Hidden service support for server

[martonp]

Support running the server as a hidden service. Also, the client must be updated to allow connecting to hidden service servers.

[martonp]

I'll work on this.

[chappjc]

Alright! In ways this is already doable as-is, so it's mostly about what features and capabilities we'd like to add to smooth out the pain points.

For server, it should work presently with the hidden service pointing at the existing listener. The headaches there are: (a) seemingly needless TLS over tor, and (b) server needs to generate a new TLS certificate that includes the onion address in the alt dns names, breaking clients using the older one. So my thoughts about that are either a second listener for the hidden service connections, and/or updating the tls.Config with multiple certificates in the slice so you effectively create "virtual servers":

dcrdex/server/comms/server.go

Lines 301 to 302 in 55c890c

	tlsConfig := tls.Config{
	Certificates: []tls.Certificate{keypair},

On a related note, I had notes about an extracerts option for dcrdex even in the context of regular internet, no hidden service, because it may be desirable to have different domains / ip addresses on different certificates (again, virtual servers).

For client, if torproxy= is enabled things would probably work out, but as with other apps, there can be a dedicated onion= flag so that regular internet connections don't use tor, only onion addresses.

[chappjc]

Resolved by #1571