gssapi/krb5: _gsskrb5_display_name return GSS_C_NT_ANONYMOUS

If the Kerberos v5 principal name is

  WELLKNOWN/ANONYMOUS@WELLKNOWN:ANONYMOUS

and the principal type is KRB5_NT_WELLKNOWN, then gss_display_name()
is expected to return GSS_C_NT_ANONYMOUS instead of
GSS_KRB5_NT_PRINCIPAL_NAME.  This change matches the behavior of
MIT Kerberos.

lib/gssapi/krb5/display_name.c

@@ -65,8 +65,12 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_display_name
     memcpy (output_name_buffer->value, buf, len);
     ((char *)output_name_buffer->value)[len] = '\0';
     free (buf);
-    if (output_name_type)
+    if (output_name_type) {
-	*output_name_type = GSS_KRB5_NT_PRINCIPAL_NAME;
+	if (krb5_principal_is_anonymous(context, name, 0))
+	    *output_name_type = GSS_C_NT_ANONYMOUS;
+	else
+	    *output_name_type = GSS_KRB5_NT_PRINCIPAL_NAME;
+    }
     *minor_status = 0;
     return GSS_S_COMPLETE;
 }