From e06b726564f40478a74ef7a1a0bed744161d3f3e Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Thu, 5 Sep 2019 12:10:04 +0100
Subject: [PATCH] Fix leak introduced in previous commit.

---
 src/security_default.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/security_default.c b/src/security_default.c
index c14f8c5f..369b6d85 100644
--- a/src/security_default.c
+++ b/src/security_default.c
@@ -1017,6 +1017,12 @@ int mosquitto_security_apply_default(struct mosquitto_db *db)
 			}else
 #endif /* FINAL_WITH_TLS_PSK */
 			{
+				/* Free existing credentials and then recover them. */
+				mosquitto__free(context->username);
+				context->username = NULL;
+				mosquitto__free(context->password);
+				context->password = NULL;
+
 				client_cert = SSL_get_peer_certificate(context->ssl);
 				if(!client_cert){
 					security__disconnect_auth(db, context);