Add support for Isolating streams by socks authentication

My current prop171 branch doesn't handle isolating streams by socks authentication, because Tor doesn't handle or record socks authentication -- that's in the as-yet-unmerged #1666 (moved) branch.

Once we have merged both prop171 and on #1666 (moved), I should implement the ISO_CLIENTAUTH isolation flag as currently stubbed out in prop171.