I've been working with one of my customers to set up client certificate
verification, and we found another bug in the ClientCert code - a
missing set of parentheses from the regex prevented the second argument
(verify depth) from being captured.  It also allows the second argument
to be zero.  Credit for this goes to Yuri Karaban (tech at askold.net)

diff -uNr Pound-2.0.3.orig/config.c Pound-2.0.3/config.c
--- Pound-2.0.3.orig/config.c   2006-03-15 19:08:52.000000000 +0200
+++ Pound-2.0.3/config.c        2006-03-25 16:05:19.000000000 +0200
(at)(at) -1118,7 +1118,7 (at)(at)
     || regcomp(&Type, "^[ \t]*Type[ \t]+([^ \t]+)[ \t]*$", REG_ICASE |
REG_NEWLINE | REG_EXTENDED)
     || regcomp(&TTL, "^[ \t]*TTL[ \t]+([1-9][0-9]*)[ \t]*$", REG_ICASE |
REG_NEWLINE | REG_EXTENDED)
     || regcomp(&ID, "^[ \t]*ID[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE
| REG_EXTENDED)
-    || regcomp(&ClientCert, "^[ \t]*ClientCert[ \t]+([0-3])[ \t]+[1-9][
\t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
+    || regcomp(&ClientCert, "^[ \t]*ClientCert[ \t]+([0-3])[ \t]+([0-9])[
\t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&AddHeader, "^[ \t]*AddHeader[ \t]+\"(.+)\"[ \t]*$", REG_ICASE
| REG_NEWLINE | REG_EXTENDED)
     || regcomp(&Ciphers, "^[ \t]*Ciphers[ \t]+\"(.+)\"[ \t]*$", REG_ICASE |
REG_NEWLINE | REG_EXTENDED)
     || regcomp(&CAlist, "^[ \t]*CAlist[ \t]+\"(.+)\"[ \t]*$", REG_ICASE |
REG_NEWLINE | REG_EXTENDED)