CL https://golang.org/cl/18383 mentions this issue.

Note that "!!!.local" is valid for multicast DNS.

Reopened because of #13878.

Reverted the earlier fix. These will keep being inconsistent in Go 1.6.

Fixing this seems easy, but we need a Decider to pick the right fix.

The only restrictions on domain names imposed by DNS are: labels must be 1 to 63 bytes, and total name length (including label length bytes and terminating zero byte) must be <= 255 bytes (or 256 for mDNS). When comparing names for equality, labels are compared ASCII case-insensitively, but otherwise they can contain arbitrary byte values. For example, running host '!!!.google.com' and dig '!!!.google.com' both end up dispatching DNS queries for "!!!.google.com" over the network.

Beyond that, it's not uncommon for DNS utilities to support escape sequences: host '\033\033\033.google.com' and dig '\033\033\033.google.com' both work the same as using '!!!.google.com'. (Most programs use 3-byte decimal escape sequences like Go; djbdns uses variable-length octal escape sequences like C.)

On the other hand, RFC 952 restricts domain names to match the grammar:

  <hname> ::= <name>*["."<name>]
  <name>  ::= <let>[*[<let-or-digit-or-hyphen>]<let-or-digit>]

RFC 1123 relaxes the initial <let> to <let-or-digit>. This relaxed form is also what's specified for use in URIs by RFC 3986. RFC 5321 imposes the same restriction on email address domains. (Off hand, I'm not sure how strictly these rules are enforced in practice.)

mDNS relaxes the rules for .local names to allow UTF-8 in RFC 6762 section 16.

I'd rather have more time to think about the best solution for Go. Punting to 1.8.

My opinion is that we should allow DNS queries for any string, and thus the bug here is that the Go resolver isn't dispatching the query for !!!.local.

What about backslashes? Do we handle them as escape sequences like libresolv does?

There are two questions here:

1. Should the Go DNS implementation reject !!!.local or try a lookup? My understanding is that it should reject !!!.local and NOT try the lookup.

2. Should the rejection say 'invalid domain name' or 'no such host'? It seems fine to change to say 'no such host' to match cgo.

So I would suggest for Go 1.8 we simply change the path that fails on isDomainName to return 'no such host' instead of 'invalid domain name', to match netdns=cgo mode.

@rsc To be clear, the cgo path does send an actual DNS query for !!!.local. The "no such host" error isn't synthetic: it's because the DNS server sent an NXDOMAIN response.

OK, well sending the DNS request is OK too.

@mdempsky,

I personally don't put my oar in, but a bit.

The only restrictions on domain names imposed by DNS are: [...]

There are use cases of Net-Unicode for unicast DNS in the wild. I noticed that "ah, Active Directory and a few directory service implementations do support Net-Unicode for unicast DNS" when I saw #16739. As far as I know, https://tools.ietf.org/html/draft-ietf-dnssd-mdns-dns-interop is the active informational document that addresses interoperability issues with multiple types of DNS-labels. Of course, the existing built-in DNS stub resolver doesn't support unicast DNS labels encoded in Net-Unicode from its brith. So just FYI.

CL https://golang.org/cl/31468 mentions this issue.

isDomainName also falsely rejects wildcard domains like *.golang.org, see results in #17549. The bottom line, as pointed out six years ago in #1168, is that the function is far too restrictive for DNS lookups (as opposed to hostname connections). It should accept all strings that are valid DNS names per RFC 1035, including those with non-LDH labels, and should probably also accept strings that are valid per RFC 6762 (which allows up to 256 wire-format octets for ".local" domains—you might even opt to allow that many for all domains, even though 255 is the interoperability limit for public DNS).