disallow requests naming principal as a service

[Sam Hartman]

>>>>> "Moore," == Moore, Patrick <pcmoore at sandia.gov> writes:

    Moore,> With this suggested fix, my client would need to try a U2U
    Moore,> handshake upon getting a PRINC_UNKNOWN error from the MIT
    Moore,> KDC.  Not streamlined - but functional enough. Long term,
    Moore,> I'd prefer using KDC_ERR_MUST_USE_USER2USER and report
    Moore,> that back to the client when you see that DUP_SKEY is
    Moore,> allowed but SVR is not.

You should not design protocols in such a manner that you need KDC
responses in order to determine whether you're going to use U2U or
not.  This was one of the more annoying features of the GSSAPI U2U
draft.