Apply permitted_enctypes to KDC request enctypes

permitted_enctypes was initially intended only to restrict the
processing of AP requests (and was later applied to KDB key data
searches so that the KDC wouldn't issue a ticket it would refuse to
accept).  Because the documentation was never clear about its scope,
many configurations assume that permitted_enctypes also applies to
clients.

In light of the existing configurations, take the simple way out and
use permitted_enctypes as the default for default_tkt_enctypes and
default_tgs_enctypes.  Update the documentation, add a test to
explicitly check the new behavior, and remove now-unnecessary
configuration from the test suite.

[ghudson@mit.edu: unrolled helper function; edited documentation and
commit message; simplified test case]

https://github.com/krb5/krb5/commit/8f13fb2342b2a715cfb694688e3435e7f11691f8
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 8f13fb2342b2a715cfb694688e3435e7f11691f8
Branch: master
 doc/admin/conf_files/krb5_conf.rst   |   20 ++++--
 doc/admin/enctypes.rst               |    8 ++-
 src/lib/krb5/krb/init_ctx.c          |  144 ++++++++++++++++++----------------
 src/man/krb5.conf.man                |   22 ++++--
 src/tests/dejagnu/config/default.exp |   16 ----
 src/tests/gssapi/t_enctypes.py       |    6 +-
 src/tests/t_sesskeynego.py           |    8 ++
 src/util/k5test.py                   |   30 ++------
 8 files changed, 128 insertions(+), 126 deletions(-)