Leak when calling SSL_connect

I am using OpenSSL and according to Instruments, I have a memory leak started at SSL_connect.

SSL_CTX *ctx = SSL_CTX_new(SSLv23_method());
if (!ctx) {
    NSLog(@"Could not initialize ctx");
    [self release];
    return nil;
}
if(!SSL_CTX_use_certificate_chain_file(ctx, [PEMFile UTF8String])) {
    NSLog(@"Can't read certificate file");
    [self release];
    return nil;
}
if(!(SSL_CTX_use_PrivateKey_file(ctx, [PEMFile UTF8String], SSL_FILETYPE_PEM))) {
    NSLog(@"Can't read key file");
    [self release];
    return nil;
}

_sock = [self _tcpConnectWithHost:host port:port];
if (_sock < 0) {
    [self release];
    return nil;
}
_sslPointer = SSL_new(ctx);
BIO *bio = BIO_new_socket(sock, BIO_NOCLOSE);
SSL_set_bio(_sslPointer, bio, bio);
if(SSL_connect(_sslPointer) <= 0) {
    NSLog(@"SSL connect error");
    [self release];
    return nil;
}

SSL_CTX_free(ctx);

I then release it when dealloc is called. This is when the leak appears.

SSL_free(_sslPointer);
close(_sock);

Call stack for where the leak starts is:

0 libSystem.B.dylib malloc
1 libcrypto.0.9.8.dylib CRYPTO_malloc
2 libcrypto.0.9.8.dylib asn1_item_ex_combine_new
3 libcrypto.0.9.8.dylib ASN1_item_ex_开发者_Python百科d2i
4 libcrypto.0.9.8.dylib asn1_template_noexp_d2i
5 libcrypto.0.9.8.dylib asn1_template_ex_d2i
6 libcrypto.0.9.8.dylib ASN1_item_ex_d2i
7 libcrypto.0.9.8.dylib asn1_template_noexp_d2i
8 libcrypto.0.9.8.dylib asn1_template_ex_d2i
9 libcrypto.0.9.8.dylib ASN1_item_ex_d2i
10 libcrypto.0.9.8.dylib x509_name_ex_d2i
11 libcrypto.0.9.8.dylib ASN1_item_ex_d2i
12 libcrypto.0.9.8.dylib asn1_template_noexp_d2i
13 libcrypto.0.9.8.dylib asn1_template_ex_d2i
14 libcrypto.0.9.8.dylib ASN1_item_ex_d2i
15 libcrypto.0.9.8.dylib asn1_template_noexp_d2i
16 libcrypto.0.9.8.dylib asn1_template_ex_d2i
17 libcrypto.0.9.8.dylib ASN1_item_ex_d2i
18 libcrypto.0.9.8.dylib ASN1_item_d2i
19 libssl.0.9.8.dylib ssl3_get_server_certificate
20 libssl.0.9.8.dylib ssl3_connect
21 libssl.0.9.8.dylib ssl23_connect

The most obvious thing I see is that you're only ever freeing the SSL_CTX *ctx if everything works out OK. But you have a whole bunch of possible exits before that where ctx has been created, but you never free() it.