Change DS creation to omit TTL and use spaces instead of tabs (Closes: #864016)

The version of dnsmasq in testing (currently 2.76-5) and which will
apparently be released with stretch uses the following sed parser to
convert the root.ds file in dns-root-data to command-line arguments for
dnsmasq:

    sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This chokes on the root.ds file shipped in the dns-root-data 2017041101
package. (See #858506 and #860064.) Consequently dnsmasq 2.77-1 shipped
the following parser:

    sed -e s/"^.*DS[\t ]"/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This commit relaxes the format of the root.ds file so that it can be
parsed by the init script in both dnsmasq 2.76-5 and dnsmasq 2.77-1, by
removing the TTL field (which doesn't make much sense for a trust anchor
anyway) and converting the tab characters to spaces. This results in the
following root.ds content:

    . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
    . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

Both the dnsmasq 2.76-5 and 2.77-1 parsers convert the above root.ds
content to the following dnsmasq command-line arguments:

    --trust-anchor=.,19036,8,2,49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
    --trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

For comparison, previous versions of dns-root-data (before we started
shipping the second trust anchor for the KSK rollover) formatted the
root.ds file like this:

    . IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5

This commit also adds a workaround in debian/rules to munge the output
of ldns-key2ds so that the diff comparison will succeed.