move the ssl config clone call to before the connectionexists call and then

also subsequently free the ssl struct if the connection struct is to be
deleted

lib/url.c

@@ -2629,6 +2629,11 @@ static CURLcode CreateConnection(struct SessionHandle *data,
    * new one.
    *************************************************************/
 
+  /* get a cloned copy of the SSL config situation stored in the 
+     connection struct */
+  if(!Curl_clone_ssl_config(&data->set.ssl, &conn->ssl_config))
+    return CURLE_OUT_OF_MEMORY;
+
   /* reuse_fresh is set TRUE if we are told to use a fresh connection
      by force */
   if(!data->set.reuse_fresh &&
@@ -2645,6 +2650,10 @@ static CURLcode CreateConnection(struct SessionHandle *data,
     if(old_conn->proxyhost)
       free(old_conn->proxyhost);
 
+    /* free the SSL config struct from this connection struct as this was
+       allocated in vain and is targeted for destruction */
+    Curl_free_ssl_config(&conn->ssl_config);
+
     conn = conn_temp;        /* use this connection from now on */
 
     /* get the user+password information from the old_conn struct since it may
@@ -2709,9 +2718,6 @@ static CURLcode CreateConnection(struct SessionHandle *data,
     ConnectionStore(data, conn);
   }
 
-  if(!Curl_clone_ssl_config(&data->set.ssl, &conn->ssl_config))
-    return CURLE_OUT_OF_MEMORY;
-
   /* Continue connectdata initialization here.
    *
    * Inherit the proper values from the urldata struct AFTER we have arranged