Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/93.
API of a KR_EXPORT function is changed, so ABIVER is bumped.

and set libknot_SONAME and libzscanner_SONAME as lua literals.

Remove now obsolete libpath lua function - use find_soname from
platform.mk to define <arg>_SONAME, add lua_pushliteral to
daemon/engine.c and add -D to daemon/daemon.mk for any new library
loaded from Lua.

RTT tracking for all targets is also supported,
but no loadbalancing is done based on that yet

example:

> daf.add 'forward 127.0.0.1@5353'

The missing entry caused some entries to be dear and written to wrong
positions.

forks are connected with IPC pipes to process
group leader and can execute expressions on its
behalf. so running commands over all workers
is easy now:

> hostname() -- single
localhost

> map 'hostname()' -- all
localhost
localhost
localhost

* in the begin() layer, the incoming query is
  exposed as req->qsource.packet, it is invalidated
  after begin() and should not be modified
* the destination address (local interface) is
  also tracked for filtering purposes

during the consume step, the information about
upstream authoritative (address and current rtt)
is exposed in the request structure, just like
information about current query

* http embeds modified lua-http server code that
  reuses single cqueue for all h2 client sockets,
  this is also because the API in upstream is unstable
* http embeds rickshaw for real-time graphs over
  websockets, it displays latency heatmap by default
  and can show several other metrics
* http shows a world map with pinned recently contacted
  authoritatives, where diameter represents number
  of queries sent and colour its average RTT, so
  you can see where the queries are going
* http now exports several endpoints and websockets:
  /stats for statistics in JSON, and /metrics for
  metrics in Prometheus text format

this change introduces new API for cache backends,
that is a subset of knot_db_api_t from libknot
with several cache-specific operations

major changes are:
* merged 'cachectl' module into 'cache' as it is
  99% default-on and it simplifies things
* not transaction oriented, transactions may be
  reused and cached for higher performance
* scatter/gather API, this is important for
  latency and performance of non-local backends
  like Redis
* faster and reliable cache clearing
* cache-specific operations (prefix scan, ...) in
  the API not hacked in
* simpler code for both backends and caller

the daemon has now three modes of strictness
checking from strict to permissive.
it reflects the tradeoff between resolving the
query in as few steps as possible and security
for insecure zones

new trust anchors variables:
* trust_anchors.hold_down_time = 30 * day
* trust_anchors.refresh_time = nil
* trust_anchors.keep_removed = 0

these could be used to control how often should
root trust anchors be checked and how many removed
keys should be kept in log (0 by default)

kresd accepts DS records in root keys if provided,
it will eventually replace them with DNSKEY in
automatic mode

the utility supports most of the 'unbound-host'
functionality except PTR records

this is a temporary change until luajit-kdns is
merged-in with complete functionality,
this will break the API later and will require a
couple changes in several modules and trust anchors

when boostrapping root TA, the DNSKEYs are updated
immediately after retrieving DS from the side channel

a part of the zone cut is visible from Lua world:
- zone cut name (dname)
- trust anchor (rrset)
- current key (rrset)

when raised, a response zone cut will be recovered
even if the response came from cache. this is
normally not needed (and incurs additional cache
lookups), but it may be useful for
inspection

the quiet mode doesn't print neither intro messages nor prompt
in the interactive mode, which makes it useful for scripted usage

the field length is platform-dependent

this is not going to be backwards compatible change, but it will be the first tagged libknot release sufficient for resolver

if the root key file doesn’t exist, it will be populated from root DNSKEY query, which will be validated against root trust anchors retrieved over HTTPS with IANA cert verification against built-in current IANA cert CA. it requires luasocket and luasec for it to work. trust anchors XML file signature is not checked, as there’s no facility for PKCS7 checking yet.

policy has policy.todnames() for table of names

the copy doesn't take cdata length into account, but measures string len

refs #43

this fixes a bug when a text-declared type wasn’t reused and LJ eventually segfaulted in ffi.new after a lot of redeclarations