Hello,
We use krb5 lib v1.10.3 in our product. Recently, one of our customers ran into a replay cache file descriptor leak issue in that there were many opened but deleted replay cache temp files staying around for days. For instance,
--------
Jan 7 13:44:28 fd 1220 (/shared/tmp/krb5_RCB8Wi7X (deleted)) : cloexec, Fflags[0x8002], read-write
…
Jan 11 09:25:40
fd 1220 (/shared/tmp/krb5_RCB8Wi7X (deleted)) : cloexec, Fflags[0x8002], read-write
--------
Jan 8 15:33:17 fd 1529 (/shared/tmp/krb5_RCGIGQ1X (deleted)) : cloexec, Fflags[0x8002], read-write
…
Jan 11 09:25:40 fd 1529 (/shared/tmp/krb5_RCGIGQ1X (deleted)) : cloexec, Fflags[0x8002], read-write
--------
Jan 9 12:05:14 fd 355 (/shared/tmp/krb5_RCG6JmM9 (deleted)) : cloexec, Fflags[0x8002], read-write
…
Jan 11 09:25:40 fd 355 (/shared/tmp/krb5_RCG6JmM9 (deleted)) : cloexec, Fflags[0x8002], read-write
Someone encountered the same issue with v1.10.3 and upgrading to v1.14.5 did not help (https://groups.google.com/forum/#!searchin/comp.protocols.kerberos/leak%7Csort:date/comp.protocols.kerberos/pN4QCVcEMWc/xYMDKrLuBgAJ).
We were wondering if there is a solution to or a workaround for this issue.
TIA,
Daniel