Make `collect_session_recipients` more resistent

[BillCarsonFr]

Currently when collect_session_recipients is figuring out to which devices a key was distributed it only looks at shared_with_set and not to_share_with_set (inflight).

That means that if the caller calls share_room_key, but fails to distribute the to_device, at the next call the device will not be seen has having the key but will eventually get it after ~~next call that processes outgoing requests~~ next message is sent in room.

As an example there was a bug in webR, where to-device was not marked as sent. This leads to several strange side effect. For example is you change the only_allow_trusted_devices setting to true (with an unverified device in the room). Then collect session recipient won't rotate the megolm session, as the session as not been delivered (not in shared_with_set, only in to_share_with_set).

As a result the sdk will give you 2 to-devices, a room key for the device and a withheld for the same device and same session.

We could make the sdk more resistent by considering bothshared_with_set and to_share_with_set