]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
chg: dev: Support larger DNSSEC keys and signatures 6198-isc_buffer_reserve-wraps-near-uint_max
authorOndřej Surý <ondrej@isc.org>
Thu, 9 Jul 2026 07:22:09 +0000 (09:22 +0200)
committerOndřej Surý <ondrej@isc.org>
Thu, 9 Jul 2026 07:22:09 +0000 (09:22 +0200)
Some DNSSEC tools and trust-anchor handling could fail when
working with unusually large DNSSEC keys or signatures,
including those used by post-quantum algorithms. These paths
now accept DNSKEY, CDNSKEY, CDS, and RRSIG data up to the DNS
record size limits, so large key material can be parsed, written,
checked, and signed consistently.

Merge branch 'ondrej/dynamic-dnssec-buffers' into 'main'

See merge request isc-projects/bind9!12370


Trivial merge