Implement guard nodes

We should implement Tor's guard node algorithm for Arti.

(The time estimate here does not include work for developing a state mechanism.)

Backend steps:

• Create a "guard manager" type with the necessary API.
• Implement a multi-sample API in tor-netdir.
• Implement consensus parameters needed for guards
• Extend NetDir with efficient ID-based accessors.
• Minimal working-ish good-enough-for-vanguards guard implementation: * Sample a little set. * Pick first hop from that set. * Persistence on that set. * Expire and re-sample into that set as needed.
• Implement filtered, confirmed, and primary set backends.
• Mpsc channel inside circmgr that gets informed when a circuit is done or when a circuit fails.
• Make sure not to use a consensus until we have descriptors for our primary guards. (Deferred)
• Documentation in tor-guardmgr
• Test coverage in tor-guardmgr
• Fix or defer all issues marked XXXX
• Re-read guard-spec.txt and audit for compliance
• Re-read entryguards.c and audit for consistencyh
• Persistent state
• Add logging throughout.

Steps for integration:

• Create a guard manager when starting up.
• Inform the guard manager whenever the directory changes.
• When creating a path, ask the guard manager for the first hop.
• When the circuit completes or fails, report the guard as working or not working.
• Do not use the circuit until the GuardUsability future reports true.