It looks like there is one parameter in the SSL context that is never freed. Using valgrind on Linux, ssl_client1 exits with 100 bytes first allocated to session_negotiate.
This is with the latest version from git. I compiled the library with DEBUG=1 and used standard valgrind as provided by Ubuntu 10.04.
$ valgrind --leak-check=full ./ssl_client1
==21144== Memcheck, a memory error detector
==21144== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==21144== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
==21144== Command: ./ssl_client1
==21144==
. Seeding the random number generator... ok
. Loading the CA root certificate ... ok (0 skipped)
. Connecting to tcp/localhost/4433... ok
. Setting up the SSL/TLS structure... ok
. Performing the SSL/TLS handshake... ok
. Verifying peer X.509 certificate... ok
> Write to server: 18 bytes written
GET / HTTP/1.0
< Read from server: 148 bytes read
HTTP/1.0 200 OK
Content-Type: text/html
<h2>PolarSSL Test Server</h2>
<p>Successful connection using: TLS-DHE-RSA-WITH-AES-256-CBC-SHA256</p>
EOF
==21144==
==21144== HEAP SUMMARY:
==21144== in use at exit: 4,538 bytes in 19 blocks
==21144== total heap usage: 546 allocs, 527 frees, 81,271 bytes allocated
==21144==
==21144== 4,538 (100 direct, 4,438 indirect) bytes in 1 blocks are definitely lost in loss record 12 of 12
==21144== at 0x4024F20: malloc (vg_replace_malloc.c:236)
==21144== by 0x8050B33: ssl_handshake_init (ssl_tls.c:2873)
==21144== by 0x8049295: main (ssl_client1.c:150)
==21144==
==21144== LEAK SUMMARY:
==21144== definitely lost: 100 bytes in 1 blocks
==21144== indirectly lost: 4,438 bytes in 18 blocks
==21144== possibly lost: 0 bytes in 0 blocks
==21144== still reachable: 0 bytes in 0 blocks
==21144== suppressed: 0 bytes in 0 blocks
==21144==
==21144== For counts of detected and suppressed errors, rerun with: -v
==21144== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 14 from 9)
$