A fix is available
APAR status
Closed as program error.
Error description
Starting the FTP client in TSO with option -A should require authentication to succeed for the connection to complete. This does not occur since the command options in TSO are not case sensitive. This results in the -A option being equivalent to the -a option where authentication is attempted, but the connection is allowed to complete without security, if the authentication fails.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of the IBM Communications Server * * for z/OS Version 1 Release 2 IP: FTP * **************************************************************** * PROBLEM DESCRIPTION: Starting the FTP client in TSO with * * option -A should require * * authentication to succeed for the * * connection to complete. This does * * not occur since the command options * * in TSO are not case sensitive. This * * results in the -A option being * * equivalent to the -a option where * * authentication is attempted, but the * * connection is allowed to complete * * without security, if the * * authentication fails. * **************************************************************** * RECOMMENDATION: * **************************************************************** In FTP, the option for requiring a secure connection has been changed from -A to -r. This is so there is no confusion with the -a option, which still exists and indicates a secure connection is attempted, but not required. +-------------------------------------------------------------+ + Please check our Communications Server for OS/390 homepages + + for common networking tips and fixes. The URL for these + + homepages can be found in Informational APAR II11334. + +-------------------------------------------------------------+
Problem conclusion
FTP has been updated to recognize the -r option. Also, an error in the debug code that set ACC trace on whenever any trace was active has been fixed. This bug also prevented resetting the ACC trace if any other trace was active. Changes needed to the following publications. *********************************************** z/OS V1R2 IBM Communications Server IP Messages Vol. 1 : SC31878301 Message EZA2579E Usage error: Valid parameters are: change -A to -r in two places; Message EZA2892I Secure port 990 ... change -A to -r in four places (including message itself) Message EZA2894I The security mechanism ... change -A to -r in one place *********************************************** z/OS V1R2 IBM Communications Server IP Migration: SC31877301 Table 98: Kerberos Support for the FTP Server and Client - Migration Tasks change -A to -r in two places in the Procedure column Table 120: FTP Command Start Options change -A to -r in three places in the New Parameter column change -A to -r in two places in the Description column *********************************************** z/OS V1R2 IBM Communications Server IP User's Guide and Commands: SC31878001 FTP Command - Enter the FTP Environment Under Format change -A to -r and move to be in alphabetical order Under Parameters change -A to -r (twice on the line; also, move to be in alphabetical order) Security Considerations, Using Security Mechanisms First bullet under paragraph that discusses configuration parameters that determine whether the client uses a security mechanism change -A TLS to -r TLS change -A GSSAPI to -r GSSAPI * Cross Reference between External and Internal Names PREFTPCX (EZAFTPCX) PREFTPLD (EZAFTPLD) PREFTPLS (EZAFTPLS) EZAFTPM1 (FTP ) EZAFTPSM (FTPDMSG )
Temporary fix
Comments
APAR Information
APAR number
PQ55642
Reported component name
TCP/IP V3 MVS
Reported component ID
5655HAL00
Reported release
120
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2001-12-10
Closed date
2002-01-11
Last modified date
2002-03-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UQ61859 UQ61860
Modules/Macros
EZAFTPCX EZAFTPCY EZAFTPGT EZAFTPGU EZAFTPLD EZAFTPLS EZAFTPM1 EZAFTPRA EZAFTPSM
SC31877301 | SC31878001 | SC31878301 |
Fix information
Fixed component name
TCP/IP V3 MVS
Fixed component ID
5655HAL00
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"120","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSCY4DZ","label":"DO NOT USE"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"120","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
02 March 2002