privval: consolidate IPCVal and TCPVal

[ebuchman]

There's a lot of seemingly unnecessary redundancy between the IPCVal and TCPVal. The only differences are:

• TCPVal uses SecretConnection while IPCVal uses an unencrypted net.Conn (but should use at least a MAC, privval: add a MAC for unix sockets #3099)
• TCPVal listens for connections from the KMS, while IPCVal dials the KMS

While the former difference is justified (#2563), the latter seems not. Why not combine these into a single SocketValidator implementation that can handle both unix or tcp sockets, by just looking at the address? The tcp sockets can use a SecretConnection while the unix sockets use the raw unencrypted socket (and later say a MACConnection). In both cases, Tendermint should listen for an incoming connection from the KMS. That way the KMS process never has to bind, but just dials, and we can deduplicate all this code.

Of course in both cases we still need to authenticate (#2549).

@SLAMPER / @liamsi / @tarcieri / @amrali is there some reason IPCVal shouldn't have the same behaviour as TCPVal w.r.t to listening for incoming connections from a KMS?

[tarcieri]

Having them work consistently makes sense to me.

[ebuchman]

In reviewing and working on #2923, it makes sense to address this as part of that so we don't need to implement and test the recover mechanism twice.

The consolidated TCP/IPCVal should be called SocketVal. It should take a net.Listener in its constructor. All differences between TCP and Unix should be dealt with in the net.Listener. We can leave it to the user of the package to first set up the appropriate listener (eg. tcp with a priv key, or unix with a shared MAC key), then call NewSocketVal with it.

[ebuchman]

Ok, this is done in #2923. Looks really great