default returns Kerberos's notion of a "default" credential cache. This is determined by the following steps, in descending order:

• KRB5CCNAME environment variable
• default_ccache_name variable in libdefaults in /etc/krb5.conf
• DEFCCNAME build parameter (usually FILE:/tmp/krb5cc_%uid)

The principal associated with default

The principal associated with the credential cache supplied

A shared MEMORY t for principal. If a previous call succeeded for the same principal, the same t is returned. The returned t is never freed, so this function should not be called with an unbounded number of unique principals.

Initialize t with the given principal and credentials. This function updates t atomically for FILE cred caches.

Initializes the shared MEMORY cache associated with the principal of t (see in_memory_for_principal) with the credentials from t.

Return number of active credential renewal loops, as started by calls to keep_valid_indefintely. Note that it avoids creating a new loop for credentials that are already being renewed, even if keep_valid_indefinitely is called multiple times on the same cred cache with the same principal + keytab.

If this cred cache is expected to contain a TGT, keep that TGT valid. If it is a S4U2Self cache, keep the expected ticket valid.

A keytab should only be provided for TGT caches. It defaults to the User keytab if none is provided.

A server_cred_cache should only be provided if t is a S4U2Self cache. The default cred cache is used if none is provided.