runner: Bundle wire version, protocol version, and isDTLS together

We currently a mess of different notions of "version":

- The "wire version", the actual 16-bit code point on the wire. These
  were once numerically comparable, but then DTLS bit-flipped the
  versions, and then TLS 1.3 draft versions made them arbitrary.

- The "protocol version" which normalizes all this down into just one of
  TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, which is comparable.

The way we stuck DTLS and later TLS 1.3 draft versions (since removed)
into runner, we ended up storing a pair of version and wire version and
having to keep track of which was being passed in at any point. And then
since the PRF code also cared about TLS vs DTLS (thanks to DTLS 1.3
changing the labels), we also passed an isDTLS in everywhere.

Bundle them into one type, which stores the wire version (captures all
information) but can convert to the protocol version. Since this type
should not be constructible with invalid values, the protocol version
getter can be infallible.

Since DTLS 1.3 has opted to continue the bitflipped scheme, it seems
we've settled on giving TLS and DTLS disjoint versions. That then means
the isDTLS bit is mostly captured by the version bit and can be removed
from all the PRF machinery. I say mostly because the initial
undetermined version is currently just represented with zero everywhere,
so the connection structures still need isDTLS booleans. But prf.go can
be satisfied with just a version struct and we trim away a bunch of
parameters.

This has the side effect of fixing the handshaker_server.go session
version comparison to compare the full wire version, and not just the
protocol version, avoiding e.g. DTLS and TLS cross-resume.

Change-Id: I1f93f7daf2da9ba303b16a857a0347b00fe994e7
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/89472
Reviewed-by: Lily Chen <chlily@google.com>
Commit-Queue: David Benjamin <davidben@google.com>