Does not include configure.ac or Makefile.ac changes.  The _ssl_data
changes are hand created rather than properly updating the code
generator.  A future upstream API is anticipated to deal with those
better anyways.

BoringSSL, for now, does not provide these APIs because of design flaws
in the API.  When we've disentangled this mess, and implemented the
functions in BoringSSL, this patch can be removed.

It adds an ill-advised feature that BoringSSL can't support.

This concurrency fix needs reworking for use with BoringSSL.

Don't test for hash functions that are entirely optional for a TLS
implementation.  This configure check should be reworked anyways, even
md5 and sha1 could possibly not be present (FIPS?).

some manual fixups, more testing and post-fixing will be required.

Python needs to map OpenSSL error codes like ERR_R_INTERNAL_ERROR into strings
like "INTERNAL_ERROR". OpenSSL lacks an API for this, so CPython instead
maintains its own table.

This table is necessarily sensitive to the OpenSSL version and causes issues for
BoringSSL. Rather than maintain our own copy of this table, BoringSSL has APIs
to do the thing CPython actually wants. This patch switches CPython to use them.
To keep the patch small, it doesn't ifdef the err_codes_to_names, etc., fields,
but they are no longer necessary.

See openssl/openssl#19848 and
https://discuss.python.org/t/error-tables-in-the-ssl-module/25431 for context.

BoringSSL API addition:
https://boringssl.googlesource.com/boringssl/+/dbad745811195c00b729efd0ee0a09b7d9fce1d2

… has an API.

BoringSSL was originally missing BIO_FP_TEXT preventing the keylog
callback API from working.  That was added to BoringSSL.