/* REXX */
/*                                       */
/* AUTHOR: Charles Fenton                */
/*                                       */
/*********************************************************************/
/* This script generates analysis of WAS PDI ZWAS0040.               */
/*********************************************************************/
/* Change summary:                                                   */
/*   2008/11/03 - CLF, initial creation of script generate and read  */
/*                WMQ utility reports and process them to create     */
/*                finding details.                                   */
/*   2009/02/29 - CLF, Changes in execution of commands.             */
/*   2009/10/23 - CLF, Corrected test on command return code.        */
/*                Added capibility to check for other logon ids.     */
/* 05/21/2018 CL.Fenton Added "Not Reviewed" to ZWAS0040 for vuls    */
/*            that require additional analysis, STS-019713.          */
/*                                                                   */
/*                                                                   */
/*********************************************************************/
PGMNAME = 'CACC0002 05/21/18'
TERMMSGS = 'OFF'
COMLIST  = 'OFF'
CONSLIST = 'OFF'
SYMLIST  = 'OFF'
TERMPRO  = 'OFF'
USERID   = 'CBADMIN'
pdi      = 'ZWAS0040'
Numeric digits 10                           /* dflt of 9 not enough  */
Arg OPTION
OPTION = translate(OPTION,'=;','()')
interpret OPTION
Address ISPEXEC
"VGET (ACPNAME ACPVERS) ASIS"
if RC <> 0 then do
  if TRACE = 'ON' then do
    TERMMSGS = ON
    COMLIST  = ON
    CONSLIST = ON
    SYMLIST  = ON
    TERMPRO  = ON
    end
  "VPUT (CONSLIST COMLIST SYMLIST TERMPRO TERMMSGS) ASIS"
  "SELECT CMD(CACC1000 ACP)"
  "VGET (ACPNAME ACPVERS) ASIS"
  end
else do
  "VGET (CONSLIST COMLIST SYMLIST TERMPRO TERMMSGS) ASIS"
  end
If CONSLIST = ON | COMLIST = ON | SYMLIST = ON | TRACE = ON ,
  then Trace r
if pdi <> "" then do
  "lminit dataid(pdidd) ddname(pdidd)"
  lminit_pdidd = RC
  "lmopen dataid("pdidd") option(output)"
  lmopen_pdidd = RC
  end
/*********************************************************************/
/* Generate security commands for CBADMIN userid.                    */
/*********************************************************************/
x = outtrap("out.")
if ACPNAME = 'RACF' then ,
  address TSO "LU" USERID
if ACPNAME = 'TSS' then ,
  address TSO "TSS LIST("USERID")DATA(BASIC,PASSWORD)"
if ACPNAME = 'ACF2' then do
  queue "LIST" USERID
  queue "QUIT"
  queue ""
  address TSO "ACF"
  end
acprc = RC
if pdi <> "" then do
  address TSO "NEWSTACK"
  say PGMNAME 'Listing of' USERID 'Return_code =' acprc'.'
  if acprc <> 0 then ,
    queue 'Not a Finding'
  else do
    queue "Not Reviewed"
    queue "The following vendor-supplied user account(s) is" ,
      "(are) defined to the ACP:"
    queue " "
    queue "The factory-set password has not been changed."
    queue " "
    end
  do x = 1 to out.0
    queue "     "out.x
    end
  do x = 1 to queued()
    parse pull ac
    "LMPUT DATAID("pdidd") MODE(INVAR) DATALOC(ac)",
      "DATALEN("length(ac)") MEMBER("pdi")"
    end
  "LMMADD DATAID("pdidd") MEMBER("pdi")"
  if RC = 4 then do
    "LMMREP DATAID("pdidd") MEMBER("pdi")"
    if RC <> 0 then,
      say PGMNAME 'LMMREP_PDIDD =' RC PDI ZERRSM
    end
  else ,
    say PGMNAME 'LMMADD_PDIDD =' RC PDI ZERRSM
  say PGMNAME 'Generating finding details for' pdi 'completed.'
  "lmclose dataid("pdidd")"
  lmclose_pdidd = RC
  "lmfree dataid("pdidd")"
  lmfree_pdidd = RC
  If TERMMSGS = ON then do
    say
    say '=========================================='
    say PGMNAME 'LMINIT_PDIDD         ' lminit_pdidd
    say PGMNAME 'LMOPEN_PDIDD         ' lmopen_pdidd
    say PGMNAME 'ACP_RC               ' acprc
    say PGMNAME 'LMCLOSE_PDIDD        ' lmclose_pdidd
    say PGMNAME 'LMFREE_PDIDD         ' lmfree_pdidd
    say '=========================================='
    end
  end
Exit acprc
/*********************************************************************/
/*  End of main CACC0002 code                                        */
/*********************************************************************/
