rconn: Make queued packet counting harder to screw up.

rconn: Make queued packet counting harder to screw up.

The semantics of the 'n_queued' parameter to rconn_send() and
rconn_send_with_limit() were too easy to screw up: if the memory area in
which the passed-in data lived was destroyed before the rconn was
destroyed, then rconn_destroy() (or simply flushing out the transmission
queue) would access invalid memory or, worse, decrement a random integer
in reused memory.  It was possible to avoid this by destroying the rconn
before destroying the queue count data area, but this is difficult to
remember and not always possible in the general case.

This commit changes to using a reference-counted structure, which is harder
to get wrong.