Revert "proxy: Remove AUTH_IPCACHE_TTL"

Revert "proxy: Remove AUTH_IPCACHE_TTL"

This reverts commit dc637f087fe07ab26ae1dee00133da69bab5e6a1.

Rationale: "authenticate_ip_ttl" can be safely used as it does not
introduces an authentication bypass, but saves relationships between
successfully authenticated users and their IP addresses.

"max_user_ip" depends on such an authentication cache, so credential
sharing between several IPs (on purpose or by chance) can be detected
properly. This is useful in case of crompromised machines and/or
attackers in internal networks having stolen proxy authentication
credentials.

Quoted from squid.conf.documented or man 5 squid.conf:

>       acl aclname max_user_ip [-s] number
>         # This will be matched when the user attempts to log in from more
>         # than <number> different ip addresses. The authenticate_ip_ttl
>         # parameter controls the timeout on the ip entries. [fast]
>         # If -s is specified the limit is strict, denying browsing
>         # from any further IP addresses until the ttl has expired. Without
>         # -s Squid will just annoy the user by "randomly" denying requests.
>         # (the counter is reset each time the limit is reached and a
>         # request is denied)
>         # NOTE: in acceleration mode or where there is mesh of child proxies,
>         # clients may appear to come from multiple addresses if they are
>         # going through proxy farms, so a limit of 1 may cause user problems.

Fixes: #11994
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>