From: Greg Hudson Date: Mon, 7 Jul 2025 22:09:17 +0000 (-0400) Subject: Fix ccache config entry updating X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fe04743b2b5cae3ed45fb1212a1bed484203d3be;p=thirdparty%2Fkrb5.git Fix ccache config entry updating krb5_cc_set_config() originally tried to allow overwriting of existing config keys, but after commit c0a51fe0c8051e27c6cee4f4f0c705356a715e1e and 7783054742ddd807f7b2f7157d6ed81b7fb614eb it no longer calls remove_cred. Add a call back in, as we rely on config entry updating for refresh_time in the GSS library. ticket: 9178 --- diff --git a/src/lib/krb5/ccache/ccfns.c b/src/lib/krb5/ccache/ccfns.c index 9b755f0e36..1b5b2f1d10 100644 --- a/src/lib/krb5/ccache/ccfns.c +++ b/src/lib/krb5/ccache/ccfns.c @@ -247,9 +247,12 @@ krb5_cc_set_config(krb5_context context, krb5_ccache id, if (ret) goto out; - if (data == NULL) { - ret = krb5_cc_remove_cred(context, id, 0, &cred); - } else { + /* Try to clear any existing value for key. Avoid trace logging. */ + ret = id->ops->remove_cred(context, id, 0, &cred); + + if (data != NULL) { + /* Ignore remove_cred errors if we are setting a value. */ + krb5_clear_error_message(context); ret = krb5int_copy_data_contents(context, data, &cred.ticket); if (ret) goto out;