Wrap user-facing lookup errors through a new formatDNSError helper that
clears net.DNSError.Server so the " on <addr>" suffix no longer leaks the
upstream resolver (e.g. "on 127.0.0.11:53") to end users.
Closes: https://framagit.org/happyDomain/happydeliver/-/work_items/2
Parse k=, h=, a= tags and derive RSA key bit-length from the public key
so consumers can detect weak configurations (SHA-1, short keys).
Scoring now penalises rsa-sha1 (cap 60), RSA <1024 bit (cap 25), and
RSA <2048 bit (cap 75); Ed25519 receives no penalty.
Fixes: #37
Split api/openapi.yaml schemas into api/schemas.yaml so structs can be
generated independently from the API server code. Models now generate
into internal/model/ via oapi-codegen, with the server referencing them
through import-mapping. Moved PtrTo helper to internal/utils and removed
storage.ReportSummary in favor of model.TestSummary.
Remove authResults parameter from AnalyzeDNS, making it independent of
the authentication analysis step. Instead, parse DKIM-Signature headers
directly to extract domain and selector.
Bug: https://github.com/happyDomain/happydeliver/issues/11
