Reorders some of the operations related to RRSIG validation. The net
effects here are that the code performs all of the parts of validation
that are not specific to the keys first before the parts that are
specific to keys (and need to be repeated for each key).
This also fixes the inconsistency that if there are multiple keys that
match an RRSIG, a single malformed key would lead to an exception, but a
signle failed signature validation would not. In both cases, an
exception should only be raised if no keys successfully validate the
RRSIG.
projects / thirdparty / dnspython.git / commit
