1 files changed, 13 insertions, 5 deletions

diff --git a/libpurple/protocols/jabber/auth_digest_md5.c b/libpurple/protocols/jabber/auth_digest_md5.c
index 9de2f9cfff..0effe4a48f 100644
--- a/libpurple/protocols/jabber/auth_digest_md5.c
+++ b/libpurple/protocols/jabber/auth_digest_md5.c
@@ -188,16 +188,17 @@ digest_md5_handle_challenge(JabberStream *js, xmlnode *packet,
 
 	if (g_hash_table_lookup(parts, "rspauth")) {
 		char *rspauth = g_hash_table_lookup(parts, "rspauth");
+		char *expected_rspauth = js->auth_mech_data;
 
-		if (rspauth && purple_strequal(rspauth, js->expected_rspauth)) {
+		if (rspauth && purple_strequal(rspauth, expected_rspauth)) {
 			reply = xmlnode_new("response");
 			xmlnode_set_namespace(reply, NS_XMPP_SASL);
 		} else {
 			*msg = g_strdup(_("Invalid challenge from server"));
 			state = JABBER_SASL_STATE_FAIL;
 		}
-		g_free(js->expected_rspauth);
-		js->expected_rspauth = NULL;
+		g_free(js->auth_mech_data);
+		js->auth_mech_data = NULL;
 	} else {
 		/* assemble a response, and send it */
 		/* see RFC 2831 */
@@ -235,7 +236,7 @@ digest_md5_handle_challenge(JabberStream *js, xmlnode *packet,
 			g_free(a2);
 
 			a2 = g_strdup_printf(":xmpp/%s", realm);
-			js->expected_rspauth = generate_response_value(js->user,
+			js->auth_mech_data = generate_response_value(js->user,
 					purple_connection_get_password(js->gc), nonce, cnonce, a2, realm);
 			g_free(a2);
 
@@ -276,6 +277,13 @@ digest_md5_handle_challenge(JabberStream *js, xmlnode *packet,
 	return state;
 }
 
+static void
+digest_md5_dispose(JabberStream *js)
+{
+	g_free(js->auth_mech_data);
+	js->auth_mech_data = NULL;
+}
+
 static JabberSaslMech digest_md5_mech = {
 	10, /* priority */
 	"DIGEST-MD5", /* name */
@@ -283,7 +291,7 @@ static JabberSaslMech digest_md5_mech = {
 	digest_md5_handle_challenge,
 	NULL, /* handle_success */
 	NULL, /* handle_failure */
-	NULL  /* handle_dispose */
+	digest_md5_dispose,
 };
 
 JabberSaslMech *jabber_auth_get_digest_md5_mech(void)