Expand the explanation of the ascii_* options behaviour

0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch

@@ -0,0 +1,52 @@
+From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
+Date: Tue, 2 Jan 2018 16:25:55 +0100
+Subject: [PATCH 45/46] Expand explanation of ascii_* options behaviour in man
+ page
+
+---
+ vsftpd.conf.5 | 22 ++++++++++++++++++----
+ 1 file changed, 18 insertions(+), 4 deletions(-)
+
+diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
+index df14027..a5abeb2 100644
+--- a/vsftpd.conf.5
++++ b/vsftpd.conf.5
+@@ -114,16 +114,30 @@ Default: YES
+ .B ascii_download_enable
+ When enabled, ASCII mode data transfers will be honoured on downloads.
+ When disabled, the server will pretend to allow ASCII mode but in fact
+-ignore the request. Turn this option on to have the server actually do
++ignore requests to activate it. So the client will think the ASCII mode
++is active and therefore may still translate any
++.BR <CRLF>
++character sequences in the received file. See the following article for
++a detailed explanation of the behaviour:
++https://access.redhat.com/articles/3250241.
++
++Turn this option on to have the server actually do
+ ASCII mangling on files when in ASCII mode.
+ 
+ Default: NO
+ .TP
+ .B ascii_upload_enable
+ When enabled, ASCII mode data transfers will be honoured on uploads.
+-See also
+-.BR ascii_download_enable
+-for more details.
++When disabled, the server will pretend to allow ASCII mode but in fact
++ignore requests to activate it. So the client will think the ASCII mode
++is active and will translate native line terminators to the standard
++.BR <CRLF>
++line terminators for transmission, but the server will not do
++any translation. See the following article for a detailed explanation
++of the behaviour: https://access.redhat.com/articles/3250241.
++
++Turn this option on to have the server actually do
++ASCII mangling on files when in ASCII mode.
+ 
+ Default: NO
+ .TP
+-- 
+2.14.3
+

0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch

@@ -0,0 +1,27 @@
+From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
+Date: Tue, 2 Jan 2018 16:33:18 +0100
+Subject: [PATCH 46/46] vsftpd.conf: Refer to the man page regarding the
+ ascii_* options
+
+---
+ vsftpd.conf | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/vsftpd.conf b/vsftpd.conf
+index 4626c1b..e70bc6d 100644
+--- a/vsftpd.conf
++++ b/vsftpd.conf
+@@ -73,7 +73,8 @@ xferlog_std_format=YES
+ #
+ # By default the server will pretend to allow ASCII mode but in fact ignore
+ # the request. Turn on the below options to have the server actually do ASCII
+-# mangling on files when in ASCII mode.
++# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
++# the behaviour when these options are disabled.
+ # Beware that on some FTP servers, ASCII support allows a denial of service
+ # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
+ # predicted this attack and has always been safe, reporting the size of the
+-- 
+2.14.3
+

vsftpd.spec

@@ -2,7 +2,7 @@
 
 Name:    vsftpd
 Version: 3.0.3
-Release: 14%{?dist}
+Release: 15%{?dist}
 Summary: Very Secure Ftp Daemon
 
 Group:    System Environment/Daemons
@@ -73,6 +73,8 @@ Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
 Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
 Patch43: 0043-Enable-only-TLSv1.2-by-default.patch
 Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch
+Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
+Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
 
 %description
 vsftpd is a Very Secure FTP daemon. It was written completely from
@@ -142,6 +144,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
 %{_var}/ftp
 
 %changelog
+* Tue Jan 02 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-15
+- Expand the explanation of the ascii_* options behaviour
+
 * Tue Jan 02 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-14
 - Disable anonymous_enable in default config file
 - Resolves: rhbz#1338637