Babel: Add MAC authentication support - update

Some cleanups and bugfixes to the previous patch, including:

 - Fix rate limiting in index mismatch check

 - Fix missing BABEL_AUTH_INDEX_LEN in auth_tx_overhead computation

 - Fix missing auth_tx_overhead recalculation during reconfiguration

 - Fix pseudoheader construction in babel_auth_sign() (sport vs fport)

 - Fix typecasts for ptrdiffs in log messages

 - Make auth log messages similar to corresponding RIP/OSPF ones

 - Change auth log messages for events that happen during regular
   operation to debug messages

 - Switch meaning of babel_auth_check*() functions for consistency
   with corresponding RIP/OSPF ones

 - Remove requirement for min/max key length, only those required by
   given MAC code are enforced

doc/bird.sgml

@@ -1827,8 +1827,8 @@ protocol babel [<name>] {
 			accept to "&lt;date&gt;";
 			from "&lt;date&gt;";
 			to "&lt;date&gt;";
-			algorithm ( hmac sha1 | hmac sha256 | hmac sha384 | hmac
-	sha512 | blake2s | blake2b );
+			algorithm ( hmac sha1 | hmac sha256 | hmac sha384 |
+	hmac sha512 | blake2s128 | blake2s256 | blake2b256 | blake2b512 );
 		};
 	};
 }
@@ -1932,13 +1932,12 @@ protocol babel [<name>] {
       authentication is selected, a key must be specified with the
       <cf/password/ configuration option. Default: none.
 
-      <tag><label id="babel-password">password "<m/text/"</tag> Specifies a
-      password used for authentication. See the <ref id="proto-pass"
+      <tag><label id="babel-password">password "<m/text/"</tag>
+      Specifies a password used for authentication. See the <ref id="proto-pass"
       name="password"> common option for a detailed description. The Babel
       protocol will only accept HMAC-based algorithms or one of the Blake
       algorithms, and the length of the supplied password string must match the
       key size used by the selected algorithm.
-
 </descrip>
 
 <sect1>Attributes