Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net: nonexistentdomain.golang.org returns a CNAME to golang.org #25370

Closed
0intro opened this issue May 13, 2018 · 7 comments
Closed

net: nonexistentdomain.golang.org returns a CNAME to golang.org #25370

0intro opened this issue May 13, 2018 · 7 comments

Comments

@0intro
Copy link
Member

@0intro 0intro commented May 13, 2018

CL 111718 added TestLookupHostCancel.

This test sends a DNS request to nonexistentdomain.golang.org. However, this
DNS request succeeds and return a CNAME record to golang.org.

nonexistentdomain.golang.org. 86400 IN  CNAME   golang.org.
golang.org.             1800    IN      A       216.58.215.49

@alexbrainman @bradfitz

@bcmills

This comment has been minimized.

Copy link
Member

@bcmills bcmills commented Oct 29, 2018

I've been seeing this from time to time in the TryBots, too:
https://storage.googleapis.com/go-build-log/2ef40d4f/windows-amd64-2016_5206ec72.log

@bradfitz bradfitz removed their assignment Oct 29, 2018
@bradfitz bradfitz modified the milestones: Unreleased, Go1.12 Oct 29, 2018
@bradfitz

This comment has been minimized.

Copy link
Contributor

@bradfitz bradfitz commented Oct 29, 2018

Ian, could you check the golang.org DNS definitions in google3?

/cc @iangudger @mdempsky @dmitshur

@iangudger

This comment has been minimized.

Copy link
Contributor

@iangudger iangudger commented Oct 29, 2018

It looks like we have a wildcard *.golang.org to golang.org CNAME.

@bradfitz

This comment has been minimized.

Copy link
Contributor

@bradfitz bradfitz commented Oct 29, 2018

Does *.golang.org in our DNS config file also match two levels, like not.exist.golang.org?

@iangudger

This comment has been minimized.

Copy link
Contributor

@iangudger iangudger commented Oct 29, 2018

Yes, it seems to.

@bradfitz

This comment has been minimized.

Copy link
Contributor

@bradfitz bradfitz commented Oct 29, 2018

Per discussion elsewhere, this seems to be because golang.org has an HSTS policy and Google's servers add a *.golang.org CNAME record related to that.

So I guess we could move that test to use a different domain... notexist.example.com seems to work?

@ianlancetaylor ianlancetaylor changed the title nonexistentdomain.golang.org returns a CNAME to golang.org net: nonexistentdomain.golang.org returns a CNAME to golang.org Nov 28, 2018
@gopherbot

This comment has been minimized.

Copy link

@gopherbot gopherbot commented Nov 28, 2018

Change https://golang.org/cl/151359 mentions this issue: net: use .invalid for an invalid domain name

@gopherbot gopherbot closed this in 3a60629 Nov 28, 2018
@golang golang locked and limited conversation to collaborators Nov 28, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants
You can’t perform that action at this time.