DS records. NSEC3 is not disabled.
- fake-sha1 test option; print warning if used. To make unit tests.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
This makes validated to be insecure data just as worthless as
nonvalidated data, and 2181 rules prevent cache overwrites to them.
- Fix assertion fail on bogus key handling.
- dnssec lameness detection works on first query at trust apex.
- NS queries get proper cache and dnssec lameness treatment.
- fixup compilation without pthreads on linux.
- NS queries are done after every referral.
validator is used on those NS records (if anchors enabled).
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1185 be551aaa-1e26-0410-a405-d3ace91eadb9
(esp. wildcard CNAMEs and in-zone CNAMEs that then include nodata or
nxdomain proofs) where the CNAME is followed again to include more NSECs.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@787 be551aaa-1e26-0410-a405-d3ace91eadb9