fix: avoid TSaslClientTransport reuse to eliminate server-side SASL noise

[barking-code]

Related: #1744, #1747, #1941

Rationale for this change

#1747 / #1941 caught the TSaslClientTransport reopen failure on the client side, but the doomed open() attempt still completes a TCP handshake before aborting, which leaves a TTransportException event in the HMS server log per _HiveClient re-entry. In production this produces a steady stream of server-side error events matched by HMS alert filters.

TSaslClientTransport is single-use by design: its SASLClient is disposed on close() and there is no API to reset it. Reusing the same transport across context-manager entries was the original misuse. This PR keeps the existing _HiveClient.__init__ setup intact — the transport is still created in __init__ so _HiveClient can be used without a context manager (per @kevinjqliu's note in #1747) — and reinitializes the transport before open() whenever the client has been used before:

def __enter__(self) -> Client:
    if self._was_opened:
        self._transport = self._init_thrift_transport()
    self._transport.open()
    self._was_opened = True
    return self._client()

The try/except retry from #1747 / #1941 is removed because the failure mode it covered (reopening a disposed SASL session) cannot occur on a fresh transport.

The public behaviour of _HiveClient (with hive_client as c: returns a working Client, __exit__ closes it) is unchanged.

Are these changes tested?

• New unit test test_kerberized_client_uses_fresh_transport_on_reuse asserts that the transport instance differs between two consecutive context-manager entries
• Existing test_create_hive_client_with_kerberos_using_context_manager continues to pass

Are there any user-facing changes?

No.

[barking-code]

Hi @mnzpk and @kevinjqliu — this addresses the server-side noise that #1747 / #1941 left in place. Your review would be much appreciated when you have time.

[Fokko]

This seems reasonable to me, since it is much simpler :)

[barking-code]

@Fokko Thanks for the review! Could you help merge this when you have a moment?

[Fokko]

@barking-code Sure thing, I wanted to give others also the oppertunity to jump in :) Thanks for fixing this

[kevinjqliu]

thank you for fixing this @barking-code. I dont have a local setup to test Hive with SASL, so the previous solution was best effort 😆
were you able to test this new code?

[barking-code]

Hi @kevinjqliu — I ran it against a kerberized HMS we have. Opened/closed the client 5 times on both branches and watched the HMS server log:

• main: server-side TTransportException at TIOStreamTransport.read line 132 on every reuse.
• this PR: none.

Client side worked in both cases (main recovers via the existing except), so the only observable difference is that the server log goes quiet. Thanks!