> I'm not sure if there is much value in percolating the error upwards through > tls_init() into a careful termination provides a huge amount of value because > the error cannot be resolved without proper build & library support.
Maybe not, but tls_config_new() can fail for many reasons, so its return value should be checked.