entry_guards_update_all() will pretend to update primaries even if sampled set is empty

entry_guards_update_all() is used to update all the various sets of the guard subsystem, and then make the list of primary guards.

The first list that needs to be made is the sampled set in sampled_guards_update_from_consensus(). However ,that function is a NOP if we are missing a live consensus.

The problem here is that entry_guards_update_all() will not notice that the sampled set was never initialized and will happily move forward into making the list of primary guards from a non-existent sampled set which will fail. It will also set gs->primary_guards_up_to_date and other parts of the subsystem will think that there is actually a primary guard list and will not initialize it (e.g. select_entry_guard_for_circuit()).

We should probably not allow the primary guard list etc. to be done if we failed to initialize our sampled set. Perhaps we could move the live_consensus_is_missing() check from sampled_guards_update_from_consensus() to entry_guards_update_all().

I don't think that this can cause serious issues because we will eventually regenerate our primary guard list when we finally fetch a live consensus.