httpConnectAgain should require the same X.509 certificate

[michaelrsweet]

httpConnectAgain doesn't make sure that the new connection is using the same X.509 certificate as the original connection. The new connection should either have the same certificate or pass strict cupsGetCredentialsTrust tests.

[michaelrsweet]

Note: Since the connection address is cached in http_t, exploiting this issue is non-trivial.

[michaelrsweet]

[master 2a5a0a2] Re-validate server cert on re-connect (Issue #90)