GlobalProtect: Insure timeout is less than DPD when DTLS connecting

When transitioning from DTLS_CONNECTING to DTLS_CONNECTED ensure that the current timeout is less than or equal to 10-second DTLS DPD otherwise timeout might be greater than 2x DPD, eg set to 60-second DTLS attempt period from the ESP main loop where we were "connecting", and we might sleep right through the DTLS DPD period and falsely detect a dead peer and needlessly fall back to HTTPS.

This is only relevant to reconnects because during the initial connection the timeout is artificially set low, ie 1 second, by the OpenConnect mainloop because the TUN device is not yet up.

Signed-off-by: Corey Wright cwright@digitalocean.com