Maja and Ralf both report crashes in removeclientrqs() where rq->to->requests is either NULL or invalid.

It's reportedly happening both with and without a configuration using dynamic discovery. It happens more often with dynamic configuration.

The trigger might be that a TLS connection to a server is torn down before a client connection ends.


Program terminated with signal 11, Segmentation fault.
#0 0x0000000000404fa5 in removeclientrqs (client=0x7fd5e000f550)
    at radsecproxy.c:273
273 rqout = rq->to->requests + rq->newid;
(gdb) bt
#0 0x0000000000404fa5 in removeclientrqs (client=0x7fd5e000f550)
    at radsecproxy.c:273
#1 0x0000000000405013 in removelockedclient (client=<optimized out>)
    at radsecproxy.c:289
#2 0x000000000040508d in removeclient (client=0x7fd5e000f550)
    at radsecproxy.c:305
#3 0x000000000040e15e in tlsservernew (arg=<optimized out>) at tls.c:460
#4 0x00007fd66367ce9a in start_thread ()
   from /lib/x86_64-linux-gnu/libpthread.so.0
#5 0x00007fd6633a9cbd in clone () from /lib/x86_64-linux-gnu/libc.so.6
#6 0x0000000000000000 in ?? ()
(gdb)