CVE-2023-27535: FTP too eager connection reuse

## Summary: libcurl FTP(S) protocol will reuse connection even if different `CURLOPT_FTP_ACCOUNT` (libcurl) or `--ftp-account` (curl) is specified for different connections and the server requests account authentication via reply code `332`. It appears that `STRING_FTP_ALTERNATIVE_TO_USER ` (libcurl) or `--ftp-alternative-to-user` (curl) is also affected and should also result in caching being refused. ## Steps To Reproduce: 1. terminal 1: `echo -e "foo\n" | nc -v -l -p 9998; echo -e "bar\n" | nc -v -l -p 9998` 2. terminal 2: `echo -ne "220 a\n331 b\n332 c\n230 d\n257 \"/\"\n229 (|||9998|)\n200 e\n213 4\n150 f\n226 g\n229 (|||9998|)\n213 4\n150 f\n226 g\n" | nc -v -l -p 9999` 3. terminal 3: `curl -v --ftp-account alice "ftp://ftp@server:9999/file1" -: --ftp-account bob "ftp://ftp@server:9999/file2"` As a result connection authenticated as user `alice` will be used when fetching `file2` regardless that user `bob` was specified for fetching it. ## Remediation * Don't reuse connection if `CURLOPT_FTP_ACCOUNT` or `STRING_FTP_ALTERNATIVE_TO_USER` are different. ## Supporting Material/References: * https://www.ietf.org/rfc/rfc0959.txt ## Impact Accessing content with wrong cached credentials.