🔒 Cancel SASL authentication after client-side exceptions

[nevans]

From RFC9051 6.2.2

If the client wishes to cancel an authentication exchange, it issues a line consisting of a single "*". If the server receives such a response, or if it receives an invalid base64 string (e.g., characters outside the base64 alphabet or non-terminal "="), it MUST reject the AUTHENTICATE command by sending a tagged BAD response.

Currently, exceptions should cause the connection to be dropped, but that's too severe a reaction.

When authentication is canceled, the original exception should be the #cause of any resulting BAD exception. This way it will be captured by automated error reporting.