Fix memory leak on bad arguments in ssl_server2

Not a big deal, but was annoying in coverity results.
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index bf90c10..d1b76ac 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -386,7 +386,7 @@
     dst = p;                    \
     while( *p != ',' )          \
         if( ++p > end )         \
-            return( NULL );     \
+            goto error;         \
     *p++ = '\0';
 
 #if defined(POLARSSL_SNI)
@@ -399,53 +399,6 @@
     sni_entry *next;
 };
 
-/*
- * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
- * into a usable sni_entry list.
- *
- * Modifies the input string! This is not production quality!
- * (leaks memory if parsing fails, no error reporting, ...)
- */
-sni_entry *sni_parse( char *sni_string )
-{
-    sni_entry *cur = NULL, *new = NULL;
-    char *p = sni_string;
-    char *end = p;
-    char *crt_file, *key_file;
-
-    while( *end != '\0' )
-        ++end;
-    *end = ',';
-
-    while( p <= end )
-    {
-        if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
-            return( NULL );
-
-        memset( new, 0, sizeof( sni_entry ) );
-
-        if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
-            ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
-            return( NULL );
-
-        x509_crt_init( new->cert );
-        pk_init( new->key );
-
-        GET_ITEM( new->name );
-        GET_ITEM( crt_file );
-        GET_ITEM( key_file );
-
-        if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
-            pk_parse_keyfile( new->key, key_file, "" ) != 0 )
-            return( NULL );
-
-        new->next = cur;
-        cur = new;
-    }
-
-    return( cur );
-}
-
 void sni_free( sni_entry *head )
 {
     sni_entry *cur = head, *next;
@@ -465,6 +418,67 @@
 }
 
 /*
+ * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]]
+ * into a usable sni_entry list.
+ *
+ * Modifies the input string! This is not production quality!
+ */
+sni_entry *sni_parse( char *sni_string )
+{
+    sni_entry *cur = NULL, *new = NULL;
+    char *p = sni_string;
+    char *end = p;
+    char *crt_file, *key_file;
+
+    while( *end != '\0' )
+        ++end;
+    *end = ',';
+
+    while( p <= end )
+    {
+        if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL )
+        {
+            sni_free( cur );
+            return( NULL );
+        }
+
+        memset( new, 0, sizeof( sni_entry ) );
+
+        if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
+            ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
+        {
+            polarssl_free( new->cert );
+            polarssl_free( new );
+            sni_free( cur );
+            return( NULL );
+        }
+
+        x509_crt_init( new->cert );
+        pk_init( new->key );
+
+        GET_ITEM( new->name );
+        GET_ITEM( crt_file );
+        GET_ITEM( key_file );
+
+        if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
+            pk_parse_keyfile( new->key, key_file, "" ) != 0 )
+        {
+            goto error;
+        }
+
+        new->next = cur;
+        cur = new;
+    }
+
+    return( cur );
+
+error:
+    sni_free( new );
+    sni_free( cur );
+    return( NULL );
+}
+
+/*
  * SNI callback.
  */
 int sni_callback( void *p_info, ssl_context *ssl,
@@ -539,11 +553,25 @@
 };
 
 /*
+ * Free a list of psk_entry's
+ */
+void psk_free( psk_entry *head )
+{
+    psk_entry *next;
+
+    while( head != NULL )
+    {
+        next = head->next;
+        polarssl_free( head );
+        head = next;
+    }
+}
+
+/*
  * Parse a string of pairs name1,key1[,name2,key2[,...]]
  * into a usable psk_entry list.
  *
  * Modifies the input string! This is not production quality!
- * (leaks memory if parsing fails, no error reporting, ...)
  */
 psk_entry *psk_parse( char *psk_string )
 {
@@ -567,28 +595,18 @@
         GET_ITEM( key_hex );
 
         if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
-            return( NULL );
+            goto error;
 
         new->next = cur;
         cur = new;
     }
 
     return( cur );
-}
 
-/*
- * Free a list of psk_entry's
- */
-void psk_free( psk_entry *head )
-{
-    psk_entry *next;
-
-    while( head != NULL )
-    {
-        next = head->next;
-        polarssl_free( head );
-        head = next;
-    }
+error:
+    psk_free( new );
+    psk_free( cur );
+    return( 0 );
 }
 
 /*