Do not falsely start the connection through SSL_pending()/_has_pending()

Fixes #25054

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25069)

ssl/quic/quic_impl.c

@@ -2863,6 +2863,9 @@ static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
 
     quic_lock(ctx.qc);
 
+    if (!ctx.qc->started)
+        goto out;
+
     if (ctx.xso == NULL) {
         /* No XSO yet, but there might be a default XSO eligible to be created. */
         if (qc_wait_for_default_xso_for_read(&ctx, /*peek=*/1)) {