PH28229: FTP JES INTERFACE PASSES BAD RESOURCE NAME ON RACROUTE REQUEST

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• The ftp routines that set up processing for FILETYPE=JES or SITE
  JES commands issue
  RACROUTE REQUEST=AUTH calls with bad resource names in the
  ENTITY fields.
  The security class is SDSF which has 63-byte resource names.
  The resources names always begin with a valid 48-byte resource
  name padded with blanks followed by the first 15 bytes of the
  resource name.
  
  Examples:
  ISFCMD.DSP.INPUT.JES2|27 blanks|ISFCMD.DSP.INPU
  ISFCMD.DSP.ACTIVE.JES2|26 blanks|ISFCMD.DSP.ACTI
  ISFCMD.DSP.OUTPUT.JES2|26 blanks|ISFCMD.DSP.OUTP
  
  The problem is caused by the racfname field in
  ezaftpjr and ezaftpju being too small.  The size
  of racfname is 45 bytes and needs to be 63 because the SDSF
  security class is defined with
  MAXLNTH=63 in the supplied Class Descriptor Tabe (CDT).
  
  With OEM security, this causes invalid security access failures.
  

Local fix

Problem summary

• ****************************************************************
  * USERS AFFECTED:                                              *
  * All users of the IBM Communications Server for z/OS Version  *
  * 2 Releases 3 and 4 IP: FTP                                   *
  ****************************************************************
  * PROBLEM DESCRIPTION:                                         *
  * The FTP JES interface passes an invalid ENTITY name on the   *
  * RACROUTE REQUEST=AUTH call.                                  *
  ****************************************************************
  * RECOMMENDATION:                                              *
  ****************************************************************
  The ftp routines that set up processing for FILETYPE=JES or JES
  SITE commands (e.g. SITE JESSTATUS, SITE JESOWNER, SITE
  JESJOBNAME) issue RACROUTE REQUEST=AUTH calls with invalid
  resource names in the ENTITY fields.
  
  The security class is SDSF which has 63-byte resource names.
  The resources names always begin with a valid 48-byte resource
  name padded with blanks followed by the first 15 bytes of the
  resource name.
  
  Examples:
  ISFCMD.DSP.INPUT.JES2|27 blanks|ISFCMD.DSP.INPU
  ISFCMD.DSP.ACTIVE.JES2|26 blanks|ISFCMD.DSP.ACTI
  ISFCMD.DSP.OUTPUT.JES2|26 blanks|ISFCMD.DSP.OUTP
  
  The problem is caused by the RACROUTE ENTITY field, racfname. in
  EZAFTPJR and EZAFTPJU being too small.  The size of racfname is
  45 bytes and needs to be 63 because the SDSF security class is
  defined with MAXLNTH=63 in the supplied Class Descriptor Tabe
  (CDT).
  
  With OEM security, this causes invalid security access failures.
  

Problem conclusion

• EZAFTPJR and EZAFTPJU have been amended to pass a 63-byte entity
  name field on the RACROUTE REQUEST=AUTH call for the SDSF
  security class check.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UI74202 UI74203

Modules/Macros

• EZAFTPJR EZAFTPJU
  

Fix information

• Fixed component name

  TCP/IP MVS

• Fixed component ID

  5655HAL00

Applicable component levels

• R240 PSY UI74203

     UP21/04/02 P F104

• R230 PSY UI74202

     UP21/04/02 P F104

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.