- ensure that tcpactive is cleaned up correctly when accept() fails.
- set 'client->tcpattached' when the client is attached to the tcpquota.
  carry this value on to new clients sharing the same pipeline group.
  don't call isc_quota_detach() on the tcpquota unless tcpattached is
  set.  this way clients that were allowed to accept TCP connections
  despite being over quota (and therefore, were never attached to the
  quota) will not inadvertently detach from it and mess up the
  accounting.
- simplify the code for tcpquota disconnection by using a new function
  tcpquota_disconnect().
- before deciding whether to reject a new connection due to quota
  exhaustion, check to see whether there are at least two active
  clients. previously, this was "at least one", but that could be
  insufficient if there was one other client in READING state (waiting
  for messages on an open connection) but none in READY (listening
  for new connections).
- before deciding whether a TCP client object can to go inactive, we
  must ensure there are enough other clients to maintain service
  afterward -- both accepting new connections and reading/processing new
  queries.  A TCP client can't shut down unless at least one
  client is accepting new connections and (in the case of pipelined
  clients) at least one additional client is waiting to read.