validate: avoid keeping KR_RANK_MISSING

If a sub-query transitions the state to QUERY_DNSSEC_INSECURE, we didn't set correct rank. This lead to caching with _MISSING rank which is too low to be utilized on re-queries. Example: nix.mx query.

Does it have impact only on cache or on correctnes of the answer as well?

@pspacek: the answer was correct in the cases I inspected and I believe correctness couldn't be harmed by this problem. The RR just wasn't marked as proven to be INSECURE, so it wasn't used and was re-queried every time. (Currently kresd doesn't implement trying to re-validate cached data in such cases.)

Thank you for clarification. For now I'm not adding this to list of tests to be made.

mentioned in commit 4fa31008

merged