Correctly handle a retransmitted ClientHello

[mattcaswell]

If we receive a ClientHello and send back a HelloVerifyRequest, we need to be able to handle the scenario where the HelloVerifyRequest gets lost and we receive another ClientHello with the message sequence number set to 0.

Fixes https://github.com/openssl/openssl/issues/18635

[mattcaswell]

Note there is a trivial conflict when cherry-picking back to 1.1.1 which I will fix during merge.

[mattcaswell]

Ping for second review

[mattcaswell]

I rebased this to resolve a conflict with master.

Still looking for a second reviewer. Ping @openssl/committers.

[openssl-machine]

This PR is in a state where it requires action by @openssl/committers but the last update was 30 days ago

[mattcaswell]

@hlandau Typo fixed. Please take another look.

[t8m]

Meanwhile the 1.1.1 got to the state when only security fixes are supposed to be done there.

[hlandau]

Does this go to 1.1.1?

[mattcaswell]

Does this go to 1.1.1?

No - its not a security fix. Removing the 1.1.1 branch label.

[openssl-machine]

24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually.

[hlandau]

It's now been more than 24 hours. Merging.

[hlandau]

Merged to master and 3.0. Thank you.

A merge conflict while cherry picking to 3.0 was deemed trivial enough to fix during merging. (Adjacent line to a changed line had changed so the diff algorithm wasn't happy, but no actual diff changes.)