Add OverrideDomain option to DNS01Solver

This is to delegate the chanllenge to a different domain. With this
change, the solver no longer follows CNAME chain when checking for
propagation as well.

dnsutil.go

@@ -214,21 +214,11 @@ func checkDNSPropagation(fqdn, value string, resolvers []string) (bool, error) {
 		fqdn += "."
 	}
 
-	// Initial attempt to resolve at the recursive NS
-	r, err := dnsQuery(fqdn, dns.TypeTXT, resolvers, true)
-	if err != nil {
-		return false, err
-	}
-
 	// TODO: make this configurable, maybe
 	// if !p.requireCompletePropagation {
 	// 	return true, nil
 	// }
 
-	if r.Rcode == dns.RcodeSuccess {
-		fqdn = updateDomainWithCName(r, fqdn)
-	}
-
 	authoritativeNss, err := lookupNameservers(fqdn, resolvers)
 	if err != nil {
 		return false, err

solvers.go

@@ -252,13 +252,21 @@ type DNS01Solver struct {
 	// Preferred DNS resolver(s) to use when doing DNS lookups.
 	Resolvers []string
 
+	// Override the domain to set the TXT record on. This is
+	// to delegate the chanllenge to a different domain. Note
+	// that the solver doesn't follow CNAME/NS record.
+	OverrideDomain string
+
 	txtRecords   map[string]dnsPresentMemory // keyed by domain name
 	txtRecordsMu sync.Mutex
 }
 
 // Present creates the DNS TXT record for the given ACME challenge.
 func (s *DNS01Solver) Present(ctx context.Context, challenge acme.Challenge) error {
 	dnsName := challenge.DNS01TXTRecordName()
+	if s.OverrideDomain != "" {
+		dnsName = s.OverrideDomain
+	}
 	keyAuth := challenge.DNS01KeyAuthorization()
 
 	// multiple identifiers can have the same ACME challenge
@@ -304,6 +312,9 @@ func (s *DNS01Solver) Present(ctx context.Context, challenge acme.Challenge) err
 // timeout, whichever is first.
 func (s *DNS01Solver) Wait(ctx context.Context, challenge acme.Challenge) error {
 	dnsName := challenge.DNS01TXTRecordName()
+	if s.OverrideDomain != "" {
+		dnsName = s.OverrideDomain
+	}
 	keyAuth := challenge.DNS01KeyAuthorization()
 
 	timeout := s.PropagationTimeout