Feature: sub-connection auth (TOKEN_CONN_AUTH) with HMAC + clientID binding

Client first packet on every sub-connection signs (clientID || timestamp ||
nonce) and waits for server ack. Server verifies signature and pins clientID
on the sub-connection ctx, eliminating IP-reverse-lookup unreliability for
NAT/localhost scenarios. Sub-conn coverage: Win 12 sites, Linux/macOS 3-4
each. Main connection keeps existing TOKEN_LOGIN flow unchanged.

Includes:
- Protocol structs sized to 512/256 bytes with reserved space for future
  extensions (locale, OS info, session token, etc.)
- 5-min timestamp tolerance (Kerberos-grade replay window)
- 10-sec client wait for cross-pacific / weak-network tolerance
- Fix RemoveFromHostList side-effect ordering: MarkDeviceOffline and
  m_ActiveWndW.erase now only fire when ctx is actually removed from
  m_HostList, preventing sub-conn disconnects from misreporting main as
  offline (regression introduced by auth-set clientID on sub ctx)
- Fix latent bug: IOCPClient::m_conn was never assigned in ctor, leaving
  GetConnectionAddress() always NULL and FileManager V2 transfer's
  srcClientID always 0

Breaking change: new client cannot use sub-features against old server.
New server tolerates legacy clients (no auth). Future tightening can reject
unauthenticated sub-connections via IsAuthenticated() flag.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

server/2015Remote/IOCPServer.h

@@ -229,7 +229,11 @@ public:
         return m_bIsClosed;
     }
     virtual uint64_t GetClientID() const {
-        return m_ClientID;
+        // 优先用 UpdateContext 设过的 m_ClientID（重连场景），否则取子连接 ctx 自身的 ID。
+        // 子连接通过 TOKEN_CONN_AUTH 通过校验后，ctx->GetClientID() 已被钉成主连接的 clientID，
+        // 这样 dialog 拿到的 ID 既准确又免去 IP 反查兜底（NAT/127.0.0.1 场景靠谱）。
+        if (m_ClientID != 0) return m_ClientID;
+        return m_ContextObject ? m_ContextObject->GetClientID() : 0;
     }
     BOOL SayByeBye()
     {