[master] native PKCS#11 support

3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]

bin/tests/system/rsabigexponent/Makefile.in

@@ -24,7 +24,7 @@ top_srcdir =	@top_srcdir@
 
 CINCLUDES =	${DNS_INCLUDES} ${ISC_INCLUDES} @DST_OPENSSL_INC@
 
-CDEFINES =	@USE_OPENSSL@
+CDEFINES =	@CRYPTO@
 CWARNINGS =
 
 DNSLIBS =	../../../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@