CVE-2023-27536: GSS delegation too eager connection re-use

## Summary: When considering reuse of existing connections different `CURLOPT_GSSAPI_DELEGATION` (libcurl) `--delegation` (curl) option is not taken into consideration. This can lead to reuse of previously established connection when it should no longer be (as more strict or no delegation was requested). ## Steps To Reproduce: 1. `curl --negotiate -u : --delegation "always" https://server/path -: --negotiate -u : --delegation "none" https://server/path` ## Remediation - Safest option is to not reuse connections if different `CURLOPT_GSSAPI_DELEGATION` levels are being used. It **might** also be correct to not reuse connections with "laxer" `CURLOPT_GSSAPI_DELEGATION`: "none" should only allow reusing "none" level, "policy" should only allow "none" or "policy" level, while "always" can reuse all connections otherwise deemed appropriate for reuse. ## Impact Existing connection that was established via more lax delegation will be reused for connection that should not succeed due to more restrictive delegation requested. The practical impact can vary, but I believe it is likely quite low, as it should be quite rare to have connections attempted with mixed delegation policies like this.