Fix ccache config entry updating

krb5_cc_set_config() originally tried to allow overwriting of existing
config keys, but after commit c0a51fe0c8051e27c6cee4f4f0c705356a715e1e
and 7783054742ddd807f7b2f7157d6ed81b7fb614eb it no longer calls
remove_cred.  Add a call back in, as we rely on config entry updating
for refresh_time in the GSS library.

ticket: 9178

diff --git a/src/lib/krb5/ccache/ccfns.c b/src/lib/krb5/ccache/ccfns.c
index 9b755f0e3617b2a1e5556fe763d293b49142c00e..1b5b2f1d1070ee4b9f3f4c7dba22305960e968ad 100644 (file)
--- a/src/lib/krb5/ccache/ccfns.c
+++ b/src/lib/krb5/ccache/ccfns.c
@@ -247,9 +247,12 @@ krb5_cc_set_config(krb5_context context, krb5_ccache id,
     if (ret)
         goto out;
 
-    if (data == NULL) {
-        ret = krb5_cc_remove_cred(context, id, 0, &cred);
-    } else {
+    /* Try to clear any existing value for key.  Avoid trace logging. */
+    ret = id->ops->remove_cred(context, id, 0, &cred);
+
+    if (data != NULL) {
+        /* Ignore remove_cred errors if we are setting a value. */
+        krb5_clear_error_message(context);
         ret = krb5int_copy_data_contents(context, data, &cred.ticket);
         if (ret)
             goto out;