In 1.11 2 new features were implemented:
- Cred Store extensions
and
- Keytab Initiation.

The Keytab Initiation goal is to be able to use a client keytab to
automatically obtain TGTs at init_sec_context time.

The Cred Store API goal is to be able to provide credential information
programmatically without depending on global variables, and it can
contsruct crdentials specifying a custom ccache and a custom keytab for
accepting security contexts, but not for initiating security context in
conjuction with the Keytab Initiation feature as there is no URI defined
to pass in a client keytab.

The attached patch adds a new Cred Store type named "client_keytab" to
the 2 available ones ("keytab" and "ccache") and wires
gss_acquire_cred_from in the krb5 mechanism to initialized the
credentials client keytab with the specified client_keytab allowing
gss_init_sec_context to perform Keytab Initiation.