krb5_lcc_next_cred() has several problems:

1. its supposed to return the next cred and therefore if there is an
error while reading/parsing a ticket it is supposed to skip the error
and try the next ticket.  It fails to do this correctly.

2. if an error occurs it sets retval to KRB5_FCC_INTERNAL.  if it is
able to obtain a subsequent ticket.  It does not clear the error value
which in turn breaks the caller.

3. when an error does occur the cause of the error is lost.  a
descriptive error should be provided 

4. there is a race between when the enumeration is generated in
krb5_lcc_start_seq_get() and when the tickets are read.  If the tickets
are removed in between the KRB5_FCC_INTERNAL error is thrown.  We can't
avoid the race entirely but it might be useful to parse all of the
tickets in krb5_lcc_start_seq_get() and then just hand them out.  On the
other hand this approach would perform unneeded expensive work if the
app only required the first ticket in the cache.

5. a more general problem.  there is no validation that the 'id' and
'cursor' inputs are non-NULL.