Force Handshake packet epoch if handshake hasn't been confirmed

[evanrittenhouse]

The RFC states that an endpoint can immediately close a connection by sending a CONNECTION_CLOSE frame during the handshake:

However, prior to confirming the handshake, it is possible that more advanced packet protection keys are not available to the peer, so another CONNECTION_CLOSE frame MAY be sent in a packet that uses a lower packet protection level.

Currently, when we decide the packet epoch when a CC frame is present, we always choose Application. This commit downgrades the epoch to Handshake if the handshake wasn't confirmed.

The test added in this PR fails without this patch - since the packet is sent in the Application space without keys, the server can't decrypt it, so its peer_error is None.

• [x] Fix CI
• [x] Squash