The attached patch fixes this problem.  Always initialize output_token
from gss_init_sec_context, even if passed an unknown mechanism.  The
krb5 version already did this, but the generic code did not.  This patch
is already in the Debian package.  -- rra@stanford.edu