"locks --verify" can be combined with "--cached" option now in the same
way as for "plain" remote queries.
Cached data is stored in a separate file "path/to/ref/verifiable", next
to the "plain" remote query cache file.
This resolves issue #3252.
Refactor SearchLocksVerifiable to use Client.RemoteRef instead of having
a separate ref parameter. This makes ref-processing more consistent with
other locks-functions.
Extract more basic http-related functionality out of lfsapi and
into a new package, lfshttp. Everything is currently functional
aside from authorization.