("Unexpected result for miek.nl", txt, "!= Hello local edns")
-	}
-
-	// Validate the local options in the reply.
-	got := r.Extra[1].(*OPT).Option[0].(*EDNS0_LOCAL).String()
-	if got != optStr1 {
-		t.Errorf("failed to get local edns0 answer; got %s, expected %s", got, optStr1)
-	}
-
-	got = r.Extra[1].(*OPT).Option[1].(*EDNS0_LOCAL).String()
-	if got != optStr2 {
-		t.Errorf("failed to get local edns0 answer; got %s, expected %s", got, optStr2)
-	}
-}
-
-func TestClientConn(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-
-	// This uses TCP just to make it slightly different than TestClientSync
-	s, addrstr, err := RunLocalTCPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	cn, err := Dial("tcp", addrstr)
-	if err != nil {
-		t.Errorf("failed to dial %s: %v", addrstr, err)
-	}
-
-	err = cn.WriteMsg(m)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-	r, err := cn.ReadMsg()
-	if err != nil {
-		t.Errorf("failed to get a valid answer: %v", err)
-	}
-	if r == nil || r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-
-	err = cn.WriteMsg(m)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-	h := new(Header)
-	buf, err := cn.ReadMsgHeader(h)
-	if buf == nil {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-	if err != nil {
-		t.Errorf("failed to get a valid answer: %v", err)
-	}
-	if int(h.Bits&0xF) != RcodeSuccess {
-		t.Errorf("failed to get an valid answer in ReadMsgHeader\n%v", r)
-	}
-	if h.Ancount != 0 || h.Qdcount != 1 || h.Nscount != 0 || h.Arcount != 1 {
-		t.Errorf("expected to have question and additional in response; got something else: %+v", h)
-	}
-	if err = r.Unpack(buf); err != nil {
-		t.Errorf("unable to unpack message fully: %v", err)
-	}
-}
-
-func TestTruncatedMsg(t *testing.T) {
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSRV)
-	cnt := 10
-	for i := 0; i < cnt; i++ {
-		r := &SRV{
-			Hdr:    RR_Header{Name: m.Question[0].Name, Rrtype: TypeSRV, Class: ClassINET, Ttl: 0},
-			Port:   uint16(i + 8000),
-			Target: "target.miek.nl.",
-		}
-		m.Answer = append(m.Answer, r)
-
-		re := &A{
-			Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeA, Class: ClassINET, Ttl: 0},
-			A:   net.ParseIP(fmt.Sprintf("127.0.0.%d", i)).To4(),
-		}
-		m.Extra = append(m.Extra, re)
-	}
-	buf, err := m.Pack()
-	if err != nil {
-		t.Errorf("failed to pack: %v", err)
-	}
-
-	r := new(Msg)
-	if err = r.Unpack(buf); err != nil {
-		t.Errorf("unable to unpack message: %v", err)
-	}
-	if len(r.Answer) != cnt {
-		t.Errorf("answer count after regular unpack doesn't match: %d", len(r.Answer))
-	}
-	if len(r.Extra) != cnt {
-		t.Errorf("extra count after regular unpack doesn't match: %d", len(r.Extra))
-	}
-
-	m.Truncated = true
-	buf, err = m.Pack()
-	if err != nil {
-		t.Errorf("failed to pack truncated: %v", err)
-	}
-
-	r = new(Msg)
-	if err = r.Unpack(buf); err != nil && err != ErrTruncated {
-		t.Errorf("unable to unpack truncated message: %v", err)
-	}
-	if !r.Truncated {
-		t.Errorf("truncated message wasn't unpacked as truncated")
-	}
-	if len(r.Answer) != cnt {
-		t.Errorf("answer count after truncated unpack doesn't match: %d", len(r.Answer))
-	}
-	if len(r.Extra) != cnt {
-		t.Errorf("extra count after truncated unpack doesn't match: %d", len(r.Extra))
-	}
-
-	// Now we want to remove almost all of the extra records
-	// We're going to loop over the extra to get the count of the size of all
-	// of them
-	off := 0
-	buf1 := make([]byte, m.Len())
-	for i := 0; i < len(m.Extra); i++ {
-		off, err = PackRR(m.Extra[i], buf1, off, nil, m.Compress)
-		if err != nil {
-			t.Errorf("failed to pack extra: %v", err)
-		}
-	}
-
-	// Remove all of the extra bytes but 10 bytes from the end of buf
-	off -= 10
-	buf1 = buf[:len(buf)-off]
-
-	r = new(Msg)
-	if err = r.Unpack(buf1); err != nil && err != ErrTruncated {
-		t.Errorf("unable to unpack cutoff message: %v", err)
-	}
-	if !r.Truncated {
-		t.Error("truncated cutoff message wasn't unpacked as truncated")
-	}
-	if len(r.Answer) != cnt {
-		t.Errorf("answer count after cutoff unpack doesn't match: %d", len(r.Answer))
-	}
-	if len(r.Extra) != 0 {
-		t.Errorf("extra count after cutoff unpack is not zero: %d", len(r.Extra))
-	}
-
-	// Now we want to remove almost all of the answer records too
-	buf1 = make([]byte, m.Len())
-	as := 0
-	for i := 0; i < len(m.Extra); i++ {
-		off1 := off
-		off, err = PackRR(m.Extra[i], buf1, off, nil, m.Compress)
-		as = off - off1
-		if err != nil {
-			t.Errorf("failed to pack extra: %v", err)
-		}
-	}
-
-	// Keep exactly one answer left
-	// This should still cause Answer to be nil
-	off -= as
-	buf1 = buf[:len(buf)-off]
-
-	r = new(Msg)
-	if err = r.Unpack(buf1); err != nil && err != ErrTruncated {
-		t.Errorf("unable to unpack cutoff message: %v", err)
-	}
-	if !r.Truncated {
-		t.Error("truncated cutoff message wasn't unpacked as truncated")
-	}
-	if len(r.Answer) != 0 {
-		t.Errorf("answer count after second cutoff unpack is not zero: %d", len(r.Answer))
-	}
-
-	// Now leave only 1 byte of the question
-	// Since the header is always 12 bytes, we just need to keep 13
-	buf1 = buf[:13]
-
-	r = new(Msg)
-	err = r.Unpack(buf1)
-	if err == nil || err == ErrTruncated {
-		t.Errorf("error should not be ErrTruncated from question cutoff unpack: %v", err)
-	}
-
-	// Finally, if we only have the header, we don't return an error.
-	buf1 = buf[:12]
-
-	r = new(Msg)
-	if err = r.Unpack(buf1); err != nil {
-		t.Errorf("from header-only unpack should not return an error: %v", err)
-	}
-}
-
-func TestTimeout(t *testing.T) {
-	// Set up a dummy UDP server that won't respond
-	addr, err := net.ResolveUDPAddr("udp", ":0")
-	if err != nil {
-		t.Fatalf("unable to resolve local udp address: %v", err)
-	}
-	conn, err := net.ListenUDP("udp", addr)
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer conn.Close()
-	addrstr := conn.LocalAddr().String()
-
-	// Message to send
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-
-	// Use a channel + timeout to ensure we don't get stuck if the
-	// Client Timeout is not working properly
-	done := make(chan struct{}, 2)
-
-	timeout := time.Millisecond
-	allowable := timeout + (10 * time.Millisecond)
-	abortAfter := timeout + (100 * time.Millisecond)
-
-	start := time.Now()
-
-	go func() {
-		c := &Client{Timeout: timeout}
-		_, _, err := c.Exchange(m, addrstr)
-		if err == nil {
-			t.Error("no timeout using Client.Exchange")
-		}
-		done <- struct{}{}
-	}()
-
-	go func() {
-		ctx, cancel := context.WithTimeout(context.Background(), timeout)
-		defer cancel()
-		c := &Client{}
-		_, _, err := c.ExchangeContext(ctx, m, addrstr)
-		if err == nil {
-			t.Error("no timeout using Client.ExchangeContext")
-		}
-		done <- struct{}{}
-	}()
-
-	// Wait for both the Exchange and ExchangeContext tests to be done.
-	for i := 0; i < 2; i++ {
-		select {
-		case <-done:
-		case <-time.After(abortAfter):
-		}
-	}
-
-	length := time.Since(start)
-
-	if length > allowable {
-		t.Errorf("exchange took longer %v than specified Timeout %v", length, allowable)
-	}
-}
-
-// Check that responses from deduplicated requests aren't shared between callers
-func TestConcurrentExchanges(t *testing.T) {
-	cases := make([]*Msg, 2)
-	cases[0] = new(Msg)
-	cases[1] = new(Msg)
-	cases[1].Truncated = true
-	for _, m := range cases {
-		block := make(chan struct{})
-		waiting := make(chan struct{})
-
-		handler := func(w ResponseWriter, req *Msg) {
-			r := m.Copy()
-			r.SetReply(req)
-
-			waiting <- struct{}{}
-			<-block
-			w.WriteMsg(r)
-		}
-
-		HandleFunc("miek.nl.", handler)
-		defer HandleRemove("miek.nl.")
-
-		s, addrstr, err := RunLocalUDPServer(":0")
-		if err != nil {
-			t.Fatalf("unable to run test server: %s", err)
-		}
-		defer s.Shutdown()
-
-		m := new(Msg)
-		m.SetQuestion("miek.nl.", TypeSRV)
-		c := &Client{
-			SingleInflight: true,
-		}
-		r := make([]*Msg, 2)
-
-		var wg sync.WaitGroup
-		wg.Add(len(r))
-		for i := 0; i < len(r); i++ {
-			go func(i int) {
-				defer wg.Done()
-				r[i], _, _ = c.Exchange(m.Copy(), addrstr)
-				if r[i] == nil {
-					t.Errorf("response %d is nil", i)
-				}
-			}(i)
-		}
-		select {
-		case <-waiting:
-		case <-time.After(time.Second):
-			t.FailNow()
-		}
-		close(block)
-		wg.Wait()
-
-		if r[0] == r[1] {
-			t.Errorf("got same response, expected non-shared responses")
-		}
-	}
-}
-
-func TestDoHExchange(t *testing.T) {
-	const addrstr = "https://dns.cloudflare.com/dns-query"
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeSOA)
-
-	cl := &Client{Net: "https"}
-
-	r, _, err := cl.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatalf("failed to exchange: %v", err)
-	}
-
-	if r == nil || r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-
-	t.Log(r)
-
-	// TODO: proper tests for this
-}
--- a/vendor/github.com/miekg/dns/clientconfig_test.go
+++ b/vendor/github.com/miekg/dns/clientconfig_test.go
@@ -1,181 +0,0 @@
-package dns
-
-import (
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-	"testing"
-)
-
-const normal string = `
-# Comment
-domain somedomain.com
-nameserver 10.28.10.2
-nameserver 11.28.10.1
-`
-
-const missingNewline string = `
-domain somedomain.com
-nameserver 10.28.10.2
-nameserver 11.28.10.1` // <- NOTE: NO newline.
-
-func testConfig(t *testing.T, data string) {
-	cc, err := ClientConfigFromReader(strings.NewReader(data))
-	if err != nil {
-		t.Errorf("error parsing resolv.conf: %v", err)
-	}
-	if l := len(cc.Servers); l != 2 {
-		t.Errorf("incorrect number of nameservers detected: %d", l)
-	}
-	if l := len(cc.Search); l != 1 {
-		t.Errorf("domain directive not parsed correctly: %v", cc.Search)
-	} else {
-		if cc.Search[0] != "somedomain.com" {
-			t.Errorf("domain is unexpected: %v", cc.Search[0])
-		}
-	}
-}
-
-func TestNameserver(t *testing.T)          { testConfig(t, normal) }
-func TestMissingFinalNewLine(t *testing.T) { testConfig(t, missingNewline) }
-
-func TestNdots(t *testing.T) {
-	ndotsVariants := map[string]int{
-		"options ndots:0":  0,
-		"options ndots:1":  1,
-		"options ndots:15": 15,
-		"options ndots:16": 15,
-		"options ndots:-1": 0,
-		"":                 1,
-	}
-
-	for data := range ndotsVariants {
-		cc, err := ClientConfigFromReader(strings.NewReader(data))
-		if err != nil {
-			t.Errorf("error parsing resolv.conf: %v", err)
-		}
-		if cc.Ndots != ndotsVariants[data] {
-			t.Errorf("Ndots not properly parsed: (Expected: %d / Was: %d)", ndotsVariants[data], cc.Ndots)
-		}
-	}
-}
-
-func TestClientConfigFromReaderAttempts(t *testing.T) {
-	testCases := []struct {
-		data     string
-		expected int
-	}{
-		{data: "options attempts:0", expected: 1},
-		{data: "options attempts:1", expected: 1},
-		{data: "options attempts:15", expected: 15},
-		{data: "options attempts:16", expected: 16},
-		{data: "options attempts:-1", expected: 1},
-		{data: "options attempt:", expected: 2},
-	}
-
-	for _, test := range testCases {
-		test := test
-		t.Run(strings.Replace(test.data, ":", " ", -1), func(t *testing.T) {
-			t.Parallel()
-
-			cc, err := ClientConfigFromReader(strings.NewReader(test.data))
-			if err != nil {
-				t.Errorf("error parsing resolv.conf: %v", err)
-			}
-			if cc.Attempts != test.expected {
-				t.Errorf("A attempts not properly parsed: (Expected: %d / Was: %d)", test.expected, cc.Attempts)
-			}
-		})
-	}
-}
-
-func TestReadFromFile(t *testing.T) {
-	tempDir, err := ioutil.TempDir("", "")
-	if err != nil {
-		t.Fatalf("tempDir: %v", err)
-	}
-	defer os.RemoveAll(tempDir)
-
-	path := filepath.Join(tempDir, "resolv.conf")
-	if err := ioutil.WriteFile(path, []byte(normal), 0644); err != nil {
-		t.Fatalf("writeFile: %v", err)
-	}
-	cc, err := ClientConfigFromFile(path)
-	if err != nil {
-		t.Errorf("error parsing resolv.conf: %v", err)
-	}
-	if l := len(cc.Servers); l != 2 {
-		t.Errorf("incorrect number of nameservers detected: %d", l)
-	}
-	if l := len(cc.Search); l != 1 {
-		t.Errorf("domain directive not parsed correctly: %v", cc.Search)
-	} else {
-		if cc.Search[0] != "somedomain.com" {
-			t.Errorf("domain is unexpected: %v", cc.Search[0])
-		}
-	}
-}
-
-func TestNameListNdots1(t *testing.T) {
-	cfg := ClientConfig{
-		Ndots: 1,
-	}
-	// fqdn should be only result returned
-	names := cfg.NameList("miek.nl.")
-	if len(names) != 1 {
-		t.Errorf("NameList returned != 1 names: %v", names)
-	} else if names[0] != "miek.nl." {
-		t.Errorf("NameList didn't return sent fqdn domain: %v", names[0])
-	}
-
-	cfg.Search = []string{
-		"test",
-	}
-	// Sent domain has NDots and search
-	names = cfg.NameList("miek.nl")
-	if len(names) != 2 {
-		t.Errorf("NameList returned != 2 names: %v", names)
-	} else if names[0] != "miek.nl." {
-		t.Errorf("NameList didn't return sent domain first: %v", names[0])
-	} else if names[1] != "miek.nl.test." {
-		t.Errorf("NameList didn't return search last: %v", names[1])
-	}
-}
-func TestNameListNdots2(t *testing.T) {
-	cfg := ClientConfig{
-		Ndots: 2,
-	}
-
-	// Sent domain has less than NDots and search
-	cfg.Search = []string{
-		"test",
-	}
-	names := cfg.NameList("miek.nl")
-
-	if len(names) != 2 {
-		t.Errorf("NameList returned != 2 names: %v", names)
-	} else if names[0] != "miek.nl.test." {
-		t.Errorf("NameList didn't return search first: %v", names[0])
-	} else if names[1] != "miek.nl." {
-		t.Errorf("NameList didn't return sent domain last: %v", names[1])
-	}
-}
-
-func TestNameListNdots0(t *testing.T) {
-	cfg := ClientConfig{
-		Ndots: 0,
-	}
-	cfg.Search = []string{
-		"test",
-	}
-	// Sent domain has less than NDots and search
-	names := cfg.NameList("miek")
-	if len(names) != 2 {
-		t.Errorf("NameList returned != 2 names: %v", names)
-	} else if names[0] != "miek." {
-		t.Errorf("NameList didn't return search first: %v", names[0])
-	} else if names[1] != "miek.test." {
-		t.Errorf("NameList didn't return sent domain last: %v", names[1])
-	}
-}
--- a/vendor/github.com/miekg/dns/dns_bench_test.go
+++ b/vendor/github.com/miekg/dns/dns_bench_test.go
@@ -1,230 +0,0 @@
-package dns
-
-import (
-	"net"
-	"testing"
-)
-
-func BenchmarkMsgLength(b *testing.B) {
-	b.StopTimer()
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		msg.Compress = true
-		return msg
-	}
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)
-	b.StartTimer()
-	for i := 0; i < b.N; i++ {
-		msg.Len()
-	}
-}
-
-func BenchmarkMsgLengthNoCompression(b *testing.B) {
-	b.StopTimer()
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		return msg
-	}
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)
-	b.StartTimer()
-	for i := 0; i < b.N; i++ {
-		msg.Len()
-	}
-}
-
-func BenchmarkMsgLengthPack(b *testing.B) {
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		msg.Compress = true
-		return msg
-	}
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = msg.Pack()
-	}
-}
-
-func BenchmarkPackDomainName(b *testing.B) {
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	buf := make([]byte, len(name1)+1)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = PackDomainName(name1, buf, 0, nil, false)
-	}
-}
-
-func BenchmarkUnpackDomainName(b *testing.B) {
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	buf := make([]byte, len(name1)+1)
-	_, _ = PackDomainName(name1, buf, 0, nil, false)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _, _ = UnpackDomainName(buf, 0)
-	}
-}
-
-func BenchmarkUnpackDomainNameUnprintable(b *testing.B) {
-	name1 := "\x02\x02\x02\x025\x02\x02\x02\x02.12345678.123."
-	buf := make([]byte, len(name1)+1)
-	_, _ = PackDomainName(name1, buf, 0, nil, false)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _, _ = UnpackDomainName(buf, 0)
-	}
-}
-
-func BenchmarkCopy(b *testing.B) {
-	b.ReportAllocs()
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeA)
-	rr := testRR("miek.nl. 2311 IN A 127.0.0.1")
-	m.Answer = []RR{rr}
-	rr = testRR("miek.nl. 2311 IN NS 127.0.0.1")
-	m.Ns = []RR{rr}
-	rr = testRR("miek.nl. 2311 IN A 127.0.0.1")
-	m.Extra = []RR{rr}
-
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		m.Copy()
-	}
-}
-
-func BenchmarkPackA(b *testing.B) {
-	a := &A{Hdr: RR_Header{Name: ".", Rrtype: TypeA, Class: ClassANY}, A: net.IPv4(127, 0, 0, 1)}
-
-	buf := make([]byte, a.len())
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = PackRR(a, buf, 0, nil, false)
-	}
-}
-
-func BenchmarkUnpackA(b *testing.B) {
-	a := &A{Hdr: RR_Header{Name: ".", Rrtype: TypeA, Class: ClassANY}, A: net.IPv4(127, 0, 0, 1)}
-
-	buf := make([]byte, a.len())
-	PackRR(a, buf, 0, nil, false)
-	a = nil
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _, _ = UnpackRR(buf, 0)
-	}
-}
-
-func BenchmarkPackMX(b *testing.B) {
-	m := &MX{Hdr: RR_Header{Name: ".", Rrtype: TypeA, Class: ClassANY}, Mx: "mx.miek.nl."}
-
-	buf := make([]byte, m.len())
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = PackRR(m, buf, 0, nil, false)
-	}
-}
-
-func BenchmarkUnpackMX(b *testing.B) {
-	m := &MX{Hdr: RR_Header{Name: ".", Rrtype: TypeA, Class: ClassANY}, Mx: "mx.miek.nl."}
-
-	buf := make([]byte, m.len())
-	PackRR(m, buf, 0, nil, false)
-	m = nil
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _, _ = UnpackRR(buf, 0)
-	}
-}
-
-func BenchmarkPackAAAAA(b *testing.B) {
-	aaaa := testRR(". IN A ::1")
-
-	buf := make([]byte, aaaa.len())
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = PackRR(aaaa, buf, 0, nil, false)
-	}
-}
-
-func BenchmarkUnpackAAAA(b *testing.B) {
-	aaaa := testRR(". IN A ::1")
-
-	buf := make([]byte, aaaa.len())
-	PackRR(aaaa, buf, 0, nil, false)
-	aaaa = nil
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _, _ = UnpackRR(buf, 0)
-	}
-}
-
-func BenchmarkPackMsg(b *testing.B) {
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		msg.Compress = true
-		return msg
-	}
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)
-	buf := make([]byte, 512)
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_, _ = msg.PackBuffer(buf)
-	}
-}
-
-func BenchmarkUnpackMsg(b *testing.B) {
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		msg.Compress = true
-		return msg
-	}
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)
-	msgBuf, _ := msg.Pack()
-	b.ReportAllocs()
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		_ = msg.Unpack(msgBuf)
-	}
-}
-
-func BenchmarkIdGeneration(b *testing.B) {
-	for i := 0; i < b.N; i++ {
-		_ = id()
-	}
-}
--- a/vendor/github.com/miekg/dns/dns_test.go
+++ b/vendor/github.com/miekg/dns/dns_test.go
@@ -1,320 +0,0 @@
-package dns
-
-import (
-	"bytes"
-	"encoding/hex"
-	"net"
-	"testing"
-)
-
-func TestPackUnpack(t *testing.T) {
-	out := new(Msg)
-	out.Answer = make([]RR, 1)
-	key := new(DNSKEY)
-	key = &DNSKEY{Flags: 257, Protocol: 3, Algorithm: RSASHA1}
-	key.Hdr = RR_Header{Name: "miek.nl.", Rrtype: TypeDNSKEY, Class: ClassINET, Ttl: 3600}
-	key.PublicKey = "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ"
-
-	out.Answer[0] = key
-	msg, err := out.Pack()
-	if err != nil {
-		t.Error("failed to pack msg with DNSKEY")
-	}
-	in := new(Msg)
-	if in.Unpack(msg) != nil {
-		t.Error("failed to unpack msg with DNSKEY")
-	}
-
-	sig := new(RRSIG)
-	sig = &RRSIG{TypeCovered: TypeDNSKEY, Algorithm: RSASHA1, Labels: 2,
-		OrigTtl: 3600, Expiration: 4000, Inception: 4000, KeyTag: 34641, SignerName: "miek.nl.",
-		Signature: "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ"}
-	sig.Hdr = RR_Header{Name: "miek.nl.", Rrtype: TypeRRSIG, Class: ClassINET, Ttl: 3600}
-
-	out.Answer[0] = sig
-	msg, err = out.Pack()
-	if err != nil {
-		t.Error("failed to pack msg with RRSIG")
-	}
-
-	if in.Unpack(msg) != nil {
-		t.Error("failed to unpack msg with RRSIG")
-	}
-}
-
-func TestPackUnpack2(t *testing.T) {
-	m := new(Msg)
-	m.Extra = make([]RR, 1)
-	m.Answer = make([]RR, 1)
-	dom := "miek.nl."
-	rr := new(A)
-	rr.Hdr = RR_Header{Name: dom, Rrtype: TypeA, Class: ClassINET, Ttl: 0}
-	rr.A = net.IPv4(127, 0, 0, 1)
-
-	x := new(TXT)
-	x.Hdr = RR_Header{Name: dom, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}
-	x.Txt = []string{"heelalaollo"}
-
-	m.Extra[0] = x
-	m.Answer[0] = rr
-	_, err := m.Pack()
-	if err != nil {
-		t.Error("Packing failed: ", err)
-		return
-	}
-}
-
-func TestPackUnpack3(t *testing.T) {
-	m := new(Msg)
-	m.Extra = make([]RR, 2)
-	m.Answer = make([]RR, 1)
-	dom := "miek.nl."
-	rr := new(A)
-	rr.Hdr = RR_Header{Name: dom, Rrtype: TypeA, Class: ClassINET, Ttl: 0}
-	rr.A = net.IPv4(127, 0, 0, 1)
-
-	x1 := new(TXT)
-	x1.Hdr = RR_Header{Name: dom, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}
-	x1.Txt = []string{}
-
-	x2 := new(TXT)
-	x2.Hdr = RR_Header{Name: dom, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}
-	x2.Txt = []string{"heelalaollo"}
-
-	m.Extra[0] = x1
-	m.Extra[1] = x2
-	m.Answer[0] = rr
-	b, err := m.Pack()
-	if err != nil {
-		t.Error("packing failed: ", err)
-		return
-	}
-
-	var unpackMsg Msg
-	err = unpackMsg.Unpack(b)
-	if err != nil {
-		t.Error("unpacking failed")
-		return
-	}
-}
-
-func TestBailiwick(t *testing.T) {
-	yes := map[string]string{
-		"miek1.nl": "miek1.nl",
-		"miek.nl":  "ns.miek.nl",
-		".":        "miek.nl",
-	}
-	for parent, child := range yes {
-		if !IsSubDomain(parent, child) {
-			t.Errorf("%s should be child of %s", child, parent)
-			t.Errorf("comparelabels %d", CompareDomainName(parent, child))
-			t.Errorf("lenlabels %d %d", CountLabel(parent), CountLabel(child))
-		}
-	}
-	no := map[string]string{
-		"www.miek.nl":  "ns.miek.nl",
-		"m\\.iek.nl":   "ns.miek.nl",
-		"w\\.iek.nl":   "w.iek.nl",
-		"p\\\\.iek.nl": "ns.p.iek.nl", // p\\.iek.nl , literal \ in domain name
-		"miek.nl":      ".",
-	}
-	for parent, child := range no {
-		if IsSubDomain(parent, child) {
-			t.Errorf("%s should not be child of %s", child, parent)
-			t.Errorf("comparelabels %d", CompareDomainName(parent, child))
-			t.Errorf("lenlabels %d %d", CountLabel(parent), CountLabel(child))
-		}
-	}
-}
-
-func TestPackNAPTR(t *testing.T) {
-	for _, n := range []string{
-		`apple.com. IN NAPTR   100 50 "se" "SIP+D2U" "" _sip._udp.apple.com.`,
-		`apple.com. IN NAPTR   90 50 "se" "SIP+D2T" "" _sip._tcp.apple.com.`,
-		`apple.com. IN NAPTR   50 50 "se" "SIPS+D2T" "" _sips._tcp.apple.com.`,
-	} {
-		rr := testRR(n)
-		msg := make([]byte, rr.len())
-		if off, err := PackRR(rr, msg, 0, nil, false); err != nil {
-			t.Errorf("packing failed: %v", err)
-			t.Errorf("length %d, need more than %d", rr.len(), off)
-		}
-	}
-}
-
-func TestToRFC3597(t *testing.T) {
-	a := testRR("miek.nl. IN A 10.0.1.1")
-	x := new(RFC3597)
-	x.ToRFC3597(a)
-	if x.String() != `miek.nl.	3600	CLASS1	TYPE1	\# 4 0a000101` {
-		t.Errorf("string mismatch, got: %s", x)
-	}
-
-	b := testRR("miek.nl. IN MX 10 mx.miek.nl.")
-	x.ToRFC3597(b)
-	if x.String() != `miek.nl.	3600	CLASS1	TYPE15	\# 14 000a026d78046d69656b026e6c00` {
-		t.Errorf("string mismatch, got: %s", x)
-	}
-}
-
-func TestNoRdataPack(t *testing.T) {
-	data := make([]byte, 1024)
-	for typ, fn := range TypeToRR {
-		r := fn()
-		*r.Header() = RR_Header{Name: "miek.nl.", Rrtype: typ, Class: ClassINET, Ttl: 16}
-		_, err := PackRR(r, data, 0, nil, false)
-		if err != nil {
-			t.Errorf("failed to pack RR with zero rdata: %s: %v", TypeToString[typ], err)
-		}
-	}
-}
-
-func TestNoRdataUnpack(t *testing.T) {
-	data := make([]byte, 1024)
-	for typ, fn := range TypeToRR {
-		if typ == TypeSOA || typ == TypeTSIG || typ == TypeTKEY {
-			// SOA, TSIG will not be seen (like this) in dyn. updates?
-			// TKEY requires length fields to be present for the Key and OtherData fields
-			continue
-		}
-		r := fn()
-		*r.Header() = RR_Header{Name: "miek.nl.", Rrtype: typ, Class: ClassINET, Ttl: 16}
-		off, err := PackRR(r, data, 0, nil, false)
-		if err != nil {
-			// Should always works, TestNoDataPack should have caught this
-			t.Errorf("failed to pack RR: %v", err)
-			continue
-		}
-		if _, _, err := UnpackRR(data[:off], 0); err != nil {
-			t.Errorf("failed to unpack RR with zero rdata: %s: %v", TypeToString[typ], err)
-		}
-	}
-}
-
-func TestRdataOverflow(t *testing.T) {
-	rr := new(RFC3597)
-	rr.Hdr.Name = "."
-	rr.Hdr.Class = ClassINET
-	rr.Hdr.Rrtype = 65280
-	rr.Rdata = hex.EncodeToString(make([]byte, 0xFFFF))
-	buf := make([]byte, 0xFFFF*2)
-	if _, err := PackRR(rr, buf, 0, nil, false); err != nil {
-		t.Fatalf("maximum size rrdata pack failed: %v", err)
-	}
-	rr.Rdata += "00"
-	if _, err := PackRR(rr, buf, 0, nil, false); err != ErrRdata {
-		t.Fatalf("oversize rrdata pack didn't return ErrRdata - instead: %v", err)
-	}
-}
-
-func TestCopy(t *testing.T) {
-	rr := testRR("miek.nl. 2311 IN A 127.0.0.1") // Weird TTL to avoid catching TTL
-	rr1 := Copy(rr)
-	if rr.String() != rr1.String() {
-		t.Fatalf("Copy() failed %s != %s", rr.String(), rr1.String())
-	}
-}
-
-func TestMsgCopy(t *testing.T) {
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeA)
-	rr := testRR("miek.nl. 2311 IN A 127.0.0.1")
-	m.Answer = []RR{rr}
-	rr = testRR("miek.nl. 2311 IN NS 127.0.0.1")
-	m.Ns = []RR{rr}
-
-	m1 := m.Copy()
-	if m.String() != m1.String() {
-		t.Fatalf("Msg.Copy() failed %s != %s", m.String(), m1.String())
-	}
-
-	m1.Answer[0] = testRR("somethingelse.nl. 2311 IN A 127.0.0.1")
-	if m.String() == m1.String() {
-		t.Fatalf("Msg.Copy() failed; change to copy changed template %s", m.String())
-	}
-
-	rr = testRR("miek.nl. 2311 IN A 127.0.0.2")
-	m1.Answer = append(m1.Answer, rr)
-	if m1.Ns[0].String() == m1.Answer[1].String() {
-		t.Fatalf("Msg.Copy() failed; append changed underlying array %s", m1.Ns[0].String())
-	}
-}
-
-func TestMsgPackBuffer(t *testing.T) {
-	var testMessages = []string{
-		// news.ycombinator.com.in.escapemg.com.	IN	A, response
-		"586285830001000000010000046e6577730b79636f6d62696e61746f7203636f6d02696e086573636170656d6703636f6d0000010001c0210006000100000e10002c036e7332c02103646e730b67726f6f7665736861726bc02d77ed50e600002a3000000e1000093a8000000e10",
-
-		// news.ycombinator.com.in.escapemg.com.	IN	A, question
-		"586201000001000000000000046e6577730b79636f6d62696e61746f7203636f6d02696e086573636170656d6703636f6d0000010001",
-
-		"398781020001000000000000046e6577730b79636f6d62696e61746f7203636f6d0000010001",
-	}
-
-	for i, hexData := range testMessages {
-		// we won't fail the decoding of the hex
-		input, _ := hex.DecodeString(hexData)
-		m := new(Msg)
-		if err := m.Unpack(input); err != nil {
-			t.Errorf("packet %d failed to unpack", i)
-			continue
-		}
-	}
-}
-
-// Make sure we can decode a TKEY packet from the string, modify the RR, and then pack it again.
-func TestTKEY(t *testing.T) {
-	// An example TKEY RR captured.  There is no known accepted standard text format for a TKEY
-	// record so we do this from a hex string instead of from a text readable string.
-	tkeyStr := "0737362d6d732d370932322d3332633233332463303439663961662d633065612d313165372d363839362d6463333937396666656666640000f900ff0000000000d2086773732d747369670059fd01f359fe53730003000000b8a181b53081b2a0030a0100a10b06092a864882f712010202a2819d04819a60819706092a864886f71201020202006f8187308184a003020105a10302010fa2783076a003020112a26f046db29b1b1d2625da3b20b49dafef930dd1e9aad335e1c5f45dcd95e0005d67a1100f3e573d70506659dbed064553f1ab890f68f65ae10def0dad5b423b39f240ebe666f2886c5fe03819692d29182bbed87b83e1f9d16b7334ec16a3c4fc5ad4a990088e0be43f0c6957916f5fe60000"
-	tkeyBytes, err := hex.DecodeString(tkeyStr)
-	if err != nil {
-		t.Fatal("unable to decode TKEY string ", err)
-	}
-	// Decode the RR
-	rr, tkeyLen, unPackErr := UnpackRR(tkeyBytes, 0)
-	if unPackErr != nil {
-		t.Fatal("unable to decode TKEY RR", unPackErr)
-	}
-	// Make sure it's a TKEY record
-	if rr.Header().Rrtype != TypeTKEY {
-		t.Fatal("Unable to decode TKEY")
-	}
-	// Make sure we get back the same length
-	if rr.len() != len(tkeyBytes) {
-		t.Fatalf("Lengths don't match %d != %d", rr.len(), len(tkeyBytes))
-	}
-	// make space for it with some fudge room
-	msg := make([]byte, tkeyLen+1000)
-	offset, packErr := PackRR(rr, msg, 0, nil, false)
-	if packErr != nil {
-		t.Fatal("unable to pack TKEY RR", packErr)
-	}
-	if offset != len(tkeyBytes) {
-		t.Fatalf("mismatched TKEY RR size %d != %d", len(tkeyBytes), offset)
-	}
-	if bytes.Compare(tkeyBytes, msg[0:offset]) != 0 {
-		t.Fatal("mismatched TKEY data after rewriting bytes")
-	}
-	t.Logf("got TKEY of: " + rr.String())
-	// Now add some bytes to this and make sure we can encode OtherData properly
-	tkey := rr.(*TKEY)
-	tkey.OtherData = "abcd"
-	tkey.OtherLen = 2
-	offset, packErr = PackRR(tkey, msg, 0, nil, false)
-	if packErr != nil {
-		t.Fatal("unable to pack TKEY RR after modification", packErr)
-	}
-	if offset != (len(tkeyBytes) + 2) {
-		t.Fatalf("mismatched TKEY RR size %d != %d", offset, len(tkeyBytes)+2)
-	}
-	t.Logf("modified to TKEY of: " + rr.String())
-
-	// Make sure we can parse our string output
-	tkey.Hdr.Class = ClassINET // https://github.com/miekg/dns/issues/577
-	newRR, newError := NewRR(tkey.String())
-	if newError != nil {
-		t.Fatalf("unable to parse TKEY string: %s", newError)
-	}
-	t.Log("got reparsed TKEY of newRR: " + newRR.String())
-}
--- a/vendor/github.com/miekg/dns/dnssec_test.go
+++ b/vendor/github.com/miekg/dns/dnssec_test.go
@@ -1,860 +0,0 @@
-package dns
-
-import (
-	"crypto"
-	"crypto/ecdsa"
-	"crypto/rsa"
-	"reflect"
-	"strings"
-	"testing"
-	"time"
-
-	"golang.org/x/crypto/ed25519"
-)
-
-func getKey() *DNSKEY {
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz"
-	return key
-}
-
-func getSoa() *SOA {
-	soa := new(SOA)
-	soa.Hdr = RR_Header{"miek.nl.", TypeSOA, ClassINET, 14400, 0}
-	soa.Ns = "open.nlnetlabs.nl."
-	soa.Mbox = "miekg.atoom.net."
-	soa.Serial = 1293945905
-	soa.Refresh = 14400
-	soa.Retry = 3600
-	soa.Expire = 604800
-	soa.Minttl = 86400
-	return soa
-}
-
-func TestSecure(t *testing.T) {
-	soa := getSoa()
-
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = TypeSOA
-	sig.Algorithm = RSASHA256
-	sig.Labels = 2
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.OrigTtl = 14400
-	sig.KeyTag = 12051
-	sig.SignerName = "miek.nl."
-	sig.Signature = "oMCbslaAVIp/8kVtLSms3tDABpcPRUgHLrOR48OOplkYo+8TeEGWwkSwaz/MRo2fB4FxW0qj/hTlIjUGuACSd+b1wKdH5GvzRJc2pFmxtCbm55ygAh4EUL0F6U5cKtGJGSXxxg6UFCQ0doJCmiGFa78LolaUOXImJrk6AFrGa0M="
-
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz"
-
-	// It should validate. Period is checked separately, so this will keep on working
-	if sig.Verify(key, []RR{soa}) != nil {
-		t.Error("failure to validate")
-	}
-}
-
-func TestSignature(t *testing.T) {
-	sig := new(RRSIG)
-	sig.Hdr.Name = "miek.nl."
-	sig.Hdr.Class = ClassINET
-	sig.Hdr.Ttl = 3600
-	sig.TypeCovered = TypeDNSKEY
-	sig.Algorithm = RSASHA1
-	sig.Labels = 2
-	sig.OrigTtl = 4000
-	sig.Expiration = 1000 //Thu Jan  1 02:06:40 CET 1970
-	sig.Inception = 800   //Thu Jan  1 01:13:20 CET 1970
-	sig.KeyTag = 34641
-	sig.SignerName = "miek.nl."
-	sig.Signature = "AwEAAaHIwpx3w4VHKi6i1LHnTaWeHCL154Jug0Rtc9ji5qwPXpBo6A5sRv7cSsPQKPIwxLpyCrbJ4mr2L0EPOdvP6z6YfljK2ZmTbogU9aSU2fiq/4wjxbdkLyoDVgtO+JsxNN4bjr4WcWhsmk1Hg93FV9ZpkWb0Tbad8DFqNDzr//kZ"
-
-	// Should not be valid
-	if sig.ValidityPeriod(time.Now()) {
-		t.Error("should not be valid")
-	}
-
-	sig.Inception = 315565800   //Tue Jan  1 10:10:00 CET 1980
-	sig.Expiration = 4102477800 //Fri Jan  1 10:10:00 CET 2100
-	if !sig.ValidityPeriod(time.Now()) {
-		t.Error("should be valid")
-	}
-}
-
-func TestSignVerify(t *testing.T) {
-	// The record we want to sign
-	soa := new(SOA)
-	soa.Hdr = RR_Header{"miek.nl.", TypeSOA, ClassINET, 14400, 0}
-	soa.Ns = "open.nlnetlabs.nl."
-	soa.Mbox = "miekg.atoom.net."
-	soa.Serial = 1293945905
-	soa.Refresh = 14400
-	soa.Retry = 3600
-	soa.Expire = 604800
-	soa.Minttl = 86400
-
-	soa1 := new(SOA)
-	soa1.Hdr = RR_Header{"*.miek.nl.", TypeSOA, ClassINET, 14400, 0}
-	soa1.Ns = "open.nlnetlabs.nl."
-	soa1.Mbox = "miekg.atoom.net."
-	soa1.Serial = 1293945905
-	soa1.Refresh = 14400
-	soa1.Retry = 3600
-	soa1.Expire = 604800
-	soa1.Minttl = 86400
-
-	srv := new(SRV)
-	srv.Hdr = RR_Header{"srv.miek.nl.", TypeSRV, ClassINET, 14400, 0}
-	srv.Port = 1000
-	srv.Weight = 800
-	srv.Target = "web1.miek.nl."
-
-	hinfo := &HINFO{
-		Hdr: RR_Header{
-			Name:   "miek.nl.",
-			Rrtype: TypeHINFO,
-			Class:  ClassINET,
-			Ttl:    3789,
-		},
-		Cpu: "X",
-		Os:  "Y",
-	}
-
-	// With this key
-	key := new(DNSKEY)
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	privkey, _ := key.Generate(512)
-
-	// Fill in the values of the Sig, before signing
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = soa.Hdr.Rrtype
-	sig.Labels = uint8(CountLabel(soa.Hdr.Name)) // works for all 3
-	sig.OrigTtl = soa.Hdr.Ttl
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.KeyTag = key.KeyTag()   // Get the keyfrom the Key
-	sig.SignerName = key.Hdr.Name
-	sig.Algorithm = RSASHA256
-
-	for _, r := range []RR{soa, soa1, srv, hinfo} {
-		if err := sig.Sign(privkey.(*rsa.PrivateKey), []RR{r}); err != nil {
-			t.Error("failure to sign the record:", err)
-			continue
-		}
-		if err := sig.Verify(key, []RR{r}); err != nil {
-			t.Errorf("failure to validate: %s", r.Header().Name)
-			continue
-		}
-	}
-}
-
-func Test65534(t *testing.T) {
-	t6 := new(RFC3597)
-	t6.Hdr = RR_Header{"miek.nl.", 65534, ClassINET, 14400, 0}
-	t6.Rdata = "505D870001"
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	privkey, _ := key.Generate(1024)
-
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = t6.Hdr.Rrtype
-	sig.Labels = uint8(CountLabel(t6.Hdr.Name))
-	sig.OrigTtl = t6.Hdr.Ttl
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.KeyTag = key.KeyTag()
-	sig.SignerName = key.Hdr.Name
-	sig.Algorithm = RSASHA256
-	if err := sig.Sign(privkey.(*rsa.PrivateKey), []RR{t6}); err != nil {
-		t.Error(err)
-		t.Error("failure to sign the TYPE65534 record")
-	}
-	if err := sig.Verify(key, []RR{t6}); err != nil {
-		t.Error(err)
-		t.Errorf("failure to validate %s", t6.Header().Name)
-	}
-}
-
-func TestDnskey(t *testing.T) {
-	pubkey, err := ReadRR(strings.NewReader(`
-miek.nl.	IN	DNSKEY	256 3 10 AwEAAZuMCu2FdugHkTrXYgl5qixvcDw1aDDlvL46/xJKbHBAHY16fNUb2b65cwko2Js/aJxUYJbZk5dwCDZxYfrfbZVtDPQuc3o8QaChVxC7/JYz2AHc9qHvqQ1j4VrH71RWINlQo6VYjzN/BGpMhOZoZOEwzp1HfsOE3lNYcoWU1smL ;{id = 5240 (zsk), size = 1024b}
-`), "Kmiek.nl.+010+05240.key")
-	if err != nil {
-		t.Fatal(err)
-	}
-	privStr := `Private-key-format: v1.3
-Algorithm: 10 (RSASHA512)
-Modulus: m4wK7YV26AeROtdiCXmqLG9wPDVoMOW8vjr/EkpscEAdjXp81RvZvrlzCSjYmz9onFRgltmTl3AINnFh+t9tlW0M9C5zejxBoKFXELv8ljPYAdz2oe+pDWPhWsfvVFYg2VCjpViPM38EakyE5mhk4TDOnUd+w4TeU1hyhZTWyYs=
-PublicExponent: AQAB
-PrivateExponent: UfCoIQ/Z38l8vB6SSqOI/feGjHEl/fxIPX4euKf0D/32k30fHbSaNFrFOuIFmWMB3LimWVEs6u3dpbB9CQeCVg7hwU5puG7OtuiZJgDAhNeOnxvo5btp4XzPZrJSxR4WNQnwIiYWbl0aFlL1VGgHC/3By89ENZyWaZcMLW4KGWE=
-Prime1: yxwC6ogAu8aVcDx2wg1V0b5M5P6jP8qkRFVMxWNTw60Vkn+ECvw6YAZZBHZPaMyRYZLzPgUlyYRd0cjupy4+fQ==
-Prime2: xA1bF8M0RTIQ6+A11AoVG6GIR/aPGg5sogRkIZ7ID/sF6g9HMVU/CM2TqVEBJLRPp73cv6ZeC3bcqOCqZhz+pw==
-Exponent1: xzkblyZ96bGYxTVZm2/vHMOXswod4KWIyMoOepK6B/ZPcZoIT6omLCgtypWtwHLfqyCz3MK51Nc0G2EGzg8rFQ==
-Exponent2: Pu5+mCEb7T5F+kFNZhQadHUklt0JUHbi3hsEvVoHpEGSw3BGDQrtIflDde0/rbWHgDPM4WQY+hscd8UuTXrvLw==
-Coefficient: UuRoNqe7YHnKmQzE6iDWKTMIWTuoqqrFAmXPmKQnC+Y+BQzOVEHUo9bXdDnoI9hzXP1gf8zENMYwYLeWpuYlFQ==
-`
-	privkey, err := pubkey.(*DNSKEY).ReadPrivateKey(strings.NewReader(privStr),
-		"Kmiek.nl.+010+05240.private")
-	if err != nil {
-		t.Fatal(err)
-	}
-	if pubkey.(*DNSKEY).PublicKey != "AwEAAZuMCu2FdugHkTrXYgl5qixvcDw1aDDlvL46/xJKbHBAHY16fNUb2b65cwko2Js/aJxUYJbZk5dwCDZxYfrfbZVtDPQuc3o8QaChVxC7/JYz2AHc9qHvqQ1j4VrH71RWINlQo6VYjzN/BGpMhOZoZOEwzp1HfsOE3lNYcoWU1smL" {
-		t.Error("pubkey is not what we've read")
-	}
-	if pubkey.(*DNSKEY).PrivateKeyString(privkey) != privStr {
-		t.Error("privkey is not what we've read")
-		t.Errorf("%v", pubkey.(*DNSKEY).PrivateKeyString(privkey))
-	}
-}
-
-func TestTag(t *testing.T) {
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 3600
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz"
-
-	tag := key.KeyTag()
-	if tag != 12051 {
-		t.Errorf("wrong key tag: %d for key %v", tag, key)
-	}
-}
-
-func TestKeyRSA(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping test in short mode.")
-	}
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 3600
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	priv, _ := key.Generate(2048)
-
-	soa := new(SOA)
-	soa.Hdr = RR_Header{"miek.nl.", TypeSOA, ClassINET, 14400, 0}
-	soa.Ns = "open.nlnetlabs.nl."
-	soa.Mbox = "miekg.atoom.net."
-	soa.Serial = 1293945905
-	soa.Refresh = 14400
-	soa.Retry = 3600
-	soa.Expire = 604800
-	soa.Minttl = 86400
-
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = TypeSOA
-	sig.Algorithm = RSASHA256
-	sig.Labels = 2
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.OrigTtl = soa.Hdr.Ttl
-	sig.KeyTag = key.KeyTag()
-	sig.SignerName = key.Hdr.Name
-
-	if err := sig.Sign(priv.(*rsa.PrivateKey), []RR{soa}); err != nil {
-		t.Error("failed to sign")
-		return
-	}
-	if err := sig.Verify(key, []RR{soa}); err != nil {
-		t.Error("failed to verify")
-	}
-}
-
-func TestKeyToDS(t *testing.T) {
-	key := new(DNSKEY)
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 3600
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = RSASHA256
-	key.PublicKey = "AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4bAmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0PiwgoXVesz"
-
-	ds := key.ToDS(SHA1)
-	if strings.ToUpper(ds.Digest) != "B5121BDB5B8D86D0CC5FFAFBAAABE26C3E20BAC1" {
-		t.Errorf("wrong DS digest for SHA1\n%v", ds)
-	}
-}
-
-func TestSignRSA(t *testing.T) {
-	pub := "miek.nl. IN DNSKEY 256 3 5 AwEAAb+8lGNCxJgLS8rYVer6EnHVuIkQDghdjdtewDzU3G5R7PbMbKVRvH2Ma7pQyYceoaqWZQirSj72euPWfPxQnMy9ucCylA+FuH9cSjIcPf4PqJfdupHk9X6EBYjxrCLY4p1/yBwgyBIRJtZtAqM3ceAH2WovEJD6rTtOuHo5AluJ"
-
-	priv := `Private-key-format: v1.3
-Algorithm: 5 (RSASHA1)
-Modulus: v7yUY0LEmAtLythV6voScdW4iRAOCF2N217APNTcblHs9sxspVG8fYxrulDJhx6hqpZlCKtKPvZ649Z8/FCczL25wLKUD4W4f1xKMhw9/g+ol926keT1foQFiPGsItjinX/IHCDIEhEm1m0Cozdx4AfZai8QkPqtO064ejkCW4k=
-PublicExponent: AQAB
-PrivateExponent: YPwEmwjk5HuiROKU4xzHQ6l1hG8Iiha4cKRG3P5W2b66/EN/GUh07ZSf0UiYB67o257jUDVEgwCuPJz776zfApcCB4oGV+YDyEu7Hp/rL8KcSN0la0k2r9scKwxTp4BTJT23zyBFXsV/1wRDK1A5NxsHPDMYi2SoK63Enm/1ptk=
-Prime1: /wjOG+fD0ybNoSRn7nQ79udGeR1b0YhUA5mNjDx/x2fxtIXzygYk0Rhx9QFfDy6LOBvz92gbNQlzCLz3DJt5hw==
-Prime2: wHZsJ8OGhkp5p3mrJFZXMDc2mbYusDVTA+t+iRPdS797Tj0pjvU2HN4vTnTj8KBQp6hmnY7dLp9Y1qserySGbw==
-Exponent1: N0A7FsSRIg+IAN8YPQqlawoTtG1t1OkJ+nWrurPootScApX6iMvn8fyvw3p2k51rv84efnzpWAYiC8SUaQDNxQ==
-Exponent2: SvuYRaGyvo0zemE3oS+WRm2scxR8eiA8WJGeOc+obwOKCcBgeZblXzfdHGcEC1KaOcetOwNW/vwMA46lpLzJNw==
-Coefficient: 8+7ZN/JgByqv0NfULiFKTjtyegUcijRuyij7yNxYbCBneDvZGxJwKNi4YYXWx743pcAj4Oi4Oh86gcmxLs+hGw==
-Created: 20110302104537
-Publish: 20110302104537
-Activate: 20110302104537`
-
-	xk := testRR(pub)
-	k := xk.(*DNSKEY)
-	p, err := k.NewPrivateKey(priv)
-	if err != nil {
-		t.Error(err)
-	}
-	switch priv := p.(type) {
-	case *rsa.PrivateKey:
-		if 65537 != priv.PublicKey.E {
-			t.Error("exponenent should be 65537")
-		}
-	default:
-		t.Errorf("we should have read an RSA key: %v", priv)
-	}
-	if k.KeyTag() != 37350 {
-		t.Errorf("keytag should be 37350, got %d %v", k.KeyTag(), k)
-	}
-
-	soa := new(SOA)
-	soa.Hdr = RR_Header{"miek.nl.", TypeSOA, ClassINET, 14400, 0}
-	soa.Ns = "open.nlnetlabs.nl."
-	soa.Mbox = "miekg.atoom.net."
-	soa.Serial = 1293945905
-	soa.Refresh = 14400
-	soa.Retry = 3600
-	soa.Expire = 604800
-	soa.Minttl = 86400
-
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.KeyTag = k.KeyTag()
-	sig.SignerName = k.Hdr.Name
-	sig.Algorithm = k.Algorithm
-
-	sig.Sign(p.(*rsa.PrivateKey), []RR{soa})
-	if sig.Signature != "D5zsobpQcmMmYsUMLxCVEtgAdCvTu8V/IEeP4EyLBjqPJmjt96bwM9kqihsccofA5LIJ7DN91qkCORjWSTwNhzCv7bMyr2o5vBZElrlpnRzlvsFIoAZCD9xg6ZY7ZyzUJmU6IcTwG4v3xEYajcpbJJiyaw/RqR90MuRdKPiBzSo=" {
-		t.Errorf("signature is not correct: %v", sig)
-	}
-}
-
-func TestSignVerifyECDSA(t *testing.T) {
-	pub := `example.net. 3600 IN DNSKEY 257 3 14 (
-	xKYaNhWdGOfJ+nPrL8/arkwf2EY3MDJ+SErKivBVSum1
-	w/egsXvSADtNJhyem5RCOpgQ6K8X1DRSEkrbYQ+OB+v8
-	/uX45NBwY8rp65F6Glur8I/mlVNgF6W/qTI37m40 )`
-	priv := `Private-key-format: v1.2
-Algorithm: 14 (ECDSAP384SHA384)
-PrivateKey: WURgWHCcYIYUPWgeLmiPY2DJJk02vgrmTfitxgqcL4vwW7BOrbawVmVe0d9V94SR`
-
-	eckey := testRR(pub)
-	privkey, err := eckey.(*DNSKEY).NewPrivateKey(priv)
-	if err != nil {
-		t.Fatal(err)
-	}
-	// TODO: Create separate test for this
-	ds := eckey.(*DNSKEY).ToDS(SHA384)
-	if ds.KeyTag != 10771 {
-		t.Fatal("wrong keytag on DS")
-	}
-	if ds.Digest != "72d7b62976ce06438e9c0bf319013cf801f09ecc84b8d7e9495f27e305c6a9b0563a9b5f4d288405c3008a946df983d6" {
-		t.Fatal("wrong DS Digest")
-	}
-	a := testRR("www.example.net. 3600 IN A 192.0.2.1")
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"example.net.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.Expiration, _ = StringToTime("20100909102025")
-	sig.Inception, _ = StringToTime("20100812102025")
-	sig.KeyTag = eckey.(*DNSKEY).KeyTag()
-	sig.SignerName = eckey.(*DNSKEY).Hdr.Name
-	sig.Algorithm = eckey.(*DNSKEY).Algorithm
-
-	if sig.Sign(privkey.(*ecdsa.PrivateKey), []RR{a}) != nil {
-		t.Fatal("failure to sign the record")
-	}
-
-	if err := sig.Verify(eckey.(*DNSKEY), []RR{a}); err != nil {
-		t.Fatalf("failure to validate:\n%s\n%s\n%s\n\n%s\n\n%v",
-			eckey.(*DNSKEY).String(),
-			a.String(),
-			sig.String(),
-			eckey.(*DNSKEY).PrivateKeyString(privkey),
-			err,
-		)
-	}
-}
-
-func TestSignVerifyECDSA2(t *testing.T) {
-	srv1 := testRR("srv.miek.nl. IN SRV 1000 800 0 web1.miek.nl.")
-	srv := srv1.(*SRV)
-
-	// With this key
-	key := new(DNSKEY)
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = ECDSAP256SHA256
-	privkey, err := key.Generate(256)
-	if err != nil {
-		t.Fatal("failure to generate key")
-	}
-
-	// Fill in the values of the Sig, before signing
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = srv.Hdr.Rrtype
-	sig.Labels = uint8(CountLabel(srv.Hdr.Name)) // works for all 3
-	sig.OrigTtl = srv.Hdr.Ttl
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.KeyTag = key.KeyTag()   // Get the keyfrom the Key
-	sig.SignerName = key.Hdr.Name
-	sig.Algorithm = ECDSAP256SHA256
-
-	if sig.Sign(privkey.(*ecdsa.PrivateKey), []RR{srv}) != nil {
-		t.Fatal("failure to sign the record")
-	}
-
-	err = sig.Verify(key, []RR{srv})
-	if err != nil {
-		t.Errorf("failure to validate:\n%s\n%s\n%s\n\n%s\n\n%v",
-			key.String(),
-			srv.String(),
-			sig.String(),
-			key.PrivateKeyString(privkey),
-			err,
-		)
-	}
-}
-
-func TestSignVerifyEd25519(t *testing.T) {
-	srv1, err := NewRR("srv.miek.nl. IN SRV 1000 800 0 web1.miek.nl.")
-	if err != nil {
-		t.Fatal(err)
-	}
-	srv := srv1.(*SRV)
-
-	// With this key
-	key := new(DNSKEY)
-	key.Hdr.Rrtype = TypeDNSKEY
-	key.Hdr.Name = "miek.nl."
-	key.Hdr.Class = ClassINET
-	key.Hdr.Ttl = 14400
-	key.Flags = 256
-	key.Protocol = 3
-	key.Algorithm = ED25519
-	privkey, err := key.Generate(256)
-	if err != nil {
-		t.Fatal("failure to generate key")
-	}
-
-	// Fill in the values of the Sig, before signing
-	sig := new(RRSIG)
-	sig.Hdr = RR_Header{"miek.nl.", TypeRRSIG, ClassINET, 14400, 0}
-	sig.TypeCovered = srv.Hdr.Rrtype
-	sig.Labels = uint8(CountLabel(srv.Hdr.Name)) // works for all 3
-	sig.OrigTtl = srv.Hdr.Ttl
-	sig.Expiration = 1296534305 // date -u '+%s' -d"2011-02-01 04:25:05"
-	sig.Inception = 1293942305  // date -u '+%s' -d"2011-01-02 04:25:05"
-	sig.KeyTag = key.KeyTag()   // Get the keyfrom the Key
-	sig.SignerName = key.Hdr.Name
-	sig.Algorithm = ED25519
-
-	if sig.Sign(privkey.(ed25519.PrivateKey), []RR{srv}) != nil {
-		t.Fatal("failure to sign the record")
-	}
-
-	err = sig.Verify(key, []RR{srv})
-	if err != nil {
-		t.Logf("failure to validate:\n%s\n%s\n%s\n\n%s\n\n%v",
-			key.String(),
-			srv.String(),
-			sig.String(),
-			key.PrivateKeyString(privkey),
-			err,
-		)
-	}
-}
-
-// Here the test vectors from the relevant RFCs are checked.
-// rfc6605 6.1
-func TestRFC6605P256(t *testing.T) {
-	exDNSKEY := `example.net. 3600 IN DNSKEY 257 3 13 (
-                 GojIhhXUN/u4v54ZQqGSnyhWJwaubCvTmeexv7bR6edb
-                 krSqQpF64cYbcB7wNcP+e+MAnLr+Wi9xMWyQLc8NAA== )`
-	exPriv := `Private-key-format: v1.2
-Algorithm: 13 (ECDSAP256SHA256)
-PrivateKey: GU6SnQ/Ou+xC5RumuIUIuJZteXT2z0O/ok1s38Et6mQ=`
-	rrDNSKEY := testRR(exDNSKEY)
-	priv, err := rrDNSKEY.(*DNSKEY).NewPrivateKey(exPriv)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	exDS := `example.net. 3600 IN DS 55648 13 2 (
-             b4c8c1fe2e7477127b27115656ad6256f424625bf5c1
-             e2770ce6d6e37df61d17 )`
-	rrDS := testRR(exDS)
-	ourDS := rrDNSKEY.(*DNSKEY).ToDS(SHA256)
-	if !reflect.DeepEqual(ourDS, rrDS.(*DS)) {
-		t.Errorf("DS record differs:\n%v\n%v", ourDS, rrDS.(*DS))
-	}
-
-	exA := `www.example.net. 3600 IN A 192.0.2.1`
-	exRRSIG := `www.example.net. 3600 IN RRSIG A 13 3 3600 (
-                20100909100439 20100812100439 55648 example.net.
-                qx6wLYqmh+l9oCKTN6qIc+bw6ya+KJ8oMz0YP107epXA
-                yGmt+3SNruPFKG7tZoLBLlUzGGus7ZwmwWep666VCw== )`
-	rrA := testRR(exA)
-	rrRRSIG := testRR(exRRSIG)
-	if err := rrRRSIG.(*RRSIG).Verify(rrDNSKEY.(*DNSKEY), []RR{rrA}); err != nil {
-		t.Errorf("failure to validate the spec RRSIG: %v", err)
-	}
-
-	ourRRSIG := &RRSIG{
-		Hdr: RR_Header{
-			Ttl: rrA.Header().Ttl,
-		},
-		KeyTag:     rrDNSKEY.(*DNSKEY).KeyTag(),
-		SignerName: rrDNSKEY.(*DNSKEY).Hdr.Name,
-		Algorithm:  rrDNSKEY.(*DNSKEY).Algorithm,
-	}
-	ourRRSIG.Expiration, _ = StringToTime("20100909100439")
-	ourRRSIG.Inception, _ = StringToTime("20100812100439")
-	err = ourRRSIG.Sign(priv.(*ecdsa.PrivateKey), []RR{rrA})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if err = ourRRSIG.Verify(rrDNSKEY.(*DNSKEY), []RR{rrA}); err != nil {
-		t.Errorf("failure to validate our RRSIG: %v", err)
-	}
-
-	// Signatures are randomized
-	rrRRSIG.(*RRSIG).Signature = ""
-	ourRRSIG.Signature = ""
-	if !reflect.DeepEqual(ourRRSIG, rrRRSIG.(*RRSIG)) {
-		t.Fatalf("RRSIG record differs:\n%v\n%v", ourRRSIG, rrRRSIG.(*RRSIG))
-	}
-}
-
-// rfc6605 6.2
-func TestRFC6605P384(t *testing.T) {
-	exDNSKEY := `example.net. 3600 IN DNSKEY 257 3 14 (
-                 xKYaNhWdGOfJ+nPrL8/arkwf2EY3MDJ+SErKivBVSum1
-                 w/egsXvSADtNJhyem5RCOpgQ6K8X1DRSEkrbYQ+OB+v8
-                 /uX45NBwY8rp65F6Glur8I/mlVNgF6W/qTI37m40 )`
-	exPriv := `Private-key-format: v1.2
-Algorithm: 14 (ECDSAP384SHA384)
-PrivateKey: WURgWHCcYIYUPWgeLmiPY2DJJk02vgrmTfitxgqcL4vwW7BOrbawVmVe0d9V94SR`
-	rrDNSKEY := testRR(exDNSKEY)
-	priv, err := rrDNSKEY.(*DNSKEY).NewPrivateKey(exPriv)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	exDS := `example.net. 3600 IN DS 10771 14 4 (
-           72d7b62976ce06438e9c0bf319013cf801f09ecc84b8
-           d7e9495f27e305c6a9b0563a9b5f4d288405c3008a94
-           6df983d6 )`
-	rrDS := testRR(exDS)
-	ourDS := rrDNSKEY.(*DNSKEY).ToDS(SHA384)
-	if !reflect.DeepEqual(ourDS, rrDS.(*DS)) {
-		t.Fatalf("DS record differs:\n%v\n%v", ourDS, rrDS.(*DS))
-	}
-
-	exA := `www.example.net. 3600 IN A 192.0.2.1`
-	exRRSIG := `www.example.net. 3600 IN RRSIG A 14 3 3600 (
-           20100909102025 20100812102025 10771 example.net.
-           /L5hDKIvGDyI1fcARX3z65qrmPsVz73QD1Mr5CEqOiLP
-           95hxQouuroGCeZOvzFaxsT8Glr74hbavRKayJNuydCuz
-           WTSSPdz7wnqXL5bdcJzusdnI0RSMROxxwGipWcJm )`
-	rrA := testRR(exA)
-	rrRRSIG := testRR(exRRSIG)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if err = rrRRSIG.(*RRSIG).Verify(rrDNSKEY.(*DNSKEY), []RR{rrA}); err != nil {
-		t.Errorf("failure to validate the spec RRSIG: %v", err)
-	}
-
-	ourRRSIG := &RRSIG{
-		Hdr: RR_Header{
-			Ttl: rrA.Header().Ttl,
-		},
-		KeyTag:     rrDNSKEY.(*DNSKEY).KeyTag(),
-		SignerName: rrDNSKEY.(*DNSKEY).Hdr.Name,
-		Algorithm:  rrDNSKEY.(*DNSKEY).Algorithm,
-	}
-	ourRRSIG.Expiration, _ = StringToTime("20100909102025")
-	ourRRSIG.Inception, _ = StringToTime("20100812102025")
-	err = ourRRSIG.Sign(priv.(*ecdsa.PrivateKey), []RR{rrA})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if err = ourRRSIG.Verify(rrDNSKEY.(*DNSKEY), []RR{rrA}); err != nil {
-		t.Errorf("failure to validate our RRSIG: %v", err)
-	}
-
-	// Signatures are randomized
-	rrRRSIG.(*RRSIG).Signature = ""
-	ourRRSIG.Signature = ""
-	if !reflect.DeepEqual(ourRRSIG, rrRRSIG.(*RRSIG)) {
-		t.Fatalf("RRSIG record differs:\n%v\n%v", ourRRSIG, rrRRSIG.(*RRSIG))
-	}
-}
-
-// rfc8080 6.1
-func TestRFC8080Ed25519Example1(t *testing.T) {
-	exDNSKEY := `example.com. 3600 IN DNSKEY 257 3 15 (
-             l02Woi0iS8Aa25FQkUd9RMzZHJpBoRQwAQEX1SxZJA4= )`
-	exPriv := `Private-key-format: v1.2
-Algorithm: 15 (ED25519)
-PrivateKey: ODIyNjAzODQ2MjgwODAxMjI2NDUxOTAyMDQxNDIyNjI=`
-	rrDNSKEY, err := NewRR(exDNSKEY)
-	if err != nil {
-		t.Fatal(err)
-	}
-	priv, err := rrDNSKEY.(*DNSKEY).NewPrivateKey(exPriv)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	exDS := `example.com. 3600 IN DS 3613 15 2 (
-             3aa5ab37efce57f737fc1627013fee07bdf241bd10f3b1964ab55c78e79
-             a304b )`
-	rrDS, err := NewRR(exDS)
-	if err != nil {
-		t.Fatal(err)
-	}
-	ourDS := rrDNSKEY.(*DNSKEY).ToDS(SHA256)
-	if !reflect.DeepEqual(ourDS, rrDS.(*DS)) {
-		t.Fatalf("DS record differs:\n%v\n%v", ourDS, rrDS.(*DS))
-	}
-
-	exMX := `example.com. 3600 IN MX 10 mail.example.com.`
-	exRRSIG := `example.com. 3600 IN RRSIG MX 15 2 3600 (
-             1440021600 1438207200 3613 example.com. (
-             oL9krJun7xfBOIWcGHi7mag5/hdZrKWw15jPGrHpjQeRAvTdszaPD+QLs3f
-             x8A4M3e23mRZ9VrbpMngwcrqNAg== ) )`
-	rrMX, err := NewRR(exMX)
-	if err != nil {
-		t.Fatal(err)
-	}
-	rrRRSIG, err := NewRR(exRRSIG)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if err = rrRRSIG.(*RRSIG).Verify(rrDNSKEY.(*DNSKEY), []RR{rrMX}); err != nil {
-		t.Errorf("failure to validate the spec RRSIG: %v", err)
-	}
-
-	ourRRSIG := &RRSIG{
-		Hdr: RR_Header{
-			Ttl: rrMX.Header().Ttl,
-		},
-		KeyTag:     rrDNSKEY.(*DNSKEY).KeyTag(),
-		SignerName: rrDNSKEY.(*DNSKEY).Hdr.Name,
-		Algorithm:  rrDNSKEY.(*DNSKEY).Algorithm,
-	}
-	ourRRSIG.Expiration, _ = StringToTime("20150819220000")
-	ourRRSIG.Inception, _ = StringToTime("20150729220000")
-	err = ourRRSIG.Sign(priv.(ed25519.PrivateKey), []RR{rrMX})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if err = ourRRSIG.Verify(rrDNSKEY.(*DNSKEY), []RR{rrMX}); err != nil {
-		t.Errorf("failure to validate our RRSIG: %v", err)
-	}
-
-	if !reflect.DeepEqual(ourRRSIG, rrRRSIG.(*RRSIG)) {
-		t.Fatalf("RRSIG record differs:\n%v\n%v", ourRRSIG, rrRRSIG.(*RRSIG))
-	}
-}
-
-// rfc8080 6.1
-func TestRFC8080Ed25519Example2(t *testing.T) {
-	exDNSKEY := `example.com. 3600 IN DNSKEY 257 3 15 (
-             zPnZ/QwEe7S8C5SPz2OfS5RR40ATk2/rYnE9xHIEijs= )`
-	exPriv := `Private-key-format: v1.2
-Algorithm: 15 (ED25519)
-PrivateKey: DSSF3o0s0f+ElWzj9E/Osxw8hLpk55chkmx0LYN5WiY=`
-	rrDNSKEY, err := NewRR(exDNSKEY)
-	if err != nil {
-		t.Fatal(err)
-	}
-	priv, err := rrDNSKEY.(*DNSKEY).NewPrivateKey(exPriv)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	exDS := `example.com. 3600 IN DS 35217 15 2 (
-             401781b934e392de492ec77ae2e15d70f6575a1c0bc59c5275c04ebe80c
-             6614c )`
-	rrDS, err := NewRR(exDS)
-	if err != nil {
-		t.Fatal(err)
-	}
-	ourDS := rrDNSKEY.(*DNSKEY).ToDS(SHA256)
-	if !reflect.DeepEqual(ourDS, rrDS.(*DS)) {
-		t.Fatalf("DS record differs:\n%v\n%v", ourDS, rrDS.(*DS))
-	}
-
-	exMX := `example.com. 3600 IN MX 10 mail.example.com.`
-	exRRSIG := `example.com. 3600 IN RRSIG MX 15 2 3600 (
-             1440021600 1438207200 35217 example.com. (
-             zXQ0bkYgQTEFyfLyi9QoiY6D8ZdYo4wyUhVioYZXFdT410QPRITQSqJSnzQ
-             oSm5poJ7gD7AQR0O7KuI5k2pcBg== ) )`
-	rrMX, err := NewRR(exMX)
-	if err != nil {
-		t.Fatal(err)
-	}
-	rrRRSIG, err := NewRR(exRRSIG)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if err = rrRRSIG.(*RRSIG).Verify(rrDNSKEY.(*DNSKEY), []RR{rrMX}); err != nil {
-		t.Errorf("failure to validate the spec RRSIG: %v", err)
-	}
-
-	ourRRSIG := &RRSIG{
-		Hdr: RR_Header{
-			Ttl: rrMX.Header().Ttl,
-		},
-		KeyTag:     rrDNSKEY.(*DNSKEY).KeyTag(),
-		SignerName: rrDNSKEY.(*DNSKEY).Hdr.Name,
-		Algorithm:  rrDNSKEY.(*DNSKEY).Algorithm,
-	}
-	ourRRSIG.Expiration, _ = StringToTime("20150819220000")
-	ourRRSIG.Inception, _ = StringToTime("20150729220000")
-	err = ourRRSIG.Sign(priv.(ed25519.PrivateKey), []RR{rrMX})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if err = ourRRSIG.Verify(rrDNSKEY.(*DNSKEY), []RR{rrMX}); err != nil {
-		t.Errorf("failure to validate our RRSIG: %v", err)
-	}
-
-	if !reflect.DeepEqual(ourRRSIG, rrRRSIG.(*RRSIG)) {
-		t.Fatalf("RRSIG record differs:\n%v\n%v", ourRRSIG, rrRRSIG.(*RRSIG))
-	}
-}
-
-func TestInvalidRRSet(t *testing.T) {
-	goodRecords := make([]RR, 2)
-	goodRecords[0] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	goodRecords[1] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"_o/"}}
-
-	// Generate key
-	keyname := "cloudflare.com."
-	key := &DNSKEY{
-		Hdr:       RR_Header{Name: keyname, Rrtype: TypeDNSKEY, Class: ClassINET, Ttl: 0},
-		Algorithm: ECDSAP256SHA256,
-		Flags:     ZONE,
-		Protocol:  3,
-	}
-	privatekey, err := key.Generate(256)
-	if err != nil {
-		t.Fatal(err.Error())
-	}
-
-	// Need to fill in: Inception, Expiration, KeyTag, SignerName and Algorithm
-	curTime := time.Now()
-	signature := &RRSIG{
-		Inception:  uint32(curTime.Unix()),
-		Expiration: uint32(curTime.Add(time.Hour).Unix()),
-		KeyTag:     key.KeyTag(),
-		SignerName: keyname,
-		Algorithm:  ECDSAP256SHA256,
-	}
-
-	// Inconsistent name between records
-	badRecords := make([]RR, 2)
-	badRecords[0] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	badRecords[1] = &TXT{Hdr: RR_Header{Name: "nama.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"_o/"}}
-
-	if IsRRset(badRecords) {
-		t.Fatal("Record set with inconsistent names considered valid")
-	}
-
-	badRecords[0] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	badRecords[1] = &A{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeA, Class: ClassINET, Ttl: 0}}
-
-	if IsRRset(badRecords) {
-		t.Fatal("Record set with inconsistent record types considered valid")
-	}
-
-	badRecords[0] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	badRecords[1] = &TXT{Hdr: RR_Header{Name: "name.cloudflare.com.", Rrtype: TypeTXT, Class: ClassCHAOS, Ttl: 0}, Txt: []string{"_o/"}}
-
-	if IsRRset(badRecords) {
-		t.Fatal("Record set with inconsistent record class considered valid")
-	}
-
-	// Sign the good record set and then make sure verification fails on the bad record set
-	if err := signature.Sign(privatekey.(crypto.Signer), goodRecords); err != nil {
-		t.Fatal("Signing good records failed")
-	}
-
-	if err := signature.Verify(key, badRecords); err != ErrRRset {
-		t.Fatal("Verification did not return ErrRRset with inconsistent records")
-	}
-}
-
-// Issue #688 - RSA exponent unpacked in reverse
-func TestRsaExponentUnpack(t *testing.T) {
-	zskRrDnskey, _ := NewRR("isc.org.                7200    IN      DNSKEY  256 3 5 AwEAAcdkaRUlsRD4gcF63PpPJJ1E6kOIb3yn/UHptVsPEQtEbgJ2y20O eix4unpwoQkz+bIAd2rrOU/95wgV530x0/qqKwBLWoGkxdcnNcvVT4hl 3SOTZy1VjwkAfyayHPU8VisXqJGbB3KWevBZlb6AtrXzFu8AHuBeeAAe /fOgreCh")
-	kskRrDnskey, _ := NewRR("isc.org.                7200    IN      DNSKEY  257 3 5 BEAAAAOhHQDBrhQbtphgq2wQUpEQ5t4DtUHxoMVFu2hWLDMvoOMRXjGr hhCeFvAZih7yJHf8ZGfW6hd38hXG/xylYCO6Krpbdojwx8YMXLA5/kA+ u50WIL8ZR1R6KTbsYVMf/Qx5RiNbPClw+vT+U8eXEJmO20jIS1ULgqy3 47cBB1zMnnz/4LJpA0da9CbKj3A254T515sNIMcwsB8/2+2E63/zZrQz Bkj0BrN/9Bexjpiks3jRhZatEsXn3dTy47R09Uix5WcJt+xzqZ7+ysyL KOOedS39Z7SDmsn2eA0FKtQpwA6LXeG2w+jxmw3oA8lVUgEf/rzeC/bB yBNsO70aEFTd")
-	kskRrRrsig, _ := NewRR("isc.org.                7200    IN      RRSIG   DNSKEY 5 2 7200 20180627230244 20180528230244 12892 isc.org. ebKBlhYi1hPGTdPg6zSwvprOIkoFMs+WIhMSjoYW6/K5CS9lDDFdK4cu TgXJRT3etrltTuJiFe2HRpp+7t5cKLy+CeJZVzqrCz200MoHiFuLI9yI DJQGaS5YYCiFbw5+jUGU6aUhZ7Y5/YufeqATkRZzdrKwgK+zri8LPw9T WLoVJPAOW7GR0dgxl9WKmO7Fzi9P8BZR3NuwLV7329X94j+4zyswaw7q e5vif0ybzFveODLsEi/E0a2rTXc4QzzyM0fSVxRkVQyQ7ifIPP4ohnnT d5qpPUbE8xxBzTdWR/TaKADC5aCFkppG9lVAq5CPfClii2949X5RYzy1 rxhuSA==")
-	zskRrRrsig, _ := NewRR("isc.org.                7200    IN      RRSIG   DNSKEY 5 2 7200 20180627230244 20180528230244 19923 isc.org. RgCfzUeq4RJPGoe9RRB6cWf6d/Du+tHK5SxI5QL1waA3O5qVtQKFkY1C dq/yyVjwzfjD9F62TObujOaktv8X80ZMcNPmgHbvK1xOqelMBWv5hxj3 xRe+QQObLZ5NPfHFsphQKXvwgO5Sjk8py2B2iCr3BHCZ8S38oIfuSrQx sn8=")
-
-	zsk, ksk := zskRrDnskey.(*DNSKEY), kskRrDnskey.(*DNSKEY)
-	zskSig, kskSig := zskRrRrsig.(*RRSIG), kskRrRrsig.(*RRSIG)
-
-	if e := zskSig.Verify(zsk, []RR{zsk, ksk}); e != nil {
-		t.Fatalf("cannot verify RRSIG with keytag [%d]. Cause [%s]", zsk.KeyTag(), e.Error())
-	}
-
-	if e := kskSig.Verify(ksk, []RR{zsk, ksk}); e != nil {
-		t.Fatalf("cannot verify RRSIG with keytag [%d]. Cause [%s]", ksk.KeyTag(), e.Error())
-	}
-}
--- a/vendor/github.com/miekg/dns/dnsutil/util.go
+++ b/vendor/github.com/miekg/dns/dnsutil/util.go
@@ -1,83 +0,0 @@
-// Package dnsutil contains higher-level methods useful with the dns
-// package.  While package dns implements the DNS protocols itself,
-// these functions are related but not directly required for protocol
-// processing.  They are often useful in preparing input/output of the
-// functions in package dns.
-package dnsutil
-
-import (
-	"strings"
-
-	"github.com/miekg/dns"
-)
-
-// AddOrigin adds origin to s if s is not already a FQDN.
-// Note that the result may not be a FQDN.  If origin does not end
-// with a ".", the result won't either.
-// This implements the zonefile convention (specified in RFC 1035,
-// Section "5.1. Format") that "@" represents the
-// apex (bare) domain. i.e. AddOrigin("@", "foo.com.") returns "foo.com.".
-func AddOrigin(s, origin string) string {
-	// ("foo.", "origin.") -> "foo." (already a FQDN)
-	// ("foo", "origin.") -> "foo.origin."
-	// ("foo", "origin") -> "foo.origin"
-	// ("foo", ".") -> "foo." (Same as dns.Fqdn())
-	// ("foo.", ".") -> "foo." (Same as dns.Fqdn())
-	// ("@", "origin.") -> "origin." (@ represents the apex (bare) domain)
-	// ("", "origin.") -> "origin." (not obvious)
-	// ("foo", "") -> "foo" (not obvious)
-
-	if dns.IsFqdn(s) {
-		return s // s is already a FQDN, no need to mess with it.
-	}
-	if len(origin) == 0 {
-		return s // Nothing to append.
-	}
-	if s == "@" || len(s) == 0 {
-		return origin // Expand apex.
-	}
-	if origin == "." {
-		return dns.Fqdn(s)
-	}
-
-	return s + "." + origin // The simple case.
-}
-
-// TrimDomainName trims origin from s if s is a subdomain.
-// This function will never return "", but returns "@" instead (@ represents the apex domain).
-func TrimDomainName(s, origin string) string {
-	// An apex (bare) domain is always returned as "@".
-	// If the return value ends in a ".", the domain was not the suffix.
-	// origin can end in "." or not. Either way the results should be the same.
-
-	if len(s) == 0 {
-		return "@"
-	}
-	// Someone is using TrimDomainName(s, ".") to remove a dot if it exists.
-	if origin == "." {
-		return strings.TrimSuffix(s, origin)
-	}
-
-	original := s
-	s = dns.Fqdn(s)
-	origin = dns.Fqdn(origin)
-
-	if !dns.IsSubDomain(origin, s) {
-		return original
-	}
-
-	slabels := dns.Split(s)
-	olabels := dns.Split(origin)
-	m := dns.CompareDomainName(s, origin)
-	if len(olabels) == m {
-		if len(olabels) == len(slabels) {
-			return "@" // origin == s
-		}
-		if (s[0] == '.') && (len(slabels) == (len(olabels) + 1)) {
-			return "@" // TrimDomainName(".foo.", "foo.")
-		}
-	}
-
-	// Return the first (len-m) labels:
-	return s[:slabels[len(slabels)-m]-1]
-}
--- a/vendor/github.com/miekg/dns/dnsutil/util_test.go
+++ b/vendor/github.com/miekg/dns/dnsutil/util_test.go
@@ -1,130 +0,0 @@
-package dnsutil
-
-import "testing"
-
-func TestAddOrigin(t *testing.T) {
-	var tests = []struct{ e1, e2, expected string }{
-		{"@", "example.com", "example.com"},
-		{"foo", "example.com", "foo.example.com"},
-		{"foo.", "example.com", "foo."},
-		{"@", "example.com.", "example.com."},
-		{"foo", "example.com.", "foo.example.com."},
-		{"foo.", "example.com.", "foo."},
-		{"example.com", ".", "example.com."},
-		{"example.com.", ".", "example.com."},
-		// Oddball tests:
-		// In general origin should not be "" or "." but at least
-		// these tests verify we don't crash and will keep results
-		// from changing unexpectedly.
-		{"*.", "", "*."},
-		{"@", "", "@"},
-		{"foobar", "", "foobar"},
-		{"foobar.", "", "foobar."},
-		{"*.", ".", "*."},
-		{"@", ".", "."},
-		{"foobar", ".", "foobar."},
-		{"foobar.", ".", "foobar."},
-	}
-	for _, test := range tests {
-		actual := AddOrigin(test.e1, test.e2)
-		if test.expected != actual {
-			t.Errorf("AddOrigin(%#v, %#v) expected %#v, got %#v\n", test.e1, test.e2, test.expected, actual)
-		}
-	}
-}
-
-func TestTrimDomainName(t *testing.T) {
-	// Basic tests.
-	// Try trimming "example.com" and "example.com." from typical use cases.
-	testsEx := []struct{ experiment, expected string }{
-		{"foo.example.com", "foo"},
-		{"foo.example.com.", "foo"},
-		{".foo.example.com", ".foo"},
-		{".foo.example.com.", ".foo"},
-		{"*.example.com", "*"},
-		{"example.com", "@"},
-		{"example.com.", "@"},
-		{"com.", "com."},
-		{"foo.", "foo."},
-		{"serverfault.com.", "serverfault.com."},
-		{"serverfault.com", "serverfault.com"},
-		{".foo.ronco.com", ".foo.ronco.com"},
-		{".foo.ronco.com.", ".foo.ronco.com."},
-	}
-	for _, dom := range []string{"example.com", "example.com."} {
-		for i, test := range testsEx {
-			actual := TrimDomainName(test.experiment, dom)
-			if test.expected != actual {
-				t.Errorf("%d TrimDomainName(%#v, %#v): expected %v, got %v\n", i, test.experiment, dom, test.expected, actual)
-			}
-		}
-	}
-
-	// Paranoid tests.
-	// These test shouldn't be needed but I was weary of off-by-one errors.
-	// In theory, these can't happen because there are no single-letter TLDs,
-	// but it is good to exercize the code this way.
-	tests := []struct{ experiment, expected string }{
-		{"", "@"},
-		{".", "."},
-		{"a.b.c.d.e.f.", "a.b.c.d.e"},
-		{"b.c.d.e.f.", "b.c.d.e"},
-		{"c.d.e.f.", "c.d.e"},
-		{"d.e.f.", "d.e"},
-		{"e.f.", "e"},
-		{"f.", "@"},
-		{".a.b.c.d.e.f.", ".a.b.c.d.e"},
-		{".b.c.d.e.f.", ".b.c.d.e"},
-		{".c.d.e.f.", ".c.d.e"},
-		{".d.e.f.", ".d.e"},
-		{".e.f.", ".e"},
-		{".f.", "@"},
-		{"a.b.c.d.e.f", "a.b.c.d.e"},
-		{"a.b.c.d.e.", "a.b.c.d.e."},
-		{"a.b.c.d.e", "a.b.c.d.e"},
-		{"a.b.c.d.", "a.b.c.d."},
-		{"a.b.c.d", "a.b.c.d"},
-		{"a.b.c.", "a.b.c."},
-		{"a.b.c", "a.b.c"},
-		{"a.b.", "a.b."},
-		{"a.b", "a.b"},
-		{"a.", "a."},
-		{"a", "a"},
-		{".a.b.c.d.e.f", ".a.b.c.d.e"},
-		{".a.b.c.d.e.", ".a.b.c.d.e."},
-		{".a.b.c.d.e", ".a.b.c.d.e"},
-		{".a.b.c.d.", ".a.b.c.d."},
-		{".a.b.c.d", ".a.b.c.d"},
-		{".a.b.c.", ".a.b.c."},
-		{".a.b.c", ".a.b.c"},
-		{".a.b.", ".a.b."},
-		{".a.b", ".a.b"},
-		{".a.", ".a."},
-		{".a", ".a"},
-	}
-	for _, dom := range []string{"f", "f."} {
-		for i, test := range tests {
-			actual := TrimDomainName(test.experiment, dom)
-			if test.expected != actual {
-				t.Errorf("%d TrimDomainName(%#v, %#v): expected %v, got %v\n", i, test.experiment, dom, test.expected, actual)
-			}
-		}
-	}
-
-	// Test cases for bugs found in the wild.
-	// These test cases provide both origin, s, and the expected result.
-	// If you find a bug in the while, this is probably the easiest place
-	// to add it as a test case.
-	var testsWild = []struct{ e1, e2, expected string }{
-		{"mathoverflow.net.", ".", "mathoverflow.net"},
-		{"mathoverflow.net", ".", "mathoverflow.net"},
-		{"", ".", "@"},
-		{"@", ".", "@"},
-	}
-	for i, test := range testsWild {
-		actual := TrimDomainName(test.e1, test.e2)
-		if test.expected != actual {
-			t.Errorf("%d TrimDomainName(%#v, %#v): expected %v, got %v\n", i, test.e1, test.e2, test.expected, actual)
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/dyn_test.go
+++ b/vendor/github.com/miekg/dns/dyn_test.go
@@ -1,3 +0,0 @@
-package dns
-
-// Find better solution
--- a/vendor/github.com/miekg/dns/edns_test.go
+++ b/vendor/github.com/miekg/dns/edns_test.go
@@ -1,68 +0,0 @@
-package dns
-
-import "testing"
-
-func TestOPTTtl(t *testing.T) {
-	e := &OPT{}
-	e.Hdr.Name = "."
-	e.Hdr.Rrtype = TypeOPT
-
-	// verify the default setting of DO=0
-	if e.Do() {
-		t.Errorf("DO bit should be zero")
-	}
-
-	// There are 6 possible invocations of SetDo():
-	//
-	// 1. Starting with DO=0, using SetDo()
-	// 2. Starting with DO=0, using SetDo(true)
-	// 3. Starting with DO=0, using SetDo(false)
-	// 4. Starting with DO=1, using SetDo()
-	// 5. Starting with DO=1, using SetDo(true)
-	// 6. Starting with DO=1, using SetDo(false)
-
-	// verify that invoking SetDo() sets DO=1 (TEST #1)
-	e.SetDo()
-	if !e.Do() {
-		t.Errorf("DO bit should be non-zero")
-	}
-	// verify that using SetDo(true) works when DO=1 (TEST #5)
-	e.SetDo(true)
-	if !e.Do() {
-		t.Errorf("DO bit should still be non-zero")
-	}
-	// verify that we can use SetDo(false) to set DO=0 (TEST #6)
-	e.SetDo(false)
-	if e.Do() {
-		t.Errorf("DO bit should be zero")
-	}
-	// verify that if we call SetDo(false) when DO=0 that it is unchanged (TEST #3)
-	e.SetDo(false)
-	if e.Do() {
-		t.Errorf("DO bit should still be zero")
-	}
-	// verify that using SetDo(true) works for DO=0 (TEST #2)
-	e.SetDo(true)
-	if !e.Do() {
-		t.Errorf("DO bit should be non-zero")
-	}
-	// verify that using SetDo() works for DO=1 (TEST #4)
-	e.SetDo()
-	if !e.Do() {
-		t.Errorf("DO bit should be non-zero")
-	}
-
-	if e.Version() != 0 {
-		t.Errorf("version should be non-zero")
-	}
-
-	e.SetVersion(42)
-	if e.Version() != 42 {
-		t.Errorf("set 42, expected %d, got %d", 42, e.Version())
-	}
-
-	e.SetExtendedRcode(42)
-	if e.ExtendedRcode() != 42 {
-		t.Errorf("set 42, expected %d, got %d", 42, e.ExtendedRcode())
-	}
-}
--- a/vendor/github.com/miekg/dns/example_test.go
+++ b/vendor/github.com/miekg/dns/example_test.go
@@ -1,146 +0,0 @@
-package dns_test
-
-import (
-	"errors"
-	"fmt"
-	"log"
-	"net"
-
-	"github.com/miekg/dns"
-)
-
-// Retrieve the MX records for miek.nl.
-func ExampleMX() {
-	config, _ := dns.ClientConfigFromFile("/etc/resolv.conf")
-	c := new(dns.Client)
-	m := new(dns.Msg)
-	m.SetQuestion("miek.nl.", dns.TypeMX)
-	m.RecursionDesired = true
-	r, _, err := c.Exchange(m, config.Servers[0]+":"+config.Port)
-	if err != nil {
-		return
-	}
-	if r.Rcode != dns.RcodeSuccess {
-		return
-	}
-	for _, a := range r.Answer {
-		if mx, ok := a.(*dns.MX); ok {
-			fmt.Printf("%s\n", mx.String())
-		}
-	}
-}
-
-// Retrieve the DNSKEY records of a zone and convert them
-// to DS records for SHA1, SHA256 and SHA384.
-func ExampleDS() {
-	config, _ := dns.ClientConfigFromFile("/etc/resolv.conf")
-	c := new(dns.Client)
-	m := new(dns.Msg)
-	zone := "miek.nl"
-	m.SetQuestion(dns.Fqdn(zone), dns.TypeDNSKEY)
-	m.SetEdns0(4096, true)
-	r, _, err := c.Exchange(m, config.Servers[0]+":"+config.Port)
-	if err != nil {
-		return
-	}
-	if r.Rcode != dns.RcodeSuccess {
-		return
-	}
-	for _, k := range r.Answer {
-		if key, ok := k.(*dns.DNSKEY); ok {
-			for _, alg := range []uint8{dns.SHA1, dns.SHA256, dns.SHA384} {
-				fmt.Printf("%s; %d\n", key.ToDS(alg).String(), key.Flags)
-			}
-		}
-	}
-}
-
-const TypeAPAIR = 0x0F99
-
-type APAIR struct {
-	addr [2]net.IP
-}
-
-func NewAPAIR() dns.PrivateRdata { return new(APAIR) }
-
-func (rd *APAIR) String() string { return rd.addr[0].String() + " " + rd.addr[1].String() }
-func (rd *APAIR) Parse(txt []string) error {
-	if len(txt) != 2 {
-		return errors.New("two addresses required for APAIR")
-	}
-	for i, s := range txt {
-		ip := net.ParseIP(s)
-		if ip == nil {
-			return errors.New("invalid IP in APAIR text representation")
-		}
-		rd.addr[i] = ip
-	}
-	return nil
-}
-
-func (rd *APAIR) Pack(buf []byte) (int, error) {
-	b := append([]byte(rd.addr[0]), []byte(rd.addr[1])...)
-	n := copy(buf, b)
-	if n != len(b) {
-		return n, dns.ErrBuf
-	}
-	return n, nil
-}
-
-func (rd *APAIR) Unpack(buf []byte) (int, error) {
-	ln := net.IPv4len * 2
-	if len(buf) != ln {
-		return 0, errors.New("invalid length of APAIR rdata")
-	}
-	cp := make([]byte, ln)
-	copy(cp, buf) // clone bytes to use them in IPs
-
-	rd.addr[0] = net.IP(cp[:3])
-	rd.addr[1] = net.IP(cp[4:])
-
-	return len(buf), nil
-}
-
-func (rd *APAIR) Copy(dest dns.PrivateRdata) error {
-	cp := make([]byte, rd.Len())
-	_, err := rd.Pack(cp)
-	if err != nil {
-		return err
-	}
-
-	d := dest.(*APAIR)
-	d.addr[0] = net.IP(cp[:3])
-	d.addr[1] = net.IP(cp[4:])
-	return nil
-}
-
-func (rd *APAIR) Len() int {
-	return net.IPv4len * 2
-}
-
-func ExamplePrivateHandle() {
-	dns.PrivateHandle("APAIR", TypeAPAIR, NewAPAIR)
-	defer dns.PrivateHandleRemove(TypeAPAIR)
-
-	rr, err := dns.NewRR("miek.nl. APAIR (1.2.3.4    1.2.3.5)")
-	if err != nil {
-		log.Fatal("could not parse APAIR record: ", err)
-	}
-	fmt.Println(rr)
-	// Output: miek.nl.	3600	IN	APAIR	1.2.3.4 1.2.3.5
-
-	m := new(dns.Msg)
-	m.Id = 12345
-	m.SetQuestion("miek.nl.", TypeAPAIR)
-	m.Answer = append(m.Answer, rr)
-
-	fmt.Println(m)
-	// ;; opcode: QUERY, status: NOERROR, id: 12345
-	// ;; flags: rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
-	//
-	// ;; QUESTION SECTION:
-	// ;miek.nl.	IN	 APAIR
-	//
-	// ;; ANSWER SECTION:
-	// miek.nl.	3600	IN	APAIR	1.2.3.4 1.2.3.5
-}
--- a/vendor/github.com/miekg/dns/issue_test.go
+++ b/vendor/github.com/miekg/dns/issue_test.go
@@ -1,62 +0,0 @@
-package dns
-
-// Tests that solve that an specific issue.
-
-import (
-	"strings"
-	"testing"
-)
-
-func TestTCPRtt(t *testing.T) {
-	m := new(Msg)
-	m.RecursionDesired = true
-	m.SetQuestion("example.org.", TypeA)
-
-	c := &Client{}
-	for _, proto := range []string{"udp", "tcp"} {
-		c.Net = proto
-		_, rtt, err := c.Exchange(m, "8.8.4.4:53")
-		if err != nil {
-			t.Fatal(err)
-		}
-		if rtt == 0 {
-			t.Fatalf("expecting non zero rtt %s, got zero", c.Net)
-		}
-	}
-}
-
-func TestNSEC3MissingSalt(t *testing.T) {
-	rr := testRR("ji6neoaepv8b5o6k4ev33abha8ht9fgc.example. NSEC3 1 1 12 aabbccdd K8UDEMVP1J2F7EG6JEBPS17VP3N8I58H")
-	m := new(Msg)
-	m.Answer = []RR{rr}
-	mb, err := m.Pack()
-	if err != nil {
-		t.Fatalf("expected to pack message. err: %s", err)
-	}
-	if err := m.Unpack(mb); err != nil {
-		t.Fatalf("expected to unpack message. missing salt? err: %s", err)
-	}
-	in := rr.(*NSEC3).Salt
-	out := m.Answer[0].(*NSEC3).Salt
-	if in != out {
-		t.Fatalf("expected salts to match. packed: `%s`. returned: `%s`", in, out)
-	}
-}
-
-func TestNSEC3MixedNextDomain(t *testing.T) {
-	rr := testRR("ji6neoaepv8b5o6k4ev33abha8ht9fgc.example. NSEC3 1 1 12 - k8udemvp1j2f7eg6jebps17vp3n8i58h")
-	m := new(Msg)
-	m.Answer = []RR{rr}
-	mb, err := m.Pack()
-	if err != nil {
-		t.Fatalf("expected to pack message. err: %s", err)
-	}
-	if err := m.Unpack(mb); err != nil {
-		t.Fatalf("expected to unpack message. err: %s", err)
-	}
-	in := strings.ToUpper(rr.(*NSEC3).NextDomain)
-	out := m.Answer[0].(*NSEC3).NextDomain
-	if in != out {
-		t.Fatalf("expected round trip to produce NextDomain `%s`, instead `%s`", in, out)
-	}
-}
--- a/vendor/github.com/miekg/dns/labels_test.go
+++ b/vendor/github.com/miekg/dns/labels_test.go
@@ -1,201 +0,0 @@
-package dns
-
-import "testing"
-
-func TestCompareDomainName(t *testing.T) {
-	s1 := "www.miek.nl."
-	s2 := "miek.nl."
-	s3 := "www.bla.nl."
-	s4 := "nl.www.bla."
-	s5 := "nl."
-	s6 := "miek.nl."
-
-	if CompareDomainName(s1, s2) != 2 {
-		t.Errorf("%s with %s should be %d", s1, s2, 2)
-	}
-	if CompareDomainName(s1, s3) != 1 {
-		t.Errorf("%s with %s should be %d", s1, s3, 1)
-	}
-	if CompareDomainName(s3, s4) != 0 {
-		t.Errorf("%s with %s should be %d", s3, s4, 0)
-	}
-	// Non qualified tests
-	if CompareDomainName(s1, s5) != 1 {
-		t.Errorf("%s with %s should be %d", s1, s5, 1)
-	}
-	if CompareDomainName(s1, s6) != 2 {
-		t.Errorf("%s with %s should be %d", s1, s5, 2)
-	}
-
-	if CompareDomainName(s1, ".") != 0 {
-		t.Errorf("%s with %s should be %d", s1, s5, 0)
-	}
-	if CompareDomainName(".", ".") != 0 {
-		t.Errorf("%s with %s should be %d", ".", ".", 0)
-	}
-	if CompareDomainName("test.com.", "TEST.COM.") != 2 {
-		t.Errorf("test.com. and TEST.COM. should be an exact match")
-	}
-}
-
-func TestSplit(t *testing.T) {
-	splitter := map[string]int{
-		"www.miek.nl.":   3,
-		"www.miek.nl":    3,
-		"www..miek.nl":   4,
-		`www\.miek.nl.`:  2,
-		`www\\.miek.nl.`: 3,
-		".":              0,
-		"nl.":            1,
-		"nl":             1,
-		"com.":           1,
-		".com.":          2,
-	}
-	for s, i := range splitter {
-		if x := len(Split(s)); x != i {
-			t.Errorf("labels should be %d, got %d: %s %v", i, x, s, Split(s))
-		}
-	}
-}
-
-func TestSplit2(t *testing.T) {
-	splitter := map[string][]int{
-		"www.miek.nl.": {0, 4, 9},
-		"www.miek.nl":  {0, 4, 9},
-		"nl":           {0},
-	}
-	for s, i := range splitter {
-		x := Split(s)
-		switch len(i) {
-		case 1:
-			if x[0] != i[0] {
-				t.Errorf("labels should be %v, got %v: %s", i, x, s)
-			}
-		default:
-			if x[0] != i[0] || x[1] != i[1] || x[2] != i[2] {
-				t.Errorf("labels should be %v, got %v: %s", i, x, s)
-			}
-		}
-	}
-}
-
-func TestPrevLabel(t *testing.T) {
-	type prev struct {
-		string
-		int
-	}
-	prever := map[prev]int{
-		{"www.miek.nl.", 0}: 12,
-		{"www.miek.nl.", 1}: 9,
-		{"www.miek.nl.", 2}: 4,
-
-		{"www.miek.nl", 0}: 11,
-		{"www.miek.nl", 1}: 9,
-		{"www.miek.nl", 2}: 4,
-
-		{"www.miek.nl.", 5}: 0,
-		{"www.miek.nl", 5}:  0,
-
-		{"www.miek.nl.", 3}: 0,
-		{"www.miek.nl", 3}:  0,
-	}
-	for s, i := range prever {
-		x, ok := PrevLabel(s.string, s.int)
-		if i != x {
-			t.Errorf("label should be %d, got %d, %t: preving %d, %s", i, x, ok, s.int, s.string)
-		}
-	}
-}
-
-func TestCountLabel(t *testing.T) {
-	splitter := map[string]int{
-		"www.miek.nl.": 3,
-		"www.miek.nl":  3,
-		"nl":           1,
-		".":            0,
-	}
-	for s, i := range splitter {
-		x := CountLabel(s)
-		if x != i {
-			t.Errorf("CountLabel should have %d, got %d", i, x)
-		}
-	}
-}
-
-func TestSplitDomainName(t *testing.T) {
-	labels := map[string][]string{
-		"miek.nl":       {"miek", "nl"},
-		".":             nil,
-		"www.miek.nl.":  {"www", "miek", "nl"},
-		"www.miek.nl":   {"www", "miek", "nl"},
-		"www..miek.nl":  {"www", "", "miek", "nl"},
-		`www\.miek.nl`:  {`www\.miek`, "nl"},
-		`www\\.miek.nl`: {`www\\`, "miek", "nl"},
-		".www.miek.nl.": {"", "www", "miek", "nl"},
-	}
-domainLoop:
-	for domain, splits := range labels {
-		parts := SplitDomainName(domain)
-		if len(parts) != len(splits) {
-			t.Errorf("SplitDomainName returned %v for %s, expected %v", parts, domain, splits)
-			continue domainLoop
-		}
-		for i := range parts {
-			if parts[i] != splits[i] {
-				t.Errorf("SplitDomainName returned %v for %s, expected %v", parts, domain, splits)
-				continue domainLoop
-			}
-		}
-	}
-}
-
-func TestIsDomainName(t *testing.T) {
-	type ret struct {
-		ok  bool
-		lab int
-	}
-	names := map[string]*ret{
-		"..":               {false, 1},
-		"@.":               {true, 1},
-		"www.example.com":  {true, 3},
-		"www.e%ample.com":  {true, 3},
-		"www.example.com.": {true, 3},
-		"mi\\k.nl.":        {true, 2},
-		"mi\\k.nl":         {true, 2},
-	}
-	for d, ok := range names {
-		l, k := IsDomainName(d)
-		if ok.ok != k || ok.lab != l {
-			t.Errorf(" got %v %d for %s ", k, l, d)
-			t.Errorf("have %v %d for %s ", ok.ok, ok.lab, d)
-		}
-	}
-}
-
-func BenchmarkSplitLabels(b *testing.B) {
-	for i := 0; i < b.N; i++ {
-		Split("www.example.com.")
-	}
-}
-
-func BenchmarkLenLabels(b *testing.B) {
-	for i := 0; i < b.N; i++ {
-		CountLabel("www.example.com.")
-	}
-}
-
-func BenchmarkCompareDomainName(b *testing.B) {
-	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
-		CompareDomainName("www.example.com.", "aa.example.com.")
-	}
-}
-
-func BenchmarkIsSubDomain(b *testing.B) {
-	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
-		IsSubDomain("www.example.com.", "aa.example.com.")
-		IsSubDomain("example.com.", "aa.example.com.")
-		IsSubDomain("miek.nl.", "aa.example.com.")
-	}
-}
--- a/vendor/github.com/miekg/dns/leak_test.go
+++ b/vendor/github.com/miekg/dns/leak_test.go
@@ -1,72 +0,0 @@
-package dns
-
-import (
-	"fmt"
-	"os"
-	"runtime"
-	"sort"
-	"strings"
-	"testing"
-	"time"
-)
-
-// copied from net/http/main_test.go
-
-func interestingGoroutines() (gs []string) {
-	buf := make([]byte, 2<<20)
-	buf = buf[:runtime.Stack(buf, true)]
-	for _, g := range strings.Split(string(buf), "\n\n") {
-		sl := strings.SplitN(g, "\n", 2)
-		if len(sl) != 2 {
-			continue
-		}
-		stack := strings.TrimSpace(sl[1])
-		if stack == "" ||
-			strings.Contains(stack, "testing.(*M).before.func1") ||
-			strings.Contains(stack, "os/signal.signal_recv") ||
-			strings.Contains(stack, "created by net.startServer") ||
-			strings.Contains(stack, "created by testing.RunTests") ||
-			strings.Contains(stack, "closeWriteAndWait") ||
-			strings.Contains(stack, "testing.Main(") ||
-			strings.Contains(stack, "testing.(*T).Run(") ||
-			strings.Contains(stack, "created by net/http.(*http2Transport).newClientConn") ||
-			// These only show up with GOTRACEBACK=2; Issue 5005 (comment 28)
-			strings.Contains(stack, "runtime.goexit") ||
-			strings.Contains(stack, "created by runtime.gc") ||
-			strings.Contains(stack, "dns.interestingGoroutines") ||
-			strings.Contains(stack, "runtime.MHeap_Scavenger") {
-			continue
-		}
-		gs = append(gs, stack)
-	}
-	sort.Strings(gs)
-	return
-}
-
-func goroutineLeaked() error {
-	if testing.Short() {
-		// Don't worry about goroutine leaks in -short mode or in
-		// benchmark mode. Too distracting when there are false positives.
-		return nil
-	}
-
-	var stackCount map[string]int
-	for i := 0; i < 5; i++ {
-		n := 0
-		stackCount = make(map[string]int)
-		gs := interestingGoroutines()
-		for _, g := range gs {
-			stackCount[g]++
-			n++
-		}
-		if n == 0 {
-			return nil
-		}
-		// Wait for goroutines to schedule and die off:
-		time.Sleep(100 * time.Millisecond)
-	}
-	for stack, count := range stackCount {
-		fmt.Fprintf(os.Stderr, "%d instances of:\n%s\n", count, stack)
-	}
-	return fmt.Errorf("too many goroutines running after dns test(s)")
-}
--- a/vendor/github.com/miekg/dns/length_test.go
+++ b/vendor/github.com/miekg/dns/length_test.go
@@ -1,371 +0,0 @@
-package dns
-
-import (
-	"encoding/hex"
-	"fmt"
-	"net"
-	"reflect"
-	"strings"
-	"testing"
-)
-
-func TestCompressLength(t *testing.T) {
-	m := new(Msg)
-	m.SetQuestion("miek.nl", TypeMX)
-	ul := m.Len()
-	m.Compress = true
-	if ul != m.Len() {
-		t.Fatalf("should be equal")
-	}
-}
-
-// Does the predicted length match final packed length?
-func TestMsgCompressLength(t *testing.T) {
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		msg.Compress = true
-		return msg
-	}
-
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrA := testRR(name1 + " 3600 IN A 192.0.2.1")
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	tests := []*Msg{
-		makeMsg(name1, []RR{rrA}, nil, nil),
-		makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)}
-
-	for _, msg := range tests {
-		predicted := msg.Len()
-		buf, err := msg.Pack()
-		if err != nil {
-			t.Error(err)
-		}
-		if predicted < len(buf) {
-			t.Errorf("predicted compressed length is wrong: predicted %s (len=%d) %d, actual %d",
-				msg.Question[0].Name, len(msg.Answer), predicted, len(buf))
-		}
-	}
-}
-
-func TestMsgLength(t *testing.T) {
-	makeMsg := func(question string, ans, ns, e []RR) *Msg {
-		msg := new(Msg)
-		msg.Compress = true
-		msg.SetQuestion(Fqdn(question), TypeANY)
-		msg.Answer = append(msg.Answer, ans...)
-		msg.Ns = append(msg.Ns, ns...)
-		msg.Extra = append(msg.Extra, e...)
-		return msg
-	}
-
-	name1 := "12345678901234567890123456789012345.12345678.123."
-	rrA := testRR(name1 + " 3600 IN A 192.0.2.1")
-	rrMx := testRR(name1 + " 3600 IN MX 10 " + name1)
-	tests := []*Msg{
-		makeMsg(name1, []RR{rrA}, nil, nil),
-		makeMsg(name1, []RR{rrMx, rrMx}, nil, nil)}
-
-	for _, msg := range tests {
-		predicted := msg.Len()
-		buf, err := msg.Pack()
-		if err != nil {
-			t.Error(err)
-		}
-		if predicted < len(buf) {
-			t.Errorf("predicted length is wrong: predicted %s (len=%d), actual %d",
-				msg.Question[0].Name, predicted, len(buf))
-		}
-	}
-}
-
-func TestCompressionLenHelper(t *testing.T) {
-	c := make(map[string]int)
-	compressionLenHelper(c, "example.com", 12)
-	if c["example.com"] != 12 {
-		t.Errorf("bad %d", c["example.com"])
-	}
-	if c["com"] != 20 {
-		t.Errorf("bad %d", c["com"])
-	}
-
-	// Test boundaries
-	c = make(map[string]int)
-	// foo label starts at 16379
-	// com label starts at 16384
-	compressionLenHelper(c, "foo.com", 16379)
-	if c["foo.com"] != 16379 {
-		t.Errorf("bad %d", c["foo.com"])
-	}
-	// com label is accessible
-	if c["com"] != 16383 {
-		t.Errorf("bad %d", c["com"])
-	}
-
-	c = make(map[string]int)
-	// foo label starts at 16379
-	// com label starts at 16385 => outside range
-	compressionLenHelper(c, "foo.com", 16380)
-	if c["foo.com"] != 16380 {
-		t.Errorf("bad %d", c["foo.com"])
-	}
-	// com label is NOT accessible
-	if c["com"] != 0 {
-		t.Errorf("bad %d", c["com"])
-	}
-
-	c = make(map[string]int)
-	compressionLenHelper(c, "example.com", 16375)
-	if c["example.com"] != 16375 {
-		t.Errorf("bad %d", c["example.com"])
-	}
-	// com starts AFTER 16384
-	if c["com"] != 16383 {
-		t.Errorf("bad %d", c["com"])
-	}
-
-	c = make(map[string]int)
-	compressionLenHelper(c, "example.com", 16376)
-	if c["example.com"] != 16376 {
-		t.Errorf("bad %d", c["example.com"])
-	}
-	// com starts AFTER 16384
-	if c["com"] != 0 {
-		t.Errorf("bad %d", c["com"])
-	}
-}
-
-func TestCompressionLenSearch(t *testing.T) {
-	c := make(map[string]int)
-	compressed, ok, fullSize := compressionLenSearch(c, "a.b.org.")
-	if compressed != 0 || ok || fullSize != 14 {
-		panic(fmt.Errorf("Failed: compressed:=%d, ok:=%v, fullSize:=%d", compressed, ok, fullSize))
-	}
-	c["org."] = 3
-	compressed, ok, fullSize = compressionLenSearch(c, "a.b.org.")
-	if compressed != 4 || !ok || fullSize != 8 {
-		panic(fmt.Errorf("Failed: compressed:=%d, ok:=%v, fullSize:=%d", compressed, ok, fullSize))
-	}
-	c["b.org."] = 5
-	compressed, ok, fullSize = compressionLenSearch(c, "a.b.org.")
-	if compressed != 6 || !ok || fullSize != 4 {
-		panic(fmt.Errorf("Failed: compressed:=%d, ok:=%v, fullSize:=%d", compressed, ok, fullSize))
-	}
-	// Not found long compression
-	c["x.b.org."] = 5
-	compressed, ok, fullSize = compressionLenSearch(c, "a.b.org.")
-	if compressed != 6 || !ok || fullSize != 4 {
-		panic(fmt.Errorf("Failed: compressed:=%d, ok:=%v, fullSize:=%d", compressed, ok, fullSize))
-	}
-	// Found long compression
-	c["a.b.org."] = 5
-	compressed, ok, fullSize = compressionLenSearch(c, "a.b.org.")
-	if compressed != 8 || !ok || fullSize != 0 {
-		panic(fmt.Errorf("Failed: compressed:=%d, ok:=%v, fullSize:=%d", compressed, ok, fullSize))
-	}
-}
-
-func TestMsgLength2(t *testing.T) {
-	// Serialized replies
-	var testMessages = []string{
-		// google.com. IN A?
-		"064e81800001000b0004000506676f6f676c6503636f6d0000010001c00c00010001000000050004adc22986c00c00010001000000050004adc22987c00c00010001000000050004adc22988c00c00010001000000050004adc22989c00c00010001000000050004adc2298ec00c00010001000000050004adc22980c00c00010001000000050004adc22981c00c00010001000000050004adc22982c00c00010001000000050004adc22983c00c00010001000000050004adc22984c00c00010001000000050004adc22985c00c00020001000000050006036e7331c00cc00c00020001000000050006036e7332c00cc00c00020001000000050006036e7333c00cc00c00020001000000050006036e7334c00cc0d800010001000000050004d8ef200ac0ea00010001000000050004d8ef220ac0fc00010001000000050004d8ef240ac10e00010001000000050004d8ef260a0000290500000000050000",
-		// amazon.com. IN A? (reply has no EDNS0 record)
-		// TODO(miek): this one is off-by-one, need to find out why
-		//"6de1818000010004000a000806616d617a6f6e03636f6d0000010001c00c000100010000000500044815c2d4c00c000100010000000500044815d7e8c00c00010001000000050004b02062a6c00c00010001000000050004cdfbf236c00c000200010000000500140570646e733408756c747261646e73036f726700c00c000200010000000500150570646e733508756c747261646e7304696e666f00c00c000200010000000500160570646e733608756c747261646e7302636f02756b00c00c00020001000000050014036e7331037033310664796e656374036e657400c00c00020001000000050006036e7332c0cfc00c00020001000000050006036e7333c0cfc00c00020001000000050006036e7334c0cfc00c000200010000000500110570646e733108756c747261646e73c0dac00c000200010000000500080570646e7332c127c00c000200010000000500080570646e7333c06ec0cb00010001000000050004d04e461fc0eb00010001000000050004cc0dfa1fc0fd00010001000000050004d04e471fc10f00010001000000050004cc0dfb1fc12100010001000000050004cc4a6c01c121001c000100000005001020010502f3ff00000000000000000001c13e00010001000000050004cc4a6d01c13e001c0001000000050010261000a1101400000000000000000001",
-		// yahoo.com. IN A?
-		"fc2d81800001000300070008057961686f6f03636f6d0000010001c00c00010001000000050004628afd6dc00c00010001000000050004628bb718c00c00010001000000050004cebe242dc00c00020001000000050006036e7336c00cc00c00020001000000050006036e7338c00cc00c00020001000000050006036e7331c00cc00c00020001000000050006036e7332c00cc00c00020001000000050006036e7333c00cc00c00020001000000050006036e7334c00cc00c00020001000000050006036e7335c00cc07b0001000100000005000444b48310c08d00010001000000050004448eff10c09f00010001000000050004cb54dd35c0b100010001000000050004628a0b9dc0c30001000100000005000477a0f77cc05700010001000000050004ca2bdfaac06900010001000000050004caa568160000290500000000050000",
-		// microsoft.com. IN A?
-		"f4368180000100020005000b096d6963726f736f667403636f6d0000010001c00c0001000100000005000440040b25c00c0001000100000005000441373ac9c00c0002000100000005000e036e7331046d736674036e657400c00c00020001000000050006036e7332c04fc00c00020001000000050006036e7333c04fc00c00020001000000050006036e7334c04fc00c00020001000000050006036e7335c04fc04b000100010000000500044137253ec04b001c00010000000500102a010111200500000000000000010001c0650001000100000005000440043badc065001c00010000000500102a010111200600060000000000010001c07700010001000000050004d5c7b435c077001c00010000000500102a010111202000000000000000010001c08900010001000000050004cf2e4bfec089001c00010000000500102404f800200300000000000000010001c09b000100010000000500044137e28cc09b001c00010000000500102a010111200f000100000000000100010000290500000000050000",
-		// google.com. IN MX?
-		"724b8180000100050004000b06676f6f676c6503636f6d00000f0001c00c000f000100000005000c000a056173706d78016cc00cc00c000f0001000000050009001404616c7431c02ac00c000f0001000000050009001e04616c7432c02ac00c000f0001000000050009002804616c7433c02ac00c000f0001000000050009003204616c7434c02ac00c00020001000000050006036e7332c00cc00c00020001000000050006036e7333c00cc00c00020001000000050006036e7334c00cc00c00020001000000050006036e7331c00cc02a00010001000000050004adc2421bc02a001c00010000000500102a00145040080c01000000000000001bc04200010001000000050004adc2461bc05700010001000000050004adc2451bc06c000100010000000500044a7d8f1bc081000100010000000500044a7d191bc0ca00010001000000050004d8ef200ac09400010001000000050004d8ef220ac0a600010001000000050004d8ef240ac0b800010001000000050004d8ef260a0000290500000000050000",
-		// reddit.com. IN A?
-		"12b98180000100080000000c0672656464697403636f6d0000020001c00c0002000100000005000f046175733204616b616d036e657400c00c000200010000000500070475736534c02dc00c000200010000000500070475737733c02dc00c000200010000000500070475737735c02dc00c00020001000000050008056173696131c02dc00c00020001000000050008056173696139c02dc00c00020001000000050008056e73312d31c02dc00c0002000100000005000a076e73312d313935c02dc02800010001000000050004c30a242ec04300010001000000050004451f1d39c05600010001000000050004451f3bc7c0690001000100000005000460073240c07c000100010000000500046007fb81c090000100010000000500047c283484c090001c00010000000500102a0226f0006700000000000000000064c0a400010001000000050004c16c5b01c0a4001c000100000005001026001401000200000000000000000001c0b800010001000000050004c16c5bc3c0b8001c0001000000050010260014010002000000000000000000c30000290500000000050000",
-	}
-
-	for i, hexData := range testMessages {
-		// we won't fail the decoding of the hex
-		input, _ := hex.DecodeString(hexData)
-
-		m := new(Msg)
-		m.Unpack(input)
-		m.Compress = true
-		lenComp := m.Len()
-		b, _ := m.Pack()
-		pacComp := len(b)
-		m.Compress = false
-		lenUnComp := m.Len()
-		b, _ = m.Pack()
-		pacUnComp := len(b)
-		if pacComp+1 != lenComp {
-			t.Errorf("msg.Len(compressed)=%d actual=%d for test %d", lenComp, pacComp, i)
-		}
-		if pacUnComp+1 != lenUnComp {
-			t.Errorf("msg.Len(uncompressed)=%d actual=%d for test %d", lenUnComp, pacUnComp, i)
-		}
-	}
-}
-
-func TestMsgLengthCompressionMalformed(t *testing.T) {
-	// SOA with empty hostmaster, which is illegal
-	soa := &SOA{Hdr: RR_Header{Name: ".", Rrtype: TypeSOA, Class: ClassINET, Ttl: 12345},
-		Ns:      ".",
-		Mbox:    "",
-		Serial:  0,
-		Refresh: 28800,
-		Retry:   7200,
-		Expire:  604800,
-		Minttl:  60}
-	m := new(Msg)
-	m.Compress = true
-	m.Ns = []RR{soa}
-	m.Len() // Should not crash.
-}
-
-func TestMsgCompressLength2(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion(Fqdn("bliep."), TypeANY)
-	msg.Answer = append(msg.Answer, &SRV{Hdr: RR_Header{Name: "blaat.", Rrtype: 0x21, Class: 0x1, Ttl: 0x3c}, Port: 0x4c57, Target: "foo.bar."})
-	msg.Extra = append(msg.Extra, &A{Hdr: RR_Header{Name: "foo.bar.", Rrtype: 0x1, Class: 0x1, Ttl: 0x3c}, A: net.IP{0xac, 0x11, 0x0, 0x3}})
-	predicted := msg.Len()
-	buf, err := msg.Pack()
-	if err != nil {
-		t.Error(err)
-	}
-	if predicted != len(buf) {
-		t.Errorf("predicted compressed length is wrong: predicted %s (len=%d) %d, actual %d",
-			msg.Question[0].Name, len(msg.Answer), predicted, len(buf))
-	}
-}
-
-func TestMsgCompressLengthLargeRecords(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion("my.service.acme.", TypeSRV)
-	j := 1
-	for i := 0; i < 250; i++ {
-		target := fmt.Sprintf("host-redis-1-%d.test.acme.com.node.dc1.consul.", i)
-		msg.Answer = append(msg.Answer, &SRV{Hdr: RR_Header{Name: "redis.service.consul.", Class: 1, Rrtype: TypeSRV, Ttl: 0x3c}, Port: 0x4c57, Target: target})
-		msg.Extra = append(msg.Extra, &CNAME{Hdr: RR_Header{Name: target, Class: 1, Rrtype: TypeCNAME, Ttl: 0x3c}, Target: fmt.Sprintf("fx.168.%d.%d.", j, i)})
-	}
-	predicted := msg.Len()
-	buf, err := msg.Pack()
-	if err != nil {
-		t.Error(err)
-	}
-	if predicted != len(buf) {
-		t.Fatalf("predicted compressed length is wrong: predicted %s (len=%d) %d, actual %d", msg.Question[0].Name, len(msg.Answer), predicted, len(buf))
-	}
-}
-
-func TestCompareCompressionMapsForANY(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion("a.service.acme.", TypeANY)
-	// Be sure to have more than 14bits
-	for i := 0; i < 2000; i++ {
-		target := fmt.Sprintf("host.app-%d.x%d.test.acme.", i%250, i)
-		msg.Answer = append(msg.Answer, &AAAA{Hdr: RR_Header{Name: target, Rrtype: TypeAAAA, Class: ClassINET, Ttl: 0x3c}, AAAA: net.IP{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, byte(i / 255), byte(i % 255)}})
-		msg.Answer = append(msg.Answer, &A{Hdr: RR_Header{Name: target, Rrtype: TypeA, Class: ClassINET, Ttl: 0x3c}, A: net.IP{127, 0, byte(i / 255), byte(i % 255)}})
-		if msg.Len() > 16384 {
-			break
-		}
-	}
-	for labelSize := 0; labelSize < 63; labelSize++ {
-		msg.SetQuestion(fmt.Sprintf("a%s.service.acme.", strings.Repeat("x", labelSize)), TypeANY)
-
-		compressionFake := make(map[string]int)
-		lenFake := compressedLenWithCompressionMap(msg, compressionFake)
-
-		compressionReal := make(map[string]int)
-		buf, err := msg.packBufferWithCompressionMap(nil, compressionReal)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if lenFake != len(buf) {
-			t.Fatalf("padding= %d ; Predicted len := %d != real:= %d", labelSize, lenFake, len(buf))
-		}
-		if !reflect.DeepEqual(compressionFake, compressionReal) {
-			t.Fatalf("padding= %d ; Fake Compression Map != Real Compression Map\n*** Real:= %v\n\n***Fake:= %v", labelSize, compressionReal, compressionFake)
-		}
-	}
-}
-
-func TestCompareCompressionMapsForSRV(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion("a.service.acme.", TypeSRV)
-	// Be sure to have more than 14bits
-	for i := 0; i < 2000; i++ {
-		target := fmt.Sprintf("host.app-%d.x%d.test.acme.", i%250, i)
-		msg.Answer = append(msg.Answer, &SRV{Hdr: RR_Header{Name: "redis.service.consul.", Class: ClassINET, Rrtype: TypeSRV, Ttl: 0x3c}, Port: 0x4c57, Target: target})
-		msg.Extra = append(msg.Extra, &A{Hdr: RR_Header{Name: target, Rrtype: TypeA, Class: ClassINET, Ttl: 0x3c}, A: net.IP{127, 0, byte(i / 255), byte(i % 255)}})
-		if msg.Len() > 16384 {
-			break
-		}
-	}
-	for labelSize := 0; labelSize < 63; labelSize++ {
-		msg.SetQuestion(fmt.Sprintf("a%s.service.acme.", strings.Repeat("x", labelSize)), TypeAAAA)
-
-		compressionFake := make(map[string]int)
-		lenFake := compressedLenWithCompressionMap(msg, compressionFake)
-
-		compressionReal := make(map[string]int)
-		buf, err := msg.packBufferWithCompressionMap(nil, compressionReal)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if lenFake != len(buf) {
-			t.Fatalf("padding= %d ; Predicted len := %d != real:= %d", labelSize, lenFake, len(buf))
-		}
-		if !reflect.DeepEqual(compressionFake, compressionReal) {
-			t.Fatalf("padding= %d ; Fake Compression Map != Real Compression Map\n*** Real:= %v\n\n***Fake:= %v", labelSize, compressionReal, compressionFake)
-		}
-	}
-}
-
-func TestMsgCompressLengthLargeRecordsWithPaddingPermutation(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion("my.service.acme.", TypeSRV)
-
-	for i := 0; i < 250; i++ {
-		target := fmt.Sprintf("host-redis-x-%d.test.acme.com.node.dc1.consul.", i)
-		msg.Answer = append(msg.Answer, &SRV{Hdr: RR_Header{Name: "redis.service.consul.", Class: 1, Rrtype: TypeSRV, Ttl: 0x3c}, Port: 0x4c57, Target: target})
-		msg.Extra = append(msg.Extra, &CNAME{Hdr: RR_Header{Name: target, Class: ClassINET, Rrtype: TypeCNAME, Ttl: 0x3c}, Target: fmt.Sprintf("fx.168.x.%d.", i)})
-	}
-	for labelSize := 1; labelSize < 63; labelSize++ {
-		msg.SetQuestion(fmt.Sprintf("my.%s.service.acme.", strings.Repeat("x", labelSize)), TypeSRV)
-		predicted := msg.Len()
-		buf, err := msg.Pack()
-		if err != nil {
-			t.Error(err)
-		}
-		if predicted != len(buf) {
-			t.Fatalf("padding= %d ; predicted compressed length is wrong: predicted %s (len=%d) %d, actual %d", labelSize, msg.Question[0].Name, len(msg.Answer), predicted, len(buf))
-		}
-	}
-}
-
-func TestMsgCompressLengthLargeRecordsAllValues(t *testing.T) {
-	msg := new(Msg)
-	msg.Compress = true
-	msg.SetQuestion("redis.service.consul.", TypeSRV)
-	for i := 0; i < 900; i++ {
-		target := fmt.Sprintf("host-redis-%d-%d.test.acme.com.node.dc1.consul.", i/256, i%256)
-		msg.Answer = append(msg.Answer, &SRV{Hdr: RR_Header{Name: "redis.service.consul.", Class: 1, Rrtype: TypeSRV, Ttl: 0x3c}, Port: 0x4c57, Target: target})
-		msg.Extra = append(msg.Extra, &CNAME{Hdr: RR_Header{Name: target, Class: ClassINET, Rrtype: TypeCNAME, Ttl: 0x3c}, Target: fmt.Sprintf("fx.168.%d.%d.", i/256, i%256)})
-		predicted := msg.Len()
-		buf, err := msg.Pack()
-		if err != nil {
-			t.Error(err)
-		}
-		if predicted != len(buf) {
-			t.Fatalf("predicted compressed length is wrong for %d records: predicted %s (len=%d) %d, actual %d", i, msg.Question[0].Name, len(msg.Answer), predicted, len(buf))
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/msg_test.go
+++ b/vendor/github.com/miekg/dns/msg_test.go
@@ -1,146 +0,0 @@
-package dns
-
-import (
-	"fmt"
-	"regexp"
-	"strconv"
-	"strings"
-	"testing"
-)
-
-const (
-	maxPrintableLabel = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789x"
-	tooLongLabel      = maxPrintableLabel + "x"
-)
-
-var (
-	longDomain = maxPrintableLabel[:53] + strings.TrimSuffix(
-		strings.Join([]string{".", ".", ".", ".", "."}, maxPrintableLabel[:49]), ".")
-	reChar              = regexp.MustCompile(`.`)
-	i                   = -1
-	maxUnprintableLabel = reChar.ReplaceAllStringFunc(maxPrintableLabel, func(ch string) string {
-		if i++; i >= 32 {
-			i = 0
-		}
-		return fmt.Sprintf("\\%03d", i)
-	})
-)
-
-func TestPackNoSideEffect(t *testing.T) {
-	m := new(Msg)
-	m.SetQuestion(Fqdn("example.com."), TypeNS)
-
-	a := new(Msg)
-	o := &OPT{
-		Hdr: RR_Header{
-			Name:   ".",
-			Rrtype: TypeOPT,
-		},
-	}
-	o.SetUDPSize(DefaultMsgSize)
-
-	a.Extra = append(a.Extra, o)
-	a.SetRcode(m, RcodeBadVers)
-
-	a.Pack()
-	if a.Rcode != RcodeBadVers {
-		t.Errorf("after pack: Rcode is expected to be BADVERS")
-	}
-}
-
-func TestUnpackDomainName(t *testing.T) {
-	var cases = []struct {
-		label          string
-		input          string
-		expectedOutput string
-		expectedError  string
-	}{
-		{"empty domain",
-			"\x00",
-			".",
-			""},
-		{"long label",
-			string(63) + maxPrintableLabel + "\x00",
-			maxPrintableLabel + ".",
-			""},
-		{"unprintable label",
-			string(63) + regexp.MustCompile(`\\[0-9]+`).ReplaceAllStringFunc(maxUnprintableLabel,
-				func(escape string) string {
-					n, _ := strconv.ParseInt(escape[1:], 10, 8)
-					return string(n)
-				}) + "\x00",
-			maxUnprintableLabel + ".",
-			""},
-		{"long domain",
-			string(53) + strings.Replace(longDomain, ".", string(49), -1) + "\x00",
-			longDomain + ".",
-			""},
-		{"compression pointer",
-			// an unrealistic but functional test referencing an offset _inside_ a label
-			"\x03foo" + "\x05\x03com\x00" + "\x07example" + "\xC0\x05",
-			"foo.\\003com\\000.example.com.",
-			""},
-
-		{"too long domain",
-			string(54) + "x" + strings.Replace(longDomain, ".", string(49), -1) + "\x00",
-			"x" + longDomain + ".",
-			ErrLongDomain.Error()},
-		{"too long by pointer",
-			// a matryoshka doll name to get over 255 octets after expansion via internal pointers
-			string([]byte{
-				// 11 length values, first to last
-				40, 37, 34, 31, 28, 25, 22, 19, 16, 13, 0,
-				// 12 filler values
-				120, 120, 120, 120, 120, 120, 120, 120, 120, 120, 120, 120,
-				// 10 pointers, last to first
-				192, 10, 192, 9, 192, 8, 192, 7, 192, 6, 192, 5, 192, 4, 192, 3, 192, 2, 192, 1,
-			}),
-			"",
-			ErrLongDomain.Error()},
-		{"long by pointer",
-			// a matryoshka doll name _not_ exceeding 255 octets after expansion
-			string([]byte{
-				// 11 length values, first to last
-				37, 34, 31, 28, 25, 22, 19, 16, 13, 10, 0,
-				// 9 filler values
-				120, 120, 120, 120, 120, 120, 120, 120, 120,
-				// 10 pointers, last to first
-				192, 10, 192, 9, 192, 8, 192, 7, 192, 6, 192, 5, 192, 4, 192, 3, 192, 2, 192, 1,
-			}),
-			"" +
-				(`\"\031\028\025\022\019\016\013\010\000xxxxxxxxx` +
-					`\192\010\192\009\192\008\192\007\192\006\192\005\192\004\192\003\192\002.`) +
-				(`\031\028\025\022\019\016\013\010\000xxxxxxxxx` +
-					`\192\010\192\009\192\008\192\007\192\006\192\005\192\004\192\003.`) +
-				(`\028\025\022\019\016\013\010\000xxxxxxxxx` +
-					`\192\010\192\009\192\008\192\007\192\006\192\005\192\004.`) +
-				(`\025\022\019\016\013\010\000xxxxxxxxx` +
-					`\192\010\192\009\192\008\192\007\192\006\192\005.`) +
-				`\022\019\016\013\010\000xxxxxxxxx\192\010\192\009\192\008\192\007\192\006.` +
-				`\019\016\013\010\000xxxxxxxxx\192\010\192\009\192\008\192\007.` +
-				`\016\013\010\000xxxxxxxxx\192\010\192\009\192\008.` +
-				`\013\010\000xxxxxxxxx\192\010\192\009.` +
-				`\010\000xxxxxxxxx\192\010.` +
-				`\000xxxxxxxxx.`,
-			""},
-		{"truncated name", "\x07example\x03", "", "dns: buffer size too small"},
-		{"non-absolute name", "\x07example\x03com", "", "dns: buffer size too small"},
-		{"compression pointer cycle",
-			"\x03foo" + "\x03bar" + "\x07example" + "\xC0\x04",
-			"",
-			"dns: too many compression pointers"},
-		{"reserved compression pointer 0b10", "\x07example\x80", "", "dns: bad rdata"},
-		{"reserved compression pointer 0b01", "\x07example\x40", "", "dns: bad rdata"},
-	}
-	for _, test := range cases {
-		output, idx, err := UnpackDomainName([]byte(test.input), 0)
-		if test.expectedOutput != "" && output != test.expectedOutput {
-			t.Errorf("%s: expected %s, got %s", test.label, test.expectedOutput, output)
-		}
-		if test.expectedError == "" && err != nil {
-			t.Errorf("%s: expected no error, got %d %v", test.label, idx, err)
-		} else if test.expectedError != "" && (err == nil || err.Error() != test.expectedError) {
-			t.Errorf("%s: expected error %s, got %d %v", test.label, test.expectedError, idx, err)
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/nsecx_test.go
+++ b/vendor/github.com/miekg/dns/nsecx_test.go
@@ -1,141 +0,0 @@
-package dns
-
-import "testing"
-
-func TestPackNsec3(t *testing.T) {
-	nsec3 := HashName("dnsex.nl.", SHA1, 0, "DEAD")
-	if nsec3 != "ROCCJAE8BJJU7HN6T7NG3TNM8ACRS87J" {
-		t.Error(nsec3)
-	}
-
-	nsec3 = HashName("a.b.c.example.org.", SHA1, 2, "DEAD")
-	if nsec3 != "6LQ07OAHBTOOEU2R9ANI2AT70K5O0RCG" {
-		t.Error(nsec3)
-	}
-}
-
-func TestNsec3(t *testing.T) {
-	nsec3 := testRR("sk4e8fj94u78smusb40o1n0oltbblu2r.nl. IN NSEC3 1 1 5 F10E9F7EA83FC8F3 SK4F38CQ0ATIEI8MH3RGD0P5I4II6QAN NS SOA TXT RRSIG DNSKEY NSEC3PARAM")
-	if !nsec3.(*NSEC3).Match("nl.") { // name hash = sk4e8fj94u78smusb40o1n0oltbblu2r
-		t.Fatal("sk4e8fj94u78smusb40o1n0oltbblu2r.nl. should match sk4e8fj94u78smusb40o1n0oltbblu2r.nl.")
-	}
-	if !nsec3.(*NSEC3).Match("NL.") { // name hash = sk4e8fj94u78smusb40o1n0oltbblu2r
-		t.Fatal("sk4e8fj94u78smusb40o1n0oltbblu2r.NL. should match sk4e8fj94u78smusb40o1n0oltbblu2r.nl.")
-	}
-	if nsec3.(*NSEC3).Match("com.") { //
-		t.Fatal("com. is not in the zone nl.")
-	}
-	if nsec3.(*NSEC3).Match("test.nl.") { // name hash = gd0ptr5bnfpimpu2d3v6gd4n0bai7s0q
-		t.Fatal("gd0ptr5bnfpimpu2d3v6gd4n0bai7s0q.nl. should not match sk4e8fj94u78smusb40o1n0oltbblu2r.nl.")
-	}
-	nsec3 = testRR("nl. IN NSEC3 1 1 5 F10E9F7EA83FC8F3 SK4F38CQ0ATIEI8MH3RGD0P5I4II6QAN NS SOA TXT RRSIG DNSKEY NSEC3PARAM")
-	if nsec3.(*NSEC3).Match("nl.") {
-		t.Fatal("sk4e8fj94u78smusb40o1n0oltbblu2r.nl. should not match a record without a owner hash")
-	}
-
-	for _, tc := range []struct {
-		rr     *NSEC3
-		name   string
-		covers bool
-	}{
-		// positive tests
-		{ // name hash between owner hash and next hash
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "2N1TB3VAIRUOBL6RKDVII42N9TFMIALP.com."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "PT3RON8N7PM3A0OE989IB84OOSADP7O8",
-			},
-			name:   "bsd.com.",
-			covers: true,
-		},
-		{ // end of zone, name hash is after owner hash
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "3v62ulr0nre83v0rja2vjgtlif9v6rab.com."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "2N1TB3VAIRUOBL6RKDVII42N9TFMIALP",
-			},
-			name:   "csd.com.",
-			covers: true,
-		},
-		{ // end of zone, name hash is before beginning of zone
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "PT3RON8N7PM3A0OE989IB84OOSADP7O8.com."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "3V62ULR0NRE83V0RJA2VJGTLIF9V6RAB",
-			},
-			name:   "asd.com.",
-			covers: true,
-		},
-		// negative tests
-		{ // too short owner name
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "nl."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "39P99DCGG0MDLARTCRMCF6OFLLUL7PR6",
-			},
-			name:   "asd.com.",
-			covers: false,
-		},
-		{ // outside of zone
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "39p91242oslggest5e6a7cci4iaeqvnk.nl."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "39P99DCGG0MDLARTCRMCF6OFLLUL7PR6",
-			},
-			name:   "asd.com.",
-			covers: false,
-		},
-		{ // empty interval
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "2n1tb3vairuobl6rkdvii42n9tfmialp.com."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "2N1TB3VAIRUOBL6RKDVII42N9TFMIALP",
-			},
-			name:   "asd.com.",
-			covers: false,
-		},
-		{ // name hash is before owner hash, not covered
-			rr: &NSEC3{
-				Hdr:        RR_Header{Name: "3V62ULR0NRE83V0RJA2VJGTLIF9V6RAB.com."},
-				Hash:       1,
-				Flags:      1,
-				Iterations: 5,
-				Salt:       "F10E9F7EA83FC8F3",
-				NextDomain: "PT3RON8N7PM3A0OE989IB84OOSADP7O8",
-			},
-			name:   "asd.com.",
-			covers: false,
-		},
-	} {
-		covers := tc.rr.Cover(tc.name)
-		if tc.covers != covers {
-			t.Fatalf("cover failed for %s: expected %t, got %t [record: %s]", tc.name, tc.covers, covers, tc.rr)
-		}
-	}
-}
-
-func TestNsec3EmptySalt(t *testing.T) {
-	rr, _ := NewRR("CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A  NS SOA RRSIG DNSKEY NSEC3PARAM")
-
-	if !rr.(*NSEC3).Match("com.") {
-		t.Fatalf("expected record to match com. label")
-	}
-}
--- a/vendor/github.com/miekg/dns/parse_test.go
+++ b/vendor/github.com/miekg/dns/parse_test.go
--- a/vendor/github.com/miekg/dns/privaterr_test.go
+++ b/vendor/github.com/miekg/dns/privaterr_test.go
@@ -1,166 +0,0 @@
-package dns_test
-
-import (
-	"strings"
-	"testing"
-
-	"github.com/miekg/dns"
-)
-
-const TypeISBN uint16 = 0xFF00
-
-// A crazy new RR type :)
-type ISBN struct {
-	x string // rdata with 10 or 13 numbers, dashes or spaces allowed
-}
-
-func NewISBN() dns.PrivateRdata { return &ISBN{""} }
-
-func (rd *ISBN) Len() int       { return len([]byte(rd.x)) }
-func (rd *ISBN) String() string { return rd.x }
-
-func (rd *ISBN) Parse(txt []string) error {
-	rd.x = strings.TrimSpace(strings.Join(txt, " "))
-	return nil
-}
-
-func (rd *ISBN) Pack(buf []byte) (int, error) {
-	b := []byte(rd.x)
-	n := copy(buf, b)
-	if n != len(b) {
-		return n, dns.ErrBuf
-	}
-	return n, nil
-}
-
-func (rd *ISBN) Unpack(buf []byte) (int, error) {
-	rd.x = string(buf)
-	return len(buf), nil
-}
-
-func (rd *ISBN) Copy(dest dns.PrivateRdata) error {
-	isbn, ok := dest.(*ISBN)
-	if !ok {
-		return dns.ErrRdata
-	}
-	isbn.x = rd.x
-	return nil
-}
-
-var testrecord = strings.Join([]string{"example.org.", "3600", "IN", "ISBN", "12-3 456789-0-123"}, "\t")
-
-func TestPrivateText(t *testing.T) {
-	dns.PrivateHandle("ISBN", TypeISBN, NewISBN)
-	defer dns.PrivateHandleRemove(TypeISBN)
-
-	rr, err := dns.NewRR(testrecord)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if rr.String() != testrecord {
-		t.Errorf("record string representation did not match original %#v != %#v", rr.String(), testrecord)
-	}
-}
-
-func TestPrivateByteSlice(t *testing.T) {
-	dns.PrivateHandle("ISBN", TypeISBN, NewISBN)
-	defer dns.PrivateHandleRemove(TypeISBN)
-
-	rr, err := dns.NewRR(testrecord)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	buf := make([]byte, 100)
-	off, err := dns.PackRR(rr, buf, 0, nil, false)
-	if err != nil {
-		t.Errorf("got error packing ISBN: %v", err)
-	}
-
-	custrr := rr.(*dns.PrivateRR)
-	if ln := custrr.Data.Len() + len(custrr.Header().Name) + 11; ln != off {
-		t.Errorf("offset is not matching to length of Private RR: %d!=%d", off, ln)
-	}
-
-	rr1, off1, err := dns.UnpackRR(buf[:off], 0)
-	if err != nil {
-		t.Errorf("got error unpacking ISBN: %v", err)
-		return
-	}
-
-	if off1 != off {
-		t.Errorf("offset after unpacking differs: %d != %d", off1, off)
-	}
-
-	if rr1.String() != testrecord {
-		t.Errorf("record string representation did not match original %#v != %#v", rr1.String(), testrecord)
-	}
-}
-
-const TypeVERSION uint16 = 0xFF01
-
-type VERSION struct {
-	x string
-}
-
-func NewVersion() dns.PrivateRdata { return &VERSION{""} }
-
-func (rd *VERSION) String() string { return rd.x }
-func (rd *VERSION) Parse(txt []string) error {
-	rd.x = strings.TrimSpace(strings.Join(txt, " "))
-	return nil
-}
-
-func (rd *VERSION) Pack(buf []byte) (int, error) {
-	b := []byte(rd.x)
-	n := copy(buf, b)
-	if n != len(b) {
-		return n, dns.ErrBuf
-	}
-	return n, nil
-}
-
-func (rd *VERSION) Unpack(buf []byte) (int, error) {
-	rd.x = string(buf)
-	return len(buf), nil
-}
-
-func (rd *VERSION) Copy(dest dns.PrivateRdata) error {
-	isbn, ok := dest.(*VERSION)
-	if !ok {
-		return dns.ErrRdata
-	}
-	isbn.x = rd.x
-	return nil
-}
-
-func (rd *VERSION) Len() int {
-	return len([]byte(rd.x))
-}
-
-var smallzone = `$ORIGIN example.org.
-@ 3600 IN SOA	sns.dns.icann.org. noc.dns.icann.org. (
-		2014091518 7200 3600 1209600 3600
-)
-    A   1.2.3.4
-ok ISBN 1231-92110-12
-go VERSION (
-	1.3.1 ; comment
-)
-www ISBN 1231-92110-16
-*  CNAME @
-`
-
-func TestPrivateZoneParser(t *testing.T) {
-	dns.PrivateHandle("ISBN", TypeISBN, NewISBN)
-	dns.PrivateHandle("VERSION", TypeVERSION, NewVersion)
-	defer dns.PrivateHandleRemove(TypeISBN)
-	defer dns.PrivateHandleRemove(TypeVERSION)
-
-	r := strings.NewReader(smallzone)
-	for x := range dns.ParseZone(r, ".", "") {
-		if err := x.Error; err != nil {
-			t.Fatal(err)
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/remote_test.go
+++ b/vendor/github.com/miekg/dns/remote_test.go
@@ -1,19 +0,0 @@
-package dns
-
-import "testing"
-
-const LinodeAddr = "176.58.119.54:53"
-
-func TestClientRemote(t *testing.T) {
-	m := new(Msg)
-	m.SetQuestion("go.dns.miek.nl.", TypeTXT)
-
-	c := new(Client)
-	r, _, err := c.Exchange(m, LinodeAddr)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-	if r != nil && r.Rcode != RcodeSuccess {
-		t.Errorf("failed to get an valid answer\n%v", r)
-	}
-}
--- a/vendor/github.com/miekg/dns/rr_test.go
+++ b/vendor/github.com/miekg/dns/rr_test.go
@@ -1,7 +0,0 @@
-package dns
-
-// testRR returns the RR from string s. The error is thrown away.
-func testRR(s string) RR {
-	r, _ := NewRR(s)
-	return r
-}
--- a/vendor/github.com/miekg/dns/sanitize_test.go
+++ b/vendor/github.com/miekg/dns/sanitize_test.go
@@ -1,75 +0,0 @@
-package dns
-
-import "testing"
-
-func TestDedup(t *testing.T) {
-	testcases := map[[3]RR][]string{
-		[...]RR{
-			testRR("mIek.nl. IN A 127.0.0.1"),
-			testRR("mieK.nl. IN A 127.0.0.1"),
-			testRR("miek.Nl. IN A 127.0.0.1"),
-		}: {"mIek.nl.\t3600\tIN\tA\t127.0.0.1"},
-		[...]RR{
-			testRR("miEk.nl. 2000 IN A 127.0.0.1"),
-			testRR("mieK.Nl. 1000 IN A 127.0.0.1"),
-			testRR("Miek.nL. 500 IN A 127.0.0.1"),
-		}: {"miEk.nl.\t500\tIN\tA\t127.0.0.1"},
-		[...]RR{
-			testRR("miek.nl. IN A 127.0.0.1"),
-			testRR("miek.nl. CH A 127.0.0.1"),
-			testRR("miek.nl. IN A 127.0.0.1"),
-		}: {"miek.nl.\t3600\tIN\tA\t127.0.0.1",
-			"miek.nl.\t3600\tCH\tA\t127.0.0.1",
-		},
-		[...]RR{
-			testRR("miek.nl. CH A 127.0.0.1"),
-			testRR("miek.nl. IN A 127.0.0.1"),
-			testRR("miek.de. IN A 127.0.0.1"),
-		}: {"miek.nl.\t3600\tCH\tA\t127.0.0.1",
-			"miek.nl.\t3600\tIN\tA\t127.0.0.1",
-			"miek.de.\t3600\tIN\tA\t127.0.0.1",
-		},
-		[...]RR{
-			testRR("miek.de. IN A 127.0.0.1"),
-			testRR("miek.nl. 200 IN A 127.0.0.1"),
-			testRR("miek.nl. 300 IN A 127.0.0.1"),
-		}: {"miek.de.\t3600\tIN\tA\t127.0.0.1",
-			"miek.nl.\t200\tIN\tA\t127.0.0.1",
-		},
-	}
-
-	for rr, expected := range testcases {
-		out := Dedup([]RR{rr[0], rr[1], rr[2]}, nil)
-		for i, o := range out {
-			if o.String() != expected[i] {
-				t.Fatalf("expected %v, got %v", expected[i], o.String())
-			}
-		}
-	}
-}
-
-func BenchmarkDedup(b *testing.B) {
-	rrs := []RR{
-		testRR("miEk.nl. 2000 IN A 127.0.0.1"),
-		testRR("mieK.Nl. 1000 IN A 127.0.0.1"),
-		testRR("Miek.nL. 500 IN A 127.0.0.1"),
-	}
-	m := make(map[string]RR)
-	for i := 0; i < b.N; i++ {
-		Dedup(rrs, m)
-	}
-}
-
-func TestNormalizedString(t *testing.T) {
-	tests := map[RR]string{
-		testRR("mIEk.Nl. 3600 IN A 127.0.0.1"):     "miek.nl.\tIN\tA\t127.0.0.1",
-		testRR("m\\ iek.nL. 3600 IN A 127.0.0.1"):  "m\\ iek.nl.\tIN\tA\t127.0.0.1",
-		testRR("m\\\tIeK.nl. 3600 in A 127.0.0.1"): "m\\009iek.nl.\tIN\tA\t127.0.0.1",
-	}
-	for tc, expected := range tests {
-		n := normalizedString(tc)
-		if n != expected {
-			t.Errorf("expected %s, got %s", expected, n)
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/scan_test.go
+++ b/vendor/github.com/miekg/dns/scan_test.go
@@ -1,48 +0,0 @@
-package dns
-
-import (
-	"io/ioutil"
-	"os"
-	"strings"
-	"testing"
-)
-
-func TestParseZoneInclude(t *testing.T) {
-
-	tmpfile, err := ioutil.TempFile("", "dns")
-	if err != nil {
-		t.Fatalf("could not create tmpfile for test: %s", err)
-	}
-
-	if _, err := tmpfile.WriteString("foo\tIN\tA\t127.0.0.1"); err != nil {
-		t.Fatalf("unable to write content to tmpfile %q: %s", tmpfile.Name(), err)
-	}
-	if err := tmpfile.Close(); err != nil {
-		t.Fatalf("could not close tmpfile %q: %s", tmpfile.Name(), err)
-	}
-
-	zone := "$ORIGIN example.org.\n$INCLUDE " + tmpfile.Name()
-
-	tok := ParseZone(strings.NewReader(zone), "", "")
-	for x := range tok {
-		if x.Error != nil {
-			t.Fatalf("expected no error, but got %s", x.Error)
-		}
-		if x.RR.Header().Name != "foo.example.org." {
-			t.Fatalf("expected %s, but got %s", "foo.example.org.", x.RR.Header().Name)
-		}
-	}
-
-	os.Remove(tmpfile.Name())
-
-	tok = ParseZone(strings.NewReader(zone), "", "")
-	for x := range tok {
-		if x.Error == nil {
-			t.Fatalf("expected first token to contain an error but it didn't")
-		}
-		if !strings.Contains(x.Error.Error(), "failed to open") ||
-			!strings.Contains(x.Error.Error(), tmpfile.Name()) {
-			t.Fatalf(`expected error to contain: "failed to open" and %q but got: %s`, tmpfile.Name(), x.Error)
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/server_test.go
+++ b/vendor/github.com/miekg/dns/server_test.go
@@ -1,792 +0,0 @@
-package dns
-
-import (
-	"crypto/tls"
-	"fmt"
-	"io"
-	"net"
-	"runtime"
-	"sync"
-	"testing"
-	"time"
-)
-
-func HelloServer(w ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-
-	m.Extra = make([]RR, 1)
-	m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	w.WriteMsg(m)
-}
-
-func HelloServerBadID(w ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-	m.Id++
-
-	m.Extra = make([]RR, 1)
-	m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	w.WriteMsg(m)
-}
-
-func HelloServerEchoAddrPort(w ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-
-	remoteAddr := w.RemoteAddr().String()
-	m.Extra = make([]RR, 1)
-	m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{remoteAddr}}
-	w.WriteMsg(m)
-}
-
-func AnotherHelloServer(w ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-
-	m.Extra = make([]RR, 1)
-	m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello example"}}
-	w.WriteMsg(m)
-}
-
-func RunLocalUDPServer(laddr string) (*Server, string, error) {
-	server, l, _, err := RunLocalUDPServerWithFinChan(laddr)
-
-	return server, l, err
-}
-
-func RunLocalUDPServerWithFinChan(laddr string) (*Server, string, chan error, error) {
-	pc, err := net.ListenPacket("udp", laddr)
-	if err != nil {
-		return nil, "", nil, err
-	}
-	server := &Server{PacketConn: pc, ReadTimeout: time.Hour, WriteTimeout: time.Hour}
-
-	waitLock := sync.Mutex{}
-	waitLock.Lock()
-	server.NotifyStartedFunc = waitLock.Unlock
-
-	// fin must be buffered so the goroutine below won't block
-	// forever if fin is never read from. This always happens
-	// in RunLocalUDPServer and can happen in TestShutdownUDP.
-	fin := make(chan error, 1)
-
-	go func() {
-		fin <- server.ActivateAndServe()
-		pc.Close()
-	}()
-
-	waitLock.Lock()
-	return server, pc.LocalAddr().String(), fin, nil
-}
-
-func RunLocalUDPServerUnsafe(laddr string) (*Server, string, error) {
-	pc, err := net.ListenPacket("udp", laddr)
-	if err != nil {
-		return nil, "", err
-	}
-	server := &Server{PacketConn: pc, Unsafe: true,
-		ReadTimeout: time.Hour, WriteTimeout: time.Hour}
-
-	waitLock := sync.Mutex{}
-	waitLock.Lock()
-	server.NotifyStartedFunc = waitLock.Unlock
-
-	go func() {
-		server.ActivateAndServe()
-		pc.Close()
-	}()
-
-	waitLock.Lock()
-	return server, pc.LocalAddr().String(), nil
-}
-
-func RunLocalTCPServer(laddr string) (*Server, string, error) {
-	server, l, _, err := RunLocalTCPServerWithFinChan(laddr)
-
-	return server, l, err
-}
-
-func RunLocalTCPServerWithFinChan(laddr string) (*Server, string, chan error, error) {
-	l, err := net.Listen("tcp", laddr)
-	if err != nil {
-		return nil, "", nil, err
-	}
-
-	server := &Server{Listener: l, ReadTimeout: time.Hour, WriteTimeout: time.Hour}
-
-	waitLock := sync.Mutex{}
-	waitLock.Lock()
-	server.NotifyStartedFunc = waitLock.Unlock
-
-	// See the comment in RunLocalUDPServerWithFinChan as to
-	// why fin must be buffered.
-	fin := make(chan error, 1)
-
-	go func() {
-		fin <- server.ActivateAndServe()
-		l.Close()
-	}()
-
-	waitLock.Lock()
-	return server, l.Addr().String(), fin, nil
-}
-
-func RunLocalTLSServer(laddr string, config *tls.Config) (*Server, string, error) {
-	l, err := tls.Listen("tcp", laddr, config)
-	if err != nil {
-		return nil, "", err
-	}
-
-	server := &Server{Listener: l, ReadTimeout: time.Hour, WriteTimeout: time.Hour}
-
-	waitLock := sync.Mutex{}
-	waitLock.Lock()
-	server.NotifyStartedFunc = waitLock.Unlock
-
-	go func() {
-		server.ActivateAndServe()
-		l.Close()
-	}()
-
-	waitLock.Lock()
-	return server, l.Addr().String(), nil
-}
-
-func TestServing(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	HandleFunc("example.com.", AnotherHelloServer)
-	defer HandleRemove("miek.nl.")
-	defer HandleRemove("example.com.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil || len(r.Extra) == 0 {
-		t.Fatal("failed to exchange miek.nl", err)
-	}
-	txt := r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello world" {
-		t.Error("unexpected result for miek.nl", txt, "!= Hello world")
-	}
-
-	m.SetQuestion("example.com.", TypeTXT)
-	r, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatal("failed to exchange example.com", err)
-	}
-	txt = r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-
-	// Test Mixes cased as noticed by Ask.
-	m.SetQuestion("eXaMplE.cOm.", TypeTXT)
-	r, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Error("failed to exchange eXaMplE.cOm", err)
-	}
-	txt = r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-}
-
-func TestServingTLS(t *testing.T) {
-	HandleFunc("miek.nl.", HelloServer)
-	HandleFunc("example.com.", AnotherHelloServer)
-	defer HandleRemove("miek.nl.")
-	defer HandleRemove("example.com.")
-
-	cert, err := tls.X509KeyPair(CertPEMBlock, KeyPEMBlock)
-	if err != nil {
-		t.Fatalf("unable to build certificate: %v", err)
-	}
-
-	config := tls.Config{
-		Certificates: []tls.Certificate{cert},
-	}
-
-	s, addrstr, err := RunLocalTLSServer(":0", &config)
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	c := new(Client)
-	c.Net = "tcp-tls"
-	c.TLSConfig = &tls.Config{
-		InsecureSkipVerify: true,
-	}
-
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-	r, _, err := c.Exchange(m, addrstr)
-	if err != nil || len(r.Extra) == 0 {
-		t.Fatal("failed to exchange miek.nl", err)
-	}
-	txt := r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello world" {
-		t.Error("unexpected result for miek.nl", txt, "!= Hello world")
-	}
-
-	m.SetQuestion("example.com.", TypeTXT)
-	r, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatal("failed to exchange example.com", err)
-	}
-	txt = r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-
-	// Test Mixes cased as noticed by Ask.
-	m.SetQuestion("eXaMplE.cOm.", TypeTXT)
-	r, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Error("failed to exchange eXaMplE.cOm", err)
-	}
-	txt = r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-}
-
-func TestServingListenAndServe(t *testing.T) {
-	HandleFunc("example.com.", AnotherHelloServer)
-	defer HandleRemove("example.com.")
-
-	waitLock := sync.Mutex{}
-	server := &Server{Addr: ":0", Net: "udp", ReadTimeout: time.Hour, WriteTimeout: time.Hour, NotifyStartedFunc: waitLock.Unlock}
-	waitLock.Lock()
-
-	go func() {
-		server.ListenAndServe()
-	}()
-	waitLock.Lock()
-
-	c, m := new(Client), new(Msg)
-	m.SetQuestion("example.com.", TypeTXT)
-	addr := server.PacketConn.LocalAddr().String() // Get address via the PacketConn that gets set.
-	r, _, err := c.Exchange(m, addr)
-	if err != nil {
-		t.Fatal("failed to exchange example.com", err)
-	}
-	txt := r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-	server.Shutdown()
-}
-
-func TestServingListenAndServeTLS(t *testing.T) {
-	HandleFunc("example.com.", AnotherHelloServer)
-	defer HandleRemove("example.com.")
-
-	cert, err := tls.X509KeyPair(CertPEMBlock, KeyPEMBlock)
-	if err != nil {
-		t.Fatalf("unable to build certificate: %v", err)
-	}
-
-	config := &tls.Config{
-		Certificates: []tls.Certificate{cert},
-	}
-
-	waitLock := sync.Mutex{}
-	server := &Server{Addr: ":0", Net: "tcp", TLSConfig: config, ReadTimeout: time.Hour, WriteTimeout: time.Hour, NotifyStartedFunc: waitLock.Unlock}
-	waitLock.Lock()
-
-	go func() {
-		server.ListenAndServe()
-	}()
-	waitLock.Lock()
-
-	c, m := new(Client), new(Msg)
-	c.Net = "tcp"
-	m.SetQuestion("example.com.", TypeTXT)
-	addr := server.Listener.Addr().String() // Get address via the Listener that gets set.
-	r, _, err := c.Exchange(m, addr)
-	if err != nil {
-		t.Fatal(err)
-	}
-	txt := r.Extra[0].(*TXT).Txt[0]
-	if txt != "Hello example" {
-		t.Error("unexpected result for example.com", txt, "!= Hello example")
-	}
-	server.Shutdown()
-}
-
-func BenchmarkServe(b *testing.B) {
-	b.StopTimer()
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-	a := runtime.GOMAXPROCS(4)
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		b.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl", TypeSOA)
-
-	b.StartTimer()
-	for i := 0; i < b.N; i++ {
-		c.Exchange(m, addrstr)
-	}
-	runtime.GOMAXPROCS(a)
-}
-
-func benchmarkServe6(b *testing.B) {
-	b.StopTimer()
-	HandleFunc("miek.nl.", HelloServer)
-	defer HandleRemove("miek.nl.")
-	a := runtime.GOMAXPROCS(4)
-	s, addrstr, err := RunLocalUDPServer("[::1]:0")
-	if err != nil {
-		b.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl", TypeSOA)
-
-	b.StartTimer()
-	for i := 0; i < b.N; i++ {
-		c.Exchange(m, addrstr)
-	}
-	runtime.GOMAXPROCS(a)
-}
-
-func HelloServerCompress(w ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-	m.Extra = make([]RR, 1)
-	m.Extra[0] = &TXT{Hdr: RR_Header{Name: m.Question[0].Name, Rrtype: TypeTXT, Class: ClassINET, Ttl: 0}, Txt: []string{"Hello world"}}
-	m.Compress = true
-	w.WriteMsg(m)
-}
-
-func BenchmarkServeCompress(b *testing.B) {
-	b.StopTimer()
-	HandleFunc("miek.nl.", HelloServerCompress)
-	defer HandleRemove("miek.nl.")
-	a := runtime.GOMAXPROCS(4)
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		b.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl", TypeSOA)
-	b.StartTimer()
-	for i := 0; i < b.N; i++ {
-		c.Exchange(m, addrstr)
-	}
-	runtime.GOMAXPROCS(a)
-}
-
-func TestDotAsCatchAllWildcard(t *testing.T) {
-	mux := NewServeMux()
-	mux.Handle(".", HandlerFunc(HelloServer))
-	mux.Handle("example.com.", HandlerFunc(AnotherHelloServer))
-
-	handler := mux.match("www.miek.nl.", TypeTXT)
-	if handler == nil {
-		t.Error("wildcard match failed")
-	}
-
-	handler = mux.match("www.example.com.", TypeTXT)
-	if handler == nil {
-		t.Error("example.com match failed")
-	}
-
-	handler = mux.match("a.www.example.com.", TypeTXT)
-	if handler == nil {
-		t.Error("a.www.example.com match failed")
-	}
-
-	handler = mux.match("boe.", TypeTXT)
-	if handler == nil {
-		t.Error("boe. match failed")
-	}
-}
-
-func TestCaseFolding(t *testing.T) {
-	mux := NewServeMux()
-	mux.Handle("_udp.example.com.", HandlerFunc(HelloServer))
-
-	handler := mux.match("_dns._udp.example.com.", TypeSRV)
-	if handler == nil {
-		t.Error("case sensitive characters folded")
-	}
-
-	handler = mux.match("_DNS._UDP.EXAMPLE.COM.", TypeSRV)
-	if handler == nil {
-		t.Error("case insensitive characters not folded")
-	}
-}
-
-func TestRootServer(t *testing.T) {
-	mux := NewServeMux()
-	mux.Handle(".", HandlerFunc(HelloServer))
-
-	handler := mux.match(".", TypeNS)
-	if handler == nil {
-		t.Error("root match failed")
-	}
-}
-
-type maxRec struct {
-	max int
-	sync.RWMutex
-}
-
-var M = new(maxRec)
-
-func HelloServerLargeResponse(resp ResponseWriter, req *Msg) {
-	m := new(Msg)
-	m.SetReply(req)
-	m.Authoritative = true
-	m1 := 0
-	M.RLock()
-	m1 = M.max
-	M.RUnlock()
-	for i := 0; i < m1; i++ {
-		aRec := &A{
-			Hdr: RR_Header{
-				Name:   req.Question[0].Name,
-				Rrtype: TypeA,
-				Class:  ClassINET,
-				Ttl:    0,
-			},
-			A: net.ParseIP(fmt.Sprintf("127.0.0.%d", i+1)).To4(),
-		}
-		m.Answer = append(m.Answer, aRec)
-	}
-	resp.WriteMsg(m)
-}
-
-func TestServingLargeResponses(t *testing.T) {
-	HandleFunc("example.", HelloServerLargeResponse)
-	defer HandleRemove("example.")
-
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	// Create request
-	m := new(Msg)
-	m.SetQuestion("web.service.example.", TypeANY)
-
-	c := new(Client)
-	c.Net = "udp"
-	M.Lock()
-	M.max = 2
-	M.Unlock()
-	_, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-	// This must fail
-	M.Lock()
-	M.max = 20
-	M.Unlock()
-	_, _, err = c.Exchange(m, addrstr)
-	if err == nil {
-		t.Error("failed to fail exchange, this should generate packet error")
-	}
-	// But this must work again
-	c.UDPSize = 7000
-	_, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Errorf("failed to exchange: %v", err)
-	}
-}
-
-func TestServingResponse(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping test in short mode.")
-	}
-	HandleFunc("miek.nl.", HelloServer)
-	s, addrstr, err := RunLocalUDPServer(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-	m.Response = false
-	_, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatal("failed to exchange", err)
-	}
-	m.Response = true
-	_, _, err = c.Exchange(m, addrstr)
-	if err == nil {
-		t.Fatal("exchanged response message")
-	}
-
-	s.Shutdown()
-	s, addrstr, err = RunLocalUDPServerUnsafe(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	defer s.Shutdown()
-
-	m.Response = true
-	_, _, err = c.Exchange(m, addrstr)
-	if err != nil {
-		t.Fatal("could exchanged response message in Unsafe mode")
-	}
-}
-
-func TestShutdownTCP(t *testing.T) {
-	s, _, fin, err := RunLocalTCPServerWithFinChan(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	err = s.Shutdown()
-	if err != nil {
-		t.Fatalf("could not shutdown test TCP server, %v", err)
-	}
-	select {
-	case err := <-fin:
-		if err != nil {
-			t.Errorf("error returned from ActivateAndServe, %v", err)
-		}
-	case <-time.After(2 * time.Second):
-		t.Error("could not shutdown test TCP server. Gave up waiting")
-	}
-}
-
-func TestShutdownTLS(t *testing.T) {
-	cert, err := tls.X509KeyPair(CertPEMBlock, KeyPEMBlock)
-	if err != nil {
-		t.Fatalf("unable to build certificate: %v", err)
-	}
-
-	config := tls.Config{
-		Certificates: []tls.Certificate{cert},
-	}
-
-	s, _, err := RunLocalTLSServer(":0", &config)
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	err = s.Shutdown()
-	if err != nil {
-		t.Errorf("could not shutdown test TLS server, %v", err)
-	}
-}
-
-type trigger struct {
-	done bool
-	sync.RWMutex
-}
-
-func (t *trigger) Set() {
-	t.Lock()
-	defer t.Unlock()
-	t.done = true
-}
-func (t *trigger) Get() bool {
-	t.RLock()
-	defer t.RUnlock()
-	return t.done
-}
-
-func TestHandlerCloseTCP(t *testing.T) {
-
-	ln, err := net.Listen("tcp", ":0")
-	if err != nil {
-		panic(err)
-	}
-	addr := ln.Addr().String()
-
-	server := &Server{Addr: addr, Net: "tcp", Listener: ln}
-
-	hname := "testhandlerclosetcp."
-	triggered := &trigger{}
-	HandleFunc(hname, func(w ResponseWriter, r *Msg) {
-		triggered.Set()
-		w.Close()
-	})
-	defer HandleRemove(hname)
-
-	go func() {
-		defer server.Shutdown()
-		c := &Client{Net: "tcp"}
-		m := new(Msg).SetQuestion(hname, 1)
-		tries := 0
-	exchange:
-		_, _, err := c.Exchange(m, addr)
-		if err != nil && err != io.EOF {
-			t.Errorf("exchange failed: %s\n", err)
-			if tries == 3 {
-				return
-			}
-			time.Sleep(time.Second / 10)
-			tries++
-			goto exchange
-		}
-	}()
-	server.ActivateAndServe()
-	if !triggered.Get() {
-		t.Fatalf("handler never called")
-	}
-}
-
-func TestShutdownUDP(t *testing.T) {
-	s, _, fin, err := RunLocalUDPServerWithFinChan(":0")
-	if err != nil {
-		t.Fatalf("unable to run test server: %v", err)
-	}
-	err = s.Shutdown()
-	if err != nil {
-		t.Errorf("could not shutdown test UDP server, %v", err)
-	}
-	select {
-	case err := <-fin:
-		if err != nil {
-			t.Errorf("error returned from ActivateAndServe, %v", err)
-		}
-	case <-time.After(2 * time.Second):
-		t.Error("could not shutdown test UDP server. Gave up waiting")
-	}
-}
-
-func TestServerStartStopRace(t *testing.T) {
-	for i := 0; i < 10; i++ {
-		var err error
-		s := &Server{}
-		s, _, _, err = RunLocalUDPServerWithFinChan(":0")
-		if err != nil {
-			t.Fatalf("could not start server: %s", err)
-		}
-		go func() {
-			if err := s.Shutdown(); err != nil {
-				t.Fatalf("could not stop server: %s", err)
-			}
-		}()
-	}
-}
-
-type ExampleFrameLengthWriter struct {
-	Writer
-}
-
-func (e *ExampleFrameLengthWriter) Write(m []byte) (int, error) {
-	fmt.Println("writing raw DNS message of length", len(m))
-	return e.Writer.Write(m)
-}
-
-func ExampleDecorateWriter() {
-	// instrument raw DNS message writing
-	wf := DecorateWriter(func(w Writer) Writer {
-		return &ExampleFrameLengthWriter{w}
-	})
-
-	// simple UDP server
-	pc, err := net.ListenPacket("udp", ":0")
-	if err != nil {
-		fmt.Println(err.Error())
-		return
-	}
-	server := &Server{
-		PacketConn:     pc,
-		DecorateWriter: wf,
-		ReadTimeout:    time.Hour, WriteTimeout: time.Hour,
-	}
-
-	waitLock := sync.Mutex{}
-	waitLock.Lock()
-	server.NotifyStartedFunc = waitLock.Unlock
-	defer server.Shutdown()
-
-	go func() {
-		server.ActivateAndServe()
-		pc.Close()
-	}()
-
-	waitLock.Lock()
-
-	HandleFunc("miek.nl.", HelloServer)
-
-	c := new(Client)
-	m := new(Msg)
-	m.SetQuestion("miek.nl.", TypeTXT)
-	_, _, err = c.Exchange(m, pc.LocalAddr().String())
-	if err != nil {
-		fmt.Println("failed to exchange", err.Error())
-		return
-	}
-	// Output: writing raw DNS message of length 56
-}
-
-var (
-	// CertPEMBlock is a X509 data used to test TLS servers (used with tls.X509KeyPair)
-	CertPEMBlock = []byte(`-----BEGIN CERTIFICATE-----
-MIIDAzCCAeugAwIBAgIRAJFYMkcn+b8dpU15wjf++GgwDQYJKoZIhvcNAQELBQAw
-EjEQMA4GA1UEChMHQWNtZSBDbzAeFw0xNjAxMDgxMjAzNTNaFw0xNzAxMDcxMjAz
-NTNaMBIxEDAOBgNVBAoTB0FjbWUgQ28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQDXjqO6skvP03k58CNjQggd9G/mt+Wa+xRU+WXiKCCHttawM8x+slq5
-yfsHCwxlwsGn79HmJqecNqgHb2GWBXAvVVokFDTcC1hUP4+gp2gu9Ny27UHTjlLm
-O0l/xZ5MN8tfKyYlFw18tXu3fkaPyHj8v/D1RDkuo4ARdFvGSe8TqisbhLk2+9ow
-xfIGbEM9Fdiw8qByC2+d+FfvzIKz3GfQVwn0VoRom8L6NBIANq1IGrB5JefZB6nv
-DnfuxkBmY7F1513HKuEJ8KsLWWZWV9OPU4j4I4Rt+WJNlKjbD2srHxyrS2RDsr91
-8nCkNoWVNO3sZq0XkWKecdc921vL4ginAgMBAAGjVDBSMA4GA1UdDwEB/wQEAwIC
-pDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MBoGA1UdEQQT
-MBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQsFAAOCAQEAGcU3iyLBIVZj
-aDzSvEDHUd1bnLBl1C58Xu/CyKlPqVU7mLfK0JcgEaYQTSX6fCJVNLbbCrcGLsPJ
-fbjlBbyeLjTV413fxPVuona62pBFjqdtbli2Qe8FRH2KBdm41JUJGdo+SdsFu7nc
-BFOcubdw6LLIXvsTvwndKcHWx1rMX709QU1Vn1GAIsbJV/DWI231Jyyb+lxAUx/C
-8vce5uVxiKcGS+g6OjsN3D3TtiEQGSXLh013W6Wsih8td8yMCMZ3w8LQ38br1GUe
-ahLIgUJ9l6HDguM17R7kGqxNvbElsMUHfTtXXP7UDQUiYXDakg8xDP6n9DCDhJ8Y
-bSt7OLB7NQ==
-----END CERTIFICATE-----`)
-
-	// KeyPEMBlock is a X509 data used to test TLS servers (used with tls.X509KeyPair)
-	KeyPEMBlock = []byte(`-----BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA146jurJLz9N5OfAjY0IIHfRv5rflmvsUVPll4iggh7bWsDPM
-frJaucn7BwsMZcLBp+/R5iannDaoB29hlgVwL1VaJBQ03AtYVD+PoKdoLvTctu1B
-045S5jtJf8WeTDfLXysmJRcNfLV7t35Gj8h4/L/w9UQ5LqOAEXRbxknvE6orG4S5
-NvvaMMXyBmxDPRXYsPKgcgtvnfhX78yCs9xn0FcJ9FaEaJvC+jQSADatSBqweSXn
-2Qep7w537sZAZmOxdeddxyrhCfCrC1lmVlfTj1OI+COEbfliTZSo2w9rKx8cq0tk
-Q7K/dfJwpDaFlTTt7GatF5FinnHXPdtby+IIpwIDAQABAoIBAAJK4RDmPooqTJrC
-JA41MJLo+5uvjwCT9QZmVKAQHzByUFw1YNJkITTiognUI0CdzqNzmH7jIFs39ZeG
-proKusO2G6xQjrNcZ4cV2fgyb5g4QHStl0qhs94A+WojduiGm2IaumAgm6Mc5wDv
-ld6HmknN3Mku/ZCyanVFEIjOVn2WB7ZQLTBs6ZYaebTJG2Xv6p9t2YJW7pPQ9Xce
-s9ohAWohyM4X/OvfnfnLtQp2YLw/BxwehBsCR5SXM3ibTKpFNtxJC8hIfTuWtxZu
-2ywrmXShYBRB1WgtZt5k04bY/HFncvvcHK3YfI1+w4URKtwdaQgPUQRbVwDwuyBn
-flfkCJECgYEA/eWt01iEyE/lXkGn6V9lCocUU7lCU6yk5UT8VXVUc5If4KZKPfCk
-p4zJDOqwn2eM673aWz/mG9mtvAvmnugaGjcaVCyXOp/D/GDmKSoYcvW5B/yjfkLy
-dK6Yaa5LDRVYlYgyzcdCT5/9Qc626NzFwKCZNI4ncIU8g7ViATRxWJ8CgYEA2Ver
-vZ0M606sfgC0H3NtwNBxmuJ+lIF5LNp/wDi07lDfxRR1rnZMX5dnxjcpDr/zvm8J
-WtJJX3xMgqjtHuWKL3yKKony9J5ZPjichSbSbhrzfovgYIRZLxLLDy4MP9L3+CX/
-yBXnqMWuSnFX+M5fVGxdDWiYF3V+wmeOv9JvavkCgYEAiXAPDFzaY+R78O3xiu7M
-r0o3wqqCMPE/wav6O/hrYrQy9VSO08C0IM6g9pEEUwWmzuXSkZqhYWoQFb8Lc/GI
-T7CMXAxXQLDDUpbRgG79FR3Wr3AewHZU8LyiXHKwxcBMV4WGmsXGK3wbh8fyU1NO
-6NsGk+BvkQVOoK1LBAPzZ1kCgYEAsBSmD8U33T9s4dxiEYTrqyV0lH3g/SFz8ZHH
-pAyNEPI2iC1ONhyjPWKlcWHpAokiyOqeUpVBWnmSZtzC1qAydsxYB6ShT+sl9BHb
-RMix/QAauzBJhQhUVJ3OIys0Q1UBDmqCsjCE8SfOT4NKOUnA093C+YT+iyrmmktZ
-zDCJkckCgYEAndqM5KXGk5xYo+MAA1paZcbTUXwaWwjLU+XSRSSoyBEi5xMtfvUb
-7+a1OMhLwWbuz+pl64wFKrbSUyimMOYQpjVE/1vk/kb99pxbgol27hdKyTH1d+ov
-kFsxKCqxAnBVGEWAvVZAiiTOxleQFjz5RnL0BQp9Lg2cQe+dvuUmIAA=
-----END RSA PRIVATE KEY-----`)
-)
--- a/vendor/github.com/miekg/dns/sig0_test.go
+++ b/vendor/github.com/miekg/dns/sig0_test.go
@@ -1,89 +0,0 @@
-package dns
-
-import (
-	"crypto"
-	"testing"
-	"time"
-)
-
-func TestSIG0(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping test in short mode.")
-	}
-	m := new(Msg)
-	m.SetQuestion("example.org.", TypeSOA)
-	for _, alg := range []uint8{ECDSAP256SHA256, ECDSAP384SHA384, RSASHA1, RSASHA256, RSASHA512} {
-		algstr := AlgorithmToString[alg]
-		keyrr := new(KEY)
-		keyrr.Hdr.Name = algstr + "."
-		keyrr.Hdr.Rrtype = TypeKEY
-		keyrr.Hdr.Class = ClassINET
-		keyrr.Algorithm = alg
-		keysize := 1024
-		switch alg {
-		case ECDSAP256SHA256:
-			keysize = 256
-		case ECDSAP384SHA384:
-			keysize = 384
-		}
-		pk, err := keyrr.Generate(keysize)
-		if err != nil {
-			t.Errorf("failed to generate key for “%s”: %v", algstr, err)
-			continue
-		}
-		now := uint32(time.Now().Unix())
-		sigrr := new(SIG)
-		sigrr.Hdr.Name = "."
-		sigrr.Hdr.Rrtype = TypeSIG
-		sigrr.Hdr.Class = ClassANY
-		sigrr.Algorithm = alg
-		sigrr.Expiration = now + 300
-		sigrr.Inception = now - 300
-		sigrr.KeyTag = keyrr.KeyTag()
-		sigrr.SignerName = keyrr.Hdr.Name
-		mb, err := sigrr.Sign(pk.(crypto.Signer), m)
-		if err != nil {
-			t.Errorf("failed to sign message using “%s”: %v", algstr, err)
-			continue
-		}
-		m := new(Msg)
-		if err := m.Unpack(mb); err != nil {
-			t.Errorf("failed to unpack message signed using “%s”: %v", algstr, err)
-			continue
-		}
-		if len(m.Extra) != 1 {
-			t.Errorf("missing SIG for message signed using “%s”", algstr)
-			continue
-		}
-		var sigrrwire *SIG
-		switch rr := m.Extra[0].(type) {
-		case *SIG:
-			sigrrwire = rr
-		default:
-			t.Errorf("expected SIG RR, instead: %v", rr)
-			continue
-		}
-		for _, rr := range []*SIG{sigrr, sigrrwire} {
-			id := "sigrr"
-			if rr == sigrrwire {
-				id = "sigrrwire"
-			}
-			if err := rr.Verify(keyrr, mb); err != nil {
-				t.Errorf("failed to verify “%s” signed SIG(%s): %v", algstr, id, err)
-				continue
-			}
-		}
-		mb[13]++
-		if err := sigrr.Verify(keyrr, mb); err == nil {
-			t.Errorf("verify succeeded on an altered message using “%s”", algstr)
-			continue
-		}
-		sigrr.Expiration = 2
-		sigrr.Inception = 1
-		mb, _ = sigrr.Sign(pk.(crypto.Signer), m)
-		if err := sigrr.Verify(keyrr, mb); err == nil {
-			t.Errorf("verify succeeded on an expired message using “%s”", algstr)
-			continue
-		}
-	}
-}
--- a/vendor/github.com/miekg/dns/tsig_test.go
+++ b/vendor/github.com/miekg/dns/tsig_test.go
@@ -1,52 +0,0 @@
-package dns
-
-import (
-	"encoding/binary"
-	"testing"
-	"time"
-)
-
-func newTsig(algo string) *Msg {
-	m := new(Msg)
-	m.SetQuestion("example.org.", TypeA)
-	m.SetTsig("example.", algo, 300, time.Now().Unix())
-	return m
-}
-
-func TestTsig(t *testing.T) {
-	m := newTsig(HmacMD5)
-	buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-	err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	// TSIG accounts for ID substitution. This means if the message ID is
-	// changed by a forwarder, we should still be able to verify the TSIG.
-	m = newTsig(HmacMD5)
-	buf, _, err = TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	binary.BigEndian.PutUint16(buf[0:2], uint16(42))
-	err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-}
-
-func TestTsigCase(t *testing.T) {
-	m := newTsig("HmAc-mD5.sig-ALg.rEg.int.") // HmacMD5
-	buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-	err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
-	if err != nil {
-		t.Fatal(err)
-	}
-}
--- a/vendor/github.com/miekg/dns/types_test.go
+++ b/vendor/github.com/miekg/dns/types_test.go
@@ -1,74 +0,0 @@
-package dns
-
-import (
-	"testing"
-)
-
-func TestCmToM(t *testing.T) {
-	s := cmToM(0, 0)
-	if s != "0.00" {
-		t.Error("0, 0")
-	}
-
-	s = cmToM(1, 0)
-	if s != "0.01" {
-		t.Error("1, 0")
-	}
-
-	s = cmToM(3, 1)
-	if s != "0.30" {
-		t.Error("3, 1")
-	}
-
-	s = cmToM(4, 2)
-	if s != "4" {
-		t.Error("4, 2")
-	}
-
-	s = cmToM(5, 3)
-	if s != "50" {
-		t.Error("5, 3")
-	}
-
-	s = cmToM(7, 5)
-	if s != "7000" {
-		t.Error("7, 5")
-	}
-
-	s = cmToM(9, 9)
-	if s != "90000000" {
-		t.Error("9, 9")
-	}
-}
-
-func TestSplitN(t *testing.T) {
-	xs := splitN("abc", 5)
-	if len(xs) != 1 && xs[0] != "abc" {
-		t.Errorf("failure to split abc")
-	}
-
-	s := ""
-	for i := 0; i < 255; i++ {
-		s += "a"
-	}
-
-	xs = splitN(s, 255)
-	if len(xs) != 1 && xs[0] != s {
-		t.Errorf("failure to split 255 char long string")
-	}
-
-	s += "b"
-	xs = splitN(s, 255)
-	if len(xs) != 2 || xs[1] != "b" {
-		t.Errorf("failure to split 256 char long string: %d", len(xs))
-	}
-
-	// Make s longer
-	for i := 0; i < 255; i++ {
-		s += "a"
-	}
-	xs = splitN(s, 255)
-	if len(xs) != 3 || xs[2] != "a" {
-		t.Errorf("failure to split 510 char long string: %d", len(xs))
-	}
-}
--- a/vendor/github.com/miekg/dns/udp_test.go
+++ b/vendor/github.com/miekg/dns/udp_test.go
@@ -1,140 +0,0 @@
-// +build linux,!appengine
-
-package dns
-
-import (
-	"bytes"
-	"net"
-	"runtime"
-	"strings"
-	"testing"
-	"time"
-
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-func TestSetUDPSocketOptions(t *testing.T) {
-	// returns an error if we cannot resolve that address
-	testFamily := func(n, addr string) error {
-		a, err := net.ResolveUDPAddr(n, addr)
-		if err != nil {
-			return err
-		}
-		c, err := net.ListenUDP(n, a)
-		if err != nil {
-			return err
-		}
-		if err := setUDPSocketOptions(c); err != nil {
-			t.Fatalf("failed to set socket options: %v", err)
-		}
-		ch := make(chan *SessionUDP)
-		go func() {
-			// Set some deadline so this goroutine doesn't hang forever
-			c.SetReadDeadline(time.Now().Add(time.Minute))
-			b := make([]byte, 1)
-			_, sess, err := ReadFromSessionUDP(c, b)
-			if err != nil {
-				t.Fatalf("failed to read from conn: %v", err)
-			}
-			ch <- sess
-		}()
-
-		c2, err := net.Dial("udp", c.LocalAddr().String())
-		if err != nil {
-			t.Fatalf("failed to dial udp: %v", err)
-		}
-		if _, err := c2.Write([]byte{1}); err != nil {
-			t.Fatalf("failed to write to conn: %v", err)
-		}
-		sess := <-ch
-		if len(sess.context) == 0 {
-			t.Fatalf("empty session context: %v", sess)
-		}
-		ip := parseDstFromOOB(sess.context)
-		if ip == nil {
-			t.Fatalf("failed to parse dst: %v", sess)
-		}
-		if !strings.Contains(c.LocalAddr().String(), ip.String()) {
-			t.Fatalf("dst was different than listen addr: %v != %v", ip.String(), c.LocalAddr().String())
-		}
-		return nil
-	}
-
-	// we require that ipv4 be supported
-	if err := testFamily("udp4", "127.0.0.1:0"); err != nil {
-		t.Fatalf("failed to test socket options on IPv4: %v", err)
-	}
-	// IPv6 might not be supported so these will just log
-	if err := testFamily("udp6", "[::1]:0"); err != nil {
-		t.Logf("failed to test socket options on IPv6-only: %v", err)
-	}
-	if err := testFamily("udp", "[::1]:0"); err != nil {
-		t.Logf("failed to test socket options on IPv6/IPv4: %v", err)
-	}
-}
-
-func TestParseDstFromOOB(t *testing.T) {
-	if runtime.GOARCH != "amd64" {
-		// The cmsghdr struct differs in the width (32/64-bit) of
-		// lengths and the struct padding between architectures.
-		// The data below was only written with amd64 in mind, and
-		// thus the test must be skipped on other architectures.
-		t.Skip("skipping test on unsupported architecture")
-	}
-
-	// dst is :ffff:100.100.100.100
-	oob := []byte{36, 0, 0, 0, 0, 0, 0, 0, 41, 0, 0, 0, 50, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 255, 100, 100, 100, 100, 2, 0, 0, 0}
-	dst := parseDstFromOOB(oob)
-	dst4 := dst.To4()
-	if dst4 == nil {
-		t.Errorf("failed to parse IPv4 in IPv6: %v", dst)
-	} else if dst4.String() != "100.100.100.100" {
-		t.Errorf("unexpected IPv4: %v", dst4)
-	}
-
-	// dst is 2001:db8::1
-	oob = []byte{36, 0, 0, 0, 0, 0, 0, 0, 41, 0, 0, 0, 50, 0, 0, 0, 32, 1, 13, 184, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0}
-	dst = parseDstFromOOB(oob)
-	dst6 := dst.To16()
-	if dst6 == nil {
-		t.Errorf("failed to parse IPv6: %v", dst)
-	} else if dst6.String() != "2001:db8::1" {
-		t.Errorf("unexpected IPv6: %v", dst4)
-	}
-
-	// dst is 100.100.100.100 but was received on 10.10.10.10
-	oob = []byte{28, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 0, 0, 0, 2, 0, 0, 0, 10, 10, 10, 10, 100, 100, 100, 100, 0, 0, 0, 0}
-	dst = parseDstFromOOB(oob)
-	dst4 = dst.To4()
-	if dst4 == nil {
-		t.Errorf("failed to parse IPv4: %v", dst)
-	} else if dst4.String() != "100.100.100.100" {
-		t.Errorf("unexpected IPv4: %v", dst4)
-	}
-}
-
-func TestCorrectSource(t *testing.T) {
-	if runtime.GOARCH != "amd64" {
-		// See comment above in TestParseDstFromOOB.
-		t.Skip("skipping test on unsupported architecture")
-	}
-
-	// dst is :ffff:100.100.100.100 which should be counted as IPv4
-	oob := []byte{36, 0, 0, 0, 0, 0, 0, 0, 41, 0, 0, 0, 50, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 255, 100, 100, 100, 100, 2, 0, 0, 0}
-	soob := correctSource(oob)
-	cm4 := new(ipv4.ControlMessage)
-	cm4.Src = net.ParseIP("100.100.100.100")
-	if !bytes.Equal(soob, cm4.Marshal()) {
-		t.Errorf("unexpected oob for ipv4 address: %v", soob)
-	}
-
-	// dst is 2001:db8::1
-	oob = []byte{36, 0, 0, 0, 0, 0, 0, 0, 41, 0, 0, 0, 50, 0, 0, 0, 32, 1, 13, 184, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0}
-	soob = correctSource(oob)
-	cm6 := new(ipv6.ControlMessage)
-	cm6.Src = net.ParseIP("2001:db8::1")
-	if !bytes.Equal(soob, cm6.Marshal()) {
-		t.Errorf("unexpected oob for IPv6 address: %v", soob)
-	}
-}
--- a/vendor/github.com/miekg/dns/update_test.go
+++ b/vendor/github.com/miekg/dns/update_test.go
@@ -1,139 +0,0 @@
-package dns
-
-import (
-	"bytes"
-	"testing"
-)
-
-func TestDynamicUpdateParsing(t *testing.T) {
-	prefix := "example.com. IN "
-	for _, typ := range TypeToString {
-		if typ == "OPT" || typ == "AXFR" || typ == "IXFR" || typ == "ANY" || typ == "TKEY" ||
-			typ == "TSIG" || typ == "ISDN" || typ == "UNSPEC" || typ == "NULL" || typ == "ATMA" ||
-			typ == "Reserved" || typ == "None" || typ == "NXT" || typ == "MAILB" || typ == "MAILA" {
-			continue
-		}
-		if _, err := NewRR(prefix + typ); err != nil {
-			t.Errorf("failure to parse: %s %s: %v", prefix, typ, err)
-		}
-	}
-}
-
-func TestDynamicUpdateUnpack(t *testing.T) {
-	// From https://github.com/miekg/dns/issues/150#issuecomment-62296803
-	// It should be an update message for the zone "example.",
-	// deleting the A RRset "example." and then adding an A record at "example.".
-	// class ANY, TYPE A
-	buf := []byte{171, 68, 40, 0, 0, 1, 0, 0, 0, 2, 0, 0, 7, 101, 120, 97, 109, 112, 108, 101, 0, 0, 6, 0, 1, 192, 12, 0, 1, 0, 255, 0, 0, 0, 0, 0, 0, 192, 12, 0, 1, 0, 1, 0, 0, 0, 0, 0, 4, 127, 0, 0, 1}
-	msg := new(Msg)
-	err := msg.Unpack(buf)
-	if err != nil {
-		t.Errorf("failed to unpack: %v\n%s", err, msg.String())
-	}
-}
-
-func TestDynamicUpdateZeroRdataUnpack(t *testing.T) {
-	m := new(Msg)
-	rr := &RR_Header{Name: ".", Rrtype: 0, Class: 1, Ttl: ^uint32(0), Rdlength: 0}
-	m.Answer = []RR{rr, rr, rr, rr, rr}
-	m.Ns = m.Answer
-	for n, s := range TypeToString {
-		rr.Rrtype = n
-		bytes, err := m.Pack()
-		if err != nil {
-			t.Errorf("failed to pack %s: %v", s, err)
-			continue
-		}
-		if err := new(Msg).Unpack(bytes); err != nil {
-			t.Errorf("failed to unpack %s: %v", s, err)
-		}
-	}
-}
-
-func TestRemoveRRset(t *testing.T) {
-	// Should add a zero data RR in Class ANY with a TTL of 0
-	// for each set mentioned in the RRs provided to it.
-	rr := testRR(". 100 IN A 127.0.0.1")
-	m := new(Msg)
-	m.Ns = []RR{&RR_Header{Name: ".", Rrtype: TypeA, Class: ClassANY, Ttl: 0, Rdlength: 0}}
-	expectstr := m.String()
-	expect, err := m.Pack()
-	if err != nil {
-		t.Fatalf("error packing expected msg: %v", err)
-	}
-
-	m.Ns = nil
-	m.RemoveRRset([]RR{rr})
-	actual, err := m.Pack()
-	if err != nil {
-		t.Fatalf("error packing actual msg: %v", err)
-	}
-	if !bytes.Equal(actual, expect) {
-		tmp := new(Msg)
-		if err := tmp.Unpack(actual); err != nil {
-			t.Fatalf("error unpacking actual msg: %v\nexpected: %v\ngot: %v\n", err, expect, actual)
-		}
-		t.Errorf("expected msg:\n%s", expectstr)
-		t.Errorf("actual msg:\n%v", tmp)
-	}
-}
-
-func TestPreReqAndRemovals(t *testing.T) {
-	// Build a list of multiple prereqs and then somes removes followed by an insert.
-	// We should be able to add multiple prereqs and updates.
-	m := new(Msg)
-	m.SetUpdate("example.org.")
-	m.Id = 1234
-
-	// Use a full set of RRs each time, so we are sure the rdata is stripped.
-	rrName1 := testRR("name_used. 3600 IN A 127.0.0.1")
-	rrName2 := testRR("name_not_used. 3600 IN A 127.0.0.1")
-	rrRemove1 := testRR("remove1. 3600 IN A 127.0.0.1")
-	rrRemove2 := testRR("remove2. 3600 IN A 127.0.0.1")
-	rrRemove3 := testRR("remove3. 3600 IN A 127.0.0.1")
-	rrInsert := testRR("insert. 3600 IN A 127.0.0.1")
-	rrRrset1 := testRR("rrset_used1. 3600 IN A 127.0.0.1")
-	rrRrset2 := testRR("rrset_used2. 3600 IN A 127.0.0.1")
-	rrRrset3 := testRR("rrset_not_used. 3600 IN A 127.0.0.1")
-
-	// Handle the prereqs.
-	m.NameUsed([]RR{rrName1})
-	m.NameNotUsed([]RR{rrName2})
-	m.RRsetUsed([]RR{rrRrset1})
-	m.Used([]RR{rrRrset2})
-	m.RRsetNotUsed([]RR{rrRrset3})
-
-	// and now the updates.
-	m.RemoveName([]RR{rrRemove1})
-	m.RemoveRRset([]RR{rrRemove2})
-	m.Remove([]RR{rrRemove3})
-	m.Insert([]RR{rrInsert})
-
-	// This test function isn't a Example function because we print these RR with tabs at the
-	// end and the Example function trim these, thus they never match.
-	// TODO(miek): don't print these tabs and make this into an Example function.
-	expect := `;; opcode: UPDATE, status: NOERROR, id: 1234
-;; flags:; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 0
-
-;; QUESTION SECTION:
-;example.org.	IN	 SOA
-
-;; ANSWER SECTION:
-name_used.	0	CLASS255	ANY	
-name_not_used.	0	NONE	ANY	
-rrset_used1.	0	CLASS255	A	
-rrset_used2.	3600	IN	A	127.0.0.1
-rrset_not_used.	0	NONE	A	
-
-;; AUTHORITY SECTION:
-remove1.	0	CLASS255	ANY	
-remove2.	0	CLASS255	A	
-remove3.	0	NONE	A	127.0.0.1
-insert.	3600	IN	A	127.0.0.1
-`
-
-	if m.String() != expect {
-		t.Errorf("expected msg:\n%s", expect)
-		t.Errorf("actual msg:\n%v", m.String())
-	}
-}
--- a/vendor/github.com/miekg/dns/version_test.go
+++ b/vendor/github.com/miekg/dns/version_test.go
@@ -1,10 +0,0 @@
-package dns
-
-import "testing"
-
-func TestVersion(t *testing.T) {
-	v := V{1, 0, 0}
-	if x := v.String(); x != "1.0.0" {
-		t.Fatalf("Failed to convert version %v, got: %s", v, x)
-	}
-}