The ASAN build fails with
```
cookie_auth.c:62:7: error: variable 'ret' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (cookie_header == NULL) goto clean;
^~~~~~~~~~~~~~~~~~~~~
cookie_auth.c:84:10: note: uninitialized use occurs here
return ret;
^~~
cookie_auth.c:62:3: note: remove the 'if' if its condition is always false
if (cookie_header == NULL) goto clean;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cookie_auth.c:65:3: note: variable 'ret' is declared here
struct session *ret = NULL;
^
cookie_auth.c:62:7: error: variable 'ssid' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (cookie_header == NULL) goto clean;
^~~~~~~~~~~~~~~~~~~~~
cookie_auth.c:81:7: note: uninitialized use occurs here
if (ssid != ssid_buf) {
^~~~
cookie_auth.c:62:3: note: remove the 'if' if its condition is always false
if (cookie_header == NULL) goto clean;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cookie_auth.c:64:3: note: variable 'ssid' is declared here
char *ssid = ssid_buf;
^
2 errors generated.
```
Which is a replacement of (deprecated) `mg_http_parse_header`, but,
similarly to `asprintf`, allocates a new buffer if the client-provided
one is not large enough.
Also use it throughout mongoose code, and thus some header-related
limitations are removed; in particular,
https://github.com/cesanta/mongoose/issues/813 is fixed.
CL: Mongoose Web Server: Deprecate `mg_http_parse_header()` and implement `mg_http_parse_header2()` instead, which allocates a new buffer if the client-provided one is not large enough (similarly to `asprintf`).
CL: Mongoose Web Server: Fix limitations of header value lengths, e.g. when parsing authentication headers such as nonce, etc.
PUBLISHED_FROM=c75b1bbbbdb294ea85075ce69b1368f115fdd1ef
On my way, fixed a couple of cases where we had `()` in the header, and
non-empty argument list in the source file.
PUBLISHED_FROM=5519526cf84e2bbd425a726fcc112fea1a95cbf1
