Accept trailing-dot FQDN in address parser

RFC 1034 §3.1 permits a single trailing dot to mark a hostname as
root-anchored (disabling resolver search-list expansion); RFC 3986
§3.2.2 explicitly allows it in URI ``reg-name``. The hostname-label
regex required every label to be followed by another label,
rejecting the rooted form.

Loosen the regex to accept an optional final dot. Strip the
trailing dot in the canonical form so the rooted and unrooted
surface variants canonicalise identically — allowlist policies
holding one form continue to match the other. Double trailing
dots (``foo..``) and a bare ``.`` remain rejected.

Author: antoineleclair

src/dqliteclient/connection.py

@@ -546,10 +546,16 @@ def _is_no_tx_rollback_error(exc: BaseException) -> bool:
 
 # RFC 1035 hostname labels are ASCII letters, digits, and hyphen. We
 # accept a dotted sequence of labels up to 253 chars total. Single
-# labels (e.g. "localhost") are also accepted.
+# labels (e.g. "localhost") are also accepted. RFC 1034 §3.1 permits a
+# single trailing dot to mark the FQDN as root-anchored (disabling
+# resolver search-list expansion); RFC 3986 §3.2.2 permits the same
+# in URI ``reg-name``. Match both forms; the canonical form drops
+# the trailing dot so two surface variants of the same FQDN
+# canonicalise identically for allowlist comparisons.
 _HOSTNAME_LABEL_RE = re.compile(
-    r"^(?=.{1,253}$)(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)"
-    r"(?:\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?))*$"
+    r"^(?=.{1,254}$)(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)"
+    r"(?:\.(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?))*"
+    r"\.?$"
 )
 
 
@@ -585,7 +591,11 @@ def _canonicalize_host(host: str, address: str) -> str:
         raise ValueError(
             f"Invalid host in address {address!r}: {host!r} is not a valid hostname or IP literal"
         )
-    return host.lower()
+    # Strip a trailing dot from FQDNs (e.g. ``foo.example.com.``) so
+    # the rooted and unrooted forms canonicalise identically — a
+    # server-supplied redirect target and the operator's allowlist
+    # entry should match regardless of which form was written.
+    return host.rstrip(".").lower()
 
 
 def _validate_timeout(value: float, *, name: str = "timeout") -> float:

tests/test_parse_address_trailing_dot_fqdn.py

@@ -0,0 +1,54 @@
+"""Pin: ``_parse_address`` accepts a trailing-dot FQDN (RFC 1034 §3.1
+root-anchored notation). The hostname-label regex previously rejected
+the form, contradicting RFC 3986 §3.2.2's ``reg-name`` permission.
+
+Canonical form drops the trailing dot so two surface variants of the
+same FQDN (rooted ``foo.example.com.`` and unrooted ``foo.example.com``)
+canonicalise identically for allowlist comparisons.
+
+A double trailing dot (``foo..``) remains invalid.
+"""
+
+from __future__ import annotations
+
+import pytest
+
+from dqliteclient.connection import _parse_address
+
+
+@pytest.mark.parametrize(
+    "addr",
+    [
+        "foo.example.com.:9001",
+        "localhost.:9001",
+        "single-label.:9001",
+        "a.b.c.:9001",
+    ],
+)
+def test_parse_address_accepts_trailing_dot_fqdn(addr: str) -> None:
+    host, port = _parse_address(addr)
+    # Canonical form drops the trailing dot.
+    assert not host.endswith(".")
+    assert port == 9001
+
+
+def test_parse_address_canonicalises_rooted_and_unrooted_to_same_tuple() -> None:
+    """RFC 1034 root-anchored form and the bare form must canonicalise
+    identically — allowlist policies hold one or the other; both
+    surface variants must compare equal."""
+    a = _parse_address("foo.example.com.:9001")
+    b = _parse_address("foo.example.com:9001")
+    assert a == b
+
+
+def test_parse_address_rejects_double_trailing_dot() -> None:
+    """``foo..`` is malformed (empty inner label) — must remain a
+    ValueError."""
+    with pytest.raises(ValueError):
+        _parse_address("foo..:9001")
+
+
+def test_parse_address_rejects_lone_dot() -> None:
+    """A bare ``.`` is not a valid hostname."""
+    with pytest.raises(ValueError):
+        _parse_address(".:9001")