The OpenSSL API change that broke this is "Convert ERR_STATE to new
multi-threading API": openssl commit 8509dcc.

Closes #713

follow-up to 80015cdd

... to allow users to see which specfic wildcard that matched when such
is used.

Also minor logic cleanup to simplify the code, and I removed all tabs
from verbose strings.

It would also seem that share.h is not required here either as there
are no references to the Curl_share structure or functions.

Bug: https://curl.haxx.se/mail/lib-2016-03/0150.html
Reported-by: Oliver Graute

... to allow torture tests then too.

As just discussed on the mailing list, also document how we prefer
spacing in expressions.

cppcheck warned:

[src/tool_urlglob.c:283]: (style) Checking if unsigned variable 'step_n'
is less than zero.

Ripped out from CONTRIBUTE into its own document, but also extended from
there.

Since sh_getentry() now checks for invalid sockets itself and by
narrowing the scope of the remove_sock_from_hash variable.

Simplify the code by using a single entry that looks for a socket in the
socket hash. As indicated in #712, the code looked for CURL_SOCKET_BAD
at some point and that is ineffective/wrong and this makes it easier to
avoid that.

Closes #712

Closes #703

Rather than use a 0 and 1 integer base result code use a TRUE / FALSE
based success code.

Rather than use 0 and 1 integer base result codes use a FALSE / TRUE
based success code.

warning C4267: 'function': conversion from 'size_t' to 'int',
               possible loss of data

... as it implies we need to check for that on all the other variable
references as well (as Coverity otherwise warns us for missing NULL
checks), and we're alredy making sure that the pointer is never NULL.

RFC 6265 section 4.1.1 spells out that the first name/value pair in the
header is the actual cookie name and content, while the following are
the parameters.

libcurl previously had a more liberal approach which causes significant
problems when introducing new cookie parameters, like the suggested new
cookie priority draft.

The previous logic read all n/v pairs from left-to-right and the first
name used that wassn't a known parameter name would be used as the
cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be
a cookie named 'person' while an RFC 6265 compliant parser should
consider that to be a cookie named 'Max-Age' with an (unknown) parameter
'person'.

Fixes #709