Fix TGS req realm from user realm to server realm

[CravateRouge]

When trying to perform authentication I had the following error:

  File "/home/silver/.local/lib/python3.11/site-packages/minikerberos/aioclient.py", line 801, in get_referral_ticket
    tgs, encpart, key = await self.get_TGS(crossrealm_spn)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/silver/.local/lib/python3.11/site-packages/minikerberos/aioclient.py", line 447, in get_TGS
    raise KerberosError(rep, 'get_TGS failed!')
minikerberos.protocol.errors.KerberosError: get_TGS failed! Error Name: KDC_ERR_WRONG_REALM Detail: "Incorrect domain or principal" 

I was trying to perform crossrealm authentication from a user named TREE2.LAB\johnny to the service ldap/dc1.outsider.lab. There was an inter forest trust between TREE2.LAB to BLOODY.CORP and a forest trust from BLOODY.CORP to OUTSIDER.LAB.

TREE2.LAB\johnny was able to query a referral ticket krbtgt/main.bloody.corp@TREE2.LAB to dctree1.tree2.lab but then the error happened when trying to request a referral ticket for OUTSIDER.LAB to main.bloody.corp because it was requesting krbtgt/dc1.outsider.lab@TREE2.LAB instead of krbtgt/dc1.outsider.lab@BLOODY.CORP.
Indeed you can see in get_TGS that the TGS Req realm is set to the user domain (so TREE2.LAB in our case as we are using TREE2.LAB\johnny) instead of the server one BLOODY.CORP.

To remediate this I took the domain REALM from the server from the TGT retrieved before.

[skelsec]

Good catch! Thank you!