improve handling of trailing dots in dnssec-keymgr and dnssec-coverage

- mishandling of trailing dots caused bad behavior with the
  root zone or names like "example.com."
- fixing this exposed an error in dnssec-coverage caused the
  wrong return value if there were KSK errors but no ZSK errors
- incidentally silenced the dnssec-keygen output in the coverage
  system test

bin/tests/system/keymgr/tests.sh

@@ -104,6 +104,23 @@ for dir in [0-9][0-9]-*; do
         status=`expr $status + $ret`
 done
 
+echo_i "checking domains ending in . ($n)"
+ret=0
+$KEYMGR -g $KEYGEN -s $SETTIME . > keymgr.1.$n 2>&1
+nkeys=`grep dnssec-keygen keymgr.1.$n | wc -l`
+[ "$nkeys" -eq 2 ] || ret=1
+$KEYMGR -g $KEYGEN -s $SETTIME . > keymgr.2.$n 2>&1
+nkeys=`grep dnssec-keygen keymgr.2.$n | wc -l`
+[ "$nkeys" -eq 0 ] || ret=1
+$KEYMGR -g $KEYGEN -s $SETTIME example.com. > keymgr.3.$n 2>&1
+nkeys=`grep dnssec-keygen keymgr.3.$n | wc -l`
+[ "$nkeys" -eq 2 ] || ret=1
+$KEYMGR -g $KEYGEN -s $SETTIME example.com. > keymgr.4.$n 2>&1
+nkeys=`grep dnssec-keygen keymgr.4.$n | wc -l`
+[ "$nkeys" -eq 0 ] || ret=1
+status=`expr $status + $ret`
+n=`expr $n + 1`
+
 echo_i "checking policy.conf parser ($n)"
 ret=0
 ${PYTHON} testpolicy.py policy.sample > policy.out