KEY resource records originally defined EXTENDED flag that was removed
by RFC 3445 back in 2002. BIND still carried code to parse and emit it,
including the additional two-octet flags field that followed when the
EXTENDED bit was set. That handling has been removed and the affected
bit positions are now reserved.
Dropping the extended-flags handling also eliminates a possible crash
that could be reached when signing a zone containing an invalid key.
Closes #5900
Partial backport of MR !11961
Merge branch 'backport-5900-remove-keyflag-extended-9.20' into 'bind-9.20'
See merge request isc-projects/bind9!11962
projects / thirdparty / bind9.git / commitdiff
