IBM Support

PH51239: FTP CLIENT SUPPORT FOR KEYVAULT UTILITY USE

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as new function.

Error description

  • The z/VM FTP Client is updated to make preferential use of user
    name and password values stored in a KEYVAULT database.
    

Local fix

  • n/a
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All customers using the TCP/IP for z/VM FTP  *
    *                 client.                                      *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION: APPLY PTF                                    *
    ****************************************************************
    This APAR provides applicable updates for the TCP/IP for z/VM
    FTP client to support the use of a CMS KEYVAULT database as a
    source for FTP login credentials, for interaction with a remote
    host system.
    
    The KEYVAULT support introduced with this APAR modifies the FTP
    client to attempt acquisition and use of credentials defined
    within an open KEYVAULT database, ahead of using a NETRC DATA
    file, or via prompts for these values, as it does currently.
    With these changes, a NOVAULT FTP command option, and a VAULTDB
    FTP subcommand, are added.
    
    For more information about the KEYVAULT support introduced with
    this APAR, consult the updated publications that are referenced
    later herein.
    
    Note:  This support relies on new function introduced with the
    PTF for this related APAR:
    
     * VM66453 - CMS PASSWORD/KEY MANAGEMENT UTILITY - KEYVAULT
    

Problem conclusion

Temporary fix

Comments

  • The following changes are implemented by the updates provided
    via this APAR:
    
    Addition of the DTKDVDAT PASCAL part:
    
     * This new part implements logic in a GetKVDBData() function,
       which acquires user and password credentials from an open
       KEYVAULT database.
    
    Updates to the FTPROCS PASCAL part:
    
     * Changes to call the GetKVDBData() function to obtain
       KEYVAULT-based user and password credentials, and to handle
       an added VAULTDB toggle-action FTP subcommand, are
       implemented.
    
    Updates to the FTMAIN PASCAL part::
    
     * KEYVAULT related definitions and support logic are added.
    
    Updates to the CMINTER COPY part:
    
     * Definition of the GetKVDBData() function is added.
    
    Updates to the FTUSER COPY part:
    
     * Definitions related to KEYVAULT return codes, and a VAULTDB
       entry for the COMMANDTABLE data structure are added.  Minor
       corrections to this structure are included to correct
       interactive help problems for these FTP subcommands:
    
        CPROTECT CCC PRIVATE CLEAR
    
    Updates to the DTFTPCC COPY part:
    
     * Return codes have been updated to correspond with
       values defined in the FTUSER COPY file.
    
    Updates to the FTPARSE PASCAL part:
    
     * Logic changes to handle the NOVAULTDB FTP command option
       are added.
    
    Updates to the MSFTPC MSGS part:
    
     * Included new and changed message definitions that are
       associated with the above-listed part changes.
    
       These numbered FTP client messages are added:
    
        DTCFTC0265I Command <command> completed with RC: <rc>
    
        DTCFTC0266I KEYVAULT login values not defined for specified
                    host
    
        DTCFTC0267I KEYVAULT login values cannot be acquired or
                    used
    
    Updated help files (file type HELPxxxx) are added, as listed
    here:
    
     FTP      HELPTCPI
     FTP      HELPMENU
     FTP      HELPTASK
     FTP      HELPABBR
     LOCSTAT  HELPFTP
     OPEN     HELPFTP
     VAULTDB  HELPFTP
    
    The change that follow have been made to the system reference
    libraries:
    
    ***START PUBLICATION CHANGE*************************************
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    
    Publication Title: z/VM: TCP/IP User's Guide
    Release:      z/VM 7.3.0
    Order number: SC24-6333-73    SC24633373
    
    Updates related to KEYVAULT usage are added, which include:
    
     * addition of FTP command NOVAULTDB option information
     * addition of VAULTDB FTP subcommand information
     * applicable usage notes and related updates
     * addition of a new section titled "The KEYVAULT Database"
       to "Chapter 2. Transferring Files Using FTP"
    
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    Publication Title: z/VM: TCP/IP Messages and Codes
    
    Release:      z/VM 7.3.0
    Order number: GC24-6330-73    GC24633073
    
    Documentation for the previously cited new messages
    is added:
    
     DTCFTC0265I DTCFTC0266I DTCFTC0267I
    
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    
    For publication change details, consult the updated PDF
    instances of the aforementioned publications, which are
    available via this URL:
    
      https://www.ibm.com/docs/en/zvm/7.3
    
    ***END PUBLICATION CHANGE***************************************
    

APAR Information

  • APAR number

    PH51239

  • Reported component name

    TCP/IP FOR Z/VM

  • Reported component ID

    5735FAL00

  • Reported release

    730

  • Status

    CLOSED UR1

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    YesSpecatt / New Function / Xsystem

  • Submitted date

    2022-12-01

  • Closed date

    2023-05-25

  • Last modified date

    2024-04-04

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UI91775

Modules/Macros

  • CMCONVXL CMINTER  CMMAKSI  DTCFTPCC DTCKVDAT DTCNETRC FTCVMSUB
    FTMAIN   FTP      FTPARSE  FTPROCS  FTSRVPA  FTSVMSUB FTSYPRO
    FTUSER   FTUTIL   LOCSTAT  LPQ      LPRM     LPRP     MSFTPC
    OPEN     SMTPCMDS SMTPEVNT SMTPQUEU SMTPRES  SMTPRULE SMTPSMSG
    TCCONFIG TCIPDOW  TCPARSE  TCPBLM92 TCPDOWN  TCTOATM  TCUTIL
    TNSTMAS  VAULTDB
    

Publications Referenced
SC24633373GC24633073   

Fix information

  • Fixed component name

    TCP/IP FOR Z/VM

  • Fixed component ID

    5735FAL00

Applicable component levels

  • R730 PSY UI91775

       UP23/05/30 P 2401  

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG27N"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"730"}]

Document Information

Modified date:
04 April 2024