fix(xds): Allow and normalize trailing dot (FQDN) in matchHostName

[PetitBaguette]

Summary

matchHostName in RoutingUtils and XdsNameResolver currently rejects hostnames and patterns
with a trailing dot (.) via checkArgument. A trailing dot denotes a
Fully Qualified Domain Name (FQDN) as defined in
RFC 1034 Section 3.1, and is a valid,
well-defined representation of an absolute domain name. Rejecting it is inconsistent with the RFC.

This change removes the trailing-dot rejection and adds normalization to strip the trailing dot
before matching, making example.com. and example.com match equivalently.

Background

Per RFC 1034 Section 3.1:

"If the name ends with a dot, it is an absolute name ... For example, poneria.ISI.EDU."

A trailing dot simply indicates that the name is rooted at the DNS root and is semantically
equivalent to the same name without the trailing dot. Treating it as invalid prevents legitimate
FQDNs from being used as hostnames or virtual host domain patterns in xDS routing configuration.

Motivation

This was discovered when using gRPC Proxyless Service Mesh on a Kubernetes cluster with Istio.
The issue surfaced after upgrading Istio from 1.26.8 to 1.28.3. The Istio change
istio/istio#56008 began sending FQDN-style domain
names (with trailing dots) in xDS route configuration, which caused grpc-java to throw an
IllegalArgumentException in matchHostName:

java.lang.IllegalArgumentException: Invalid pattern/domain name
    at com.google.common.base.Preconditions.checkArgument(Preconditions.java:143)

The root cause is that grpc-java's matchHostName was not RFC-compliant in rejecting trailing dots — the Istio upgrade merely made it visible. The fix here is to bring grpc-java into compliance with RFC 1034, independent of any specific Istio version.

Changes

• xds/src/main/java/io/grpc/xds/RoutingUtils.java: Removed trailing-dot rejection and added
  FQDN normalization in matchHostName.
• xds/src/main/java/io/grpc/xds/XdsNameResolver.java: Same as above.
• xds/src/test/java/io/grpc/xds/XdsNameResolverTest.java: Added matchHostName_trailingDot
  test covering exact match, prefix wildcard, and suffix wildcard with trailing dot combinations.

References

• RFC 1034 – Domain Names: Concepts and Facilities
• RFC 1035 – Domain Names: Implementation and Specification
• istio/istio#56008 – Istio change that began sending FQDN domain names in xDS configuration

[linux-foundation-easycla]

• ❌ The email address for the commit (1470dd2, 95ff63c) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please submit a support request ticket.