krb5_cc_gen_new memory implementation doesn't actually create a new ccache.  Because of this 
there are race conditions in a variety of places in the library which expect this function to create 
a new temporary ccache.  These include krb5_verify_init_creds(), gss_accept_sec_context() and 
the KLL API.

Note that since the function was broken before the callers must be modified so that they 
actually destroy the newly created ccache.  They couldn't do this before since that would have 
made the race conditions worse.