New developer.
I'm an FTP and TN3270 kind of a guy. The young 'uns are more ssh,
On Tue, 11 Apr 2023 10:50:21 -0500, Erik Janssen wrote:
>I'm not sure how important your system is, but the example you send indicates
>that the bpxas is running on behalf a ssh session. If most of the bpxas
>add
Pretty much. I know the RACF folks said they had to develop PL/X <-> C
"bridges" to use System SSL.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Isabel
Sent: Tuesday, April 18, 2023 10:17 AM
To: IBM-MAIN@LISTSERV.UA.EDU
S
Not the answer to the question you asked but ...
"Performance" has at least two definitions: least elapsed wall clock time and
least CPU utilization.
Another option would be BPXWDYN ... EXECIO DISKW.
Charles
On Wed, 19 Apr 2023 13:44:39 -0400, David Spiegel
wrote:
>Hi,
>I am writing a Rexx
ARCH level is a "problem" I have dealt with for 12 or so years.
I say "problem" in quotes because it is not much of a problem -- you only
have to revisit it once every two years, and even then it is not an urgent
problem. So you don't need a solution that runs on autopilot -- you can just
revisit
SERV.UA.EDU] On Behalf
Of Charles Mills
Sent: Tuesday, April 25, 2023 7:06 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: XLC architecture level question
ARCH level is a "problem" I have dealt with for 12 or so years.
I say "problem" in quotes because it is not much of a prob
> where do you put it and what else do you do?
Ray and David have half of the answer. Specifically, you put it in a
constructor for a static class instance. The first "user code" that C++ runs --
before int main() -- is static class constructors.
What else do you do?
Charles
-Original Me
+1
Storage is a lot cheaper than programmer time writing exits and bit-twiddling
DCBs.
Isn't there a BUFL parameter that accomplishes the same thing and can be used
without regard to actual BLKSIZE (in the case of RECFM=FB)?
CM
On Wed, 26 Apr 2023 17:08:54 -0500, Paul Gilmartin wrote:
>On W
Something of a plug; hit delete if you wish. X-Posted RACF-L and IBM-MAIN.
I have been reading and sometimes responding to various people’s “help me with
my certificate problem” posts here for years. I have been kicking around
various approaches to certificate problem resolution with my friend P
Thank you, @David. I have been to the disclosure sessions and this is clearer
than anything I have heard from IBM.
Question: what are the advantages and disadvantages of XL C/C++ 2.4.1 W/D
versus Open XL C/C++? Why might I choose to use one versus the other?
Thanks,
Charles
On Wed, 10 May 2023
wrote:
>Charles Mills asked:
>>Question: what are the advantages and disadvantages of XL C/C++ 2.4.1
>>W/D versus Open XL C/C++? Why might I choose to use one versus the
>>other?
>
>What I got from David�s note is that the later two versions are more modern
>and thus mor
There are so many layers of issues here ...
If the data is "binary" (any or nearly any byte value is possible) then no
approach that involves CRLF is going to work. Period. Software does not have a
way to distinguish between a 0D0A that signifies the end of a record versus a
0D0A that just happ
Correct me if I am wrong, but my impression is that signing the package
protects (among other things) against the scenario in which one of your
associates, who let us assume is a bad guy, makes a zap-type modification to
the package after you download it and before you install it, thereby
compr
g/wiki/DigiNotar#Issuance_of_fraudulent_certificates
Charles
On Tue, 16 May 2023 13:31:39 -0500, Paul Gilmartin wrote:
>On Tue, 16 May 2023 13:04:44 -0500, Charles Mills wrote:
>
>>Correct me if I am wrong, but my impression is that signing the package
>>protects (among oth
I voted. Painful getting through the login process.
Why is it 100 times easier to make a purchase from Amazon than to vote on an
IBM RFE?
Charles
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to
@Ann, "was this page helpful?" completely misses the point.
#1, a page could be helpful and also wrong. How does a reader report "the page
had a lot of helpful info on it but paragraph 3 is misleading"?
#2, "helpful" is way too low a bar. IBM-MAIN is "helpful" and it's free. Google
is "helpful"
XEDUT (was: Typo ...)
Muphry's Law?
CM
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
VS COBOL II Release 4 -- change bars on the doc:
x LENGTH OF Special Register
x The LENGTH OF special register contains the number of bytes used by an
x identifier.
x LENGTH OF creates an implicit special register whose content is equal
x to the current byte length of the data i
Dated March 12, 1993
On Sun, 21 May 2023 14:46:10 -0500, Charles Mills wrote:
>VS COBOL II Release 4 -- change bars on the doc:
>
>x LENGTH OF Special Register
>x The LENGTH OF special register contains the number of bytes used by an
>x identifier.
>
>x
Eighth Edition (March 1993)
| This edition replaces and makes obsolete the previous edition,
| SC26-4047-06. Technical changes for this edition are summarized
| under"Summary of Changes" in topic FRONT_3 and are indicated by a
| vertical bar to the left of the change.
| This edition applies
For those who have not been following this discussion, IBM is on track to
remove the RCF process as we have known it for forty or so years. Customers and
ISVs will be limited to a Web pop-up “Was this helpful?” and if you answer No,
you will be able to briefly justify that answer. There is also
I find it kind of amazing. Here is a bunch of dedicated people, many of us with
40 or more years of experience, willing to help IBM make their documentation
better AT NO CHARGE TO IBM. And what is IBM's response? Take a hike.
You know, there are many things that have made this platform successfu
Eric, thank you for expressing what many IBMers dare not.
Yes, I should have been clear. This attitude is from the cost-cutters, not from
rank-and-file IBMers.
This approach appears to have ZERO support from in-the-trenches IBMers,
customers, or ISVs. The only proponents are documentation manag
1. Is there any support in JCL or in ISPF for reading member generations? If I
want to reference or browse a PDSE 2 member generation other than the latest,
is it possible to do so? Am I just missing the doc somewhere?
2. Is this not an error or at least an illogical statement in the JCL
refere
Wait a minute! Reusability of code and Object Orientation are totally different
things!
One might have a library of reusable COBOL subroutines that programmers could
cut and paste into their programs. (Or that worked in some other way.) No
object orientation necessary.
And there are lots of re
@Steve, thanks.
>JCL provides no support at all for PDSE member generations.
Grumble, grumble. What about ISPF? I sure don't see it, but perhaps I am using
a customized ISPF? Or there is some option that is not turned on in the z/OS
that I am using?
>Support for PDSE as a member* of a GDG was
I'll bite: where is it hidden?
CM
On Mon, 29 May 2023 21:28:50 -0400, Steve Smith wrote:
>Yes, one of the "hidden secrets" of ISPF. I use it a lot, but you kind of
>have to be told it's there, and get used to it. It's very clunky.
@Sri and @Steve, thank you. Got it. From ISPF 3.4.
Interesting. The Edit member selection panel (ISPF 2 with a blank member name)
shows a Prompt heading but the fields are protected.
Charles
On Tue, 30 May 2023 16:39:53 +, Sri h Kolusu wrote:
1. Is there any support in JCL or in ISPF
Turned on both of the empty member options and it still does not allow input
under Prompt.
This is with Edit -- ISPF 2. Works with DSLIST -- ISPF 3.4.
Charles
On Tue, 30 May 2023 17:00:50 +, Sri h Kolusu wrote:
>>> Interesting. The Edit member selection panel (ISPF 2 with a blank member
Let me do my best here.
Yes, you can generate a CSR, typically including multiple SANs, with OpenSSL
(any platform), gskkyman, or even on a CA Web site (or in the case of an
in-house CA, using their certificate management tools).
Yes, you should be able to import that certificate when signed an
Is this what you want?
https://www.ibm.com/docs/en/zos/2.4.0?topic=space-vary-tcpipobeyfile
It affects the TCPIP started task, not the SYSTCPD DD statement specifically.
Charles
On Sat, 10 Jun 2023 21:51:39 +0400, Peter wrote:
>Hello
>
>Cross posted
>
>I am not able to find a reference in th
What communication paths do you have between the Internet at large and your
mainframe?
Can you FTP from outside with your mainframe?
Can you IND$FILE from an Internet-connected desktop to your mainframe? Either
way -- push or pull?
Can you cut-and-paste from an Internet-connected desktop into a
Run a RACDCERT LISTRING on the ring.
Is the appropriate DigiCert root on the ring and trusted?
If not, FTP will fail.
Charles
On Sun, 11 Jun 2023 10:18:10 -0500, Tom Longfellow
wrote:
>The Journey continues:Step by Step - Inch by Inch
>
>Obscurity and (my) Ignorance still trumps usabilit
I would not generally expect the necessity of installing any intermediates on
the client side.
But yes, trust is an absolute requirement. An untrusted certificate effectively
does not exist.
Charles
On Sun, 11 Jun 2023 12:27:57 -0400, Matt Hogstrom wrote:
>Did you trust the cert when importi
>What I cannot find is the name or source of this unnamed thing.
Name: IBM uses certificates with chains ending in two different DigiCert roots
with very similar names. This is a source of confusion.
DigiCert Global Root CA
DigiCert Global Root G2
Someone else posted with servers use which. Get
I suspect that one you listed first is superfluous but no matter.
Does SMPE really want a client certificate? Where did you get it from? What
signed it?
If SMPE really wants that client certificate then you should make it the
default so SMPE can find it.
Are all of those certs on the ring trus
1. >A new Client Certificate is in place
I know TLS pretty well but I don't know RECEIVE ORDER at all. Client
Certificates are relatively unusual. Does anyone know for sure: does RECEIVE
ORDER require a client certificate? If not, then this is a red herring.
2. > Write failed
That *sounds* t
SHOWINC?
(+ SOURCE)
On Fri, 23 Jun 2023 19:00:02 -0500, Eric Erickson wrote:
>Using XL C on z/OS V2R5. I've got a set of #ifdefs in a header file that are
>not giving me the results I expect. I know on other compilers I've used in the
>past that there were options to output all input statemen
Is there any way to create a PDSE V2 with member generations in batch? I know I
can do it interactively with ISPF 3.1, and I know I can't do it in batch with
IEFBR14 and a DD, the way you would create most any other dataset.
It needs to be batch, and it would need to be "pure basic z/OS," becaus
Thanks! You're right of course. When I looked and asked about this a couple of
weeks ago no one disagreed with the assertion that it could not be done with
JCL. This is perfect. Sorry for the dumb question. Not sure what I was
searching for that I did not see MAXGENS in the JCL Reference.
Charl
Yeah, I have to run a test to see whether it will fail ugly if I exceed the
limit, or just cap it at the limit.
Charles
On Mon, 26 Jun 2023 11:23:32 -0500, Lionel B. Dyck wrote:
>Regarding MAXGENS in the JCL - be sure it is less than, or equal to the
>IGDSMSxx MAXGENS_LIMIT specification.
>
). ALLOCATION
FAILED FOR DATA SET xx.TEST.PDSE
IEF272I STEP1 - STEP WAS NOT EXECUTED.
CM
On Mon, 26 Jun 2023 12:29:09 -0500, Charles Mills wrote:
>Yeah
The check is "optional" on the application's part for z/OS System SSL:
https://www.ibm.com/docs/en/zos/2.5.0?topic=reference-gsk-validate-server
I use optional in quotes because the TLS protocol has two main purposes:
encryption (which is not under discussion here) and preventing a
man-in-the-
.
THAT is impossible. There is no DSN=MY.VER2.LIBRARY(MYMEMBER,-1)
Charles
On Mon, 26 Jun 2023 14:43:21 -0500, Paul Gilmartin wrote:
>On Mon, 26 Jun 2023 12:52:56 -0500, Charles Mills wrote:
>
>>Fails ugly!
>>
>Can you capture that message with "BPXWDYN( '... msg(stem
I believe I recall correctly that a GDG may contain a PDS.
May it contain a PDSE Version 2?
So you could have member generations within PDSE generations?
Whee!!!
A PDS version within a GDG would be DSN=PDS.NAME(-n) . I am going to guess
there is no JCL syntax for a member (never mind member g
Yow!
https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html
CM
On Tue, 27 Jun 2023 16:59:23 +0300, ITschak Mugzach wrote:
>Surprise... Although the server certificate SHOULD be verified, IBM did not
>perform this check until APAR OA63164...
+1
On Wed, 28 Jun 2023 18:28:21 +0100, Colin Paice wrote:
>Allocate a block of 8 bytes in common memory. Use name token to point to
>it. Use Compare double and swap to update value. every 1000 entries
>reset to zero and write out
@Tom, did you ever get this resolved? What was the resolution?
Charles
On Tue, 20 Jun 2023 10:18:44 -0500, Tom Longfellow
wrote:
>Thanks to all so far. Still on my journey.
>
>I have confirmed that my Firewall staff has not blocked me. (ports 80 and 443
>found at IBM)
>I have confirmed tha
I am using XLC __TIMESTAMP__ for the first (!) time. The source file is in UNIX
and definitely has a timestamp. Here is the code
static const char versionMsg[] = "blah blah, Built " __DATE__ " " __TIME__ ",
Source timestamp " __TIMESTAMP__ ;
The message is displaying as
blah blah, Built Jul
On Sat, 1 Jul 2023 20:24:04 -0500, Paul Gilmartin wrote:
>Does "Mon Jan 1 0:00:01 1990 mean anything to you?
I was in Paris for New Year's. It was fantastic. We drank champagne until it
ran out, and then moved on to homemade grappa. We sang songs from West Side
Story. I slept until noon.
Se
Thanks all. Attempting to reply to everyone in one note so as not to add to the
noise.
@Gil:
> 8 seconds after the source. That's astonishing if it's a system header.
It is a user header. They are both uploaded more or less at the same time, with
FileZilla, which I think sets a new timestamp r
s to APARs --
other than to open a case with Dallas and ask them to look into it.
Charles
On Sun, 2 Jul 2023 22:52:32 +0800, David Crayford wrote:
>On 2/7/2023 8:41 pm, Charles Mills wrote:
>> @David:
>>> Looks like a but with XL C++. I would open a case with IBM
>> Ala
Bigger monitor + larger 3270 screen format = same size type.
Large monitors are under $200.
It's your right to stick with 80's display technology but it's not IBM's fault
that you then have a problem with more modern screen layouts.
Charles
On Mon, 3 Jul 2023 01:19:24 +, Shaffer, Terri
w
Not sure what is relevant to your situation and what is not, but FWIW (for C++)
I use the following and get no messages on strcasecmp().
#define _LARGE_TIME_API
#define _OPEN_SYS_UNLOCKED_EXT 1
#define _POSIX_SOURCE
#define _XOPEN_SOURCE_EXTENDED 1
#define
I think they require ARCH(13). Coud that be your issue?
Charles
On Wed, 5 Jul 2023 09:52:34 -0500, Eric Erickson wrote:
>I've got a set of XL C compiles where one is giving me a CCN3690 message and
>the other is not. I've scoured over the compiler options and both are getting
>fed the same on
And the answer is ...
Although it is not so documented, apparently __TIMESTAMP__ is a C (not C++)
-only feature.
I am further informed that __TIMESTAMP__ is not part of the C standard, so I am
out of luck.
Charles
On Sat, 1 Jul 2023 16:52:20 -0500, Charles Mills wrote:
>I am using
Au contraire: https://www.ipswitch.com/resources/free-tools/moveit-freely
There is no need for any client to have any special cognizance of the file
system at the server end. I am sure whoever wrote the Windows command line FTP
had zero knowledge of z/OS data sets, but it works just fine, as @B
I don't have the spare time to run tests proving things but there is absolutely
no doubt in my mind that I have used it successfully in passive mode, running
against the IBM Dallas datacenter z/OS.
CM
On Thu, 27 Jul 2023 15:39:57 +, Schmitt, Michael
wrote:
>Thanks for the MOVEit Freely s
I was really into passtickets about fifteen years ago and now I have forgotten
some specifics.
Yes, passtickets are really cool and are totally appropriate for what you want.
Yes, even if you don't want application-specificity passtickets does. Yes,
without your doing something about it you may
The long periods of bad guy access are typical. You read most of the breach
stories the attack unfolded over weeks or months. The hackers talk about pwning
(owning) a group of servers.
CM
On Sat, 12 Aug 2023 16:13:12 -0400, Phil Smith III wrote:
>ITschak Mugzach wrote, in part:
>>Remember tha
I have a lot of personal experience with the LZW patent, up to and including
paying royalties to Unisys.
I will not bore this group with my whole long story. Suffice it to say that
this was one of the first "stealth" patents. At the time I implemented and used
the algorithm there was no public
Claimed implementations here in many languages, including C, PL/I and Rexx.
https://rosettacode.org/wiki/LZW_compression
CM
On Sat, 12 Aug 2023 17:20:47 -0400, Tony Harminc wrote:
>On Sat, 12 Aug 2023 at 09:30, kekronbekron
><02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote:
>>
>> From t
I believe that responding to a possible server request for a client certificate
is the only purpose for the certificate label parameter *in a client
configuration.*
For a server, the label is a possible alternative to the usual convention of
having the server present the default certificate on
I use it. I have nothing to really compare it to, but it does the job for me.
Supports EBCDIC.
Charles
On Tue, 15 Aug 2023 22:16:16 +, Pommier, Rex
wrote:
>I highly recommend "HxD hex edit".
--
For IBM-MAIN subscribe
Well, I wrote a product that does exactly that in a beautiful graphic fashion
and is part of NewEra's ICEDirect suite.
https://www.newera.com/INFO/ICEDirect.pdf
Does that count?
For free tools
1. Is it a Web server? If so most browsers will display the server certificate
and the entire chai
Maybe
openssl s_client -connect host:port -showcerts
Charles
On Sat, 26 Aug 2023 12:41:57 -0500, Charles Mills wrote:
snip
>2. Perhaps you can do this with OpenSSL? I think so but don't know the
>details.
--
F
In my emulator if I click on the padlock icon I get
OpenSSL Version: OpenSSL 1.0.1g 7 Apr 2014
Encryption: AES256-GCM-SHA384 - 256 bits
Protocol:TLSv1.2
Issued By: DigiCert Inc
Organization:International Business Machines Corporation
Distinguished Name:
Can you set the date back on the PC?
CM
On Sat, 26 Aug 2023 18:06:36 +, Jerry Whitteridge
wrote:
>Unfortunately my system is responding expired cert and drops the connection
>before I can do that - which is why I'm trying to get the cert details
--
Just being a security PITA here, but that solution makes the security of their
systems subject to whatever safeguards you do or do not put on yours.
If I can extract the CA private key from your PC than it is trivial for me to
create a www.chase.com certificate that will be trusted by their brow
giCert. The difference is
that DigiCert has very rigorous protocols for protecting its root private keys.
OpenSSL does not.
Charles
On Tue, 29 Aug 2023 09:23:16 -0500, Grant Taylor
wrote:
>On 8/29/23 8:31 AM, Charles Mills wrote:
>> Just being a security PITA here, but that solut
t;been certified by the standard CA companies, then I can validate it and
>quite happily use it.
>So no, you cannot create certificates, sign them and make me believe they
>came from a bona fida company - unless I do something stupid.
>Colin
>
>On Tue, 29 Aug 2023 at 16:46, Charles M
>(paid for), and I think that means a manual process to update the HMC
>web cert/key every year. Or is there an easier way?
I don't know. I am more of a certificate theory expert than a z certificate
practice expert.
It is true that no commercial CA issues certificates good for much more than
> The certificate is only good if you have the associated key.
> If you don't have the key, the certificate isn't worth the disk space
> that it takes up.
Not true for a CA root.
Thought experiment: if DigiCert were to misplace their root private key, would
you now be unable to log into amazo
Not browser publishers and CAs; ONE particular browser publisher! The CAs were
on the other side of this one.
https://www.zdnet.com/article/apple-strong-arms-entire-ca-industry-into-one-year-certificate-lifespans/
About the only thing I can say in their defense is that the revocation system
is
OMG Darren! What can we do to support you (and the list)?
Charles
On Mon, 18 Sep 2023 19:24:23 +, Darren Evans-Young wrote:
>I have removed Bill Johnson from the IBM-MAIN list and you all know why.
>
>He has now officially lodged a complaint against me accusing me of
>discrimination
>and v
Does anyone know of a server URL that will present a revoked certificate (for
my testing purposes)?
There are several that a Google search turns up but
- https://revoked.badssl.com/ is expired and expired certificates are never
revoked
- https://www.digicert.com/kb/digicert-root-certificates.ht
Ditto -- my client is running on z/OS, Darren! System SSL and RACF!
Seriously, if you have revoked the certificate used by a Web server then a
conforming browser should refuse to connect, of at least complain loudly.
Can you give me the URL and port? Off-list if you prefer. I will let you know
Yes, that should work. However I don't have an appropriate test server.
Yes, I could set one up ...
Charles
On Wed, 20 Sep 2023 10:36:30 +1000, Andrew Rowley
wrote:
>On 20/09/2023 8:37 am, Charles Mills wrote:
>> Does anyone know of a server URL that will present a revok
@Colin, I can do that. That may be one of the better options.
Thanks all.
Charles
On Wed, 20 Sep 2023 08:22:22 +0100, Colin Paice wrote:
>You could try openssl s_server
>I use this script on Linux
>
>
>*cert=" -cert ./docec384.pem -certform pem -key docec384.key.pem -keyform
>pem" CA="-chainCA
Does this help?
/* Point to the RMF data */
CVT_addr = Storage('10', 4)
RMCT_addr = StorageCO(CVT_addr, 604, 4)
RCT_ad
Anyone have personal recommendations for a 3270 emulator for Android phones
and/or tablets?
Android, NOT Windows -- you would have to pry Vista out of my cold, dead
fingers.
I certainly don't intend to do heads-down coding on my phone. This is just so I
could respond to a client emergency with
Could you temporarily allocate the DD with a bad LRECL?
Charles
On Wed, 27 Sep 2023 15:55:53 -0500, Ralph Spadafora
wrote:
>I was wondering the same thing, I'm not sure how I would establish a SYNAD
>exit for SYSTSIN in the sample JCL. My code runs as a service routine in a
>started task and
Yeah, sorry, I realized the omission after I posted but decided folks could
figure it out. Here, for completeness:
/* Return the contents of a storage address plus an offset */
/* The address is in "character" (native binary) form and the offse
X-Posted IBM-MAIN and RACF-L. It’s not really a RACF issue, but the right folks
may be hanging out there.
I am trying to educate myself on OCSP.
In the AT-TLS config I code
TTLSEnvironmentAction CAM_FTP_Env
{
It's not "my" certificate exactly -- it's IBM's. I will paste it below.
I don't have an OCSP server; I would guess that System SSL is querying
DigiCert's from the AIA: http://ocsp.digicert.com.
I am not sure which DigiCert certificate signs the OCSP response but the
DigiCert intermediate refere
Most of the recommendations here were for the Mocha product. I downloaded it an
tried it. I have to say I am not crazy about it, but I guess I am never going
to be crazy about 3270-on-a-tablet.
I am also testing https://www.web.gar.no/glink-for-android. I think I am liking
it a little better. A
I am trying to get a GSK trace for a batch FTP job, where PAGENT AT-TLS
controls the TLS connection.
I follow the example here
https://www.ibm.com/support/pages/how-do-you-collect-ssl-trace-using-batch-job
but no trace data is produced. I am guessing that is because of PAGENT AT-TLS.
(The exa
I know PAGENT accepts MODIFY because I have used F PAGENT,REFRESH. And a MODIFY
error is documented here:
https://www.ibm.com/docs/en/zos/2.5.0?topic=messages-ezd1583i.
But where is PAGENT's MODIFY command documented?
Charles
Thanks! I had searched System Commands on 'PAGENT' and got no hits.
CM
On Sun, 8 Oct 2023 17:03:29 -0500, Steve Horein wrote:
>https://www.ibm.com/docs/en/zos/2.5.0?topic=command-modify-policy-agent
--
For IBM-MAIN subscribe /
@Brian, I think you are talking about a different trace. IBM confusingly seems
to kind of run the two together.
I run the trace I am talking about -- in a non-PAGENT situation -- all the
time, and I am ignorant of what you write below.
The trace I am talking about is turned on with an environme
@Colin, are we talking about the same trace? The trace I am talking about is
the one turned on with the environment variable GSK_TRACE. At least judging
from the meanings of the bit flags -- which are fairly similar but not
identical -- that is a different trace than the one turned on with
TTLS
@Peter, thanks.
> This example uses TLSMECHANISM FTP but it should not matter.
Perhaps it should not, but it does, and that is the problem.
Working with my existing JCL, not yours (but it should not matter ):
My JCL uses
//STEP1 EXEC PGM=FTP,PARM=(,
//
Thanks for confirming my observations and conclusions.
I am 99.9% certain that the trace option in the AT-TLS configuration file is
different from System SSL trace (GSK_TRACE). If you look at the option bits
they are superficially similar but clearly different.
I think I have gotten past my req
Yes. I will speak from memory and I do not speak for IBM of course, so take all
of this as you wish.
Back in the bad old days, before about 2018, large software companies generally
shipped products as object code and did the final link/bind at the customer
site, thereby avoiding shipping any IB
https://www.ibm.com/docs/en/zos/2.5.0?topic=level-zos-licensed-program-specifications
Page 3
CM
On Sun, 22 Oct 2023 09:31:54 -0400, Gord Tomlin
wrote:
>On 2023-10-21 18:25 PM, Charles Mills wrote:
>> a comprehensive "okay to link and ship" list all collected in one
Oh! And someone who obviously worked with John more than I did points out
to me privately that it is Eells, not Eels.
I enjoyed working with John. I wonder what he is doing now.
CM
--
For IBM-MAIN subscribe / signoff / archive
I have no idea as to the answer to the question you asked but
1. A more relevant "it used to work" than the dates would be the z/OS release
numbers. "It worked under V2R5 but fails under V3R1" (or whatever).
2. As always with these things, an exact error message is a lot more likely to
lead to
My notes from 2005 seem to imply that the SYNAD exit may be called in 31-bit
mode. I think it is called in the mode under which the GET or PUT was issued.
Charles
--
For IBM-MAIN subscribe / signoff / archive access instructions
On Mon, 6 Nov 2023 11:46:16 -0600, Charles Hardee
wrote:
>To answer Seymour J. Metz's question first, it's specified in the DCB.
>
>To answer Charles Mills' question, the module is defined as RMODE 24, AMODE
>ANY, so the I/O was issued in 31-bit mode.
>
>Which
As @Ituriel says, If you want the jobstep program it is found in some of the
SMF 30 records. No trick to finding it. IIRC it is very straightforward.
"Every program" comes up here from time to time and is basically impossible.
There is no supported way. If you want to intercept SVCs (and I suspe
I see, in my C++ projects, EFPL, ENVB, EVALB and SHVB structs that appear to me
to have been produced from IBM macros by the EDCDSECT tool.
Have you looked for the IRX macros in SYS1.MACLIB?
Are you familiar with EDCDSECT?
Slightly changing the subject, to interface with the Rexx environment fr
601 - 700 of 4699 matches
Mail list logo
