[krbdev.mit.edu #7790] PoC to fix cross realm S4U2Self

[Greg Hudson via RT]

Candidate patch here: https://github.com/krb5/krb5/pull/305

The patch includes an automated test for the client behavior, but it 
would be useful for people to test this against Windows KDCs.

I did not preserve the check for krbtgt server principals which was 
present in the proof-of-concept, because I don't know why a krbtgt 
principal would ever make an S4U2Self request, or why it should be 
treated differently if it did.