From 00f6ba298e4397b5802889a08ffe823385adf6ce Mon Sep 17 00:00:00 2001
From: Frank Schroeder <frank.schroeder@gmail.com>
Date: Fri, 30 Jun 2017 22:05:23 +0200
Subject: [PATCH] dns: fix data race in TestDNS_ServiceLookup_FilterACL

The agent config cannot be modified after start.
---
 agent/dns_test.go | 90 +++++++++++++++++++++++------------------------
 1 file changed, 45 insertions(+), 45 deletions(-)

diff --git a/agent/dns_test.go b/agent/dns_test.go
index 38cf54c9da..e2d6ef43a4 100644
--- a/agent/dns_test.go
+++ b/agent/dns_test.go
@@ -3615,54 +3615,54 @@ func TestDNS_ServiceLookup_SRV_RFC_TCP_Default(t *testing.T) {
 
 func TestDNS_ServiceLookup_FilterACL(t *testing.T) {
 	t.Parallel()
-	cfg := TestConfig()
-	cfg.ACLMasterToken = "root"
-	cfg.ACLDatacenter = "dc1"
-	cfg.ACLDownPolicy = "deny"
-	cfg.ACLDefaultPolicy = "deny"
-	a := NewTestAgent(t.Name(), cfg)
-	defer a.Shutdown()
+	tests := []struct {
+		token   string
+		results int
+	}{
+		{"root", 1},
+		{"anonymous", 0},
+	}
+	for _, tt := range tests {
+		t.Run("ACLToken == "+tt.token, func(t *testing.T) {
+			cfg := TestConfig()
+			cfg.ACLToken = tt.token
+			cfg.ACLMasterToken = "root"
+			cfg.ACLDatacenter = "dc1"
+			cfg.ACLDownPolicy = "deny"
+			cfg.ACLDefaultPolicy = "deny"
+			a := NewTestAgent(t.Name(), cfg)
+			defer a.Shutdown()
 
-	// Register a service
-	args := &structs.RegisterRequest{
-		Datacenter: "dc1",
-		Node:       "foo",
-		Address:    "127.0.0.1",
-		Service: &structs.NodeService{
-			Service: "foo",
-			Port:    12345,
-		},
-		WriteRequest: structs.WriteRequest{Token: "root"},
-	}
-	var out struct{}
-	if err := a.RPC("Catalog.Register", args, &out); err != nil {
-		t.Fatalf("err: %v", err)
-	}
+			// Register a service
+			args := &structs.RegisterRequest{
+				Datacenter: "dc1",
+				Node:       "foo",
+				Address:    "127.0.0.1",
+				Service: &structs.NodeService{
+					Service: "foo",
+					Port:    12345,
+				},
+				WriteRequest: structs.WriteRequest{Token: "root"},
+			}
+			var out struct{}
+			if err := a.RPC("Catalog.Register", args, &out); err != nil {
+				t.Fatalf("err: %v", err)
+			}
 
-	// Set up the DNS query
-	c := new(dns.Client)
-	addr, _ := a.Config.ClientListener("", a.Config.Ports.DNS)
-	m := new(dns.Msg)
-	m.SetQuestion("foo.service.consul.", dns.TypeA)
+			// Set up the DNS query
+			c := new(dns.Client)
+			addr, _ := a.Config.ClientListener("", a.Config.Ports.DNS)
+			m := new(dns.Msg)
+			m.SetQuestion("foo.service.consul.", dns.TypeA)
 
-	// Query with the root token. Should get results.
-	a.Config.ACLToken = "root"
-	in, _, err := c.Exchange(m, addr.String())
-	if err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	if len(in.Answer) != 1 {
-		t.Fatalf("Bad: %#v", in)
-	}
-
-	// Query with a non-root token without access. Should get nothing.
-	a.Config.ACLToken = "anonymous"
-	in, _, err = c.Exchange(m, addr.String())
-	if err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	if len(in.Answer) != 0 {
-		t.Fatalf("Bad: %#v", in)
+			in, _, err := c.Exchange(m, addr.String())
+			if err != nil {
+				t.Fatalf("err: %v", err)
+			}
+			if len(in.Answer) != tt.results {
+				t.Fatalf("Bad: %#v", in)
+			}
+		})
 	}
 }