--- Net_SSLeay.pm-1.21/SSLeay.pm	2002-09-20 08:00:37.000000000 +0900
+++ Net_SSLeay.pm-1.21.new/SSLeay.pm	2002-11-19 18:35:10.000000000 +0900
@@ -1699,6 +1699,18 @@
 }
 
 ###
+### Wrap load_error_strings so it is only called once
+### to avoid leaking like a sieve
+###
+
+my $load_error_strings_state = 0;
+sub load_error_strings_wrapper {
+	return if $load_error_strings_state == 1;
+	$load_error_strings_state = 1;
+	load_error_strings();
+}
+
+###
 ### Basic request - response primitive (don't use for https)
 ###
 
@@ -1712,7 +1724,7 @@
     ### Do SSL negotiation stuff
 	    
     warn "Creating SSL $ssl_version context...\n" if $trace>2;
-    load_error_strings();         # Some bloat, but I'm after ease of use
+    load_error_strings_wrapper(); # Some bloat, but I'm after ease of use
     SSLeay_add_ssl_algorithms();  # and debuggability.
     randomize();
     
@@ -1804,7 +1816,7 @@
     ### Do SSL negotiation stuff
 	    
     warn "Creating SSL $ssl_version context...\n" if $trace>2;
-    load_error_strings();         # Some bloat, but I'm after ease of use
+    load_error_strings_wrapper(); # Some bloat, but I'm after ease of use
     SSLeay_add_ssl_algorithms();  # and debuggability.
     randomize();
 
@@ -1967,7 +1979,10 @@
 ### to return all instances of duplicate headers.
 
 sub do_https2 {
-    my ($page, $response, $headers) = &do_https3;
+    my ($page, $response, $headers, $server_cert) = &do_https3;
+    if(defined($server_cert)) {
+        X509_free($server_cert);
+    }
     return ($page, $response,
 	    map( { ($h,$v)=/^(\S+)\:\s*(.*)$/; (uc($h),$v); }
 		split(/\s?\n/, $headers)
@@ -1979,7 +1994,10 @@
 ### are handled correctly.
 
 sub do_https4 {
-    my ($page, $response, $headers) = &do_https3;
+    my ($page, $response, $headers, $server_cert) = &do_https3;
+    if(defined($server_cert)) {
+        X509_free($server_cert);
+    }
     my %hr = ();
     for my $hh (split /\s?\n/, $headers) {
 	my ($h,$v)=/^(\S+)\:\s*(.*)$/;