Don't upload one-time keys if we received to-device events

[poljar]

libolm has limited and fixed-size storage for one-time keys, it discards the private part of the one-time key new one-time keys are generated.

Since to-device events carry m.olm.v1 encrypted events which may establish new Olm sessions we'll want to keep the private parts of our one-time keys around as long as we have some to-device events to handle. Usually this isn't a problem, generating one-time keys is already done after we handle the to-device part of a sync response, but servers might not send us all the to-device events that were sent our way in a single response, e.g. Synapse limits this to 100 to-device events per sync.

We should wait for a sync that doesn't contain any to-device events before we generate new one-time keys.