Return GSS_S_NO_CRED from krb5 gss_acquire_cred

Earlier versions of the GSS-API spec (RFCs 1508 and 2078) do not list
GSS_S_NO_CRED as a valid error code for gss_acquire_cred.  As a
result, the OpenVision developers of the GSSAPI krb5 mech created
GSS_S_CRED_UNAVAIL as an alias for GSS_S_FAILURE and returned it when
no valid credentials could be obtained.  RFC 2743 lists GSS_S_NO_CRED
as the proper return code when matching credentials cannot be
accessed.  Change the krb5 gss_acquire_cred() implementation to return
GSS_S_NO_CRED where it currently returns GSS_S_CRED_UNAVAIL.

Also stop using GSS_S_CRED_UNAVAIL in the krb5 gss_store_cred(), but
change it to explicitly use GSS_S_FAILURE instead.  RFC 5588 specifies
GSS_S_NO_CRED as indicating a problem with input_cred_handle, not the
receiving store, so GSS_S_NO_CRED would be inappropriate.

https://github.com/krb5/krb5/commit/eb8d2ced232e60613b461b4410f6fff3800467ab
Author: Greg Hudson <ghudson@mit.edu>
Commit: eb8d2ced232e60613b461b4410f6fff3800467ab
Branch: master
 src/lib/gssapi/krb5/acquire_cred.c |   16 ++++++++--------
 src/lib/gssapi/krb5/store_cred.c   |    4 ++--
 src/tests/gssapi/t_add_cred.c      |    2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)