soup-auth-digest: fix a leak on re-auth

Calling soup_auth_authenticate() on an already-authenticated
SoupAuthDigest would leak the old username and hashed password.

https://bugzilla.gnome.org/show_bug.cgi?id=690142

diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
index b95a996..1fbb639 100644 (file)
--- a/libsoup/soup-auth-digest.c
+++ b/libsoup/soup-auth-digest.c
@@ -293,6 +293,9 @@ soup_auth_digest_authenticate (SoupAuth *auth, const char *username,
        SoupAuthDigestPrivate *priv = SOUP_AUTH_DIGEST_GET_PRIVATE (auth);
        char *bgen;
 
+       g_clear_pointer (&priv->cnonce, g_free);
+       g_clear_pointer (&priv->user, g_free);
+
        /* Create client nonce */
        bgen = g_strdup_printf ("%p:%lu:%lu",
                                auth,