Flag-protected. Add stateless reject support to crypto streams.

Flag-protected. Add stateless reject support to crypto streams.

Client crypto stream:

The client now sends all connection options on all handshake messages.
(Previously, no options were sent on inchoate hellos).  This is so
that the client can indicate support for stateless rejects during the
initial handshake.

If the crypto client stream receives a stateless reject from the
server, it will continue validating and cacheing the proof.  It will
abandon the connection with a special error code immediately
thereafter.  It will NOT send close messages after a reject, since
there is no state at the server to close.  (We may have to change this
when we do stateless by default).

Server crypto stream:

The server now processes connection options speculatively on all
handshake messages.  This is so that the server can detect that the
client supports stateless rejects prior to sending the reject itself.
It will only consider the options to be "negotiated", however, prior
to sending an SHLO.

The crypto server stream now also maintains an additional boolean,
indicating whether it should use stateless rejects when rejecting
messages on the stream ("use_stateless_rejects").  If rejecting, it
will only emit a stateless reject if both using stateless rejects and
the client supports it.

Merge internal change: 92677792

R=rch@chromium.org

[ramant (doing other things), 2015-05-14 22:25:24]

rtenneti@chromium.org changed reviewers:
- mef@chromium.org

[Ryan Hamilton, 2015-05-15 04:02:22]

lgtm