SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn. If X509_get_issuer_name() or X509_get_subject_name() returned NULL, this could lead to a certificate reference leak. It cannot happen in practice though, since each function returns an internal pointer to a mandatory subfield of the certificate successfully decoded by d2i_X509() during certificate message processing (closes #1751).