Support for pluggable transports

This patch series adds support for running pluggable transports written in Go, by compiling the Go code to a shared library and using cgo to link it in to the Rust code. The new onionmasq-pt-wrapper handles this process (with some janky environment variable hacks in the build-ndk.sh script to allow the copying out of the extra .so that is necessary).

The Go/Rust integration has a number of nice features, including the ability for Go to call back into Rust for logging (producing tracing logs compatible with the existing logging setup). We can also set a protect() callback to be used by Go when it tries to dial out to the internet, which is necessary for making this work at all.

So far, we only support obfs4. (Adding snowflake shouldn't be too hard; I'll make a ticket and do that in a follow-up.) This required hacking up lyrebird, since it doesn't actually support being embedded as a library -- we import various parts of it in our Go wrapper and stick them together to make them work with our setup.

This patchset also changes how configuring the tunnel works; we now use a new TunnelConfig struct in onion-tunnel instead of an arti TorClientConfig, so we can specify things like a directory to put the PT state in without having to add lots of additional function arguments.