tor-proto: Let onion services accept incoming BEGIN cells and make streams

Split from #352 (closed).

We have some stub types there (see IncomingStream), but no implementation yet.

The idea here is that, once an onion service has built a circuit to a client's chosen rendezvous point and sent a RENDEVOUS1 message, the onion service wants to begin allowing BEGIN messages on that circuit. (Ordinarily, inbound BEGIN messages are not permitted on a ClientCirc.) It wants to get those messages and decide, based on their contents, to either 1) allow a DataStream to open, 2) to send back an END message rejecting the message, or 3) to kill the circuit completely.

In order to implement this, we'll want to implement all the APIs in tor_proto::stream::incoming, along with ClientCirc::allow_stream_requests. These will probably require a corresponding changes in tor_proto::circuit::reactor.

These APIs aren't final: It may be that we need to improve them in order to get reasonable behavior.