prop304: Implement SOCKS new HS error code
For TB to be able to alert the user that they need to input their client auth credentials we need an appropriate control port event.
When Tor fails to decrypt the second layer of desc encryption, we issue the
CLIENT_AUTH_NEEDED <onion> <reason>event. Tor does not go to fetch more descs from the hsdir for this onion.
At the same time, we store the broken descriptor into the hs cache, with a special flag that says "missing client auth" and hence
As part of the #30381 (moved) commands the descriptor is decrypted.
TB issues another SOCKS request which uses the right descriptor and goes forward.