GitLab

To allow for future optimization, the RRset pointer classes now
point to the base of the RRset inheritance hierarchy.

addNXRRsetDenial() -> addNXRRsetProof()

also added a few comments to test data

When DNSSEC is requested, and the DS exists

specifically, it now uses the separate flags field for wildcard and NSEC/NSEC3
signed information.  WILDCARD(_xxx) result codes were deprecated and removed.
Adjusted tests and python code accordingly.  Finally removed the temporary
workaround in auth::Query.

the tentative attempt of returning NSEC3 RRsets in negative cases were
canceled, and updated the doxygen doc accordingly.

themselves and special attributes.  for now, provided a quick-hack wrapper
for auth::Query so we don't have to all data source implementations at once.

Unrelated cleanup.

rename addWildcardNxrrsetProof to addWildcardNXRRSETProof
(for consistency with addNXDOMAINProof())

       or NXRRSET of wildcard expansion.

       QNAME and via wildcard expansion no matched <QNAME,QTYPE>

- renamed private methods to addXXX for consistency
- made them non const member functions (for the same reason why
  addNXDOMAINProof can't be so)
- renamed variable 'zone' to 'finder' to adapt to class name change

very rare and shouldn't happen with a valid zone)

cannot be const because they modify response_.
maybe we should pass the response via method parameter rather than at
the construction time, or even make this a simple free function, rather
than a class.  but that will be a separate discussion.

of the NXDOMAIN NSEC.

this change is incomplete: we still need a wildcard proof.

There are some (yet unused) virtual methods and result codes, so we need
to make sure the rest compiles. Just a thin layer for now.

* Avoid infinite recursion - the operator | kind of happened to call
  itself by accident.
* Re-added lost | dnssec_opt_.

Only positive matches for now.

This looks like someone already prepared for it, it only needs to
passing the intent to few functions and everything handles itself well.

Also updated tests, since the utility function gets confused by the
RRSIGs. Not fixing the function for now, it looks complicated, because
the problem is in it's design - if it happens to be just this one case,
it will be easier.

It turns out to be simple search & replace, it didn't use any in-memory
specific features. The rest of Auth still uses hardcoded in-memory, as
it needs to load it, etc.

And some more similar renaming. Just to match naming conventions.