that the number of seconds in an isc_time_t does not
                        exceed the range of a time_t, or return ISC_R_RANGE.
                        Similarly, isc_time_now(), isc_time_nowplusinterval(),
                        isc_time_add() and isc_time_subtract() now check the
                        range for overflow/underflow.  In the case of
                        isc_time_subtract, this changed a calling requirement
                        (ie, something that could generate an assertion)
                        into merely a condition that returns an error result.
                        isc_time_add() and isc_time_subtract() were void-
                        valued before but now return isc_result_t.

The seconds member isc_time_t on Unix platforms was changed from time_t
to unsigned int.

unix/time.c now uses macros for nanoseconds per second, nanoseconds per
microsecond and microseconds per second to make sure that the right
number of zeros appears each place the constant is used.

unix/time.c functions which take initialized isc_(interval|time)_t arguments
INSIST() that the nanoseconds value is less than one full second.

unix/time.c's isc_time_microdiff was broken because it did multiplication and
addition with unsigned integers and attempted to set them a 64 bit int to
avoid overflow, but C's ints don't promote to 64 bits on machines that only
have 32 bit longs.  Fixed.

Added all the pertinent documentation to time.h.