relay: Don't send the remote reason forward

In command_process_destroy_cell() function, which is called when we get a DESTROY cell, the reason in the cell is sent forward in the case we are a relay (OR circuit):

    if (!CIRCUIT_IS_ORIGIN(circ) &&                                
        chan == TO_OR_CIRCUIT(circ)->p_chan &&                  
        cell->circ_id == TO_OR_CIRCUIT(circ)->p_circ_id) {            
      /* the destroy came from behind */                       
      circuit_set_p_circid_chan(TO_OR_CIRCUIT(circ), 0, NULL);      
      circuit_mark_for_close(circ, reason|END_CIRC_REASON_FLAG_REMOTE);  
    } else { /* the destroy came from ahead */   

After a discussion with @mikeperry about this and !604 (closed) problem, we believe that we should stop doing that. A remote reason should stop at the first relay that sees it and not get sent forward or backward.

We can simply use the DESTROYED reason for this. And we should strongly edit the spec so arti gets it right also for the relay implementation.

Poking parties to chime in: @mikeperry, @nickm, @arma