Log Message:
bearssl: update to 0.5. From Charlotte Koch.

Added support for the BoarSSL / Twrch test framework.
Header files now include the ritual mantras that make them compatible with C++.
Better Makefile behaviour with Clang (FreeBSD compatibility).
Worked around a bug of GCC 4.8 and 4.9 in 32-bit x86 mode.
Incoming application data after initiating closure is now properly ignored.
Some instances of (critical) Certificate Policies extensions are now ignored \ 
(when it is safe to do so).
Fixed some behavioural bugs with regards to renegotiation (all were failing safe).
Added encoded OID for hash functions in the public API, to help with using RSA \ 
signatures in non-SSL contexts.
Fixed bug in AES/CBC decryption on x86 with AES-NI opcode (this was breaking \ 
decryption with AES/CBC cipher suites and TLS 1.0 only).
Added an explicit stack buffer initialisation (some provably harmless accesses \ 
to uninitialised data were performed, Valgrind was not happy).
Fixed bug in the search tree for the cache of SSL sessions (occasional lock-ups).
Fixed bug in modular reduction in the special field for P-256 (this was \ 
infrequently breaking ECDSA signatures).
Added support for exporting keying material (RFC 5705).
Added new general-purpose API for AEAD implementations (in non-SSL contexts) and \ 
an AES/GCM implementation that follows that API.
Added a function to forget saved session parameter in the LRU cache.
Added a new ChaCha20 implementation that uses SSE2 on x86 architectures (both \ 
32-bit and 64-bit).