Fix redbean certificate free error

This fixes a regression from a change a few weeks ago in git commit
af645fcbec which caused certificates to
not be free()'d correctly if the certificates are chained. dlmalloc()
should have printed an error in most build modes. ASAN caught it too.

tool/net/net.mk

@@ -203,7 +203,8 @@ o/$(MODE)/tool/net/redbean-demo.com:						\
 		-o o/$(MODE)/tool/net/.redbean-demo/.symtab $<
 	@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/infozip/zip.com -9qj $@	\
 		o/$(MODE)/tool/net/.redbean-demo/.ape				\
-		o/$(MODE)/tool/net/.redbean-demo/.symtab
+		o/$(MODE)/tool/net/.redbean-demo/.symtab			\
+		tool/net/help.txt
 
 # REDBEAN-STATIC.COM
 #

tool/net/redbean.c

@@ -1434,7 +1434,7 @@ static void WipeSigningKeys(void) {
     if (!certs.p[i].cert) continue;
     if (!certs.p[i].cert->ca_istrue) continue;
     mbedtls_pk_free(certs.p[i].key);
-    certs.p[i].key = 0;
+    Free(&certs.p[i].key);
   }
 }
 
@@ -1451,6 +1451,12 @@ static void PsksDestroy(void) {
 
 static void CertsDestroy(void) {
   size_t i;
+  // break up certificate chains to prevent double free
+  for (i = 0; i < certs.n; ++i) {
+    if (certs.p[i].cert) {
+      certs.p[i].cert->next = 0;
+    }
+  }
   for (i = 0; i < certs.n; ++i) {
     mbedtls_x509_crt_free(certs.p[i].cert);
     free(certs.p[i].cert);