Use a local keytab for creds encryption

If available use a keytab for creds encryption.
Since now we can store encrypted credentials, on the cient side, for later
reuse, it is better to be able to decrypt them even after a gssproxy daemon
restart (maintenance, crashes, etc..)
If a keytab is rotated this can cause a restarted gssproxy to fail to decrypt
stored credentials, but in that case those credentials are also probably
useless and need to be refreshed, so this is not a huge deal, and definitely
better than the status quo.

Signed-off-by: Simo Sorce <simo@redhat.com>

0 files changed, 0 insertions, 0 deletions