Support for Microsoft Set Password protocol

[Nicolas Williams]

A change keys API will also be needed.

Inputs?  A principal name, a keytab name, an optional list of enctypes
and a flag/kvno indicating whether to remove old keytab entries.
Outputs?  Success/failure.  Side effects?  New keytab entries.

Alternatively the API should not edit a keytab but return a bunch of
keys (though each key including a principal name[*] and real name and a
kvno).  Leaving it to the application to actually store the keys in a
keytab.

[*] Needed for principal aliasing.  See the v2 draft.

Nico
--