diff --git a/CHANGELOG.md b/CHANGELOG.md index 45d40e5d9..bb4e080c8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ All notable changes to the ZSS package will be documented in this file. +## `3.5.0` +- Bugfix: Common JWK error messages contain more information about how to further diagnose their cause. [(#807)](https://github.com/zowe/zss/pull/807) + ## `3.4.0` - Bugfix: Fixed hostname to IP address lookup for "bind-test" program. [(#801)](https://github.com/zowe/zss/pull/801) diff --git a/c/jwk.c b/c/jwk.c index 40df29a32..87be2f61a 100644 --- a/c/jwk.c +++ b/c/jwk.c @@ -118,6 +118,9 @@ static int jwkTaskMain(RLETask *task) { if ((i+1) % warnInterval == 0) { zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, ZSS_LOG_JWK_RETRY_MSG, jwkGetStrStatus(rc), rc, jwkHttpClientGetStrStatus(rsn), rsn, retryIntervalSeconds); + if (rsn == HTTP_CLIENT_TLS_ERROR) { + zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, "If TLS error persists, trace GSK for more detail using YAML property 'components.zss.agent.https.trace: true'\n"); + } } sleep(retryIntervalSeconds); } @@ -125,7 +128,12 @@ static int jwkTaskMain(RLETask *task) { if (success) { zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_INFO, ZSS_LOG_JWK_READY_MSG, settings->fallback ? "with" : "without"); } else { - zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, ZSS_LOG_JWK_FAILED_MSG); + if (indexOf(settings->host, strlen(settings->host), ':', 0) != -1) { + //wraps ipv6 address in [] + zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, ZSS_LOG_JWK_FAILED_IPV6_MSG, settings->host, settings->port, settings->path); + } else { + zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, ZSS_LOG_JWK_FAILED_MSG, settings->host, settings->port, settings->path); + } } fflush(stdout); } @@ -280,6 +288,12 @@ static void getPublicKey(Json *jwk, x509_public_key_info *publicKeyOut, int *sta if (!keyObject) { zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, "JWK doesn't contain key\n"); *statusOut = JWK_STATUS_UNRECOGNIZED_FMT_ERROR; + + zowelog(NULL, LOG_COMP_ID_JWK, ZOWE_LOG_WARNING, "JWK response:\n"); + //Often enough, the destination has some error message that can be printed + jsonPrinter *jp = makeJsonPrinter(STDOUT_FILENO); + jsonPrintObject(jp, jwkObject); + freeJsonPrinter(jp); return; } diff --git a/h/zssLogging.h b/h/zssLogging.h index 74a0f400f..fbbf29c79 100644 --- a/h/zssLogging.h +++ b/h/zssLogging.h @@ -518,8 +518,10 @@ bool isLogLevelValid(int level); #ifndef ZSS_LOG_JWK_FAILED_MSG_ID #define ZSS_LOG_JWK_FAILED_MSG_ID ZSS_LOG_MSG_PRFX"1605W" #endif -#define ZSS_LOG_JWK_FAILED_MSG_TEXT "Server will not accept JWT\n" +#define ZSS_LOG_JWK_FAILED_MSG_TEXT "Server will not accept JWT\nCheck URL https://%s:%d%s for errors.\n" #define ZSS_LOG_JWK_FAILED_MSG ZSS_LOG_JWK_FAILED_MSG_ID" "ZSS_LOG_JWK_FAILED_MSG_TEXT +#define ZSS_LOG_JWK_FAILED_IPV6_MSG_TEXT "Server will not accept JWT\nCheck URL https://[%s]:%d%s for errors.\n" +#define ZSS_LOG_JWK_FAILED_IPV6_MSG ZSS_LOG_JWK_FAILED_MSG_ID" "ZSS_LOG_JWK_FAILED_MSG_TEXT #ifndef ZSS_LOG_JWK_RETRY_MSG_ID #define ZSS_LOG_JWK_RETRY_MSG_ID ZSS_LOG_MSG_PRFX"1606W"