From c91bab60c77395b693bf3c0416bbae4a5e7c58f4 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm@maven.pl>
Date: Wed, 27 Mar 2019 10:54:11 +0100
Subject: [PATCH] - rel 2; support pure-certd daemon; ressurect minimal rfc2640
 support

---
 pure-ftpd.init | 35 +++++++++++++++++++++++++++++++----
 pure-ftpd.spec | 12 ++++++++++--
 utf8.patch     | 45 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 86 insertions(+), 6 deletions(-)
 create mode 100644 utf8.patch

diff --git a/pure-ftpd.init b/pure-ftpd.init
index a50433a..fab402e 100644
--- a/pure-ftpd.init
+++ b/pure-ftpd.init
@@ -14,6 +14,8 @@
 
 PURE_AUTH_SCRIPT=/etc/ftpd/auth.script
 PURE_AUTH_SOCKET=/var/run/pure-authd/socket
+PURE_CERT_SCRIPT=/etc/ftpd/cert.script
+PURE_CERT_SOCKET=/var/run/pure-certd/socket
 
 # Get service config
 [ -f /etc/sysconfig/pure-ftpd ] && . /etc/sysconfig/pure-ftpd
@@ -35,27 +37,43 @@ start() {
 		if [ -x "$PURE_AUTH_SCRIPT" ]; then
 			PURE_AUTH=yes
 			msg_starting pure-authd
-			
+
 			# 326/326 - authd/authd
-			
+
 			mkdir -p /var/run/pure-authd
 			chown ftpauth:root /var/run/pure-authd
 			chmod 750 /var/run/pure-authd
-			
+
 			daemon /usr/sbin/pure-authd --uid 326 --gid 326 --pid /var/run/pure-authd.pid \
 				--run "$PURE_AUTH_SCRIPT" --socket "$PURE_AUTH_SOCKET" --daemonize
 			RETVAL=$?
 			[ $RETVAL -eq 0 ] && chown root:root "$PURE_AUTH_SOCKET" && chmod 700 "$PURE_AUTH_SOCKET"
 		fi
+		if [ $RETVAL -eq 0 -a -x "$PURE_CERT_SCRIPT" ]; then
+			PURE_CERT=yes
+			msg_starting pure-certd
+
+			# 335/335 - certd/certd
+
+			mkdir -p /var/run/pure-certd
+			chown ftpcert:root /var/run/pure-certd
+			chmod 750 /var/run/pure-certd
+
+			daemon /usr/sbin/pure-certd --uid 335 --gid 335 --pid /var/run/pure-certd.pid \
+				--run "$PURE_CERT_SCRIPT" --socket "$PURE_CERT_SOCKET" --daemonize
+			RETVAL=$?
+			[ $RETVAL -eq 0 ] && chown root:root "$PURE_CERT_SOCKET" && chmod 700 "$PURE_CERT_SOCKET"
+		fi
 		if [ $RETVAL -eq 0 ]; then
 			msg_starting pure-ftpd
 			rm -f /var/run/pure-ftpd/client*
 			modprobe -s capability > /dev/null 2>&1
 			daemon /usr/sbin/pure-ftpd /etc/ftpd/pureftpd.conf \
 				$([ "$PURE_AUTH" = "yes" ] && echo "-lextauth:$PURE_AUTH_SOCKET") \
+				$([ "$PURE_CERT" = "yes" ] && echo "-lextcert:$PURE_CERT_SOCKET") \
 				--daemonize
 			RETVAL=$?
-			
+
 			if [ -n "$UPLOADSCRIPT" ]; then
 				msg_starting pure-uploadscript
 				UPLOADSCRIPTOPTS="-B -r $UPLOADSCRIPT"
@@ -64,6 +82,10 @@ start() {
 				daemon /usr/sbin/pure-uploadscript $UPLOADSCRIPTOPTS
 				RETVAL=$(($RETVAL+$?))
 			fi
+		else
+			msg_starting pure-ftpd
+			deltext
+			fail
 		fi
 
 		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/pure-ftpd
@@ -85,6 +107,11 @@ stop() {
 			killproc pure-authd
 		fi
 
+		if [ -x "$PURE_CERT_SCRIPT" -o -r /var/run/pure-certd.pid ]; then
+			msg_stopping pure-certd
+			killproc pure-certd
+		fi
+
 		msg_stopping pure-ftpd
 		killproc pure-ftpd
 		
diff --git a/pure-ftpd.spec b/pure-ftpd.spec
index 5807773..70e72dd 100644
--- a/pure-ftpd.spec
+++ b/pure-ftpd.spec
@@ -9,7 +9,7 @@
 %bcond_without	tls		# disable SSL/TLS support
 %bcond_without	cap		# disable capabilities
 
-%define	rel	1
+%define	rel	2
 Summary:	Small, fast and secure FTP server
 Summary(pl.UTF-8):	MaÅy, szybki i bezpieczny serwer FTP
 Name:		pure-ftpd
@@ -35,6 +35,8 @@ Patch4:		0003-Allow-having-both-options-and-config-file-on-command.patch
 Patch5:		audit_cap.patch
 Patch6:		%{name}-apparmor.patch
 Patch7:		%{name}-mysql-utf8.patch
+# ressurect minimal RFC2640 support, assumes fs handles utf8
+Patch8:		utf8.patch
 URL:		http://www.pureftpd.org/
 %{?with_extra:BuildRequires:	autoconf}
 %{?with_extra:BuildRequires:	automake}
@@ -61,6 +63,8 @@ Requires:	rc-scripts
 Provides:	ftpserver
 Provides:	user(ftpauth)
 Provides:	group(ftpauth)
+Provides:	user(ftpcert)
+Provides:	group(ftpcert)
 Conflicts:	man-pages < 1.51
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
@@ -113,6 +117,7 @@ Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 
 %{?with_extra:%patch2 -p1}
 
@@ -135,7 +140,6 @@ Ten pakiet zawiera schemat Pure-FTPd pureftpd.schema dla openldapa.
 	%{?with_mysql:CPPFLAGS="-I%{_includedir}/mysql" --with-mysql} \
 	--with-pam \
 	--with-peruserlimits \
-	--with-rfc2640 \
 	%{?with_pgsql:--with-pgsql} \
 	--with-privsep \
 	%{?with_puredb:--with-puredb} \
@@ -199,6 +203,8 @@ rm -rf $RPM_BUILD_ROOT
 %pre
 %groupadd -g 326 ftpauth
 %useradd -u 326 -d %{_ftpdir} -s /bin/false -c "FTP Auth daemon" -g ftpauth ftpauth
+%groupadd -g 335 ftpcert
+%useradd -u 335 -d %{_ftpdir} -s /bin/false -c "FTP Cert daemon" -g ftpcert ftpcert
 
 %preun
 if [ "$1" = "0" ]; then
@@ -210,6 +216,8 @@ fi
 if [ "$1" = "0" ]; then
 	%userremove ftpauth
 	%groupremove ftpauth
+	%userremove ftpcert
+	%groupremove ftpcert
 fi
 
 %post -n openldap-schema-pureftpd
diff --git a/utf8.patch b/utf8.patch
new file mode 100644
index 0000000..a246e9f
--- /dev/null
+++ b/utf8.patch
@@ -0,0 +1,45 @@
+diff --git a/src/ftpd.c b/src/ftpd.c
+index 0d5030c..7029d72 100644
+--- a/src/ftpd.c
++++ b/src/ftpd.c
+@@ -3565,14 +3565,16 @@ void dofeat(void)
+ #  define FEAT_ESTP CRLF " ESTP"
+ # endif
+ 
+-    char feat[] = FEAT FEAT_DEBUG FEAT_TLS FEAT_TVFS FEAT_ESTA FEAT_PASV FEAT_ESTP;
++#  define FEAT_UTF8 CRLF " UTF8"
++
++    char feat[] = FEAT FEAT_DEBUG FEAT_TLS FEAT_UTF8 FEAT_TVFS FEAT_ESTA FEAT_PASV FEAT_ESTP;
+ 
+     if (disallow_passive != 0) {
+-        feat[sizeof FEAT FEAT_DEBUG FEAT_TLS FEAT_TVFS FEAT_ESTA] = 0;
++        feat[sizeof FEAT FEAT_DEBUG FEAT_TLS FEAT_UTF8 FEAT_TVFS FEAT_ESTA] = 0;
+     }
+ # ifndef MINIMAL
+     else if (STORAGE_FAMILY(force_passive_ip) != 0) {
+-        feat[sizeof FEAT FEAT_DEBUG FEAT_TLS FEAT_TVFS FEAT_ESTA FEAT_PASV] = 0;
++        feat[sizeof FEAT FEAT_DEBUG FEAT_TLS FEAT_UTF8 FEAT_TVFS FEAT_ESTA FEAT_PASV] = 0;
+     }
+ # endif
+     addreply_noformat(0, feat);
+@@ -4639,7 +4641,20 @@ void doopts(char *args)
+         cmdopts++;
+         (void) cmdopts;
+     }
++    if (strncasecmp("utf8 ", args, 5) == 0 ||
++        strncasecmp("utf-8 ", args, 6) == 0) {
++        if (cmdopts == NULL || *cmdopts == 0) {
++            addreply_noformat(501, "OPTS UTF8: " MSG_MISSING_ARG);
++        } else if (strncasecmp(cmdopts, "on", sizeof "on" - 1U) == 0) {
++            addreply_noformat(200, "OK, UTF-8 enabled");
++        } else if (strncasecmp(cmdopts, "off", sizeof "off" - 1U)) {
++            addreply_noformat(200, "OK, UTF-8 disabled");
++        } else {
++            addreply_noformat(502, MSG_UNKNOWN_COMMAND);
++        }
++        return;
++    }
+     if (strncasecmp("mlst ", args, 5) == 0) {
+         addreply_noformat(200, " MLST OPTS "
+                           "type;size;sizd;modify;UNIX.mode;UNIX.uid;"
+
-- 
2.44.0