Add support for DNSSEC validation
Include ldns support for DNSSEC validation. It may then allow
'VerifyHostKeyDNS yes' to skip manual validation of fingerprint, if
machine has DNSSSEC support.
ldns-config includes also python, which should not be part of ssh.
Workaround by forcing /usr path, works similar as
pkg-config --libs ldns.
Allows command without asking:
ssh -o "VerifyHostKeyDNS yes" pkgs.fedoraproject.org
Signed-off-by: Petr Menšík <pemensik@redhat.com>