make-secnet-sites: Don't allow setting new VPN-level props when restricted.
Currently, one can say something like
vpn thing
renegotiate-time 1
location evil
## ...
and if the VPN admin failed to set a value for `renegotiate-time' then
everyone will spin their CPUs doing key exchange.
Fix this lacuna. Now user input can only modify location and site
properties. If the administrator didn't set a location-level
`restrict-nets', then a user can do this, but obviously that can't make
anything worse.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>