Reorganise ssh.py to cleanly separate responsibilities

The main exec_command/put_file/fetch_file methods now _build_command and
call _run to handle input from/output to the ssh process. The purpose is
to bring connection handling together in one place so that the locking
doesn't have to be split across functions.

Note that this doesn't change the privilege escalation and connection IO
code at all—just puts it all into one function.

Most of the changes are just moving code from one place to another (e.g.
from _connect to _build_command, from _exec_command and _communicate to
_run), but there are some other notable changes:

1. We test for the existence of sshpass the first time we need to use
   password authentication, and remember the result.
2. We set _persistent in _build_command if we're using ControlPersist,
   for later use in close(). (The detection could be smarter.)
3. Some apparently inadvertent inconsistencies between put_file and
   fetch_file (e.g. argument quoting, sftp -b use) have been removed.

Also reorders functions into a logical sequence, removes unused imports
and functions, etc.

Aside: the high-level EXEC/PUT/FETCH description should really be logged
from ConnectionBase, while individual subclasses log transport-specific
details.

lib/ansible/plugins/connection/paramiko_ssh.py

@@ -81,7 +81,7 @@ class MyAddPolicy(object):
 
         if C.HOST_KEY_CHECKING:
 
-            self.connection.lock_connection()
+            self.connection.connection_lock()
 
             old_stdin = sys.stdin
             sys.stdin = self._new_stdin
@@ -95,7 +95,7 @@ class MyAddPolicy(object):
             inp = raw_input(AUTHENTICITY_MSG % (hostname, ktype, fingerprint))
             sys.stdin = old_stdin
 
-            self.connection.unlock_connection()
+            self.connection.connection_unlock()
 
             if inp not in ['yes','y','']:
                 raise AnsibleError("host connection rejected by user")