Should exclude PSK_DHE mode when key_share is null

[sshock]

The ptls_context_t key_exchanges can be set to NULL to force PSK-only mode.

In this scenario, the client key_share_ctx is NULL, so encode_client_hello does not include any key_share entries.

So far so good. But encode_client_hello still includes PSK_DHE in the PSK_KEY_EXCHANGE_MODES, even though that mode won't be able to work.

In practice this hasn't caused any issues for me, but it would probably be good to exclude that mode in this scenario.