/* REXX */ /* CLS2REXXed by UMLA01S on 20 Oct 2025 at 13:44:53 */ /*trace r?*/ Signal On NoValue Call On Error Signal On Failure Signal On Syntax Parse source opsys . exec_name . Address ISREDIT "MACRO" /* CATM000A EDIT PDI(*) */ /*********************************************************************/ /* 04/20/2004 JL Nelson Changed to display No Finding text. */ /* 06/18/2004 JL Nelson ADDED EXIT CODE. */ /* 07/15/2004 JL Nelson Changed DISA Standard to STIG requirement. */ /* 12/15/2004 JL Nelson Changed TSS0620, TSS0650, STIG incorrect. */ /* 02/09/2005 JL Nelson Changed constants to variables before */ /* rename. */ /* 04/13/2005 JL Nelson Added AUTOERASE(ALL) check. */ /* 06/08/2005 JL Nelson Pass MAXCC in ZISPFRC variable. */ /* 06/14/2005 JL Nelson Changed STIG requirement to DISA */ /* recommendation. */ /* 06/14/2005 JL Nelson Changed default logic. */ /* 06/14/2005 JL Nelson Supress DISA recommendation for FSO. */ /* 06/14/2005 JL Nelson Supress TEXT not found for FSO. */ /* 03/15/2006 JL Nelson Made changes to avoid SUBSTR abend 920/932. */ /* 03/21/2006 JL Nelson Use NRSTR avoid abend 900 if ampersand in */ /* data. */ /* 05/09/2006 JL Nelson Avoid RC 20 on ISREDIT LINE when " or ' in */ /* data. */ /* 09/27/2006 CL Fenton Chg to use ACPVERS over VERSION variable. */ /* 09/27/2006 CL Fenton Chg TSS0270 for Manual review on */ /* Unclassified and Not a Finding for YES|ALL settings. */ /* 09/27/2006 CL Fenton Added test for ZUSST052, split from */ /* ZUSST050. Chg ZUSST050 when nothing is specified for */ /* both fields, Not a Finding else Manual review. */ /* 06/28/2007 CL Fenton Changed test for TSS0450 to Not Applicable */ /* when ACPVERS is 9.0 or greater. */ /* 07/09/2007 CL Fenton Resolved several rc 20 error on ISREDIT */ /* cmds. Changed evaluation of TSS0270 and ZUSST050 to */ /* review CLASS. */ /* 08/07/2007 CL Fenton Changed characters that identify breaks to */ /* Non-national or special characters that could appear */ /* in PASSCHAR control option. Added additional analysis */ /* on NEWPW adding SC and PASSCHAR checks. Started with */ /* version 9.0. in PASSCHAR control option. Added */ /* analysis for ZUSST060, to review HFSSEC resource class */ /* in the RDT. */ /* 10/15/2007 CL Fenton Changed &STR to &NRSTR to allow use of & in */ /* PASSCHAR. */ /* 05/05/2008 CL Fenton Changed evaluation of ACPVERS to execute */ /* CACC1000 ACPCOMP to compare ACPVERS with var. */ /* 05/05/2008 CL Fenton Changed ACPVERS evaluation removing 8.0 and */ /* below checks. */ /* 05/12/2009 CL Fenton Changed TSS0450 evaluation of 9.0 not */ /* applicable. Removed ACPVERS checking. */ /* 10/09/2009 CL Fenton Added analysis of TSS0460 to be consistant */ /* with the VMS check. */ /* 03/15/2011 CL Fenton Chgd TSS0400 test from 35 to 30 days. */ /* 05/25/2011 CL Fenton Reverted TSS0400 test from 30 to 35 days. */ /* 03/08/2013 CL Fenton Added TSS0660, TSS0670, TSS0680, and TSS0690 */ /* to evaluate NEWPHRASE, PPSCHAR, NPPTHRESH, PPEXP, and */ /* PPHIST Control option settings, CSD-AR003262504. */ /* 05/28/2013 CL Fenton Corrected TSS0660 rc=852 error, STS-002990. */ /* Also made cosmetic changes to this PDI. */ /* 07/17/2013 CL Fenton Corrected NEWPHRASE tests for MA and MN to */ /* specify GE, STS-003491. */ /* 09/24/2013 CL Fenton Chgd requirements for TSS0270, STS-003180. */ /* 12/10/2014 CL Fenton Added ZUSST052 to evaluate CHOWNURS with TSS */ /* V15 RO6374 PTF remove CHOWNURS control option, */ /* STS-006695. */ /* 01/30/2015 CL Fenton Chgd TSS0660 to evaluate MIN=15 for */ /* NEWPHRASE, STS-008965. */ /* 02/04/2015 CL Fenton Chgd TSS0480 to check for special */ /* characters, STS-004529. */ /* 02/04/2015 CL Fenton Chgd TSS0660 to check for special characters */ /* and removed ID and NR= requirements, STS-008965. */ /* 08/24/2016 CL Fenton Chgd TSS0400 to INACTIVE(0), STS-015248. */ /* 07/18/2017 CL Fenton Chgd ZUSST050 to check for setting of */ /* UNIQUSER is OFF, STS-017961. */ /* 11/15/2017 CL Fenton Added TSS0485 to check the setting of AESENC */ /* for the value of 128 or 256, STS-018642. */ /* 05/23/2018 CL Fenton Added "Not Reviewed" to TSS0270 when */ /* AUTOERASE is not ALL, TSS0460 when MODE(IMPL) is */ /* specified, ZUSST050 when system classification is */ /* classified or not defined and UNIQUSER is not OFF, */ /* TSS0330, and TSS0420 for vuls that require additional */ /* analysis, STS-019713. */ /* 02/20/2019 CL Fenton Chgd TSS0480 and TSS0660 evaluation that all */ /* special characters be specified in PASSCHAR and */ /* PPSCHAR, STS-021085. */ /* 10/20/2025 CL Fenton Converted script from CLIST to REXX. */ /* 11/07/2025 CL Fenton Chgs to add new automation for IBM zSecure */ /* Suite, SCTASKU0461677. */ /* */ /* */ /* */ /*********************************************************************/ pgmname = "CATM000A 11/07/25" sysprompt = "OFF" /* CONTROL NOPROMPT */ sysflush = "OFF" /* CONTROL NOFLUSH */ sysasis = "ON" /* CONTROL ASIS - caps off */ return_code = 0 maxcc = 0 /*******************************************/ /* This EDIT MACRO provides the finding */ /* details from TSS MODIFY(ST) command. */ /*******************************************/ /* VARIABLES ARE PASSED TO THIS MACRO */ /* CONSLIST */ /* COMLIST */ /* SYMLIST */ /* TERMMSGS */ /*******************************************/ Address ISPEXEC "CONTROL NONDISPL ENTER" Address ISPEXEC "CONTROL ERRORS RETURN" return_code = 0 Address ISPEXEC "VGET (CONSLIST COMLIST SYMLIST TERMMSGS ACPVERS", "FINDRC PDITEXT DISATXT FINDTXT8 TYPERUN) ASIS" tm0avget = return_code If return_code <> 0 then do Say pgmname "VGET_RC =" return_code zerrsm Say pgmname "CONSLIST/"conslist "COMLIST/"comlist "SYMLIST/"symlist, "TERMMSGS/"termmsgs Say pgmname "ACPVERS/"acpvers "FINDRC/"findrc "PDITEXT/"pditext, "DISATXT/"disatxt "FINDTXT8/"findtxt8 "TYPERUN/"typerun return_code = return_code + 16 SIGNAL ERR_EXIT End return_code = 0 "(PDINUM) = MEMBER" /*say pgmname "PDINUM:"pdinum "FINDRC:"findrc "PDITEXT:"pditext say pgmname "DISATXT:"disatxt "FINDTXT8:"findtxt8 "TYPERUN:"typerun*/ /*******************************************/ /* TURN ON MESSAGES */ /*******************************************/ syssymlist = symlist /* CONTROL SYMLIST/NOSYMLIST */ sysconlist = conslist /* CONTROL CONLIST/NOCONLIST */ syslist = comlist /* CONTROL LIST/NOLIST */ sysmsg = termmsgs /* CONTROL MSG/NOMSG */ /*******************************************/ /* MAIN PROCESS */ /*******************************************/ lp = "(" rp = ")" row = 0 return_code = 0 spc = " " "CAPS = OFF" "STATS = OFF" "(ROW) = LINENUM .ZLAST" If row > 0 then, "DELETE .ZFIRST .ZLAST" xf = pos("~",pditext) + 1 xl = pos("<",pditext,xf) - 1 Select when xf = 1 then Call NOT_FOUND when left(pditext,1) = 1 then Call ADDITIONAL_CHK when left(pditext,1) = 2 then Call CHECK_RDT when findrc = 0 then Call NOT_A_FINDING otherwise Call A_FINDING End END_EDIT: return_code = 0 ERR_EXIT: If maxcc >= 16 | return_code > 0 then do Address ISPEXEC "VGET (ZISPFRC) SHARED" If maxcc > zispfrc then, zispfrc = maxcc Else, zispfrc = return_code Address ISPEXEC "VPUT (ZISPFRC) SHARED" Say pgmname "ZISPFRC =" zispfrc End tm00arc = return_code Address ISPEXEC "VPUT (TM0AVGET TM00ARC) ASIS" "SAVE" "END" Exit 0 ADDITIONAL_CHK: return_code = 0 "(PDINUM) = MEMBER" If pdinum = "TSS0249" |, pdinum = "TSS0340" |, pdinum = "TSS0370" |, pdinum = "TSS0510" |, pdinum = "TSS0520" then do If xf = 1 then, Call NOT_FOUND Else, If findrc = 0 then, Call NOT_A_FINDING Else Call A_FINDING end BYPASS_TSS0249: If pdinum = "TSS0260" then do If xf = 1 then, Call NOT_FOUND Else do /****************************************************/ /* TEST FINDRC WHEN CONTROL OPTION HAS 2 POSSIBLE */ /* VALUES AVAILABLE. */ /****************************************************/ o1 = pos("OVERRIDE",pditext) o2 = pos("MERGE",pditext) o3 = pos("ALLOVER",pditext) If (o1 > 0 | o2 > 0) & o3 > 0 then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0260: If pdinum = "TSS0360" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "(" down ")" . bw = pos("BW",down) sb = pos("SB",down) tn = pos("TN",down) tw = pos("TW",down) ow = pos("OW",down) If (bw > 0) & (sb > 0) & (tn > 0 | tw > 0) & (ow > 0) then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0360: If pdinum = "TSS0440" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "(" log ")" . init = pos("INIT",log) sec9 = pos("SEC9",log) smf = pos("SMF",log) msg = pos("MSG",log) If (init > 0) & (sec9 > 0) & (smf > 0) & (msg > 0) then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0440: If pdinum = "TSS0270" then do If xf = 1 then, Call NOT_FOUND Else do Address ISPEXEC "VGET (CLASS) ASIS" parse var pditext . "(" opt ")" . ey = pos("YES",opt) en = pos("NO",opt) ea = pos("ALL",opt) e3 = ey + en + ea If e3 = 0 then, Call A_FINDING If ea > 0 then, Call NOT_A_FINDING Else do ac = "Not Reviewed" "LINE_AFTER .ZLAST = (AC)" Call A_FINDING end end end BYPASS_TSS0270: If pdinum = "TSS0320" |, pdinum = "TSS0420" |, pdinum = "TSS0590" then do If xf = 1 then, Call NOT_FOUND Else, If findrc = 0 then, Call NOT_A_FINDING Else do If pdinum <> "TSS0420" then do ac = "Not Reviewed" "LINE_AFTER .ZLAST = DATALINE (AC)" End Call A_FINDING end end BYPASS_TSS0320: If pdinum = "TSS0330" then do If xf = 1 then, Call NOT_FOUND Else, If pos("DIAGTRAP ENTRIES: ON = 00",pditext) > 0 then, Call NOT_A_FINDING Else do ac = "Not Reviewed" "LINE_AFTER .ZLAST = DATALINE (AC)" Call A_FINDING end end BYPASS_TSS0370: If pdinum = "TSS0390" |, pdinum = "TSS0400" |, pdinum = "TSS0500" |, pdinum = "TSS0540" |, pdinum = "TSS0550" |, pdinum = "TSS0560" |, pdinum = "TSS0650" |, pdinum = "TSS0670" |, pdinum = "TSS0680" |, pdinum = "TSS0690" then do /****************************************************/ /* TEST FOR FINDINGS WITH NUMERIC VALUE RANGES */ /****************************************************/ If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "(" fld ")" . If (pdinum = "TSS0390" & (fld >= 1 & fld <= 3)) |, (pdinum = "TSS0400" & fld = 0) |, (pdinum = "TSS0500" & fld = 2) |, (pdinum = "TSS0670" & fld = 2) |, (pdinum = "TSS0540" & (fld >= 1 & fld <= 2)) |, (pdinum = "TSS0550" & (fld >= 1 & fld <= 60)) |, (pdinum = "TSS0680" & (fld >= 1 & fld <= 60)) |, (pdinum = "TSS0560" & (fld >= 10 & fld <= 64)) |, (pdinum = "TSS0690" & (fld >= 10 & fld <= 64)) |, (pdinum = "TSS0650" & (fld >= 1 & fld <= 30)) then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0390: If pdinum = "TSS0460" then do If findrc = 0 then, Call NOT_A_FINDING Else do If pos("IMPL",pditext) > 1 then do ac = "Not Reviewed" "LINE_AFTER .ZLAST = DATALINE (AC)" End Call A_FINDING end end BYPASS_TSS0460: If pdinum = "TSS0480" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "MIN=" min "," . parse var pditext . "WARN=" warn "," . parse var pditext . "MINDAYS=" mindays "," . parse var pditext . "NR=" nr "," . id = pos(",ID",pditext) ts = pos(",TS",pditext) rs = pos(",RS",pditext) sc = pos(",SC",pditext) sw = pos(",SW",pditext) fa = pos(",FA",pditext) fn = pos(",FN",pditext) mc = pos(",MC",pditext) lc = pos(",LC",pditext) uc = pos(",UC",pditext) /* PASSCHAR tests */ passchar = pos("PASSCHAR(",pditext) parse var pditext . "PASSCHAR(" pwchar ")" . pwchar = pwchar"," mpwchar = "" tpasschar = "@,#,$,&,*,^,:,=,!,-,%,.,?,_,|," Do X = 1 to length(tpasschar) by 2 t = substr(tpasschar,x,2) If pos(t,pwchar) = 0 then, mpwchar = mpwchar""t End If length(mpwchar) > 1 then do mpwchar = strip(mpwchar,"T",",") End /* Say pgmname "PWCHAR:<"pwchar"> TPASSCHAR:<"tpasschar">", "MPWCHAR:<"mpwchar">"*/ If passchar = 0 then do pditext = pditext"~ PASSCHAR()<" passchar = pos("PASSCHAR(",pditext) xl = pos("<",pditext,xf) - 1 End Else do y = pos(rp,pditext,passchar) + 1 parse var pditext . =(passchar) pchr =(y) . end at = pos("@",pditext,passchar) lb = pos("#",pditext,passchar) dl = pos("$",pditext,passchar) If min = 8 &, warn >= 1 &, warn <= 10 &, mindays = 1 &, nr = 0 &, id > 0 &, ts > 0 &, rs > 0 &, fa > 0 &, fn > 0 &, mc > 0 &, lc > 0 &, uc > 0 &, sc > 0 &, passchar > 0 &, length(mpwchar) = 0 then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0480: If pdinum = "TSS0485" then do If xf = 1 then, Call NOT_FOUND Else, If pos("(128)",pditext) > 0 |, pos("(256)",pditext) > 0 then, Call NOT_A_FINDING Else Call A_FINDING end BYPASS_TSS0485: If pdinum = "TSS0505" then do If xf = 1 then, Call NOT_FOUND Else do /****************************************************/ /* ADDITIONAL TESTS FOR TSS0505 (OPTIONALS). OTHER */ /* FINDING SENT TO BYPASS_TSS0505. */ /****************************************************/ parse var pditext . "(" fld ")" . fld = fld"," If pos("004,",fld) > 0 then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0505: If pdinum = "TSS0580" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "(" min ")" . If pos("%",min) > 0 then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0580: If pdinum = "TSS0660" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "NEWPHRASE(" newphrase ")" . s1 = pos("NEWPHRASE(",pditext) If s1 = 0 then, newphrase = "MA=0,MN=0,MAX=100,MIN=9,MINDAYS=0,NR=0,SC=0,WARN=3" newphrase = newphrase"," ma = 0 parse var newphrase . "MA=" ma "," . mn = 0 parse var newphrase . "MN=" mn "," . max = 100 parse var newphrase . "MAX=" max "," . min = 9 parse var newphrase . "MIN=" min "," . mindays = 0 parse var newphrase . "MINDAYS=" mindays "," . nr = 0 parse var newphrase . "NR=" nr "," . sc = 0 parse var newphrase . "SC=" sc "," . warn = 3 parse var newphrase . "WARN=" warn "," . id = pos("ID,",newphrase) /* PPSCHAR tests */ ppschar = pos("PPSCHAR(",pditext) parse var pditext . "PPSCHAR(" pwchar ")" . pwchar = pwchar"," mpwchar = "" tpasschar = " ,@,#,$,&,*,^,:,=,!,-,%,.,?,_,|," Do X = 1 to length(tpasschar) by 2 t = substr(tpasschar,x,2) If pos(t,pwchar) = 0 then mpwchar = mpwchar""t End If length(mpwchar) > 1 then do mpwchar = strip(mpwchar,"T",",") End /* Say pgmname "PWCHAR:<"pwchar"> TPASSCHAR:<"tpasschar">", "MPWCHAR:<"mpwchar">"*/ If ppschar = 0 then do pditext = pditext"~ PPSCHAR()<" ppschar = pos("PPSCHAR(",pditext) xl = pos("<",pditext,xf) - 1 End Else do y = pos(rp,pditext,ppschar) + 1 parse var pditext . =(ppschar) pchr =(y) . end at = pos("@",pditext,ppschar) lb = pos("#",pditext,ppschar) dl = pos("$",pditext,ppschar) sp = pos(", ",pditext,ppschar) If sp = 0 then, sp = pos(" ,",pditext,ppschar) ath = pos("7C",pditext,ppschar) lbh = pos("7B",pditext,ppschar) dlh = pos("5B",pditext,ppschar) sph = pos("40",pditext,ppschar) If ma >= 1 &, mn >= 1 &, max = 100 &, min >= 15 &, mindays = 1 &, sc >= 1 &, warn >= 1 &, warn <= 10 &, ppschar > 0 &, length(mpwchar) = 0 then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0660: If pdinum = "TSS0730" then do If xf = 1 then, Call NOT_FOUND Else do parse var pditext . "VTHRESH(" vio "," . ")" . if vio = "" then vio = 5 If datatype(vio) <> "NUM" then, Call A_FINDING not = pos(",NOT",pditext) can = pos(",CAN",pditext) sus = pos(",SUS",pditext) /*If (vio >= 1 & vio <= 10) & not > 0 & can > 0 then, Remove suspend */ If (vio >= 1 & vio <= 10) & not > 0 & (can > 0 | sus > 0) then, Call NOT_A_FINDING Else Call A_FINDING end end BYPASS_TSS0730: If pdinum = "ZUSST050" then do If xf = 1 then, Call NOT_FOUND Else do Address ISPEXEC "VGET (CLASS) ASIS" If class = 2 then do Call NOT_APPLICABLE Return end uniquser = "" parse var pditext . "UNIQUSER(" uniquser ")" . If uniquser = "OFF" then, Call NOT_A_FINDING Else do ac = "Not Reviewed" "LINE_AFTER .ZLAST = DATALINE (AC)" ac = "The following Control Option value(s) is (are) improperly set:" "LINE_AFTER .ZLAST = (AC)" ac = " " "LINE_AFTER .ZLAST = (AC)" ac = " "uniquser "LINE_AFTER .ZLAST = (AC)" Call STIG_REQ end end end BYPASS_ZUSST050: If pdinum = "ZUSST060" then do If xf = 1 then, Call NOT_FOUND Else do If pos("HFSSEC(OFF)",pditext) > 0 then do Call NOT_APPLICABLE Return end x = outtrap("out.") cmd = "TSS LIST(RDT) RESCLASS(HFSSEC)" Address TSO cmd Do x = 1 to out.0 ab = out.x /* set variable*/ If substr(ab,1,12) <> "ACCESSORID =" &, ab <> " " &, substr(ab,1,3) <> "TSS" then do ab = " "ab "LINE_AFTER .ZLAST = (AB)" End End "EXCLUDE ALL '=' 21" return_code = 0 Do until return_code > 0 "FIND ' ' 1 NX FIRST" If return_code = 0 then do "(ROW) = LINENUM .ZCSR" row1 = row - 1 "(AC1) = LINE" row "(AC) = LINE" row1 ac = strip(ac,"T") ac1 = strip(ac1,"B") ac = ac""ac1 "DELETE" row "LINE" row1 "= (AC)" End End ac = " " "LINE_BEFORE .ZFIRST = (AC)" return_code = 0 "FIND 'DEFPROT' ALL" If return_code > 0 then, ac = "The HFSSEC resource class is not defined with DEFPROT." Else do ac = "The HFSSEC resource class has DEFPROT specified." "LINE_BEFORE .ZFIRST = (AC)" ac = "Not a Finding" End "LINE_BEFORE .ZFIRST = (AC)" ac = " " "LINE_AFTER .ZLAST = (AC)" Call STIG_REQ end end Return CHECK_RDT: a = 0 ndrdt. = "" return_code = 0 do y = 2 to words(pditext) - 1 resclass = word(pditext,y) x = outtrap("out.") cmd = "TSS LIST(RDT) RESCLASS("resclass")" Address TSO cmd If return_code > 0 then do return_code = 0 a = a + 1 ndrdt.a = resclass end Else Do x = 1 to out.0 ab = out.x /* set variable*/ /* If substr(ab,1,12) <> "ACCESSORID =" &, ab <> " " &, substr(ab,1,3) <> "TSS" then do*/ If substr(ab,1,12) <> "ACCESSORID =" &, substr(ab,1,3) <> "TSS" then do ab = " "ab "LINE_AFTER .ZLAST = (AB)" "(ROW) = LINENUM .ZLAST" If pos("DEFPROT",ab) > 0 then do "FIND ' ' 1 PREV" "(LINE,COL) = CURSOR" say pgmname line col ".ZLAST" row return_code = 0 "DELETE .ZCSR .ZLAST" say pgmname "DELETE" return_code leave x End End return_code = 0 End End "(ROW) = LINENUM .ZLAST" If row > 0 then do ab = "The following resource class(es) is(are) not defined with", "DEFPROT." "LINE_BEFORE .ZFIRST = (AB)" End If a > 0 then do If row > 0 then do ab = " " "LINE_AFTER .ZLAST = (AB)" end ab = "The following resource class(es) is(are) not defined to", "the RDT record." "LINE_AFTER .ZLAST = (AB)" ab = " " "LINE_AFTER .ZLAST = (AB)" Do x = 1 to a ab = " "ndrdt.x "LINE_AFTER .ZLAST = (AB)" End "(ROW) = LINENUM .ZLAST" End If row = 0 then do ab = "Not a Finding." "LINE_AFTER .ZLAST = (AB)" End Return NOT_APPLICABLE: ac = "Not Applicable" "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If pdinum = "ZUSST060" then, ac = " HFSSEC(OFF) is specified." Else, ac = " Top Secret Version" acpvers "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If xf > 0 & xf <= xl then do x = pos("~",substr(pditext,1,xl)"~",xf) If x = 0 then, x = xl + 1 Do while x > 2 If substr(pditext,xf,1) = " " then, xf = xf + 1 parse var pditext =(xf) ab =(x) . ac = " "ab "LINE_AFTER .ZLAST = DATALINE (AC)" xf = x + 1 x = pos("~",substr(pditext,1,xl)"~",xf) End End Call STIG_REQ Return A_FINDING: ac = "The following Control Option value is improperly set:" "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If xf > 0 & xf <= xl then do x = pos("~",substr(pditext,1,xl),xf) If x = 0 then, x = xl + 1 Do while x > 2 If substr(pditext,xf,1) = " " then, xf = xf + 1 parse var pditext =(xf) ab =(x) . ac = " "ab "LINE_AFTER .ZLAST = DATALINE (AC)" xf = x + 1 x = pos("~",substr(pditext,1,xl)"~",xf) End End STIG_REQ: return_code = 0 If typerun <> "SRRAUDIT" then, Return "LINE_AFTER .ZLAST = DATALINE ' '" zf = 1 zl = length(disatxt) z = pos("~",disatxt) Do while z > zf parse var disatxt . =(zf) fld "~" . ac = "DISA recommendation:" fld "LINE_AFTER .ZLAST = (AC)" zf = z + 1 z = pos("~",disatxt"~",zf) End If zl > zf then do parse var disatxt . =(zf) fld ac = "DISA recommendation:" fld "LINE_AFTER .ZLAST = (AC)" End Return NOT_FOUND: return_code = 0 ac = "The following Control Option value is improperly set:" "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If xf < 4 then ac = " "substr(pditext,2,xl-1) Else, ac = " "substr(pditext,2,xf-2) "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If typerun <> "SRRAUDIT" then, Return z = pos("~",findtxt8) Do while z > 0 zl = length(findtxt8) If z = 1 then, findtxt8 = substr(findtxt8,2,zl) Else If z+1 < zl then, findtxt8 = substr(findtxt8,1,z-1)substr(findtxt8,z+1) Else, findtxt8 = substr(findtxt8,1,zl-1) z = pos("~",findtxt8) End z = pos("'",findtxt8) Do while z > 0 zl = length(findtxt8) If z = 1 then, findtxt8 = substr(findtxt8,2) Else, If z+1 < zl then, findtxt8 = substr(findtxt8,1,z-1)substr(findtxt8,z+1) Else, findtxt8 = substr(findtxt8,1,z-1) z = pos("'",findtxt8) End z = pos(" .ZCSR",findtxt8) Do while z > 0 zl = length(findtxt8) If z = 1 then, findtxt8 = substr(findtxt8,6) Else, If z+5 < zl then, findtxt8 = substr(findtxt8,1,z-1)substr(findtxt8,z+7) Else, findtxt8 = substr(findtxt8,1,z-1) z = pos(" .ZCSR",findtxt8) End z = pos(" ",strip(findtxt8,"T")) Do while z > 0 zl = length(findtxt8) If z+4 < zl then do findtxt8 = substr(findtxt8,1,z-1)substr(findtxt8,z+2) z = pos(" ",strip(findtxt8,"T")) End Else, z = 0 End ac = " "strip(findtxt8,"B")" - Text not found" "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" Call STIG_REQ Return NOT_A_FINDING: ac = "Not a Finding" "LINE_AFTER .ZLAST = (AC)" "LINE_AFTER .ZLAST = DATALINE ' '" If xf > 0 & xf <= xl then do x = pos("~",substr(pditext,1,xl),xf) If x = 0 then, x = xl + 1 Do while x > 2 If substr(pditext,xf,1) = " " then, xf = xf + 1 parse var pditext =(xf) ab =(x) . ac = " "ab "LINE_AFTER .ZLAST = DATALINE (AC)" xf = x + 1 x = pos("~",substr(pditext,1,xl)"~",xf) End End Return NoValue: Failure: Syntax: say pgmname 'REXX error' rc 'in line' sigl':' strip(ERRORTEXT(rc)) say SOURCELINE(sigl) SIGNAL ERR_EXIT Error: return_code = RC if RC > 4 & RC <> 8 then do say pgmname "LASTCC =" RC strip(zerrlm) say pgmname 'REXX error' rc 'in line' sigl':' ERRORTEXT(rc) say SOURCELINE(sigl) end if return_code > maxcc then maxcc = return_code return