--- loncom/LondConnection.pm	2018/12/11 12:24:56	1.60
+++ loncom/LondConnection.pm	2018/12/11 20:51:08	1.61
@@ -1,7 +1,7 @@
 #   This module defines and implements a class that represents
 #   a connection to a lond daemon.
 #
-# $Id: LondConnection.pm,v 1.60 2018/12/11 12:24:56 raeburn Exp $
+# $Id: LondConnection.pm,v 1.61 2018/12/11 20:51:08 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -288,15 +288,16 @@ sub new {
 	my ($ca, $cert) = lonssl::CertificateFile;
 	my $sslkeyfile  = lonssl::KeyFile;
         my $badcertfile = lonssl::has_badcert_file($self->{LoncapaHim});
+        my ($loncaparev) = ($perlvar{'lonVersion'} =~ /^[\'\"]?([\w.\-]+)[\'\"]?$/);
 
 	if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile)) &&
             (!exists($badcerts{$self->{LoncapaHim}})) && !$badcertfile) {
 	    $self->{AuthenticationMode} = "ssl";
-	    $self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n";
+	    $self->{TransactionRequest} = "init:ssl:$loncaparev\n";
 	} elsif ($self->{InsecureOK}) {
 	    # Allowed to do insecure:
 	    $self->{AuthenticationMode} = "insecure";
-	    $self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n";
+	    $self->{TransactionRequest} = "init::$loncaparev\n";
 	} else {
 	    # Not allowed to do insecure...
 	    $socket->close;