Kerberos SSP package

[bodgit]

I have a requirement to be able to use the Kerberos SSP directly rather than indirectly through Negotiate, (SSH and the "gssapi-with-mic" authentication method, for the curious). As the code is almost identical between both providers (apart from sspi.NEGOSSP_NAME vs sspi.MICROSOFT_KERBEROS_NAME) I did a bit of refactoring first:

1. I took the liberty of adding a minimal go.mod to the project as it's needed by depending modules if I use a replace directive to use my fork of this module. Feel free to decide a minimal Go version here.
2. I've created a small internal/common package with functions for creating the sspi.SEC_WINNT_AUTH_IDENTITY struct, updating the client and server contexts and the message integrity/encryption functions.
3. I then refactored the NTLM and Negotiate packages to use the new internal package.
4. Finally I added the Kerberos package.

The only real difference between Kerberos and Negotiate apart from the underlying SSP name is that Kerberos can be negotiated in one leg if sspi.ISC_REQ_MUTUAL isn't a requested flag so the kerberos.NewClientContext*() functions return a completed bool whereas NTLM and Negotiate don't. A future enhancement may be to update those signatures so all three packages could match a common interface.

The tests were a bit of a faff to get working; it seems Kerberos doesn't like using an empty SPN as it returns "The specified target is unknown or unreachable" for anything that doesn't exist so I added an -spn flag which needs to be set for the tests to run. I then create that SPN with the following:

setspn -A my/testspn DOMAIN\user

I've kept the commits distinct but let me know if you want them squashed or anything else changed.

[alexbrainman]

LGTM

I don't use this package now. But it might be useful for others.

Thank you very much.

Alex