Earlier versions of the GSS-API spec (RFCs 1508 and 2078) do not list
GSS_S_NO_CRED as a valid error code for gss_acquire_cred. As a
result, the OpenVision developers of the GSSAPI krb5 mech created
GSS_S_CRED_UNAVAIL as an alias for GSS_S_FAILURE and returned it when
no valid credentials could be obtained. RFC 2743 lists GSS_S_NO_CRED
as the proper return code when matching credentials cannot be
accessed. Change the krb5 gss_acquire_cred() implementation to return
GSS_S_NO_CRED where it currently returns GSS_S_CRED_UNAVAIL.
Also stop using GSS_S_CRED_UNAVAIL in the krb5 gss_store_cred(), but
change it to explicitly use GSS_S_FAILURE instead. RFC 5588 specifies
GSS_S_NO_CRED as indicating a problem with input_cred_handle, not the
receiving store, so GSS_S_NO_CRED would be inappropriate.