From Bug 331279.

Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei

security/nss/lib/ssl/sslsock.c

@@ -40,7 +40,7 @@
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: sslsock.c,v 1.46 2006/01/18 23:06:57 wtchang%redhat.com Exp $ */
+/* $Id: sslsock.c,v 1.47 2006/03/30 21:07:22 rrelyea%redhat.com Exp $ */
 #include "seccomon.h"
 #include "cert.h"
 #include "keyhi.h"
@@ -298,6 +298,8 @@ ssl_DupSocket(sslSocket *os)
 	    }
 	    ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
 		                  ssl3_GetKeyPairRef(os->stepDownKeyPair);
+	    ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL :
+		                  ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair);
 /*
  * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL.
  * XXX We should detect this, and not just march on with NULL pointers.
@@ -403,6 +405,10 @@ ssl_DestroySocketContents(sslSocket *ss)
 	ssl3_FreeKeyPair(ss->stepDownKeyPair);
 	ss->stepDownKeyPair = NULL;
     }
+    if (ss->ephemeralECDHKeyPair) {
+	ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
+	ss->ephemeralECDHKeyPair = NULL;
+    }
 }
 
 /*