is krb5_cc_initialize() thread safe

[Ken Hornstein]

>> Greg does bring up the larger meta-issue that you're apparantly trying
>> to have two threads call krb5_cc_initiualize() on the same FILE
>> credential cache; what, exactly, are you trying to accomplish there?
>
>NFS gssd service is multithreaded (has been for a while now). And at
>some point we've allowed multiple upcalls for the same UID (leading to
>the upcalls looking/working on the same credential cache) and thus the
>problem that krb5_cc_initialize() is called by 2 threads. It was
>assumed that kerberos libraries are "thread-safe".

I think you're missing Greg's point; krb5_cc_initialize() wipes out the
credential cache completely and makes it non-usable.  That's what he
meant by it being thread safe but not concurrency safe.  If one upcall
stored credentials another thread would wipe those out with a call to
krb5_cc_initialize().  I'm unclear what exactly you expect to happen
in this situation.

--Ken