Reject DATA messages with length==0.

We currently accept DATA messages with length==0.

This isn't great, since it provides a way to inject an undetected traffic signal; so we should disallow it.

I'm planning to call this a security issue, but one of LOW severity, since DATA is only accepted when there has been a stream opened, and using length==1 messages is nearly as effective.

Confirming with @mikeperry.