dtls: Don't send packets to a dead socket during rekeying

vpninfo->{dtls_fd,dtls_ssl} are typically invalid when dtls_restart()
returns, as the new handshake has not completed at that point.  Under some
circumstances, FD_CLR() may be called on a negative fd, resulting in a
crash:

    (gdb) bt
    #0  0x00007f749201df77 in __GI_raise (sig=sig@entry=6)
        at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
    #1  0x00007f74920215e8 in __GI_abort () at abort.c:90
    #2  0x00007f749205b4fb in __libc_message (do_abort=do_abort@entry=2,
        fmt=fmt@entry=0x7f749216cf10 "*** %s ***: %s terminated\n")
        at ../sysdeps/unix/sysv/linux/libc_fatal.c:199
    #3  0x00007f74920f908c in __GI___fortify_fail (msg=<optimized out>,
        msg@entry=0x7f749216cea7 "buffer overflow detected") at fortify_fail.c:37
    #4  0x00007f74920f8020 in __GI___chk_fail () at chk_fail.c:28
    #5  0x00007f74920f8fd7 in __fdelt_chk (d=<optimized out>) at fdelt_chk.c:25
    #6  0x00007f749388b86c in ?? ()
    #7  0x00007f749388e271 in ?? ()
    #8  0x00007f74938883a2 in ?? ()
    #9  0x00007f7492008de5 in __libc_start_main (main=0x7f7493887010, argc=5,
        ubp_av=0x7fff01f1fe98, init=<optimized out>, fini=<optimized out>,
        rtld_fini=<optimized out>, stack_end=0x7fff01f1fe88) at libc-start.c:260
    #10 0x00007f74938885e3 in ?? ()

So we should return back to the mainloop instead of trying to send out
queued packets over DTLS.

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>

dtls.c

@@ -776,13 +776,9 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
 			return 1;
 		}
 
-		if (dtls_restart(vpninfo)) {
+		if (dtls_restart(vpninfo))
 			vpn_progress(vpninfo, PRG_ERR, _("DTLS rekey failed\n"));
-			return 1;
-		}
-		work_done = 1;
-		break;
-
+		return 1;
 
 	case KA_DPD_DEAD:
 		vpn_progress(vpninfo, PRG_ERR, _("DTLS Dead Peer Detection detected dead peer!\n"));