From 37be801cf370fae882f7baf7f17ef71fcfccef23 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Tue, 10 Jan 2023 14:09:15 -0500 Subject: [PATCH 01/14] Update staging pointer Signed-off-by: 1000TurquoisePogs --- deps/zowe-common-c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/zowe-common-c b/deps/zowe-common-c index 4f2732d0e..ba668cda7 160000 --- a/deps/zowe-common-c +++ b/deps/zowe-common-c @@ -1 +1 @@ -Subproject commit 4f2732d0e781aec89b39f862262d5014a97c09b7 +Subproject commit ba668cda7d5575bfaa37d1eaa94048afe28eda95 From fa2b1c3ccdc7835dd5963438129c87bc9c506790 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Thu, 19 Jan 2023 15:54:41 -0500 Subject: [PATCH 02/14] Update zss-config.json Signed-off-by: 1000TurquoisePogs --- schemas/zss-config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schemas/zss-config.json b/schemas/zss-config.json index 749723f63..de1d8c298 100644 --- a/schemas/zss-config.json +++ b/schemas/zss-config.json @@ -328,7 +328,7 @@ "description": "Controls logging of lpa library functions", "$ref": "#/$defs/logLevel" }, - "_zss.resetdataset": { + "_zss.restdataset": { "description": "Controls logging of resetdataset functions", "$ref": "#/$defs/logLevel" }, From 6d29d140c3ff3956d2323fac4a865ab1355268a6 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Wed, 1 Feb 2023 11:56:32 -0500 Subject: [PATCH 03/14] Update zss-config.json Signed-off-by: 1000TurquoisePogs --- schemas/zss-config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schemas/zss-config.json b/schemas/zss-config.json index de1d8c298..120495308 100644 --- a/schemas/zss-config.json +++ b/schemas/zss-config.json @@ -329,7 +329,7 @@ "$ref": "#/$defs/logLevel" }, "_zss.restdataset": { - "description": "Controls logging of resetdataset functions", + "description": "Controls logging of restdataset functions", "$ref": "#/$defs/logLevel" }, "_zss.restfile": { From 697b70c000651acf2c9fe324f075b126c5374e79 Mon Sep 17 00:00:00 2001 From: James Struga Date: Thu, 2 Feb 2023 10:00:17 -0500 Subject: [PATCH 04/14] Update version.txt Signed-off-by: James Struga --- version.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.txt b/version.txt index e70b4523a..24ba9a38d 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -2.6.0 +2.7.0 From 6607b7ec69a674e67eb7ac5392bb2f20fe13b867 Mon Sep 17 00:00:00 2001 From: achmelo Date: Thu, 2 Feb 2023 18:09:31 +0100 Subject: [PATCH 05/14] map distributed user to mainframe ID Signed-off-by: achmelo --- build/build_zss.sh | 1 + build/build_zss64.sh | 1 + c/certificateService.c | 154 +++++++++++++++-------------------------- c/zss.c | 2 +- deps/zowe-common-c | 2 +- h/certificateService.h | 2 +- 6 files changed, 61 insertions(+), 101 deletions(-) diff --git a/build/build_zss.sh b/build/build_zss.sh index 227ad6344..36691273d 100755 --- a/build/build_zss.sh +++ b/build/build_zss.sh @@ -196,6 +196,7 @@ xlc \ ${COMMON}/c/radmin.c \ ${COMMON}/c/rawfd.c \ ${COMMON}/c/recovery.c \ + ${COMMON}/c/rusermap.c \ ${COMMON}/jwt/rscrypto/rs_icsfp11.c \ ${COMMON}/jwt/rscrypto/rs_rsclibc.c \ ${COMMON}/c/scheduling.c \ diff --git a/build/build_zss64.sh b/build/build_zss64.sh index 2816fa2ed..81267838f 100755 --- a/build/build_zss64.sh +++ b/build/build_zss64.sh @@ -197,6 +197,7 @@ if ! c89 \ ${COMMON}/c/radmin.c \ ${COMMON}/c/rawfd.c \ ${COMMON}/c/recovery.c \ + ${COMMON}/c/rusermap.c \ ${COMMON}/jwt/rscrypto/rs_icsfp11.c \ ${COMMON}/jwt/rscrypto/rs_rsclibc.c \ ${COMMON}/c/scheduling.c \ diff --git a/c/certificateService.c b/c/certificateService.c index bdc629b9c..c43950abe 100644 --- a/c/certificateService.c +++ b/c/certificateService.c @@ -26,10 +26,12 @@ #include "httpserver.h" #include "json.h" #include "http.h" +#include "rusermap.h" #pragma linkage(IRRSIM00, OS) #define MAP_CERTIFICATE_TO_USERNAME 0x0006 +#define MAP_DN_TO_USERNAME 0x0008 #define SUCCESS_RC 0 #define SUCCESS_RC_SAF 0 #define SUCCESS_RC_RACF 0 @@ -46,33 +48,13 @@ #define NOTRUST_CERTIFICATE_RC 32 #define NO_IDENTITY_FILTER_RC 48 -typedef _Packed struct _RUsermapParamList { - char workarea[1024]; - int safRcAlet, returnCode; - int racfRcAlet, returnCodeRacf; - int racfReasonAlet, reasonCodeRacf; - int fcAlet; - short functionCode; - int optionWord; - char useridLengthRacf; - char useridRacf[8]; - short applicationIdLength; - char applicationId[246]; - short distinguishedNameLength; - char distinguishedName[246]; - short registryNameLength; - char registryName[255]; - int certificateLength; - char certificate[4096]; -} RUsermapParamList; - static void setValidResponseCode(HttpResponse *response, int rc, int returnCode, int returnCodeRacf, int reasonCodeRacf) { if (rc == SUCCESS_RC && returnCode == SUCCESS_RC_SAF && returnCodeRacf == SUCCESS_RC_RACF && reasonCodeRacf == SUCCESS_REASON_CODE_RACF) { setResponseStatus(response, 200, "OK"); return; - } else if(rc != SUCCESS_RC) { - if(returnCode == SAF_FAILURE_RC && returnCodeRacf == RACF_FAILURE_RC) { - if(reasonCodeRacf == PARAMETER_LIST_ERROR_RC) { + } else if (rc != SUCCESS_RC) { + if (returnCode == SAF_FAILURE_RC && returnCodeRacf == RACF_FAILURE_RC) { + if (reasonCodeRacf == PARAMETER_LIST_ERROR_RC) { setResponseStatus(response, 400, "Bad request"); return; } else if ( @@ -109,110 +91,86 @@ static void respondWithInvalidMethod(HttpResponse *response) { finishResponse(response); } -static void respondWithBadRequest(HttpResponse *response) { - jsonPrinter *p = respondWithJsonPrinter(response); - - setResponseStatus(response, 400, "Bad Request"); - setDefaultJSONRESTHeaders(response); - writeHeader(response); - - jsonStart(p); - { - jsonAddString(p, "error", "The length of the certificate is longer than 4096 bytes"); - } - jsonEnd(p); - - finishResponse(response); -} - -static int serveMappingService(HttpService *service, HttpResponse *response) -{ +static int serveMappingService(HttpService *service, HttpResponse *response) { HttpRequest *request = response->request; if (!strcmp(request->method, methodPOST)) { - RUsermapParamList *userMapCertificateStructure - = (RUsermapParamList*)safeMalloc31(sizeof(RUsermapParamList),"RUsermapParamList"); - memset(userMapCertificateStructure, 0, sizeof(RUsermapParamList)); - if(request->contentLength > sizeof(userMapCertificateStructure->certificate) || request->contentLength < 0) { - respondWithBadRequest(response); - return 0; + int urlLength = strlen(request->uri); + if(urlLength < 0 || urlLength > 17) { + respondWithJsonError(response, "URI is longer than maximum length of 17 characters.", 400, "Bad Request"); + return 0; } - userMapCertificateStructure->certificateLength = request->contentLength; - memset(userMapCertificateStructure->certificate, 0, request->contentLength); - memcpy(userMapCertificateStructure->certificate, request->contentBody, request->contentLength); + char translatedURL[urlLength + 1]; + strcpy(translatedURL, request->uri); + a2e(translatedURL, sizeof(translatedURL)); + char *x509URI = strstr(translatedURL, "x509"); + char *dnURI = strstr(translatedURL, "dn"); - userMapCertificateStructure->functionCode = MAP_CERTIFICATE_TO_USERNAME; + char useridRacf[9]; + int returnCodeRacf = 0; + int reasonCodeRacf = 0; int rc; - -#ifdef _LP64 - __asm(ASM_PREFIX - /* We get the routine pointer for IRRSIM00 by an, *ahem*, direct approach. - These offsets are stable, and this avoids linker/pragma mojo */ - " LA 15,X'10' \n" - " LG 15,X'220'(,15) \n" /* CSRTABLE */ - " LG 15,X'28'(,15) \n" /* Some RACF Routin Vector */ - " LG 15,X'A0'(,15) \n" /* IRRSIM00 itself */ - " LG 1,%0 \n" - " SAM31 \n" - " BALR 14,15 \n" - " SAM64 \n" - " ST 15,%0" - : - :"m"(userMapCertificateStructure),"m"(rc) - :"r14","r15"); -#else - rc = IRRSIM00( - &userMapCertificateStructure->workarea, // WORKAREA - &userMapCertificateStructure->safRcAlet , // ALET - &userMapCertificateStructure->returnCode, - &userMapCertificateStructure->racfRcAlet, - &userMapCertificateStructure->returnCodeRacf, - &userMapCertificateStructure->racfReasonAlet, - &userMapCertificateStructure->reasonCodeRacf, - &userMapCertificateStructure->fcAlet, - &userMapCertificateStructure->functionCode, - &userMapCertificateStructure->optionWord, - &userMapCertificateStructure->useridLengthRacf, - &userMapCertificateStructure->certificateLength, - &userMapCertificateStructure->applicationIdLength, - &userMapCertificateStructure->distinguishedNameLength, - &userMapCertificateStructure->registryNameLength - ); -#endif + if(x509URI != NULL) { + // Certificate to user mapping + if(request->contentLength > 4096 || request->contentLength < 1) { + respondWithJsonError(response, "The length of the certificate is longer than 4096 bytes", 400, "Bad Request"); + return 0; + } + + rc = getUseridByCertificate(request->contentBody, request->contentLength, useridRacf, &returnCodeRacf, &reasonCodeRacf); + } else if (dnURI != NULL) { + // Distinguished ID to user mapping + char *bodyNativeEncoding = copyStringToNative(request->slh, request->contentBody, request->contentLength); + char errorBuffer[2048]; + Json *body = jsonParseUnterminatedString(request->slh, bodyNativeEncoding, request->contentLength, errorBuffer, sizeof(errorBuffer)); + if (body == NULL) { + respondWithJsonError(response, "JSON in request body has incorrect structure.", 400, "Bad Request"); + return 0; + } + JsonObject *jsonObject = jsonAsObject(body); + if (jsonObject == NULL) { + respondWithJsonError(response, "Object in request body is not a JSON type.", 400, "Bad Request"); + return 0; + } + char *distinguishedId = jsonObjectGetString(jsonObject, "dn"); + char *registry = jsonObjectGetString(jsonObject, "registry"); + rc = getUseridByDN(distinguishedId, strlen(distinguishedId), registry, strlen(registry), useridRacf, &returnCodeRacf, &reasonCodeRacf); + + } else { + respondWithJsonError(response, "Endpoint not found.", 404, "Not Found"); + return 0; + } jsonPrinter *p = respondWithJsonPrinter(response); - setValidResponseCode(response, rc, userMapCertificateStructure->returnCode, userMapCertificateStructure->returnCodeRacf, userMapCertificateStructure->reasonCodeRacf); + setValidResponseCode(response, rc, rc, returnCodeRacf, reasonCodeRacf); setDefaultJSONRESTHeaders(response); writeHeader(response); - + jsonStart(p); { - jsonAddString(p, "userid", userMapCertificateStructure->useridRacf); + jsonAddString(p, "userid", useridRacf); jsonAddInt(p, "returnCode", rc); - jsonAddInt(p, "safReturnCode", userMapCertificateStructure->returnCode); - jsonAddInt(p, "racfReturnCode", userMapCertificateStructure->returnCodeRacf); - jsonAddInt(p, "racfReasonCode", userMapCertificateStructure->reasonCodeRacf); + jsonAddInt(p, "safReturnCode", rc); + jsonAddInt(p, "racfReturnCode", returnCodeRacf); + jsonAddInt(p, "racfReasonCode", reasonCodeRacf); } jsonEnd(p); - safeFree31((char*)userMapCertificateStructure,sizeof(RUsermapParamList)); finishResponse(response); } else { respondWithInvalidMethod(response); } - return 0; } -void installCertificateService(HttpServer *server) -{ - HttpService *httpService = makeGeneratedService("CertificateService", "/certificate/x509/**"); +void installUserMappingService(HttpServer *server) { + HttpService *httpService = makeGeneratedService("UserMappingService", "/certificate/**"); httpService->authType = SERVICE_AUTH_NATIVE_WITH_SESSION_TOKEN; httpService->serviceFunction = serveMappingService; httpService->runInSubtask = TRUE; diff --git a/c/zss.c b/c/zss.c index 78cb023bc..859bfda8e 100644 --- a/c/zss.c +++ b/c/zss.c @@ -1847,7 +1847,7 @@ int main(int argc, char **argv){ loadWebServerConfigV2(server, configmgr, htUsers, htGroups, defaultSeconds); readWebPluginDefinitions(server, slh, pluginsDir, configmgr, apimlStorageSettings); configureJwt(server, jwkSettings); - installCertificateService(server); + installUserMappingService(server); installUnixFileContentsService(server); installUnixFileRenameService(server); installUnixFileCopyService(server); diff --git a/deps/zowe-common-c b/deps/zowe-common-c index ba668cda7..541462f70 160000 --- a/deps/zowe-common-c +++ b/deps/zowe-common-c @@ -1 +1 @@ -Subproject commit ba668cda7d5575bfaa37d1eaa94048afe28eda95 +Subproject commit 541462f70ceff3ca0066aacc203b03df50cdd3d4 diff --git a/h/certificateService.h b/h/certificateService.h index 8fcc34fb4..6bfaa0e0f 100644 --- a/h/certificateService.h +++ b/h/certificateService.h @@ -15,7 +15,7 @@ #include "httpserver.h" -void installCertificateService(HttpServer *server); +void installUserMappingService(HttpServer *server); #endif /* __CERT_SERVICE_H__ */ From 08ab2c3bb85af790c2479e49b8ef3f12c24a0604 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Tue, 7 Feb 2023 15:28:27 -0500 Subject: [PATCH 06/14] Add ZIS dynamic build plugin into build and package Signed-off-by: 1000TurquoisePogs --- .pax/pre-packaging.sh | 4 ++++ CHANGELOG.md | 4 ++++ build/build.sh | 4 ++++ samplib/zis/ZWESIP00 | 1 + 4 files changed, 13 insertions(+) diff --git a/.pax/pre-packaging.sh b/.pax/pre-packaging.sh index d7b631887..35e9a2250 100644 --- a/.pax/pre-packaging.sh +++ b/.pax/pre-packaging.sh @@ -19,6 +19,9 @@ SCRIPT_DIR=$(pwd) # build echo "$SCRIPT_NAME build zss ..." STEPLIB=CBC.SCCNCMP "$SCRIPT_DIR/content/build/build.sh" +if [ $? != 0 ]; then + exit $? +fi # clean up content folder echo "$SCRIPT_NAME cleaning up pax folder ..." @@ -31,6 +34,7 @@ cd "$SCRIPT_DIR/content" mkdir LOADLIB SAMPLIB cp -X "//DEV.LOADLIB(ZWESIS01)" LOADLIB/ZWESIS01 cp -X "//DEV.LOADLIB(ZWESAUX)" LOADLIB/ZWESAUX +cp -X "//DEV.LOADLIB(ZWESISDL)" LOADLIB/ZWESISDL cp ../bak/samplib/zis/* SAMPLIB cp -r ../bak/bin . cp ../bak/manifest.yaml . diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ca6c819b..5322ca759 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to the ZSS package will be documented in this file. ## Recent Changes +## `2.7.0` + +- Enhancement: A new ZIS plugin, "ZISDYNAMIC" is available within the LOADLIB as ZWESISDL. This plugin allows for ZIS plugins to access utility functions of the zowe-common-c libraries without needing to statically build them into the plugin itself. + ## `2.5.0` - Bugfix: In 2.3 and 2.4, 'safkeyring://' syntax stopped working, only allowing 'safkeyring:////'. Now, support for both is restored. diff --git a/build/build.sh b/build/build.sh index 0dac463b2..2184a4d0d 100755 --- a/build/build.sh +++ b/build/build.sh @@ -32,3 +32,7 @@ fi if [ "$1" = "zss64" ] || [ "$1" = "" ]; then "${WORKING_DIR}/build_zss64.sh" fi + +if [ "$1" = "dynamic_zis_plugin" ] || [ "$1" = "" ]; then + "${WORKING_DIR}/build_dynamic.sh" +fi diff --git a/samplib/zis/ZWESIP00 b/samplib/zis/ZWESIP00 index c9d4da3c2..486504949 100644 --- a/samplib/zis/ZWESIP00 +++ b/samplib/zis/ZWESIP00 @@ -59,6 +59,7 @@ * ZWES.PLUGIN.ECHO=ECHOPL01 * ZWES.PLUGIN.MAGICNUMBER=MNUMBER +ZWES.PLUGIN.ZISDYNAMIC=ZWESISDL ZWES.AUTH.CLASS=ZOWE From 688d098c65e3a2d9a974012bd037cfffe8953949 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Wed, 8 Feb 2023 11:12:26 -0500 Subject: [PATCH 07/14] Update ZWESIP00 Signed-off-by: 1000TurquoisePogs --- samplib/zis/ZWESIP00 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/samplib/zis/ZWESIP00 b/samplib/zis/ZWESIP00 index 486504949..02c1c7b39 100644 --- a/samplib/zis/ZWESIP00 +++ b/samplib/zis/ZWESIP00 @@ -57,9 +57,14 @@ //* */ //********************************************************************/ +//* This plugin should be first. The order of plugins is important */ +//* because a plugin that is a dependency of another should be */ +//* higher in the list for access as early as needed */ +ZWES.PLUGIN.ZISDYNAMIC=ZWESISDL + * ZWES.PLUGIN.ECHO=ECHOPL01 * ZWES.PLUGIN.MAGICNUMBER=MNUMBER -ZWES.PLUGIN.ZISDYNAMIC=ZWESISDL + ZWES.AUTH.CLASS=ZOWE From d294ad445e9ffdf8fc32d509f6009a71a126d447 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Tue, 14 Feb 2023 05:31:39 -0500 Subject: [PATCH 08/14] Fixed unixfile/metadata api was not doing url decoding, so it would fail with urls that had spaces Signed-off-by: 1000TurquoisePogs --- CHANGELOG.md | 1 + c/unixFileService.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5322ca759..5ef6a2bd3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ All notable changes to the ZSS package will be documented in this file. ## `2.7.0` - Enhancement: A new ZIS plugin, "ZISDYNAMIC" is available within the LOADLIB as ZWESISDL. This plugin allows for ZIS plugins to access utility functions of the zowe-common-c libraries without needing to statically build them into the plugin itself. +- Bugfix: Fixed /unixfile/metadata not working when URL encoded spaces were present in file names ## `2.5.0` diff --git a/c/unixFileService.c b/c/unixFileService.c index e7ef661fe..8528218de 100644 --- a/c/unixFileService.c +++ b/c/unixFileService.c @@ -934,7 +934,8 @@ static int serveUnixFileChangeMode(HttpService *service, HttpResponse *response) static int serveUnixFileMetadata(HttpService *service, HttpResponse *response) { HttpRequest *request = response->request; char *fileFrag = stringListPrint(request->parsedFile, 2, 1000, "/", 0); - char *fileName = stringConcatenate(response->slh, "/", fileFrag); + char *encodedFileName = stringConcatenate(response->slh, "/", fileFrag); + char *fileName = cleanURLParamValue(response->slh, encodedFileName); if (!strcmp(request->method, methodGET)) { respondWithUnixFileMetadata(response, fileName); From c6364ebf8014d34c290d8869a2fb95ca2ac325f6 Mon Sep 17 00:00:00 2001 From: achmelo Date: Wed, 22 Feb 2023 14:22:45 +0100 Subject: [PATCH 09/14] address code review Signed-off-by: achmelo --- c/certificateService.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/c/certificateService.c b/c/certificateService.c index c43950abe..9df77c688 100644 --- a/c/certificateService.c +++ b/c/certificateService.c @@ -48,6 +48,8 @@ #define NOTRUST_CERTIFICATE_RC 32 #define NO_IDENTITY_FILTER_RC 48 +#define MAX_URL_LENGTH 17 + static void setValidResponseCode(HttpResponse *response, int rc, int returnCode, int returnCodeRacf, int reasonCodeRacf) { if (rc == SUCCESS_RC && returnCode == SUCCESS_RC_SAF && returnCodeRacf == SUCCESS_RC_RACF && reasonCodeRacf == SUCCESS_REASON_CODE_RACF) { setResponseStatus(response, 200, "OK"); @@ -98,7 +100,7 @@ static int serveMappingService(HttpService *service, HttpResponse *response) { { int urlLength = strlen(request->uri); - if(urlLength < 0 || urlLength > 17) { + if(urlLength < 0 || urlLength > MAX_URL_LENGTH) { respondWithJsonError(response, "URI is longer than maximum length of 17 characters.", 400, "Bad Request"); return 0; } @@ -107,22 +109,17 @@ static int serveMappingService(HttpService *service, HttpResponse *response) { strcpy(translatedURL, request->uri); a2e(translatedURL, sizeof(translatedURL)); char *x509URI = strstr(translatedURL, "x509"); - char *dnURI = strstr(translatedURL, "dn"); + char *distinguishedNameURI = strstr(translatedURL, "dn"); char useridRacf[9]; int returnCodeRacf = 0; int reasonCodeRacf = 0; int rc; if(x509URI != NULL) { - // Certificate to user mapping - if(request->contentLength > 4096 || request->contentLength < 1) { - respondWithJsonError(response, "The length of the certificate is longer than 4096 bytes", 400, "Bad Request"); - return 0; - } rc = getUseridByCertificate(request->contentBody, request->contentLength, useridRacf, &returnCodeRacf, &reasonCodeRacf); - } else if (dnURI != NULL) { - // Distinguished ID to user mapping + } else if (distinguishedNameURI != NULL) { + // Distinguished name to user mapping char *bodyNativeEncoding = copyStringToNative(request->slh, request->contentBody, request->contentLength); char errorBuffer[2048]; Json *body = jsonParseUnterminatedString(request->slh, bodyNativeEncoding, request->contentLength, errorBuffer, sizeof(errorBuffer)); @@ -137,6 +134,10 @@ static int serveMappingService(HttpService *service, HttpResponse *response) { } char *distinguishedId = jsonObjectGetString(jsonObject, "dn"); char *registry = jsonObjectGetString(jsonObject, "registry"); + if (distinguishedId == NULL || registry == NULL) { + respondWithJsonError(response, "Object in request is missing dn or registry parameter.", 400, "Bad Request"); + return 0; + } rc = getUseridByDN(distinguishedId, strlen(distinguishedId), registry, strlen(registry), useridRacf, &returnCodeRacf, &reasonCodeRacf); } else { From cc0a505ee0f8cb4878d17141faa826c1ff684f77 Mon Sep 17 00:00:00 2001 From: Irek Fakhrutdinov Date: Wed, 22 Feb 2023 19:20:05 +0100 Subject: [PATCH 10/14] Fix format specifiers in ZIS messages Signed-off-by: Irek Fakhrutdinov --- h/zis/message.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/h/zis/message.h b/h/zis/message.h index 202350676..6d014818d 100644 --- a/h/zis/message.h +++ b/h/zis/message.h @@ -289,11 +289,11 @@ #define ZISDYN_LOG_STUB_CREATED_MSG ZISDYN_LOG_STUB_CREATED_MSG_ID" "ZISDYN_LOG_STUB_CREATED_MSG_TEXT #define ZISDYN_LOG_STUB_REUSED_MSG_ID ZIS_MSG_PRFX"0210I" -#define ZISDYN_LOG_STUB_REUSED_MSG_TEXT "Stub vector at % p has been reused" +#define ZISDYN_LOG_STUB_REUSED_MSG_TEXT "Stub vector at %p has been reused" #define ZISDYN_LOG_STUB_REUSED_MSG ZISDYN_LOG_STUB_REUSED_MSG_ID" "ZISDYN_LOG_STUB_REUSED_MSG_TEXT #define ZISDYN_LOG_STUB_DELETED_MSG_ID ZIS_MSG_PRFX"0211I" -#define ZISDYN_LOG_STUB_DELETED_MSG_TEXT "Stub vector at % p has been deleted" +#define ZISDYN_LOG_STUB_DELETED_MSG_TEXT "Stub vector at %p has been deleted" #define ZISDYN_LOG_STUB_DELETED_MSG ZISDYN_LOG_STUB_DELETED_MSG_ID" "ZISDYN_LOG_STUB_DELETED_MSG_TEXT #define ZISDYN_LOG_STUB_DISCARDED_MSG_ID ZIS_MSG_PRFX"0212W" From 0c8e5851708dbb4ed738114b02000965414cfc98 Mon Sep 17 00:00:00 2001 From: achmelo Date: Thu, 23 Feb 2023 16:06:18 +0100 Subject: [PATCH 11/14] check for empty body Signed-off-by: achmelo --- c/certificateService.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/c/certificateService.c b/c/certificateService.c index 9df77c688..417e5111f 100644 --- a/c/certificateService.c +++ b/c/certificateService.c @@ -116,7 +116,11 @@ static int serveMappingService(HttpService *service, HttpResponse *response) { int reasonCodeRacf = 0; int rc; if(x509URI != NULL) { - + // Certificate to user mapping + if (request->contentLength < 1) { + respondWithJsonError(response, "The length of the certificate is less then 1", 400, "Bad Request"); + return 0; + } rc = getUseridByCertificate(request->contentBody, request->contentLength, useridRacf, &returnCodeRacf, &reasonCodeRacf); } else if (distinguishedNameURI != NULL) { // Distinguished name to user mapping From 87aa9bc7c455518eada8dd76703eed04e7d95347 Mon Sep 17 00:00:00 2001 From: achmelo Date: Mon, 27 Feb 2023 14:45:37 +0100 Subject: [PATCH 12/14] short description of usermap service changes Signed-off-by: achmelo --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ef6a2bd3..8715d2d59 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ All notable changes to the ZSS package will be documented in this file. ## `2.7.0` - Enhancement: A new ZIS plugin, "ZISDYNAMIC" is available within the LOADLIB as ZWESISDL. This plugin allows for ZIS plugins to access utility functions of the zowe-common-c libraries without needing to statically build them into the plugin itself. +- Enhancement: New REST endpoint that maps distributed username to RACF user ID. - Bugfix: Fixed /unixfile/metadata not working when URL encoded spaces were present in file names ## `2.5.0` From 92f149509a89e7795107cd7a8afc8d8a1143f590 Mon Sep 17 00:00:00 2001 From: achmelo Date: Wed, 1 Mar 2023 10:38:08 +0100 Subject: [PATCH 13/14] backward compatible URL Signed-off-by: achmelo --- c/certificateService.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/certificateService.c b/c/certificateService.c index 417e5111f..2e34c1abb 100644 --- a/c/certificateService.c +++ b/c/certificateService.c @@ -48,7 +48,7 @@ #define NOTRUST_CERTIFICATE_RC 32 #define NO_IDENTITY_FILTER_RC 48 -#define MAX_URL_LENGTH 17 +#define MAX_URL_LENGTH 21 static void setValidResponseCode(HttpResponse *response, int rc, int returnCode, int returnCodeRacf, int reasonCodeRacf) { if (rc == SUCCESS_RC && returnCode == SUCCESS_RC_SAF && returnCodeRacf == SUCCESS_RC_RACF && reasonCodeRacf == SUCCESS_REASON_CODE_RACF) { @@ -101,14 +101,14 @@ static int serveMappingService(HttpService *service, HttpResponse *response) { int urlLength = strlen(request->uri); if(urlLength < 0 || urlLength > MAX_URL_LENGTH) { - respondWithJsonError(response, "URI is longer than maximum length of 17 characters.", 400, "Bad Request"); + respondWithJsonError(response, "URI exceeded maximum number of characters.", 400, "Bad Request"); return 0; } char translatedURL[urlLength + 1]; strcpy(translatedURL, request->uri); a2e(translatedURL, sizeof(translatedURL)); - char *x509URI = strstr(translatedURL, "x509"); + char *x509URI = strstr(translatedURL, "x509/map"); char *distinguishedNameURI = strstr(translatedURL, "dn"); char useridRacf[9]; From 1344b347ed17fc1d05e12a4a08a957d0512cba19 Mon Sep 17 00:00:00 2001 From: James Struga Date: Thu, 2 Mar 2023 13:15:21 -0500 Subject: [PATCH 14/14] update deps Signed-off-by: James Struga --- deps/zowe-common-c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/zowe-common-c b/deps/zowe-common-c index f1bcf35a3..541462f70 160000 --- a/deps/zowe-common-c +++ b/deps/zowe-common-c @@ -1 +1 @@ -Subproject commit f1bcf35a37772e4d17886547393955dbf414ed3c +Subproject commit 541462f70ceff3ca0066aacc203b03df50cdd3d4