A dotted number is not accepted for TLSProtocolMin, e.g.,
TLSProtocolMin 3.0
However, it seems is should be, hence below is a patch: when looking
for a number, make sure that not just the first character is a
digit, but the entire string can be parsed as such.
Note: IMHO this might not be the right fix, but "it works". The
right fix might be to check for ARG_INT before trying to parse it
as an integer. But that's too much of a change and I'm not that
familiar with the code.
Index: bconfig.c
===================================================================
retrieving revision 1.3
diff -u -r1.3 bconfig.c
--- bconfig.c 5 Oct 2009 16:22:10 -0000 1.3
+++ bconfig.c 7 Oct 2009 21:45:28 -0000
@@ -3626,13 +3626,8 @@
}
ch_free( c->value_string );
c->cleanup = config_tls_cleanup;
- if ( isdigit( (unsigned char)c->argv[1][0] ) ) {
- if ( lutil_atoi( &i, c->argv[1] ) != 0 ) {
- Debug(LDAP_DEBUG_ANY, "%s: "
- "unable to parse %s \"%s\"\n",
- c->log, c->argv[0], c->argv[1] );
- return 1;
- }
+ if ( isdigit( (unsigned char)c->argv[1][0] ) &&
+ lutil_atoi( &i, c->argv[1] ) == 0 ) {
return(ldap_pvt_tls_set_option(slap_tls_ld, flag, &i));
} else {
return(ldap_int_tls_config(slap_tls_ld, flag, c->argv[1]));
