Hello Alan,
My guess is that SSL_CTX_New() is returning a NULL context. i.e. it can't create one. If you could confirm that with gdb, it would help.
Breakpoint 1, init_tls_ctx (conf=conf@entry=0x821d60, client=client@entry=1) at src/main/tls.c:1987 1987 { (gdb) s 2003 ctx = SSL_CTX_new(TLSv1_method()); (gdb) s 2009 SSL_CTX_set_app_data(ctx, conf); (gdb) p ctx $1 = <optimized out> (gdb) s 2003 ctx = SSL_CTX_new(TLSv1_method()); (gdb) s 2009 SSL_CTX_set_app_data(ctx, conf); (gdb) p ctx $2 = (SSL_CTX *) 0x0 (gdb) s Program received signal SIGSEGV, Segmentation fault. 0x00007ffff71f5133 in CRYPTO_set_ex_data () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 Is succicient?
I'm not sure how to avoid the problem, but I can add a check which prevents it from crashing.
fragment_size = 8192
Please don't do that. It will very likely not work. That fragment size is larger than the allowed RADIUS packets. The fragment_size should be set to more than 1000 bytes, and less than 4000 bytes.
Alan DeKok.