update copyright notice / whitespace
Don't use memset() to wipe memory (#45947) (cherry picked from commit d5707676e45551d1ceb600a674f3f13351fd3105)
add more LIBRESSL_VERSION_NUMBER checks (cherry picked from commit 3d38cfaf8a05fe272173fdea4d747de70f67ad5d)
4497. [port] Add support for OpenSSL 1.1.0. [RT #41284] (cherry picked from commit 1fce0951ed172fc3834a3a379c4e00b78224cc5d)
4401. [misc] Change LICENSE to MPL 2.0.
[master] address buffer accounting error 4168. [security] A buffer accounting error could trigger an assertion failure when parsing certain malformed DNSSEC keys. (CVE-2015-5722) [RT #40212]
3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 and ECDSAP384SHA384. [RT #37183]
3762. [bug] Address build problems with --pkcs11-native + --with-openssl with ECDSA support. [RT #35467]
[master] rationalize external key handling 3723. [cleanup] Imported keys are now handled the same way regardless of DNSSEC algorithm. [RT #35215]
[master] native PKCS#11 support 3705. [func] "configure --enable-native-pkcs11" enables BIND to use the PKCS#11 API for all cryptographic functions, so that it can drive a hardware service module directly without the need to use a modified OpenSSL as intermediary (so long as the HSM's vendor provides a complete-enough implementation of the PKCS#11 interface). This has been tested successfully with the Thales nShield HSM and with SoftHSMv2 from the OpenDNSSEC project. [RT #29031]
update copyright notice
[master] replace memcpy() with memmove(). 3698. [cleanup] Replaced all uses of memcpy() with memmove(). [RT #35120]
3642. [func] Allow externally generated DNSKEY to be imported into the DNSKEY management framework. A new tool dnssec-importkey is used to this. [RT #34698]
3521. [bug] Address memory leak in opensslecdsa_link.c. [RT #32249]
[master] silence noisy OpenSSL logging 3402. [bug] Correct interface numbers for IPv4 and IPv6 interfaces.
3354. [func] Improve OpenSSL error logging. [RT #29932]
3339. [func] Allow the maximum supported rsa exponent size to be specified: "max-rsa-exponent-size <value>;" [RT #29228]
silence warnings from clang
3317. [func] Add ECDSA support (RFC 6605). [RT #21918]