auth,msg/async/ProtocolV2: negotiate connection modes

auth,msg/async/ProtocolV2: negotiate connection modes

The modes are:

- crc: crc32c checksums to protect against bit errors.  No secrecy or
  authenticity guarantees, so a MITM could alter traffic in flight.
- secure: cryptographic secrecy and authenticity proection (i.e, encrypted
  and signed).

We do not include a 'signed' mode that provides authenticity without
secrecy because the cryptographic protocols appear to be faster than
SHA-2.

New settings:

- ms_cluster_mode  : mode(s list) for intra-cluster connections
- ms_service_mode  : mode(s list) for daemons to allow
- ms_client_mode   : mode(s list) for clients to allow

Also,

- ms_mon_cluster_mode  : mon <-> mon connections
- ms_mon_service_mode  : mon <-> daemon or client connections

The msgr2 protocol is expanded slightly to negotiate a mode.  Client
shares it's allowed/preferred modes, and server picks one as auth finishes.
Negotiation is independent of the authentication, except that the
authentiction mode may precluse certain choices. Specifically, AUTH_NONE
does not support 'secure', only 'crc'.

Signed-off-by: Sage Weil <sage@redhat.com>