RRSIG(SOA) RRset not at zone apex triggers a infinite, busy resigning loop
This issue was discovered accidentally while looking for
named logs generated by system tests.
As every valid zone must contain exactly one SOA RRset and it must be placed at the zone apex, RRSIG(SOA) RRsets owned by any name other than the zone apex are broken by definition and should be removed after (during?) zone load.
zone_resigninc() works is that it considers the resigning
process finished as soon as it encounters an SOA record that needs
to be resigned (because any previous signing processes are expected to
cause the SOA record to have the most recent signature). However, only
the type of the record is checked, not its owner name. Therefore,
not-at-zone-apex RRSIG(SOA) RRsets also (incorrectly) interrupt zone
resigning, but only for a short period of time: the signatures for these
RRsets are not refreshed, which means the first such RRset encountered
during the resigning process will indefinitely remain the RRset which
has the closest expiry date. This in turn causes zone resigning to be
rescheduled very quickly, only to lead to the same outcome shortly
afterwards. This results in the server being stuck in an infinite