"XPNET 3.0 Interim Bug Fixes (IBFs) and Enhancements - XN30TCP" Scr# Change Description ----- ------------------ SCR #2443 TCPCLI - REL2_VER1_TCPL04_980121 21-JAN-98 TCPSRV - REL2_VER1_TCPL04_980121 Reference: RPE. Problem: N/A. Change: Enhancement to support JRI message formats. The default input message format is ??? where is a length word. The length word begins at byte offset 3 (relative to 0), is two bytes long, is a binary value, is in network order, and indicates the byte length of everything in the message (3 + 2 + data length). The message is to be routed "intact" to the application (length word and all). The default output message format is the same as the input format. The application will send the message in this format (length word included). We will assume the message is formatted correctly, including the length word. To request the use of this format option, station userdata must contain a value of -4. This configuration causes TCP to set message format variables to the following default values. Offset of length (ofst_to_len_fld) = 3 Length of length (len_of_len_fld) = 2 length Factor (fixed_headerlen) = 0 As in the past, if one userdata option is specified, all userdata options must be specified or negotiation of userdata in the SET_CATTRS request occurs between TCP and the Network (indicated by Network log event #7059). The keepalive option is currently the only other userdata option. If the format option is specified, the keepalive option should also be specified (-K- or -K+) to eliminate negotiation. If the keepalive option is specified, and negotiation of userdata still occurs, check the format option for valid values (see userdata syntax below). The defaults are the only known requirement, but there is a feeling that other values for the length offset and length factor will be required in the future. To facilitate this, additional syntax for the -4 option is allowed as discussed below. Each of the three format variables may be configured by entering a one byte keyword followed by a value; comma separators are optional. It should be noted that in ALL CASES OF THE -4 option, the entire input message is sent to the application (headers and lengths included) and the application must send the entire output message (again, headers and length included). Anything else would most likely require an entire new option (i.e. -5), or possibly a more flexible method using enhanced versions of the input and output formats in the device entry. Userdata syntax: -4[[,][,] . . .] where = o or O - Offset of length field. Default value = 3 Valid values = 0 thru 32762 l or L - Length of length field. Default value = 2 Valid values = 1 or 2 f or F - length adjustment factor. Default value = 0 Valid values = 0 thru 32762 This value is added to the length in the buffer of incoming messages to obtain the TOTAL message length, for example: 0 - the length includes everything 7 - the length does not include a 7 byte header (length + 7 = total) where = a numeric value for this variable Userdata notes: Once the "-4" is found, anything other than the above (including spaces) stops the parsing for this option and values are left as last set. The default value is used for any of the above variables that are not specified. If the value for ANY variable is not within the valid range, default values for ALL variables are used and negotiation of userdata occurs. Negotiation is indicated by XPNET event #7059, which can also occur if other userdata options are omitted or are invalid (i.e. keepalive). A station inquiry will show the userdata value that TCP has negotiated. Userdata examples: -4 -K+ - default all of length variables -4o3L2F0 -K+ - set all variables to the default -4o03,L02,F00 -K+ - " " " " " " " -4,o3,L2,F0 -K+ - " " " " " " " -4,o9,L1,F10 -K+ - length is at Offset 9, is one byte in Length, and does not include the 10 byte header. Implementation: Install the new TCPCLI and TCPSRV objects. If on a RISC machine, use the TCPAXCL file to accelerate TCPCLI and TCPSRV. Stop and start TCP client/server CTS/E processes. Dependencies: XPNET 2.1 and XPNET 3.0 only. SCR #2489 BASE - REL3^VER0^CTS04^980325 25-MAR-98 CTSEEC - $DATA01.N30CTSE.CTSE00EC CTSEEDDL - $DATA01.N30CTSE.CTSE00ES CTSEETAL - $DATA01.N30CTSE.CTSE00ET CTSEETCL - $DATA01.N30CTSE.CTSE00EA CTSETPLO - $DATA01.N30CTSE.CTSE00PO CTSETPLS - $DATA01.N30CTSE.CTSE00PS GOTCPCLI - $DATA01.N30TCPC.GOTCPCLI GOTCPSRV - $DATA01.N30TCPS.GOTCPSRV TCPCLI - REL3_VER0_TCPC00_980325 TCPEC - $DATA01.N30TCPL.TCP00EC TCPEDDL - $DATA01.N30TCPL.TCP00ES TCPETAL - $DATA01.N30TCPL.TCP00ET TCPETCL - $DATA01.N30TCPL.TCP00EA TCPSRV - REL3_VER0_TCPS00_980325 TCPTPLO - $DATA01.N30TCPL.TCP00PO TCPTPLS - $DATA01.N30TCPL.TCP00PS Reference: N/A. Symptom: N/A. Problem: N/A. Change: Support for running the TCP/IP CTS/E process as a NonStop process pair. Two new PARAMs have been added for CTS/E NonStop support. The PARAM BACKUPTYPE details the type of backup created; the valid values for this parameter are NONE and WARM. A value of NONE indicates that no backup process will be started. A WARM backup is what is commonly known as persistent; the CTSE backup will read for system messages indicating a CPU failure or primary process loss and respond to all other I/Os with error 60 (FEWRONGID), thus forcing the CTS protocol in XPNET to close and reopen to reestablish the CTSE opener table and associated links. The PARAM BACKUPCPU n specifies the CPU in which the CTSE code will initialize the backup process. If the CPU number specified does not exist, is not up, or is the same as the primary, the CTSE will choose a CPU such that it is in the same pair as the primary. For example, if the primary is running in 1, the CTSE will choose 0; if the primary is running in 0, the CTSE will choose 1. Implementation: Install the above listed files onto the XPNET subvolume. Rebind the NETWORK object using the NETB file. To recover better from a CPU failure where the primary Tandem TCP/IP process had been primaried in the failed CPU, a RETRY value of at least 1 should be specified in the XPNET configuration for all XPNET CTS-TCP/IP STATIONs. The GOTCPCLI and GOTCPSRV files have been modified extensively, so any copies of these files previously created should be replaced with the updated sample GO files. Any changes made previously should be reapplied to the newly copied files (such as object file locations, port/service assignments, and TCP/IP process assignments). The statements for PARAM BACKUPTYPE and PARAM BACKUPCPU have been added to the samples. The value for the backup CPU is accepted as the third parameter to the GO file invocation. For example, to initialize a CTS/E server process and place the primary in CPU 0 and the backup in CPU 2, the syntax would be: GOTCPSRV $SRV 0 2 In addition, the PARAMs used by the D20 Sockets library have been changed to DEFINEs (as required by the D30 Sockets library). The following CLASS MAP DEFINEs are now used by Sockets: =TCPIP^HOST^FILE =TCPIP^RESOLVER^NAME =TCPIP^PROCESS^NAME To insure that the backup process can initialize with the IN, OUT and STDERR files, the GOTCPCLI and GOTCPSRV files must explicitly declare these to be defined to a static terminal or terminal emulation process such as SUDOTERM or Tandem's VHS. An ASSIGN STDERR has been added to the sample GO files to point out that this must be explicitly specified. The sample GO files assign STDERR to $SUDO, the IN file to $SUDO and the OUT file to $0. If SUDOTERM or VHS are not running on the system, then the IN and STDERR files must be set to a static terminal file. Dependencies: Requires SCR 2475. SCR #2515 TCPCLI - REL3_VER0_TCPC00_980325 19-MAY-98 - REL3_VER0_TCPL00_980125 TCPSRV - REL3_VER0_TCPS00_980325 - REL3_VER0_TCPL00_980125 Reference: Internally generated enhancement. Symptom: N/A. Problem: N/A. Change: Enhancement to support TCP/IP stream data transfer with XPNET. Implementation: Install the TCPCLI and TCPSRV objects onto the XPNET subvolume and restart any running copies of these processes. To enable stream transfer, the XPNET STATION USERDATA must include the "-3" formatting string. For example, to configure this on an existing XPNET STATION, the following command would be used: ALTER STATION s, USERDATA "-3 -K+" 0 NOTE: XPNET applications must be specifically designed to take advantage of stream transfer. Applications must be able to detect that partial or multiple messages have been received with a single NETREAD or NETLIB_READ_RCV call. This option should NOT be used with standard BASE24 or MONEYNET product. Dependencies: None. SCR #2538 TCPCLI - REL3_VER0_TCPC01_980801 01-AUG-98 - REL3_VER0_TCPL01_980801 TCPSRV - REL3_VER0_TCPS01_980801 - REL3_VER0_TCPL01_980801 Reference: RPE. Problem: N/A. Change: Enhancement to support ASCII record lengths for TCP/IP message format lengths. The format uses the station userdata field to define the length descriptor of the form: offset to length field, length of length field and whether or not the field type is BINARY or ASCII. SCR 2443 implemented an offset and length of length field prepending a TCP message. This has been expanded to include a type of length field (i.e. B = Binary, A = Ascii). If the T variable is not entered for the userdata format it will default to Binary, making this station userdata change backward compatible. Userdata syntax: -4[[,][,] . . .] where = o or O - Offset of length. Default value = 3 Valid values = 0 thru 32762 l or L - Length of length. Default value = 2 Valid values = 1 or 2 (Binary Type) Valid values = 1 thru 5 (Ascii Type) f or F - length Factor. Default value = 0 Valid values = 0 thru 32762 This value is added to the length in the buffer of incoming messages to obtain the TOTAL message length, for example: 0 - the length includes everything 7 - the length does not include a 7 byte header (length + 7 = total) t or T - Type of length field. Default value = B. Valid value = B (BINARY) = A (ASCII) Userdata examples: -4o0L2F0 -K+ - Binary, length 2 at offset 0 -4o00,L05,F00,tA -K+ - Ascii length representation -4,o0,L5,F0,TA -K+ - " " " " " " " -4,o3,L2,F0,TB -K+ - Binary, length 2 at offset 3 Implementation: Install the new TCPCLI and TCPSRV objects. If on a RISC machine, use the TCPAXCL file to accelerate TCPCLI and TCPSRV. Stop and start TCP client/server CTS/E processes. Dependencies: XPNET 3.0 only. SCR #2574 TCPSRV - REL3_VER0_TCPS02_980911 11-SEP-98 Reference: Case 311256. Symptom: TCPSRV abends when processing event CTS_RECV_DATA in state IDLE or state SHUTDOWN_PENDING. These problems have been encountered only when a server application running in XPNET sent a disconnect control message to the CTS station while the client was still sending in messages. Problem: The CTS_RECV_DATA event was not accounted for in the IDLE or SHUTDOWN_PENDING state tables. In the case of the process abending in the IDLE state, the shutdown completed in the TCPSRV process before the CTS station was aware it had completed. In the meantime the CTS station had issued another receive-data command to the TCPSRV process. In the case of the process abending in the SHUTDOWN_PENDING state, a receive-data was issued by the CTS station while the TCPSRV was waiting for its shutdown request to complete. Change: Modified the IDLE and SHUTDOWN_PENDING state tables to allow the receive-data command from the CTS station while the TCPSRV process is in those states. In these states, the receive-data request will be treated as a valid request to which a response will be returned indicating that no connection is available. Implementation: Install the new TCPSRV object. If on a RISC machine, use the TCPAXCL file to accelerate TCPSRV. Stop and start TCP server CTS/E processes. Dependencies: None. SCR #2634 TCPCLI - REL3_VER0_TCPC02_981215 Reference: Case 313379 Symptom: TCPCLI abends when processing event CTS_RECV_DATA in state IDLE or state SHUTDOWN_PENDING. Problem: The CTS_RECV_DATA event was not accounted for in the IDLE or SHUTDOWN_PENDING state tables. In the case of the process abending in the IDLE state, the shutdown completed in the TCPCLI process before the CTS station was aware it had completed. In the meantime the CTS station had issued another receive-data command to the TCPCLI process. In the case of the process abending in the SHUTDOWN_PENDING state, a receive-data was issued by the CTS station while the TCPCLI was waiting for its shutdown request to complete. Change: Modified the IDLE and SHUTDOWN_PENDING state tables to allow the receive-data command from the CTS station while the TCPCLI process is in those states. In these states, the receive-data request will be treated as a valid request to which a response will be returned indicating that no connection is available. Implementation: Install the new TCPCLI object. If on a RISC machine, use the TCPAXCL file to accelerate TCPCLI. Stop and start TCP client CTS/E processes. Dependencies: None. SCR #2626 TCPSRV - rel3^ver0^ctse01^981125 19-NOV-98 TCPCLI - rel3^ver0^ctse01^981125 CTSE - rel3^ver0^ctse01^981125 Reference: Cases 311950, 312446, 312450 Symptom: 1) XPNET logs an 'Open error 60' event 6223 after a TCPSRV NonStop takeover due to a CPU failure and the XPNET CTS-TCP/IP stations remain in ABNORMAL state. 2) XPNET logs a 'Checkopen error 60' event 6175 after a TCPSRV NonStop takeover due to a CPU failure and XPNET disables its NonStop hot backup process. 3) CTS stations are in a STARTING state after a CPU failure and never go to STARTED. Problem: CTSE is not getting the close message so we do not know that the opener has gone away. Also, we do not get notification of a cpu failure which would invoke logic to handle lost opens. Change: Added NSK MONITORCPUS call so CTSE will get notification of a CPU failure. This will trigger recovery of lost openers and initiate the close of the tcp/ip socket. Corrected the search of the opener table when checking for lost openers. Modified a MONITORCPUS call in the active backup processing code. Added code to handle a timing situation where NSK OPENER_LOST_ call doesn't detect loss of openers. Implementation: Install the TCPSRV, TCPCLI, and CTSE objects on the XPNET subvolume. Stop all lines/stations using the TCPSRV or TCPCLI process, stop the TCPSRV and TCPCLI processes, restart TCPSRV and TCPCLI using the new objects and restart the lines/stations. Dependencies: None. SCR #2735 GOTCPSRV - $DATA01.N30TCPS.GOTCPS01 23-JUN-99 Reference: Case 317509 Symptom: Cannot stop TCP keepalive messages from being sent. Problem: Param KEEPALIVE is not documented in the GOTCPSRV file. This parameter allows control of keepalive activity for all sockets created by the TCPSRV process. Change: Added param KEEPALIVE to the GOTCPSRV file. The default is on, so it must be explicitly set to OFF to actively disable TCP keepalive activity from the Tandem. Implementation: Stop the TCPSRV and restart with the new GOTCPSRV file. Dependencies: None. SCR #2781 TCPSRV - rel2_ver1_tcps05_990929 29-SEP-99 - rel3_ver0_tcps03_990929 Reference: 318637 Symptom: TCPSRV is consuming large amount of memory. It grows at a slow continuous rate. Problem: There is a memory leak when we get a error on an Accept_NW2 call. Memory is allocated before the call. If the call fails, the memory allcated is not deallcoated. Change: Added code to free up the memory if the Accept_nw2 error occurs. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV module and restart. Dependencies: None. SCR #2761 TCPSRV - rel2_ver1_tcps05_990802 02-AUG-99 - rel3_ver0_tcps04_991004 Reference: 312297 Symptom: Stations that are in the STARTING state do not go ABNORMAL when a Tandem TCP/IP process is taken down. In a large TCP/IP environment, it becomes difficult to identify the stations that need operator intervention if they remain in a STARTING state. Problem: The TCPSRV does not get a error for each station that is in the STARTING state because there is no connection allocated. Change: When we get an error 66 on the Accept_nw then invoke processing to search the generic and specific pools and force an FEDEVDOWN error on those stations that are in the STARTING state. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Dependencies: None. SCR #2788 TCPSRV - rel3_ver0_ctse02_991011 11-OCT-99 rel3_ver0_tcps04_991004 TCPCLI - rel3^ver0^ctse02^991011 rel3^ver0^tcpc02^981215 CTSETPLS - $data01.n30ctse.ctse01ps CTSETPLO - $data01.n30ctse.ctse01po Reference: 318586 Symptom: None. Problem: None. Change: Added two external commands to ENABLE and DISABLE backup creation. The NCPCOM syntax for the commands are as follows: TELL EXTERNAL $PPD.#DISABLE," " TELL EXTERNAL $PPD.#ENABLE," " where $PPD is the ppd of the TCPSRV process. The DISABLE command will disable the TCPSRV process from attempting to create a backup. The ENABLE command will enable the TCPSRV process to create a backup. Implementation: Restore the CTSETPLS and CTSETPLO files to the XPNET subvolume. The full set of template files (including EMSNRES and EMSRES) must be rebuilt by obeying the TMPLMAKE and GOINST obey files. Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Dependencies: None. SCR #2806 TCPSRV - rel3^ver0^ctse02^991011 01-DEC-99 rel3^ver0^tcps04^991004 TCPCLI - rel3^ver0^ctse02^991011 rel3^ver0^tcpc02^981215 GOTCPSRV - $data01.n30tcps.gotcps02 GOTCPCLI - $data01.n30tcpc.gotcpc02 Reference: 318586 Symptom: TCPSRV would continuously create saveabend files for its backup after a cpu takeover. Problem: A CPU failure occured for the cpu that contained the TCPSRV backup process. The collector process defined by STDOUT was also in the failed cpu and was not running non-stop. When TCPSRV re-created its backup the CRE would abend because the process defined by the STDOUT no longer exists. Change: Added #pragma nostdfiles which instructs the CRE run time library to omit opening the standard streams. This requires CTS/E to explicitly open whichever streams are needed using the fopen_std_file function. This prevents CRE from abending the process if there is no stdout process. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Dependencies: None. SCR #2812 TCPSRV - rel3_ver0_tcps05_000105 15-JAN-00 rel3_ver0_tcpl02_000105 TCPCLI - rel3_ver0_tcpc05_000105 rel3_ver0_tcpl02_000105 TCPEC - n30tcpl.tcp01ec TCPEDDL - n30tcpl.tcp01es TCPETAL - n30tcpl.tcp01et TCPETCL - n30tcpl.tcp01ea TCPTPLO - n30tcpl.tcp01po TCPTPLS - n30tcpl.tcp01ps Reference: Internal Symptom: N/A Problem: N/A Change: Added functionality to disable the Nagle algorithm. This is done by doing a setsockoption for TCP_NODELAY on individual sockets. The algorithm says that when a TCP connection has outstanding data that has not yet been acknowledged, small segments cannot be sent until the outstanding data is acknowledged. Instead, small amounts of data are collected by TCP and sent in a single segment when the acknowledgement arrives. The value for userdata to set the option to disable the Nagle algorithm is (-D-) to enable the algorithm it should set to (-D+). The default (userdata -D- and -D+ not specified) does not make the setsock_nw call. Tandems default is to have the algorithm enabled. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2825 TCPSRV - rel3^ver0^tcps06^000330 30-MAR-00 - rel2^ver1^tcps08^000330 Reference: Case #322964 Symptom: TCPSRV process has hung. Problem: An error 200 occurred on an accept2 socket call. TCPSRV does not reply back to CTS. CTS stays in the acccepting state which hangs TCPSRV. Change: Reply back to CTS when a retryable or fatal error occurs on an accept2 socket call. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Dependencies: None. SCR #2827 TCPSRV - rel3^ver0^tcps07^000410 10-APR-00 Reference: 323149 Symptom: Primary and backup copy of TCPSRV go away after a backup takeover when KEEPALIVE param is specified in the TCPSRV startup tacl macro file. EMS event 2011, Master socket bind_nw() error 4114 - (EADDRINUSE) Address already in use, is generated. Problem: When the KEEPALIVE param is specified the bind gets the error 4114 and the error action is to stop. Change: Changed EADDRINUSE to be retryable. The bind will be retried and the backup takeover is successful. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Dependencies: None. SCR #2851 TCPSRV - rel3^ver0^tcps08^000730 30-JUL-00 rel3^ver0^tcpl03^000730 TCPCLI - rel3^ver0^tcpc06^000730 rel3^ver0^tcpl03^000730 TCPEC - n30tcpl.tcp02ec TCPEDDL - n30tcpl.tcp02es TCPETAL - n30tcpl.tcp02et TCPETCL - n30tcpl.tcp02ea TCPTPLO - n30tcpl.tcp02po TCPTPLS - n30tcpl.tcp02ps Reference: Case #325816/Internal Enhancement for TTM EBCDIC /length indicator. Symptom: The LADDR field on the CTS station is not displaying the address when initially set to blanks and the port and ip address are dynamically assigned. Problem: A call to GETSOCKNAME is never done. Change: Added functionality to the Enhancement to support TTM (Tokyo Tele Message) TCP/IP message format lengths, See SCR 2538. The TTM length descriptor has been expanded to include the EBCDIC type of length field. This EBCDIC TTM length descriptor field in the header has a maximum length of five (5) and a minimum length of one (1). Added a call to GETSOCKNAME to return the local address that was issued dynamically by TCP\IP when a client issues a connect and does not have a local address configured. This local address is passed back to XPNET and displayed in the LADDR of the station once the connection is made. Userdata syntax: -4[[,][,] . . .] where = o or O - Offset of length. TTM Valid value = 0 l or L - Length of length. TTM Valid value = 5 f or F - length Factor. TTM Valid value = 0 t or T - length Factor. TTM Valid value = B (BINARY) = A (ASCII) = E (EBCDIC) Userdata examples: -4o0L2F0 -K+ -4o00,L05,F00,tA -K+ -4,o0,L5,F0,TA -K+ -4,o0,L2,F0,TB -K+ -4,o0,L2,F0,TE -K+ Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2855 TCPSRV - rel3^ver0^tcps08^000730 30-JUL-00 - rel3^ver0^tcpl03^000730 Reference: Case #326308 Symptom: Keepalives are not sent when PARAM KEEPALIVE is set to ON. Problem: The call to SETSOCKOPT_NW for the KEEPALIVE option and the REUSEADDR option is using an incorrect param in the optlen position. Change: Changed the optlen param for the SETSOCKOPT_NW call for the KEEPALIVE and REUSEADDR options from the sizeof short to sizeof boolean. Implementation: Stop all lines/station using the TCPSRV processe, stop the TCPSRV process, install new TCPSRV object restart TCPSRV, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Dependencies: None. SCR #2888 TCPCLI - REL3_VER0_TCPC07_001201 01-DEC-00 Reference: Case 329874 Symptom: TCPCLI abends in the IDLE state when processing a RECEIVE_DATA request with an unexpected/invalid connect ID. This happened when the station ERRORACT attribute was set to IGNORE. Problem: The IDLE state table did not allow for a CTS_RECV_DATA request being received with an unexpected connect ID. This may occurr in certain exception conditions, especially when ERRORACT is set to IGNORE. Change: Modified the IDLE state table to allow for the invalid_connid event. This event is uniformly treated in all states as an invalid request and an error response of CTS_ERR_INV_CONN_ID is returned to XPNET. Implementation: Install the new TCPCLI object. If on a RISC machine, use the TCPAXCL file to accelerate TCPCLI. Stop and start TCP client CTS/E processes. Dependencies: None. SCR #2908 TCPSRV - rel3^ver0^tcps09^010130 30-JAN-01 rel3^ver0^tcpl04^010130 - rel2^ver1^tcps09^010330 rel2^ver1^tcpl05^010330 TCPCLI - rel3^ver0^tcpc08^010130 rel3^ver0^tcpl04^010130 - rel2^ver1^tcpc04^010330 rel2^ver1^tcpl05^010330 Reference: RPE. Problem: N/A. Change: Enhancement to support a Configurable Length Indicator. This enhancement through the station USERDATA allows the Length Indicator to be configured with pad characters in the front and to the back of the Length Indicator. It also allows the length indicator to be ASCII, EBCDIC, or BINARY. If the Length Indicator is configured as ASCII or EBCDIC, it can be from 1 to 5 bytes in length. If configured as Binary the Length Indicator must be 2 bytes in length. The value of the length indicator can indicate the length of the data following it, it can also indicate the length of the data following it plus any part of the length of the Length Indicator and pad chars. NO PART OF THE LENGTH INDICATOR AND PAD CHARS CAN BE PASSED ON TO THE XPNET APPLICATION, ONLY THE ACTUAL TEXT WILL BE PASSED TO THE XPNET APPLICATION. To request the use of this format option, station userdata must contain a value of -5. This configuration causes CTS to set message format variables to the following default values: Length of length indicator (len_of_len_fld) = 2 Length Type = Binary Length Factor (fixed_headerlen) = 0 As in the past, if the Length Indicator option is specified the keepalive option must also be specified or "negotiation" of userdata in the SET_CATTRS request occurs between TCP (CTS/E) and XPNET (CTS/I). If the Length Indicator option is specified, the keepalive option should also be specified (-K- or -K+) to eliminate negotiation. If negotiation occurs the Length Indicator will default to the values above. The userdata syntax is: -5[[,][,][,] ...] where = [[,] . . .] where = t or T - length type. Valid value = B (BINARY) (default) = A (ASCII) = E (EBCDIC) l or L - Length of length indicator. This value is dependent on the value of T the Length Type. If the Length Type is set to B(binary) the the Length of Length Indicator must be set to 2. If the Length Type is set to A(ASCII) or E(EBCDIC) the Length of Length Indicator must be set to a value from 1 to 5. if absent, the default value (2) is used. used. f or F - Length Factor. The length factor is the number of bytes of pad and length indicator that are included in the value of the Length Indicator. See examples at end of section. if absent, the default value is 0. where = [ . . . [,]] where = PF or pf = Pad Front indicator where = the number of bytes of pad front. Valid values are 1 - 99. where = the type/value of pad characters type = A (ASCII) = E (EBCDIC) = %H (HEX) value = for A and E any printable character, except double quotes, to indicate double quotes use HEX notation, spaces are delimited with double quotes. ex. " " or " " or " "" ". for %H any single or two digit HEX value. ex. %HA%H00%H3%HF0%H0. where = [ . . . [,]] where = PB or pb = Pad Back indicator where = the number of bytes of pad back. Valid values are 1 - 99. where = the type/value of pad characters type = A (ASCII) = E (EBCDIC) = %H (HEX) value = for A and E any printable character, except double quotes, to indicate double quotes use HEX notation, spaces are delimited with double quotes. ex. " " or " " or " "" ". for %H any single or two digit HEX value. ex. %HA%H00%H3%HF0%H0. USERDATA Examples in the following form: [ -5,Fx,Lx,TA,PFxA PBxA -K+ ] B E E E %Hxx%Hxx..., %Hxx%Hxx... 1) This USERDATA string -5,L2,F0,Tb,PF4%H30%H30%H30%H30,PB3%H30%H30%H30 -K+ will result in the following Length Indicator and pad. pf = pad front pb = pad back bb = Length Indicator text = actual application message pf pb text | | | [0000bb000HELLO] | bb = two bytes in binary network order. the value of bb is determined by: bb = ( number of bytes of text - in this case 5 (HELLO) + Fx ). where the value Fx is taken from the configured USERDATA, Fx is the number of bytes of pad characters and Length Indicator to include in the value of the Length indicator. bb = ( 5 + 0 ) bb in this case for the message HELLO is set to 5. 2) This USERDATA string -5,l2,f9,tb,pf4a0000,pb3aN" "N -K+ will result in the following Length Indicator and pad. pf = pad front pb = pad back bb = Length Indicator text = actual application message pf pb text | | | [0000bbN NHELLO] | bb = two bytes in binary network order. the value of bb is determined by: bb = ( number of bytes of text - in this case 5 (HELLO) + Fx ). where the value Fx is taken from the configured USERDATA, Fx is the number of bytes of pad characters and Length Indicator to include in the value of the Length indicator. bb = ( 5 + 9 ) bb in this case for the message HELLO is set to 14. 3) This USERDATA string -5,l4,f0,ta,pf4aNB" ",pb3a" "Z -K+ will result in the following Length Indicator and pad. pf = pad front pb = pad back bb = Length Indicator text = actual application message pf pb text | | | [NB aaaa ZHELLO] | aaaa = four bytes of ascii numeric characters the value of aaaa is determined by: aaaa = ( number of bytes of text - in this case 5 (HELLO) + Fx ). where the value Fx is taken from the configured USERDATA, Fx is the number of bytes of pad characters and Length Indicator to include in the value of the Length indicator. aaaa = ( 5 + 0 ) aaaa in this case for the message HELLO is set to 5. pf pb text | | | [NB 0005 ZHELLO] | aaaa = four bytes of ascii numeric characters. 4) This USERDATA string -5,l4,f11,ta,pf4aNB" ",pb3a" "Z -K+ will result in the following Length Indicator and pad. pf = pad front pb = pad back bb = Length Indicator text = actual application message pf pb text | | | [NB aaaa ZHELLO] | aaaa = four bytes of ascii numeric characters the value of aaaa is determined by: aaaa = ( number of bytes of text - in this case 5 (HELLO) + Fx ). where the value Fx is taken from the configured USERDATA, Fx is the number of bytes of pad characters and Length Indicator to include in the value of the Length indicator. aaaa = ( 5 + 11 ) aaaa in this case for the message HELLO is set to 16. pf pb text | | | [NB 0016 ZHELLO] | aaaa = four bytes of ascii numeric characters. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2910 TCPSRV - rel3^ver0^tcps09^010130 30-JAN-01 rel3^ver0^tcpl04^010130 - rel2^ver1^tcps09^010330 rel2^ver1^tcpl05^010330 TCPCLI - rel3^ver0^tcpc08^010130 rel3^ver0^tcpl04^010130 - rel2^ver1^tcpc04^010330 rel2^ver1^tcpl05^010330 Reference: Case #332129 Symptom: TCPSRV creates a saveabend. Problem: If MAXBUFLEN param in the GOTCPSRV and the GOTCPCLI files are set to a value that is lower then the size of a message comming in from TCP\IP the recv buffer overflows which causes memory corruption. When the process goes to free memory the process saveabends. Change: Compare the Length Indicator value to the recv buffer length on messages received from TCP\IP. Log a message that the Length Indicator is invalid and close the socket if the Length Indicator value is greater than the receive buffer length. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2912 TCPSRV - rel3^ver0^tcps09^010130 30-JAN-01 rel3^ver0^tcpl04^010130 TCPCLI - rel3^ver0^tcpc08^010130 rel3^ver0^tcpl04^010130 Reference: Case #326729 Symptom: TCPSRV and TCPCLI go abnormal when a message is received with an invalid length indicator. Problem: Code was designed to go abnormal when a message is received with an invalid length indicator. Code was then modified in an earlier release to log a message, disconnect and reset when the RADDR on a server station is set to blanks. As per customers request this is expanded to all settings for RADDR for server and for the client. Change: Code now allows the server and client to log a message and reset when a message is received with an invalid length indicator. In all configurations. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2921 TCPSRV - rel3_ver0_tcps10^010515 15-MAY-01 Reference: case #333908 Symptom: Server station goes abnormal when a client tries to conect in and gets an error 4003 (ESRCH). Problem: An accept_nw2 call was issued on a socket the had been shutdown or closed, this then send the station into an abnormal state. Change: Make the error 4003 (ESRCH) a retryable error and have the station go back to starting instead of abnormal. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2922 TCPSRV - rel3^ver0^tcps10^010515 15-MAY-01 rel3^ver0^tcpl05^010515 TCPCLI - rel3^ver0^tcpc09^010515 rel3^ver0^tcpl05^010515 Reference: Internal Symptom: Station userdata configuration requires that both the length indicator and the keepalive params be present otherwise the CTSE would negotiate the userdata with CTS. Problem: NA Change: Removed the requirement that both the length indicator and keepalive params be present in userdata. If the keepalive param is not present it will default to send keepalives for the client. Previously, as stated above the keepalive param was required for the server and client in userdata, however it was not used by the server process. The keepalive param is set in the GOTCPSRV file for the server process. If the length indicator is not present it will default to the -0 option for either the server or the client. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None. SCR #2923 TCPSRV - rel3_ver0_tcps10_010515 18-MAY-01 rel3_ver0_tcpl05_010515 rel2_ver1_tcps10_010613 rel2_ver1_tcpl06_010613 TCPCLI - rel3_ver0_tcpc09_010515 rel3_ver0_tcpl05_010515 rel2_ver1_tcpc05_010613 rel2_ver1_tcpl06_010613 BASE - rel3^ver0^rel45^010627 rel3^ver0^cts12^010518 rel2^ver1^rel38^010613 rel2^ver1^cts09^010613 CTSDC - $data01.n30cts.cts02dc $data01.n21cts.cts02dc CTSDDDL - $data01.n30cts.cts02ds $data01.n21cts.cts02ds CTSDTAL - $data01.n30cts.cts02dt $data01.n21cts.cts02dt CTSDTCL - $data01.n30cts.cts02da $data01.n21cts.cts02da CTSEH - $data01.n30ctse.ctse01cg $data01.n21ctse.ctse01cg CTSE - $data01.n30ctse.ctse04 $data01.n21ctse.ctse02 Reference: Case 333860 Symptom: An approval message was sent to the device but an error occured, the approval message didn't make it to the device and BASE24 didn't reverse the transaction. TCPSRV generated the following event message (2026): S1A^SRV001 - send() completed ok on disconnected socket. Problem: Whenever this event message is generated by either TCPSRV or TCPCLI, the connection had an error sometime before or during the SEND(). There is no way of determining if the approval message reached the device and the application process is not notified of the possible problem. Change: Modified the TCPSRV and TCPCLI as well as XPNET to return the message to the device handler with a message failure code of 106. The device handler can then decide whether it wants to reverse the transaction or not. Implementation: Stop all lines/station using the TCPSRV and the TCPCLI processes, stop the TCPSRV and the TCPCLI processes, install new TCPSRV and the TCPCLI object, restart TCPSRV and TCPCLI, and restart the lines/stations. Install the new BASE module onto the XPNET subvolume and rebind the network using the NETB file. If running on a RISC machine, execute the TCPAXCL file. Dependencies: None. SCR #2933 GOTCPCLI - $data01.n30tcpc.gotcpc03 29-JUN-01 GOTCPSRV - $data01.n30tcps.gotcps03 Reference: 336062 Symptom: TCP process startup macros failed on startup with "Expecting a legal processid or cpu,pin" Problem: The stdout assign was set to $0 and then evaluated as a process. $0 is not an actual process so this failed. Change: Defaulted sdtout to $sudo and added comments. Implementation: Install new GOTCPCLI,GOTCPSRV. Execute as usual. Dependencies: None. SCR #2934 GOTCPSRV - $data01.n30tcps.gotcps03 29-JUN-01 Reference: internal Symptom: This macro would not establish connection when inaddr was specified by the customer Problem: Setting the inaddr caused the connection to fail. The inaddr param is redundant since the internet address we are connecting to is already set up in the $ZTCx process. Change: Removed the inaddr setting Implementation: Install new GOTCPSRV. Execute as usual. Dependencies: None. SCR #2939 TCPSRV - rel3_ver0_tcps11_010801 15-MAY-01 TCPCLI - rel3_ver0_tcpc10_010801 Reference: Case 336502 Symptom: TCPCLI or TCPSRV create a saveabend file without generating an EMS event. Problem: While in the SHUTDOWN_PEND state, a message larger than what was defined as the XMITLEN size for the station is read. This was not allowed for in the state machine. Change: Added an entry in the state machine to allow for this situation. Dependencies: None. SCR #2943 MQSI - REL3_VER0_MQSI07_010920 20-SEP-01 CTSE - REL3_VER0_CTSE05_010920 TCPSRV - rel3_ver0_tcps12_010920 TCPCLI - rel3_ver0_tcpc11_010920 CTSETPLS - $data01.n30ctse.ctse03ps CTSETPLO - $data01.n30ctse.ctse03po Reference: Case #338329 Symptom: MQSI logs a message that states "No backup Configured" when a warm backup was actually started. Problem: The CTSE code was coded incorrectly when logging the type of backup that was configured. Change: Altered CTSE code to correctly reflect what type of backup was configured when logging message #1015. No backup Warm backup Hot backup. Implementation: Restore the CTSETPLS and CTSETPLO files to the XPNET subvolume. The full set of template files (including EMSNRES and EMSRES) must be rebuilt by obeying the TMPLMAKE and GOINST obey files. Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Stop all lines/stations using the TCPCLI process, stop the TCPCLI process, install new TCPCLI object, restart TCPCLI, and restart the lines/stations. Stop all lines/stations using the MQSI process, stop the MQSI process, install new MQSI object, restart MQSI, and restart the lines/stations. Dependencies: XPNET 3.0 only. SCR #2946 TCPSRV - rel3^ver0^tcps12^010920 01-OCT-01 rel3^ver0^tcpl06^010920 TCPCLI - rel3^ver0^tcpc11^010920 rel3^ver0^tcpl06^010920 Reference: Internal. Symptom: Server process Dumps. Problem: If the RADDR field on the station is configured with an address composed of alphbetic characters that completely fill the field a pointer is set incorrectly. Change: Altered code to correctly set the pointer when the address is configured with alphbetic characters that completely fill the field. Implementation: Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Stop all lines/stations using the TCPCLI process, stop the TCPCLI process, install new TCPCLI object, restart TCPCLI, and restart the lines/stations. Dependencies: None. SCR #2947 TCPTPLS - $data01.n30tcpl.tcp03ps 03-OCT-01 TCPTPLO - $data01.n30tcpl.tcp03po Reference: Case 338970. Symptom: None. Problem: Event messages regarding socket errors contained a vague description for the REMEDY. Change: Modified the REMEDY section to indicate the manual in which the customer can find a description of the error. Implementation: Replace TCPTPLS and TCPTPLO on the XPNET subvolume. There is no need to regenerate the template files as there were no changes made to the actual events themselves. If the customer uses the EVENTCX file, CXUTIL will need to be run to bring in the updated documentation. Dependencies: None. SCR #2948 TCPSRV - rel3^ver0^tcps12^010920 01-OCT-01 rel3^ver0^tcpl06^010920 Reference: Case 339233 Symptom: N.A. Problem: N.A. Change: Allow the station RADDR to be configured with a valid port address and a 0 for the IP address. This will allow the Server to accept connections from any ip address with the valid port configured. Implementation: Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. Dependencies: None. SCR #2960 TCPSRV - rel3_ver0_tcps13_011128 28-NOV-01 rel3_ver0_ctse06_011128 TCPCLI - rel3_ver0_tcpc12_011128 rel3_ver0_ctse06_011128 Reference: Case 339872 344367 344394 Symptom: Event message 2105 is generated indicating an error 60 and then event message 2008 is generated indicating the station is going into the STARTING state. The TCPSRV or TCPCLI process involved then dumps. Problem: The TCPSRV or TCPCLI process receives a message from some process not in its table of openers. An error 60 is generated which causes XPNET to close and reopen the station. However, when the close comes in to either TCPSRV or TCPCLI, if they can't find the process in the table of openers, it dumps. Change: Changed the code to not dump if it can't find the the process doing the close in the table of openers. Implementation: Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: None. SCR #2972 TCPCLI - rel3_ver0_tcpc13_020206 06-FEB-02 rel3_ver0_tcpl07_020206 Reference: #341224 Symptom: N/A. Problem: N/A. Change: Added code to allow an INADDR param to be passed to the Client process. This param will allow the Client to bind to a configured IP address. Implementation: Stop all lines/stations using the TCPCLI and/or the TCPSRV processes, stop the TCPCLI and/or TCPSRV processes, install the new object, restart TCPCLI and/or TCPSRV and restart the lines/stations. Dependencies: None. SCR #2973 TCPSRV - rel3_ver0_tcps14_020206 06-FEB-02 rel3_ver0_tcpl07_020206 TCPCLI - rel3_ver0_tcpc13_020206 rel3_ver0_tcpl07_020206 TCPTPLS - $data01.n30tcpl.tcp04ps TCPTPLO - $data01.n30tcpl.tcp04po Reference: #339465 Symptom: N/A. Problem: Request from customer to add additional information to certian log messages. Change: Added code to add infomation to log messages also added new log messages. Added the remote address to RECV_NW socket errors. Added the remote address to BIND_NW socket errors. Added the remote address to CONNECT_NW socket errors. Added log message that logs the TCPIP process name. Implementation: Restore the TCPTPLS and TCPTPLO files to the XPNET subvolume. The full set of template files (including EMSNRES and EMSRES) must be rebuilt by obeying the TMPLMAKE and GOINST obey files. Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: None. SCR #2974 TCPSRV - rel3_ver0_tcps14_020206 06-FEB-02 rel3_ver0_tcpl07_020206 TCPCLI - rel3_ver0_tcpc13_020206 rel3_ver0_tcpl07_020206 TCPTPLS - $data01.n30tcpl.tcp04ps TCPTPLO - $data01.n30tcpl.tcp04po Reference: #337201 - Enhancement for BSTUN. BCS to IP Conversion for ATM's. Symptom: N/A. Problem: N/A. Change: Altered the code to handle 4 byte status messages from the router. These status messages have a length indicator set to 0. Added code that allows CTS stations to go suspended when they receive an inactive status msg and reinstate when they receive an active status msg. Code will log all status messages received. Implementation: Restore the TCPTPLS and TCPTPLO files to the XPNET subvolume. The full set of template files (including EMSNRES and EMSRES) must be rebuilt by obeying the TMPLMAKE and GOINST obey files. Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: XPNET network object must have BASE50 bound in. BASE rel3^ver0^rel50^011210. The required SCR is SCR2987. SCR #3038 TCPSRV - rel3_ver0_tcps15_020805 05-AUG-02 rel3_ver0_tcpl08_020805 TCPCLI - rel3_ver0_tcpc14_020805 rel3_ver0_tcpl08_020805 Reference: c350565 Symptom: TCPCLI creates saveabend after a CPU loss in which a primary XPNET is running. This XPNET has an open on the TCPCLI process that dumps. The TCPCLI process is not running in the CPU that was lost. Problem: The XPNET process has just performed an IO (CTS_RECV) to the TCPCLI process when the CPU is lost, this occurs right before the checkpoint is done for that IO. The backup XPNET takes over and begins at the last checkpointed IO. This causes XPNET to resend the last IO (CTS_RECV). TCPCLI is in the RECV_PEND state due to receiving the first (CTS_RECV), when TCPCLI receives the second (CTS_RECV) there is no entry in the finite state meachine to handle a (CTS_RECV) when in the RECV_PEND state and the code dumps. The same issue exists in the TCPSRV code. Change: Added an entry in the finite state machine to handle receiving a CTS_RECV when in the RECV_PEND state. Implementation: Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: None. SCR #3039 TCPSRV - rel3_ver0_tcps15_020805 05-AUG-02 rel3_ver0_tcpl08_020805 TCPCLI - rel3_ver0_tcpc14_020805 rel3_ver0_tcpl08_020805 Reference: c351246 Symptom: When the station is set up to use BSTUN transactions time out at the ATM. ATM is open when the XPNET station is in starting state. Problem: The cause of the problem is that the CISCO Router starts polling the ATM as soon as TCPIP session is established with the Router whether or not there is a TCPIP resource available on the Tandem. Once the ATM is polled by the Router it opens, but, any transaction attempted times out. Change: Added code to send an ACTIVE Message to the router right after the station goes started. The router will not poll the ATM until the ACTIVE Message is received. Implementation: Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: None. SCR #3072 BASE - rel3^ver0^rel55^021022 06-NON-02 CTS - rel3^ver0^cts16^021106 INON - rel3^ver0^inon00^000605 TCPSRV - rel3_ver0_tcps17_021106 rel3_ver0_tcpl10_021106 NETB Reference: Case 354879 Symptom: CTS generates events when a disconnect is received for dialup connections. The events denote a station reset (#7), a connection deallocated (#7063), a connection allocated (#7060), and state changes (#1002). For environments with a large number of dialup connections where the disconnect occurs following the completion of each transaction, these messages are not necessary and result in excessive event messages. Problem: CTS was not originally designed as a dialup protocol but with the addition of IPOS dialup environments must be supported. Change: Altered CTS to scan the XPNET station userdata for "-U+". -U+ indicates this is a dialup device. If -U+ is specified in the XPNET station userdata, the following event messages will no longer be generated for the XPNET station under any conditions (including an operator initiated START command): #7 - Station reset Previous STARTED, Current STARTING #1000 - Line started #1002 - Station start complete Previous STARTING, Current STARTED #7060 - Station connection allocated #7061 - Station connection accepted #7063 - Station connection deallocated from remote address Implementation: Install the new CTS and NETB file on the XPNET subvol. Rebind the NETWORK object using the new NETB file. If on a RISC machine, accelerate the NETWORK object as shown in the XPNET.NETAXCL file. Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install the new object, restart TCPSRV and restart the lines/stations. Note: CTE has been removed from the BASE file and it has been placed on the XPNET subvolume. In addition the default CTS end to end protocol INON has been also been placed on the XPNET subvolume. Obeying the new NETB file will include CTS and INON end to end, in the Network object file. In the future, it should not be necessary to send a complete release of XPNET for a CTS change. Dependencies: None. SCR #3067 TCPCLI - rel3_ver0_tcpc15_021127 27-NOV-02 UDP rel3_ver0_udp05_021127 The above modules are being released at this time. These fall under the same SCR as the modules released on Oct 15 02. The newly released modules take advantage of the fix done to the CTSE module released on 15-Oct-02 with the TCPSRV module. SCR #3067 CTSE - rel3^ver0^CTSE07^021015 15-OCT-02 TCPSRV - rel3_ver0_tcps16_021015 rel3_ver0_tcpl09_021015 Reference: case 354070 Symptom: CTSE (TCPSRV) dumps in an unknown state in the FSM, after the CPU the XPNET primary process is running in goes down. Problem: A duplicate req is sent to the CTSE by the backup XPNET process. The CTSE is not coded to detect duplicate requests. In this case the request is an ACCEPT_CONN when an ACCEPT_CONN is received the CTSE (TCPSRV) transitions to the avalable state. If a another ACCEPT_CONN is received when in the available state it is an unknown state to the FSM which causes the CTSE(TCPSRV) to dump. Change: Modified the code to detect if a request is a duplicate, if so do not enter the FSM. The code then will update the reply tag with the latest value and reply to the second request upon completion fo the outstanding IO. TCPCLI and UDP also modified to address this problem. Implementation: Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install the new object, restart TCPSRV and restart the lines/stations. Dependencies: Requires SCR2836 and the network object that contains BASE42 and CTS11. SCR #3082 TCPCLI - rel3_ver0_tcpc16_021213 13-DEC-02 TCPSRV - rel3_ver0_tcps18_021213 TCPL - rel3_ver0_tcpl10_021213 Reference: Case #356401 Symptom: TCPSRV dumps in an unknown state. Problem: After the accept completes the server sends the ACTIVE BIT and transitions to the recv_pend state. The rev_pend state was not coded to handle the send complete. This situation can only occur if the BSTUN functionality is being used. Change: Added code to the recv_pend state to handle a send completing. Implementation: Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install the new object, restart TCPSRV and restart the lines/stations. Dependencies: None. SCR #3137 TCPSRV - rel3_ver0_tcps19_030625 25-JUN-03 TCPCLI - rel3_ver0_tcpc17_030820 - rel3^ver0^tcpl12^030625 Reference: Case #364687 Symptom: TCPSRV dumps. Problem: While TCPSRV waits for the ACTIVE bit to be sent from the ATM after a accept completes the init_act_pending flag is set. If a CTS_SEND_DATA is issued immediatly from XPNET the CTS_SEND_DATA and the CTS_RECV_DATA are replied to with errors. The CTS_RECV_DATA error is to put the station in the suspended state. If all this occurs and for some reason XPNET is slow to get the CTS_SUSP_OK issued to TCPSRV it is possible that the ATM could issue an INACTIVE BIT to TCPSRV which could complete and the TCPSRV has no CTS IO's outstanding. TCPSRV attempts to reply to XPNET with the inactive bit, the reply fails and TCPSRV dumps. Change: Added code the TCPL_C_INACTIVE proc to check to see if the station is in the susp_pending state. If it is then wait for the CTS_SUSP_OK and the reinstate interval to take affect. Implementation: Stop all lines/stations using the TCPSRV process, stop the TCPSRV process, install the new object, restart TCPSRV and restart the lines/stations. Dependencies: None. SCR #3140 TCPCLI rel3_ver0_tcpc17_030820 20-AUG-03 Reference: Case #366743 Symptom: TCPCLI not binding to subnet specified in INADDR param. Problem: SCR 2972 did not correctly update the connection socket local address when the INADDR param was configured in the GOTCPCLI file. Change: Added code in the LH_COMP proc that detects whether or not the INADDR param was set in the GOTCPCLI file. It then uses that value if the LADDR is not configured for the station making the connection. Implementation: Stop all lines/stations using the TCPCLI process, stop the TCPCLI process, install the new object, restart TCPCLI and restart the lines/stations. Dependencies: None. SCR #3153 TCPSRV - rel3_ver0_tcps20_031106 06-NOV-03 Reference: Case 369860 Symptom: TCPSRV dumps. Problem: A SEND_DATA completes with an indication that we need to read OOB (Out Of Band) data. While reading for OOB data, we get an end of file indication which wasn't allowed for in the state machine. Change: Since TCPSRV has already been coded to not send OOB data, the decision has been made to not receive OOB data. If we get an indication that there is OOB data to be read, TCPSRV will disconnect and put the line in the STARTING state ready for a client to connect. Implementation: Stop all lines/stations using the TCPSRV process, stop TCPSRV, install the new object, restart TCPSRV then restart the lines/stations. Dependencies: None. SCR #3161 TCPSRV - rel3_ver0_tcps21_031229 29-DEC-03 TCPCLI - rel3_ver0_tcpc18_031229 Reference: case #373064 Symptom: TCPSRV abended twice in three days. Problem: When in the suspended or suspending state there are no CTS RECV DATA's posted by CTS. If a RECV_NW completes with an EOF the code checks if the state is suspended before relying to the CTS RECV DATA. The code should also check the state to see if it is suspending and if it is either suspended or suspending it should not reply. Change: Added a check for the suspending state to the code that determines if the state is suspended before replying to the CTS RECV DATA. Implementation: Stop all lines/stations using the TCPSRV and TCPCLI processes, stop TCPSRV and TCPCLI, install the new objects, restart TCPSRV and TCPCLI then restart the lines/stations. SCR #3162 TCPSRV - rel3_ver0_tcps21_031229 29-DEC-03 Reference: case #371208 Symptom: RPE Wild Card Remote address. Problem: None. Change: Added code to allow the customer to enter a wild card character ( * ) in place of the last two bytes in the remote address on a server station. For example - 4444:172.21.100.* 4444:172.21.*.* 4444:172.21.*.70 The * will allow the range 0 - 255. If the server station RADDR is set to 4444:172.21.100.* the server station will accept a connection from any client that has a local address in the range 4444:172.21.100.0 - 255. Wild carding the IP address does not allow the port to be set to 0 indicating any port. The port number must be specific. Implementation: Stop all lines/stations using the TCPSRV processes, stop TCPSRV , install the new objects, restart TCPSRV then restart the lines/stations. SCR #3170 IPOS - rel3^ver0^ipos04^040229 29-FEB-04 POS2 - rel3^ver0^pos209^040229 GLOBAL - n30glbl.glbl30 TCPCLI - rel3_ver0_tcpc19_040229 rel3_ver0_tcpl14_040229 TCPSRV - rel3_ver0_tcps22_040229 rel3_ver0_tcpl14_040229 CTSE - rel3_ver0_ctse09_040229 CTSEH - n30ctse.ctse03cg CTS - rel3^ver0^cts22^040229 NETTPLS - n30ems.ems25ps NETTPLO - n30ems.ems25po NETEDDL - n30ems.ems21es NETEC - n30ems.ems21ec NETECOB - n30ems.ems21ex NETETAL - n30ems.ems21et NETETCL - n30ems.ems21ea Reference: Case #363975 Symptom: A device sending transactions starts the message with an SOH instead of an STX. When XPNET replies the transaction starts with an STX. The device is expecting an SOH. Problem: XPNET never replied with anything other than an STX. Change: Added code to reply with an SOH if the request started with an SOH. But, to keep from impacting customers that might already be using machines that start messages with an SOH but expect an STX in return, a configuration change was needed. If a customer wants XPNET to reply with an SOH, the station's userdata needs to be altered to contain the characters "soh" or "SOH" in the case of POS2. In the case of IPOS, the userdata must contain the "soh" or "SOH" but it must also be preceded by "-s" or "-S". In other words, in IPOS, for the response to contain an SOH instead of STX, the userdata must contain "-ssoh" or "-SSOH". XPNET will look through the stations userdata for these characters and if they are found, an SOH will be sent. If a customer wants XPNET to send an STX in the reply, nothing has to be done. STX is the default. NOTE: TCPCLI and TCPSRV used to negotiate the length indicator definition if there was a problem with the values specified in the station's userdata. If something was specified in the userdata that was wrong, the default for that length indicator was used which may not be what the customer had intended. Customers would miss the log message that indicated the userdata was negotiated, and they had trouble resolving the resulting communication problem. TCPCLI and TCPSRV have been modified to not negotiate to the default values for the given length indicator if a value was entered incorrectly. The station and line will instead transition to the ABNORMAL state and force the customer to correct the userdata. If no userdata is entered, the length indicator will still default to -0. If a length indicator is specified, any format variable not entered will default. If that default is in error with the ones that are specified, the station will transition to the ABNORMAL state and force the customer to correct it. Also fixed some parsing problems: 1) When using -4, if the T(type) format variable was specified no other format variables following it were searched for and would default. 2) When using -5, if spaces existed between format variables (instead of separating them with commas) all format variables would default. Implementation: Replace existing files with the files associated with this fix and re-build the network object file using the NETB and NETBC files. Stop and re-start all nodes affected. Re-install all EMS templates using the SCRIBE.GOINST macro. Dependencies: None. SCR #3178 CTSE - rel3^ver0^ctse10^040601 01-JUN-04 TCPL - rel3^ver0^tcpl15^040601 TCPSRV - rel3^ver0^tcps23^040601 TCPCLI - rel3^ver0^tcpc20^040601 Reference: Case #380202 Symptom: TCPSRV opens the PRILOG and ALTLOG twice. Problem: CTSE and TCPL open the PRILOG and the ALTLOG file. There is no mechanism to communicate to each other that the log files have already been open. Change: Added ELOGCB and EBUFCB structures to TCPL. Added a LH proc to TCPL that initializes the new TCPL ELOGCB and EBUFCB structures from the info passed to the LH proc from CTSE and the CTSE ELOGCB and EBUFCB. Implementation: Install the new TCPCLI and TCPSRV objects and restart client/server CTS/E processes. Dependencies: XPNET 3.0 only. SCR #3179 TCPSRV - rel3^ver0^tcps23^040601 01-JUN-04 Reference: Case #375963 Symptom: CPU failure caused TCPSRV to stop. Problem: An error 26 occurred on an AWAITIO call that is associated with a Socket_nw call. This occurred after the CPU failure. Error 26 was not accounted for when the code checks for errors that indicate we can repost the Socket_nw. Change: Added the define FENONEOUT to the check for errors that indicate we can repost the Socket_nw call. Implementation: Install the new TCPCLI and TCPSRV objects and restart client/server CTS/E processes. Dependencies: XPNET 3.0 only. SCR #3190 CTSE - rel3^ver0^ctse11^040715 15-JUL-04 TCPC - rel3^ver0^tcpc21^040715 TCPS - rel3^ver0^tcps24^040715 Reference: Case #381713 Symptom: XPNET TCPIP stations reset after a switch node command is done in NCPCOM. Problem: CTSE is checking the openers takeover flag on a CTSE_REQ. If the flag is set then an error FEWRONGID is returned. This logic is not needed as the call to check the PRI_HANDLE against the sender will ensure that the takeover occurred and completed. Change: Removed the code that checked the openers takeover flag in CTSE_REQ. Implementation: Install the new TCPCLI and TCPSRV objects and restart client/server CTS/E processes. Dependencies: None. SCR #3197 TCPCLI - rel3_ver0_tcpc22_040901 01-SEP-04 TCPSRV - rel3_ver0_tcps25_040901 Reference: Case #384012 Symptom: TCPCLI and TCPSRV abend because of an unknown state. Problem: TCPCLI and TCPSRV were both in the IDLE state when they received an erroneous SEND_DATA request. Neither state machine allowed for that event in the IDLE state. Change: Modified the state machines to expect the possibility of a SEND_DATA in the IDLE state. Implementation: Install the new TCPCLI and TCPSRV objects and restart client/server CTS/E processes. Dependencies: None. SCR #3205 TCPSRV - rel3_ver0_tcps26_041014 14-OCT-04 rel3_ver0_tcpl16_041014 GOTCPSRV - $data01.n30tcps.gotcps05 TCPTPLS - $data01.n30tcpl.tcp05ps TCPTPLO - n30tcpl.tcp05po TCPEC - n30tcpl.tcp04ec TCPEDDL - n30tcpl.tcp04es TCPETAL - n30tcpl.tcp04et TCPETCL - n30tcpl.tcp04ea Reference: Case #383795 Symptom: TCPSRV floods the event log file with "Master Socket Rejected" log messages. Problem: Client stations are trying to connect to a Server station on XPNET and there are none available. When TCPSRV rejects the connection attempt, it logs message number 2014 indicating a "Master Socket Reject". If there are a lot of Client stations the log file can get flooded with the reject messages making problem resolution very difficult. Change: Modified TCPSRV to accept the following params from the GOTCPSRV obey file: MSR^BURST^COUNT value range 0 to 20000 MSR^BURST^TIMER value range 0 to 3600 seconds MSR^SUPPRESS^TIMER value range 0 to 3600 seconds If any of the parameters are set to 0 or any value outside of the allowable range, suppression of the messages will not take place. If all three of these params are configured correctly, a timer for the length of MSR^BURST^TIMER will be started when the first "Master Socket Reject" message is logged. If the number of "Master Socket Reject" messages reaches the value in MSR^BURST^COUNT before the MSR^BURST^TIMER expires, no more "Master Socket Reject" log messages will be generated until after MSR^SUPPRESS^TIMER seconds has expired or until TCPSRV is stopped and re-started. Implementation: Install the new TCPSRV and GOTCPSRV files and restart the server processes. Install the new TCPTPLS file re-build the EMSNRES and EMSRES template files using the GOINST obey file. Dependencies: None. SCR #3214 TCPSRV - rel3_ver0_tcps27_041203 TCPCLI - rel3_ver0_tcpc23_041203 03-DEC-04 Reference: Case #388461 Symptom: TCPSRV abends. Problem: State table did not account for the possiblity of a SEND completing when in the RECV_PEND state. Change: Added Send completion states to the RECV_PEND state. Implementation: Stop all lines/stations using the TCPSRV and/or the TCPCLI processes, stop the TCPSRV and/or TCPCLI processes, install the new object, restart TCPSRV and/or TCPCLI and restart the lines/stations. Dependencies: None. SCR #3233 TCPSRV - rel3_ver0_tcps28_050415 - rel3_ver0_tcpl17_050415 TCPCLI - rel3_ver0_tcpc24_050415 - rel3_ver0_tcpl17_050415 15-APR-05 Reference: Case: 329101 Symptom: TCPSRV abends - (unknown event). Problem: The dump is caused by the TCPSRV replying to XPNET with a message and XPNET does not have a RECV posted. This occurs because BIP has not recvieved the ACTIVE BIT, xpnet has sent a message, TCPSRV has responded to XPNET to tell XPNET to go suspended, XPNET is slow in sending the SUSPEND IO. In the mean time the ACTIVE bit has arrived and immediatly behind that a message arrived. The TCPSRV is not checking the susp_pending flag in this case and trys to respond when XPNET does not have a recv posted and has not gone into suspend logic yet. This same issue exists in TCPCLI and the fix is applied to TCPCLI also. Change: Added code to check the suspend_pending flag before responding to XPNET with data. Implementation: Install the new TCPSRV and TCPCLI files and restart the server and client processes. Dependencies: None. SCR #3236 TCPSRV - rel3_ver0_tcps28_050415 TCPCLI - rel3_ver0_tcpc24_050415 CTSE - rel3_ver0_ctse12_050415 15-APR-05 Reference: Case: 393495 Symptom: TCPSRV abends. Problem: The dump was caused by a duplicate message that was sent by XPNET after the cts failure. The server had transitioned to a state that did not expect the type of messages that was sent as a duplicate. The duplicate message processing that is in place in the CTSE server incorrectly zeroed out the previous sequence number so this duplicate message passed the processing checks as a non duplicate message and was passed to the state machine which as noted above did not expect this type of message in the state that it was in Change: Removed code that zeroed out the sequence number. Updated the compare to determine a duplicate message. Implementation: Install the new TCPSRV and TCPCLI files and restart the server and client processes. Dependencies: None. SCR #3237 CTS - rel3^ver0^cts25^050515 15-MAY-05 CTSE - rel3^ver0^ctse13^050515 TCPSRV - rel3_ver0_tcps29_050515 - rel3_ver0_tcpl18_050515 TCPCLI - rel3_ver0_tcpc25_050515 - rel3_ver0_tcpl18_050515 NETETCL - n30ems.ems23ea NETEC - n30ems.ems23ec NETEDDL - n30ems.ems23es NETETAL - n30ems.ems23et NETECOB - n30ems.ems23ex NETTPLO - n30ems.ems28po NETTPLS - n30ems.ems28ps GLOBAL - n30glbl.glbl34 Reference: Enhancement/Internal. Symptom: None. Problem: None. Change: This is an enhancement to allow zero length messages. Zero length messages are dropped in CTS when coming in from a CTS\E. This change will continue to default to dropping the zero length messages. The change will allow a configuration in the XPNET station userdata of a TCPIP CTSE station as follows: " -Z+ " or "-z+". This configuration will indicate to the station that it will allow zero length messages. Implementation: Replace existing files with the files associated with this fix and re-build the network object file using the NETB and NETBC files. Stop and re-start all nodes affected. Re-install all EMS templates using the SCRIBE.GOINST macro. Dependencies: In order for this enhancement to be used the following are required: CTS bound into network - rel3^ver0^cts25^050515 TCPSRV - REL3_VER0_TCPS29_050515 TCPCLI - REL3_VER0_TCPC25_050515 SCR #3246 CTSE - rel3_ver0_ctse13_050515 25-MAY-05 QFI - rel3_ver0_qfi07_050525 TCPSRV - rel3_ver0_tcps29_050515 TCPCLI - rel3_ver0_tcpc25_050515 Reference: Case #386271 Symptom: Both QFI and the primary XPNET node are running in the same CPU and the CPU goes down. When taking over, XPNET gets an error 60 when calling checkopen for a QFI line. Because of this error, the new XPNET backup process would be out of sync with the primary XPNET process. The backup XPNET process is stopped and the configuration is automatically modified such that the BCPU parameter for the node is set to the same value as the PCPU parameter which disables creation of the backup. Problem: When QFI's warm backup takes over, it is waiting for either the process death system message or the cpu down system message before it can process any system close and open messages. If the open system message arrives before the process death or cpu down messages, QFI returns error 60 which causes XPNET to stop its backup. Change: Modified the code to return FENOPRIMARY which is an error 17. When XPNET receives the error 17, it checks if the node's BRETRYDELAY field is set to a value greater than zero. If it is, it delays creation of the XPNET backup process for that number of seconds. To take advantage of this fix, the BRETRYDELAY field needs to be set to a value greater than zero. Implementation: Move in the new QFI, TCPSRV, TCPCLI and CTSE modules. Stop any of the associated stations. Stop and re-start QFI, TCPSRV and/or TCPCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3263 TCPCLI - rel3_ver0_tcpc27_050920 28-SEP-05 rel3_ver0_tcpl20_050920 TCPSRV - rel3_ver0_tcps31_050920 rel3_ver0_tcpl20_050920 Reference: Case 401320 Symptom: TCPSRV/TCPCLI dump. Problem: An invalid length indicator was large enough to cause an arithmetic overflow when calculating the size. Change: Modified to generate an error 12 back to CTS and disconnect from the other end. Dependencies: None. SCR #3264 TCPCLI - rel3_ver0_tcpc27_050920 28-SEP-05 rel3_ver0_tcpl20_050920 TCPSRV - rel3_ver0_tcps31_050920 rel3_ver0_tcpl20_050920 Reference: Case 399143 Symptom: When using -5 for the length indicator, the station goes ABNORMAL when started. Problem: TCPCLI and TCPSRV improperly parse default settings for -5 userdata. Change: Modified to properly parse -5 settings. Dependencies: None. SCR #3269 TCPCLI - rel3_ver0_tcpc27_050920 12-OCT-05 rel3_ver0_tcpl20_050920 rel3_ver0_ctse15_051006 TCPSRV - rel3_ver0_tcps31_050920 rel3_ver0_tcpl20_050920 rel3_ver0_ctse15_051006 CTSE - rel3_ver0_ctse15_051006 CTS - rel3^ver0^cts27^051012 CTSDC - $data01.n30cts.cts05dc CTSDDDL - $data01.n30cts.cts05ds CTSDTAL - $data01.n30cts.cts05dt CTSDTCL - $data01.n30cts.cts05da NETETCL - n30ems.ems25ea NETEC - n30ems.ems25ec NETEDDL - n30ems.ems25es NETETAL - n30ems.ems25et NETECOB - n30ems.ems25ex NETTPLO - n30ems.ems30po NETTPLS - n30ems.ems30ps * * XPNET 3.1 * CTSE - rel3_ver1_ctse02_051025 CTS - rel3_ver1_cts02_20050806 CTSDC - $data01.n31cts.cts03dc CTSDDDL - $data01.n31cts.cts03ds CTSDTAL - $data01.n31cts.cts03dt CTSDTCL - $data01.n31cts.cts03da NETETCL - n31ems.ems05ea NETEC - n31ems.ems05ec NETEDDL - n31ems.ems05es NETETAL - n31ems.ems05et NETECOB - n31ems.ems05ex NETTPLO - n31ems.ems05po NETTPLS - n31ems.ems05ps Reference: Case 400719 Symptom: None. Problem: Customer needs Little Endian format for the length field and TCPCLI and TCPSRV didn't support it. Change: Modified to handle Little Endian format for the length field. Modification allows for 2 byte length field in binary format only. To specify this format, the userdata for the station must contain -L+. The default is -L-. Dependencies: None. SCR #3272 TCPCLI - rel3_ver0_tcpc27_050920 12-OCT-05 TCPSRV - rel3_ver0_tcps31_050920 Reference: Case #401715 Symptom: XPNET station stays in the started state when there is no connection. This occurs after a XPNET and TCPIP process takeover. Problem: The problem occurs when a CPU goes down and the primary XPNET and the TCPIP process are running in that CPU. Also an XPNET station must be pointing to a TCPSRV that is running in a CPU that did not go down. When the TCPSRV RECV() completed from the TCPIP process with error 211 it replied to the primary XPNET. XPNET at this time is in the process of taking over and the reply is lost. XPNET's backup now the primary post's a CTS RECV to the TCPSRV. This CTS RECV is a duplicate of the existing CTS RECV at the time of takeover. The TCPSRV see's this as a duplicate and swaps out the old recv tag for the new duplicate RECV, but does not check to see if there actually was a valid RECV tag. In this case the RECV was actually replied to with the error 211. TCPSRV must see this situation and respond to the CTS RECV with a fatal error and send the station into the Starting state. Change: Added code that checks if there is a outstanding CTS RECV when a duplicate CTS RECV is received. If there is no outstanding CTS RECV then the code returns FALSE and TCPSRV responds to the CTS RECV with an error sending the station into the starting state. Implementation: Install the new TCPSRV and TCPCLI files and restart the server and client processes. Dependencies: None. SCR SSL TCPCLI/SSLCLI - rel3_ver0_sslc00_051215 15-DEC-05 rel3_ver0_tcpc28_051215 rel3_ver0_tcpl21_051215 rel3_ver0_ctse16_051215 TCPSRV/SSLSRV - rel3_ver0_ssls00_051215 rel3_ver0_tcps32_051215 rel3_ver0_tcpl21_051215 rel3_ver0_ctse16_051215 TCPTPLO - $data01.n30tcpl.tcp05po CTSE - rel3_ver0_ctse16_051215 CTSETPLO - $data01.n30ctse.ctse05po STGKM - Last Modified - 11NOV2005 9:22 ROOTCERT - Last Modified - 19MAY2005 10:06 Reference: Internal/GA of SSL. Symptom: None. Problem: None. Change: Added functionality to handle SSL over a TCPIP connection. This enhancement uses the SafeTGate SSL Library. Added functionality for SSL to refresh the Licence file , Certfile and the Rootfile. The code will also look for the latest version of the configuration file to use when refreshing and when starting. The version processing will require the config file to be in the following form xxYYMMDD. Implementation: Move in the new SSLSRV, SSLCLI and CTSE modules. Stop any of the associated stations. Stop and re-start SSLSRV and/or SSLCLI. Re-start the previously stopped stations. See implementation guide. Dependencies: XP 3.0 - Requires *** CTS27 *** due to scr3246. XP 3.1 - Requires *** CTS02 *** due to scr3246. SCR #3311 23-FEB-06 TCPTPLO - $data01.n30tcpl.tcp06po CTSETPLO - $data01.n30ctse.ctse05po CTSETPLO - $data01.n31ctse.ctse01po Reference: Internal Symptom: SSL messages are not getting logged. No Text token messages are logged instead of the actual log message. Problem: Wrong version of TCPTPLS/O was released in SCR SSL. Change: Releasing the correct version of TCPTPLS/O. Implementation: Re-install all EMS templates using the SCRIBE.GOINST macro. Dependencies: None. SCR #3306 CXUTIL - rel3^ver0^cxut02^060130 30-JAN-06 Reference: internal Symptom: CXUTIL was truncating some records as it was adding them to the EVENTCX file. Problem: The program requires that TPLS data be between columns 8 and 68 but does not generate any sort of error when data falls outside these columns. Change: Added error message that identify the problem and message number. Also coded to allow this program to run in batch mode: When running in batch these two assigns must be set: define =EVENTCX, file <$vol>..eventcx define =TEMPLATE_SOURCE, file <$vol>.. If these defines are present, CXUTIL will run in batch mode. Implementation: replace existing CXUTIL with this object. Dependencies: None SCR #3313 Files unique 08-MAR-06 for XPNET 3.0 Accelerates -------------- ----------------------- XPNET.ocaALL - u30oca.ocaA00as all TNS objects on subvol XPNET.ocaBUILD - u30oca.ocaB00as called by all OCA routines XPNET.ocaAPPL - u30alib.oca00as APPLIB XPNET.ocaNET - n30base.oca00as NETWORK XPNET.ocaNETAD - n30audr.oca00as NETADRD XPNET.ocaNCP - s30ncp.oca00as SVNCP XPNET.ocaNCPI - s30ncpi.oca00as SVNCPI XPNET.ocaNLIB - n30nlib.oca00as NLIB XPNET.ocaPREG - s30pre.oca00as PREGEN XPNET.ocaSKELB - n30sutl.oca00as SKELB XNLIB.ocaSMPL - u21smpl.oca00as (sample OCA file) XNLIB.ocaXNLIB - u30xlib.oca00as XNLIB Files unique for XPNET 3.1 Accelerates -------------- ----------------------- XPNET.ocaALL - u31oca.ocaA00as all TNS objects on subvol XPNET.ocaBUILD - u31oca.ocaB00as called by all OCA routines XPNET.ocaAPPL - u31alib.oca00as APPLIB XPNET.ocaNETAD - n31audr.oca00as NETADRD XPNET.ocaNCP - s31ncps.oca00as SVNCP XPNET.ocaNCPI - s31ncpi.oca00as SVNCPI XPNET.ocaNLIB - n31nlib.oca00as NLIB XPNET.ocaPREG - s31pre.oca00as PREGEN XPNET.ocaSKELB - n31sutl.oca00as SKELB XNLIB.ocaSMPL - u31smpl.oca00as (sample OCA file) XNLIB.ocaXNLIB - u31xlib.oca00as XNLIB Files for XPNET 3.0 & 3.1 Accelerates --------------- ----------------------- XPNET.ocaAUDP - u30audp.oca00as AUDPRO XPNET.ocaPATH - n21path.oca00as PATH XPNET.ocaPWR - n21pwr.oca00as PWR XPNET.ocaPWS - n30pws.oca00as PWS XPNET.ocaQFI - n30qfi.oca00as QFI XPNET.ocaQFILD - n30qfi.ocal00as QFILOAD XPNET.ocaTCPC - n30tcpc.oca00as TCPCLI XPNET.ocaTCPS - n30tcps.oca00as TCPSRV XPNET.ocaUDP - n30udp.oca00as UDP SCRIBE.ocaEMSP - n30empp.oca00as EMSPERUS Reference: Internal, case 408953 Symptom: None. Problem: None. Change: Developed TACL routine files which can be used by customers to accelerate TNS objects for Itanium machines using the HP Object Code Accelerator (OCA) utility. See the list of files above, with the respective name of the object(s) they accelerate. Implementation: Install the new files on the XPNET, XNLIB and SCRIBE subvols as indicated. To OCA-accelerate objects on the XPNET subvolume, the OCAALL file can be run to accelerate all the objects it can find (required and optional) on the XPNET subvolume or each individual object can be accelerated separately using its respective OCA file. Note that OCAALL first performs a checklist of the files it can accelerate and then invokes the respective individual OCA files, as necessary, to OCA-accelerate each module. On the SCRIBE subvolume, run the OCAEMSP file to accelerate the EMSPERUS object. If the XNLIB object is used, run the OCAXNLIB file on the XNLIB subvolume to accelerate the XNLIB object. The OCASMPL TACL routine file can be used for accelerating TNS user applications which use the XNLIB run-time library. Just FUP DUP OCASMPL to the location of the object that you want to accelerate, modify the DUP'ed macro file to point it to the correct object file and create the correct target file and then run it from the TACL prompt. You can add options to suppress warnings as necessary. The TACL routines are designed to create a new object of the same name with an "A" appended to the end of the object filename (e.g. when the SVNCPI object is accelerated, a SVNCPIA accelerated object is created). If the OCA acceleration is successful, the original object is named to a ZZOCnnnn file and the "A" file is renamed to the original object file. You can purge the ZZOCnnnn file that was created as procedures warrant. Stop and restart the object if necessary. The HP OCA utility is available with the H-series NonStop OS for Itanium machines. Note also that the HP OCA utility is available with the G-series NonStop OS starting with G06.27. OCA accelerating an object on a non-Itanium system does not modify the performance of the object on that system, but does allow the object to run with optimal performance once it is moved to an Itanium system. Dependencies: None. SCR #3316 TCPCLI/SSLCLI - rel3_ver0_sslc01_060619 19-JUN-06 rel3_ver0_tcpc29_060619 rel3_ver0_tcpl22_060619 rel3_ver0_ctse17_060619 TCPSRV/SSLSRV - rel3_ver0_ssls01_060619 rel3_ver0_tcps33_060619 rel3_ver0_tcpl22_060619 rel3_ver0_ctse17_060619 TCPTPLO - $data01.n30tcpl.tcp08po STGKM - Last modified - 16MAR2006 10:54 ROOTCERT - Last Modified - 10FEB2006 21:27 Reference: Internal Symptom: None. Problem: None. Change: 1). Updates to the SSLLIB. 2). Moved redundent SSL code from the Server and Client line handlers to the shared library. 3). Added a Warning log message to the Client that alerts when a CONNECT is attempted when the Certificate has expired. 4). Modified the naming convention for the SSLCONFIG file. a). The first two characters of the a dated config file can be any two alpha characters. Previously they were required to be "SS". b). The config file can now be any valid filename it does not have to a dated filename. In this case Implementation: Move in the new SSLSRV, TCPSRV, GOTCPSRV and CTSE modules. Stop any of the associated stations. Stop and re-start SSLSRV and TCPSRV. Re-start the previously stopped stations. See implementation guide. Dependencies: XP 3.0 - Requires *** CTS27 *** due to scr3246. XP 3.1 - Requires *** CTS02 *** due to scr3246. SCR #3340 GOTCPSRV - $data01.n30tcps.gotcps07 10-JAN-06 GOTCPCLI - $data01.n30tcpc.gotcpc06 Reference: Case 406378 Symptom: None. Problem: The CTS/E default MAXBUFLEN in 4095 but the GO file indicates the default is 7000. Change: Changed the GO file to match the CTS/E source code. Implementation: Install new GOTCPCLI and GOTCPSRV files. Dependencies: None. SCR #3355 TCPCLI/SSLCLI - rel3_ver0_sslc03_060919 19-SEP-06 rel3_ver0_tcpc30_060919 rel3_ver0_ctse18_060919 TCPSRV/SSLSRV - rel3_ver0_ssls03_060919 rel3_ver0_tcps34_060919 rel3_ver0_ctse18_060919 TCPTPLO - $data01.n30tcpl.tcp09po Reference: ACI Internal Symptom: None. Problem: None. Change: Added code to handle Broken Socket Detection. Station Userdata can be configured as following: -B+ - uses 10 seconds as the default -BT30+ - sets the interval to numerical value after the T in -BTxx+ The CTSE will use the default or configured time as described above. If no traffic is detected within the time period the CTSE will send the zero length message. This configuration will enable the (CTSE) TCPSRV/CLI and SSLSRV/CLI to send a zero length message that adheres to the length indicator configured. -0 - zero length message will consist of two bytes of binary zeros. -1 - zero length message will consist of two bytes that contain a binary 2 -2 - zero length message will consist of four bytes of binary zeros -3 and -4 not supported. -5,L4,F0,TA - zero length message will consist of four bytes of ASCII zero's. Other -5 configurations are possible where the length field will indicate 0 bytes of actual data. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3356 TCPCLI/SSLCLI - rel3_ver0_sslc03_060919 19-SEP-06 rel3_ver0_tcpc30_060919 rel3_ver0_ctse18_060919 TCPSRV/SSLSRV - rel3_ver0_ssls03_060919 rel3_ver0_tcps34_060919 rel3_ver0_ctse18_060919 TCPTPLO - $data01.n30tcpl.tcp09po Reference: ACI Internal Symptom: None. Problem: None. Change: Added enhanced tracing facilities for the SSLSRV and SSLCLI. The PARAM in the SSL CONFIG file "TRACEFILENAME" is no longer used. SSL Tracing is now initiated from NCPCOM. The trace can be started and stopped while the SSLSRV or SSLCLI continues to run. The following commands are used. TELL EXTERNAL $DSRV.#SSLTRCE,"START $VOL.SUBVOL.FILE" If the trace file already exists it will be purged then a new one with the same name will be created. TELL EXTERNAL $DSRV.#SSLTRCE,"STOP" TELL EXTERNAL $DSRV.#SSLTRCE,"ABORT" TELL EXTERNAL $DSRV.#SSLTRCE,"WRAP" TELL EXTERNAL $DSRV.#SSLTRCE,"NOWRAP" TELL EXTERNAL $DSRV.#SSLTRCE,"FILESIZE val" default 4000K TELL EXTERNAL $DSRV.#SSLTRCE,"RECSIZE val" default 2K TELL EXTERNAL $DSRV.#SSLSTAT,"TRACE" Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3361 TCPCLI/SSLCLI - rel3_ver0_sslc04_061030 30-OCT-06 rel3_ver0_tcpc31_061030 rel3_ver0_tcpl25_061030 rel3_ver0_ctse19_061030 TCPSRV/SSLSRV - rel3_ver0_ssls04_061030 rel3_ver0_tcps35_061030 rel3_ver0_tcpl25_061030 rel3_ver0_ctse19_061030 CTSE - rel3_ver0_ctse19_061030 CTSEPLO - $data01.n30ctse.ctse07po Reference: Case #420754 Symptom: After a network outage XPNET TCPIP station logs a message indicating a Guardian error 210 ( device ownership changed ) and that it is transitioning from the STARTED state to SUSPENDED state. However a status from NCPCOM shows that the station is in the STARTED state. The client is unable to send messages to this station. Problem: There were two problems. 1). The code was not setting the recv_nw_pending flag to false after a recv error. When XPNET was notified about the error 210 it went into suspend logic and sent a CTS_SUSPEND request to TCPSRV. TCPSRV checks the recv_nw_pending flag to deteremine if it needs to post a RECV_NW. The recv_nw_pending flag was still TRUE because it was never set after the RECV_NW completed with the error 210. TCPSRV never reposts the RECV_NW. 2). On receiving the CTS_SUSPEND TCPSRV code incorrectly signaled the FSM event CTS_SUSP_NOT when it should have signaled CTS_SUSP_OK, because of this XPNET was never notified that the SUSPEND completed and NCPCOM reported station in the STARTED state. Change: Added code to set the recv_nw_pend flag to false on a recv completion with an error. Added code to FSM event CTS_SUSPEND_OK on recepit of a CTS_SUSPEND request from XPNET. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3362 TCPCLI/SSLCLI - rel3_ver0_sslc04_061030 30-OCT-06 rel3_ver0_tcpc31_061030 rel3_ver0_tcpl25_061030 rel3_ver0_ctse19_061030 TCPSRV/SSLSRV - rel3_ver0_ssls04_061030 rel3_ver0_tcps35_061030 rel3_ver0_tcpl25_061030 rel3_ver0_ctse19_061030 CTSE - rel3_ver0_ctse19_061030 CTSEPLO - $data01.n30ctse.ctse07po Reference: Case #401567 Symptom: The following is logged by EMSPERUS: ERROR: EMSTEXT FAILED ON ATTEMPT TO PRODUCE TEXT FOR EVENT UPPER WORD OF ERROR VALUE IS 12 LOWER WORD OF ERROR VALUE IS 14 05-10-04;11:35:02.790 \K9.$SRV ACI.XPCTSE.3000 1008 Backup process ? created. Problem: CTSE logs the above messaage with the xpctse-tkn-phandle token. This token instructs EMS to resolve the PHANDLE to a printable form to log. If the process is no longer running when EMS attempts to resolve the PHANDLE an error occurs and the above error is logged. Change: Changed the code to resolve the phandle to a string and log the message using the xpctse-tkn-char-var token. EMS will now store the PPD name of the process and can log message 1008 when the process no longer exists without the error. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3370 TCPCLI/SSLCLI - rel3_ver0_sslc05_070202 30-NOV-06 rel3_ver0_tcpc32_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 TCPSRV/SSLSRV - rel3_ver0_ssls05_070202 rel3_ver0_tcps36_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 CTSE - rel3_ver0_ctse20_070202 STGKM - $data01.u10ssll1.stgk03 Last modified - 14FEB2007 11:28 ROOTCERT - $data01.u10ssll1.rootct03 Last Modified - 05JAN2007 15:27 Reference: ACI Internal. Symptom: TCPSRV dumps. A server process using the SafeTGate SSL Library is getting a time out error [40] from the INSESSION_AWAITIOX function ( FNum of -1 ) if : - the SESSIONREUSE parameter is set to YES/ON; and - the SESSIONTIMEOUT parameter is greater than 20 minutes; and - there was no traffic or any other activity within the process after the session was established. Problem: SSLLIB is returning a -1 filenum on an AWAITIO competion with an error 40 (timeout). TCPSRV does not know what to do with the -1 filenum and must dump. The CPU clock can vary from processor to processor. Therefore, machines with multiple CPUs can have widely varying clock speeds. A processor running in a CPU with a faster than average clock can have a Guardian function AWAITIOX time out earlier than expected , particularly when large time out values are being used. For the SafeTGate SSL Library this can result in returning time out to an application. Change: SafeTGate SSL Library changed to internally handle this issue. Changed the Userdef error 301 to be a fatal error to properly handle reinstate/suspend logic. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3382 TCPCLI/SSLCLI - rel3_ver0_sslc05_070202 02-FEB-07 rel3_ver0_tcpc32_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 TCPSRV/SSLSRV - rel3_ver0_ssls05_070202 rel3_ver0_tcps36_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 CTSE - rel3_ver0_ctse20_070202 TCPTPLS - $data01.n30tcpl.tcp10ps TCPTPLO - $data01.n30tcpl.tcp10po CTS - rel3^ver0^cts28^070202 CTSDC - $data01.n30cts.cts06dc CTSDDDL - $data01.n30cts.cts06ds CTSDTAL - $data01.n30cts.cts06dt CTSDTCL - $data01.n30cts.cts06da ******XPNET 3.1****************** CTS - REL3^VER1^CTS05^20070202 CTSDC - $data01.n31cts.cts04dc CTSDDDL - $data01.n31cts.cts04ds CTSDTAL - $data01.n31cts.cts04dt CTSDTCL - $data01.n31cts.cts04da Reference: Case 425545 Symptom: None. Problem: Customer needs to have the RADDR passed to the application in the XPNET message header userdata. Change: Modified to place the RADDR in the XPNET message header userdata. To specify this format, the userdata for the station must contain -R+. The default is -R-. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. In order to have the RADDR passed to the application in the XPNET message header userdata the station USERDATA must be modified to [ -R+ ]. Dependencies: CTS bound into network - rel3^ver0^cts28^070202 CTS bound into network - REL3^VER1^CTS05^20070202 TCPSRV - REL3_VER0_TCPS36_070202 TCPCLI - REL3_VER0_TCPC32_070202 SCR #3383 TCPCLI/SSLCLI - rel3_ver0_sslc05_070202 02-FEB-07 rel3_ver0_tcpc32_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 TCPSRV/SSLSRV - rel3_ver0_ssls05_070202 rel3_ver0_tcps36_070202 rel3_ver0_tcpl26_070202 rel3_ver0_ctse20_070202 CTSE - rel3_ver0_ctse20_070202 Reference: Case #429402. Symptom: Broken Socket detection time is not initiating a zero length message at proper intervals. Problem: Mastercard Guide for Detecting Broken Sockets was ambiguous in the description of inactivity on a socket. Code assumed any acitivty on the socket would reset the inactivity timer. Mastercard requires that only SEND activity reset the inactivity timer. Change: Removed the code that reset the inactivity timer when a RECV that was posted to the TCPIP process completed with data. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI, GOTCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. In order to have the Broken Socket detection enhancement function on a station the station USERDATA must be modified to [ -B+ ]. See SCR3355 for more detail on Broken Socket Detection configuration. Dependencies: None. SCR #3385 GOTCPSRV - $data01.n30tcps.gotcps08 02-FEB-07 GOTCPCLI - $data01.n30tcpc.gotcpc07 Reference: Case 426842 Symptom: TCPSRV creats multiple saveabends when trying to create the backup process. Problem: The TCPSRV is started from a TACL that is no longer running when the primary TCPSRV process goes down. The TCPSRV backup takes over then tries to create the backup. This fails because the RUN statement does not specify the IN and this is defaulted to the TACL that was running when the RUN statment was executed. This TACL no longer is running and the CRE lib tries to open it and creates saveabends. Change: Changed the RUN statement to include the IN statment. Implementation: Install new GOTCPCLI and GOTCPSRV files. Dependencies: None. SCR #3391 TCPCLI/SSLCLI - rel3_ver0_sslc06_070522 22-MAY-07 rel3_ver0_tcpc33_070522 rel3_ver0_tcpl27_070522 rel3_ver0_ctse21_070522 TCPSRV/SSLSRV - rel3_ver0_ssls06_070522 rel3_ver0_tcps37_070522 rel3_ver0_tcpl27_070522 rel3_ver0_ctse21_070522 CTSE - rel3_ver0_ctse21_070522 CTSETPLS - $data01.n30ctse.ctse08ps CTSETPLO - $data01.n30ctse.ctse08po CTSDC - $data01.n30cts.cts07dc CTSDDDL - $data01.n30cts.cts07ds CTSDTAL - $data01.n30cts.cts07dt CTSDTCL - $data01.n30cts.cts07da Reference: Case 426307 Symptom: The Services file is constantly being accessed by the TCPSRV/CLI process. Problem: Code only checks for blanks when deciding to make the call to GETSERVBYNAME. It should verify that the Port number contains alphbetic characters before making the call. Code also overwrites the value returned by GETSERVBYNAME actually making the call useless. Change: Removed the call to GETSERVBYNAME. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3392 TCPCLI/SSLCLI - rel3_ver0_sslc06_070522 22-MAY-07 rel3_ver0_tcpc33_070522 rel3_ver0_tcpl27_070522 rel3_ver0_ctse21_070522 TCPSRV/SSLSRV - rel3_ver0_ssls06_070522 rel3_ver0_tcps37_070522 rel3_ver0_tcpl27_070522 rel3_ver0_ctse21_070522 CTSE - rel3_ver0_ctse21_070522 CTSETPLS - $data01.n30ctse.ctse08ps CTSETPLO - $data01.n30ctse.ctse08po GOTCPSRV - $data01.n30tcps.gotcps09 GOTCPCLI - $data01.n30tcpc.gotcpc08 CTSDC - $data01.n30cts.cts07dc CTSDDDL - $data01.n30cts.cts07ds CTSDTAL - $data01.n30cts.cts07dt CTSDTCL - $data01.n30cts.cts07da Reference: Case 432456 Symptom: Enhancement for Large Remote and Local Address fields for CTS stations. Increased the number of connections the TCPSRV/CLI and SSLSRV/CLI can support. Pior maximum was 510 this was increased to 1000. Problem: None. Change: Enhancement to utilize the larger local and remote address fields for XPNET 3.1 CTS stations. The fields increase from 24 bytes to 56 bytes. Added the MAXRECVSEND param to the GOTCPSRV and GOTCPCLI obey files the default is 4095. This is number of XLCB's the process is allowed. This is increased to allow for the increased number of allowed stations per process. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3400 TCPCLI/SSLCLI - rel3_ver0_sslc07_070610 10-JUN-07 rel3_ver0_tcpc34_070610 Reference: Case #434523 Symptom: CTS TCPIP Client station gets a 4120 ECONNRESET error station then goes abnormal. Problem: The 4120 ECONNRESET error should be a retryable error. Originally coded to be a fatal error. Change: Altered code to react to a 4120 ECONNRESET as a retryable error. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3401 TCPSRV/SSLSRV - rel3_ver0_ssls07_070610 10-JUN-07 rel3_ver0_tcps38_070610 Reference: Case #435003 Symptom: An attempt to refresh the SSL Certificate with an impossible event: ATML0031 - state : 3 - AVAILABLE event : 16 - CLOSE_ALL action : 15 - NONE nextstate: 1 - IDLE ATML0031 - state : 1 - IDLE event : 20 - ACC1_COMP action : -1 - UNKNOWN_ACTION nextstate: -1 - UNKNOWN STATE ATML0031 - state : 1 - IDLE event : 14 - TCP_IMPOSS_EVT action : 14 - S_IMPOSS_EVT nextstate: 1 - IDLE see case for complete state table. Problem: The finite state machine was not handling the case were a station in the avaiable state had a CLOSE_ALL event occur. Instead of transitioning to IDLE state it should have remained in the AVAILABLE state. The ACCEPT completes in the IDLE state which is invalid. The ACCEPT should complete in the AVAILABLE state. The CLOSE_ALL event is initiated by the REFRESH of a certificate. Change: Altered the finite state machine of STARTING stations to remain in the current state when the CLOSE_ALL event occurs. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3407 TCPCLI/SSLCLI - rel3_ver0_sslc08_070713 13-JUL-07 rel3_ver0_tcpc35_070713 TCPSRV/SSLSRV - rel3_ver0_ssls08_070713 rel3_ver0_tcps39_070713 Reference: Case 437578 Symptom: TCPCLI dumps when RADDR port number is greater then 32K. Problem: The code sets the port number to a long variable. This variable is cast to a short and then moved to an unsigned short. Prior to SCR3392 this although incorrect and should have caused a dump, worked for values greater then 32K. The code was surrounded by signal calls that turned off arithmetic overflow trap. SCR3392 removed the signal calls turning arithmetic overflow trap on. Change: Corrected statement to cast the long variable to an unsigned integer before moving it to the unsigned integer variable. Implementation: Move in the new SSLSRV/CLI, TCPSRV/CLI and CTSE modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI and TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3416 TCPSRV/SSLSRV - rel3_ver0_ssls09_070928 28-SEP-07 rel3_ver0_tcps40_070928 TCPTPLS - n30tcpl.tcp11ps TCPTPLO - n30tcpl.tcp11po Reference: Case 443866 Symptom: - TCPSRV log event number 2002 does not include remote IP address. - TCPSRV log event currently looks like below: 07-09-28;16:50:35.123 \S.$P ACI.XPTCP.3000 2002 S1A^STA01 - accept_nw2() error 4120 - (ECONNRESET) Connection reset by remote host. Problem: This is a request for an enhancement. Change: Added the remote IP address to log event 2002. Implementation: Move in the new SSLSRV and TCPSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/TCPSRV. Re-start the previously stopped stations. Dependencies: None. SCR #3419 TCPCLI/SSLCLI - rel3_ver0_sslc09_071025 25-OCT-07 rel3_ver0_tcpc36_071025 rel3_ver0_tcpl29_071025 rel3_ver0_ctse22_071025 TCPSRV/SSLSRV - rel3_ver0_ssls09_070928 rel3_ver0_tcps40_070928 rel3_ver0_tcpl29_071025 rel3_ver0_ctse22_071025 CTSE - rel3_ver0_ctse22_071025 GOTCPCLI - $data01.n30tcpc.gotcpc09 TCPTPLS - n30tcpl.tcp11ps TCPTPLO - n30tcpl.tcp11po Reference: Case 443311 Symptom: None. Problem: None. Change: New release of SSLLIB. * Enhancement to allow SSL CLIENT to initialize without a Certificate. This allows an application that is always a SSL CLIENT to work without requiring a certificate. INCLUDED new SSLLIB header files and added event messages to the ctse_sslerror proc. Added a new param "CERT^IN^CONFIG" to the GOTCPCLI file. Valid values are "NO" and "YES". A value of "NO" means that there is no CERTFILE param in the SSL CONFIGURATION file. It indicates to the SSLCLI that it can run as a SSL Client without requiring a Certificate. A value of "YES" or the default, is that the SSLCLI will not initialize without the CERTFILE param in the SSL CONFIGURATION file. Implementation: Move in the new SSLCLI and SSLSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLCLI and SSLSRV. Re-start the previously stop stations. Dependencies: None. SCR #3420 TCPCLI/SSLCLI - rel3_ver0_sslc09_071025 25-OCT-07 rel3_ver0_tcpc36_071025 rel3_ver0_tcpl29_071025 rel3_ver0_ctse22_071025 TCPSRV/SSLSRV - rel3_ver0_ssls09_070928 rel3_ver0_tcps40_070928 rel3_ver0_tcpl29_071025 rel3_ver0_ctse22_071025 CTSE - rel3_ver0_ctse22_071025 Reference: Case #443716 Symptom: TCPSRV dumping multiple times Problem: In the case where the BIP connection is made and no activate bit is sent by the client side, if a message is sent from xpnet to the server the station goes SUSPENDED. If after this occurs a error such as a 4120 is detected on the socket the TCPSRV is incorrectly setting a suspend flag to false indicating that the TCPSRV now thinks the station is not suspended. If another message is sent by XPNET it is queued until the SUSPEND/REINSTATE time expires, the message is then sent to TCPSRV. TCPSRV gets this new CTS_SEND_DATA and because BIP is not activated yet tries to reply to a CTS_RECV_DATA that has not been been posted by XPNET. This causes TCPSRV to dump. Change: I have removed the code in TCPL that sets the suspend flag to FALSE on a socket error when the inactivate message has not been received by TCPL. Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stop stations. Dependencies: None. SCR #3429 TCPCLI/SSLCLI - rel3_ver0_sslc10_080415 15-APR-08 rel3_ver0_tcpc37_080415 rel3_ver0_tcpl30_080415 TCPSRV/SSLSRV - rel3_ver0_ssls10_080415 rel3_ver0_tcps41_080415 rel3_ver0_tcpl30_080415 Reference: Case #459714 Symptom: TCPCLI Userdata is set to "-D-" but TCP_NODELAY is not working. Problem: Prior fix in release TCPL19 caused the TCP_NODELAY SETSOCKOPT to not be executed. This effects TCPC26 and above and TCPS30 and above. Change: Added code in the TCPL to correctly evaluate the nodelay socket flag and execute the SETSOCKOPT for TCP_NODELAY. Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3430 TCPSRV/SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 rel3_ver0_tcps41_080415 rel3_ver0_tcpl30_080415 rel3_ver0_ctse23_080415 CTSE - rel3_ver0_ctse23_080415 TCPTPLS - n30tcpl.tcp12ps TCPTPLO - n30tcpl.tcp12po TCPEC - n30tcpl.tcp10ec TCPEDDL - n30tcpl.tcp10es TCPETAL - n30tcpl.tcp10et TCPETCL - n30tcpl.tcp10ea GOTCPSRV - n30tcps.gotcps10 Reference: Case #452675 Symptom: ATM has an established connection. A network problem occurs that causes the ATM to detect that the connection is gone before the XPNET side detects that the problem has occurred. The ATM reconnects and the connection attempt is rejected. This can go on until the XPNET HP side detects the connection is broken by KEEPALIVES. The default keepalive timeframe is approximately 6 minutes. Problem: XPNET TCPIP is designed to accept the first connection and subsequent connections destine for that end point are rejected. Change: This enhancement will allow the customer to configure a TCPSRV to accept subsequent connection attempts destine for a particular end point (XPNET STATION). There is a new param in the GOTCPSRV file - LASTCONN. If LASTCONN is set to ON it will allow XPNET stations that are configured with a RADDR other then BLANKS to accept a connection when already connected. The initial connection will be torn down and this new connection will become the active connection. XPNET stations with a RADDR of BLANKS will not be affected. This enhancement should only be used in a secure network. The following TELL command will allow the LASTCONN param to be changed online. TELL EXTERNAL $PPD.#TCPALTR, "LASTCONN ON" TELL EXTERNAL $PPD.#TCPALTR, "LASTCONN OFF" Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3431 TCPSRV/SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 rel3_ver0_tcps41_080415 rel3_ver0_tcpl30_080415 rel3_ver0_ctse23_080415 CTSE - rel3_ver0_ctse23_080415 TCPTPLS - n30tcpl.tcp12ps TCPTPLO - n30tcpl.tcp12po TCPEC - n30tcpl.tcp10ec TCPEDDL - n30tcpl.tcp10es TCPETAL - n30tcpl.tcp10et TCPETCL - n30tcpl.tcp10ea GOTCPSRV - n30tcps.gotcps10 Reference: Case #435617 Symptom: Round Robin Connection Enhancement. Problem: The TCP/IP server process (TCPSRV) should be configurable to allocate incoming connections to the available stations in a round-robin fashion. Currently connections are allocated to the station which was started last. Currently in a configuration of multiple resource nodes with multiple stations utilizing a TCPSRV process, if a start station * command is used to start the stations, the stations on the last resource node are started last and therefore receive the bulk of the connections. In the event of a CPU failure which results in a NETWORK process takeover, all the stations on that resource node are re-opened by the backup which therefore become the last started and consequently take all the connections. This results in potentially the least stable resource node taking the heaviest traffic load. Changing TCPSRV to allocate connections on a round-robin basis across all available stations would load balance the incoming traffic across all resource nodes. Change: This enhancement will allow the customer to configure a TCPSRV to have connections accepted by XPNET STATIONs in a round robin fashion. The first XPNET STATION started will get the first connection. Once that station is stopped it will go to the bottom of the list and will not accept a connection until all other stations have at least one connection. There is a new param in the GOTCPSRV file - RRCONN. If RRCONN is set to ON it will allow XPNET stations that are configured with a RADDR of BLANKS to be a round robin group and round robin distribution will occur within that group. Any other type of RADDR configuration that takes advantage of wildcard config will group common configs together and they will have connections distributed in a round robin fashion within that group. The following TELL command will allow the LASTCONN param to be changed online. TELL EXTERNAL $PPD.#TCPALTR, "RRCONN ON" TELL EXTERNAL $PPD.#TCPALTR, "RRCONN OFF" Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3432 SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 SSLCLI - rel3_ver0_sslc10_080415 Reference: Case #461913 Symptom: SSLSRV Abends when Certificate Refresh is issued. Problem: Finite State Machine did not take into account the possiblity that a station may be shutting down as the Refresh is issued. This puts the station in the Shutdown_pending state. In this state there is no IO to respond to XPNET with. Code dumps when Reply fails. Change: Changed the FSM to do nothing in the Shutdown_pending state if a refresh is issued. The station will continue with the shutdown. Implementation: Move in the new SSLSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI Re-start the previously stopped stations. Dependencies: None. SCR #3433 TCPSRV/SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 rel3_ver0_tcps41_080415 rel3_ver0_tcpl30_080415 Reference: Internal Symptom: None. Problem: None. Change: Enhancement to allow wildcarded IP addresses to include a wildcarded Port number. Prior to this enhancement the following configuration was valid: 3333:172.21.200.* or 3333:172.21.*.*. The port had to be static. This enhancement will allow the following: 0:172.21.200.* or 0:172.21.*.*. Implementation: Move in the new SSLSRV and TCPSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV or TCPSRV. Re-start the previously stopped stations. Dependencies: None. SCR #3434 SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 SSLCLI - rel3_ver0_sslc10_080415 STGKM - $data01.u10ssll1.stgk05 T0000D48_03_STGKM_20MAR2008_V1R1 Reference: Case 438351 Symptom: The following sequence would result in an ABEND in SafeTGate SSL Library (specifically, at #ssl_process_vsocket_send_complete). - Application issues SEND_NW or SEND_NW2 on an SafeTGate SSL Library encrypted socket. - The socket is cleaned up (closed) before the send operation completes. - Another SEND_NW/2 operation is issued on a different socket before the prior send completes. - 1st send completes without error. - 2nd send completes. Problem: The buffer used for a pending SEND_NW operation was being released when a socket was cleaned up. If that buffer was reused by another socket before the SEND_NW operation completed, the (eventual) SEND_NW completion could be treated as belonging to the new socket. This would corrupt a linked list of send buffers. Change: New release of SSLLIB. Implementation: Move in the new SSLSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI. Re-start the previously stopped stations. Move in the new STGKM module. Dependencies: None SCR #3435 TCPSRV/SSLSRV - rel3_ver0_ssls10_080415 15-APR-08 rel3_ver0_tcps41_080415 Reference: Internal Symptom: None. Problem: None. Change: Added code to allow the TIMEOUT param to be set to a -1 value. This value will allow an ACCPET to always be posted and no timers set when a connection is rejected. The connection will be rejected immediately. Also added the following command to allow the Param TIMEOUT value to be changed on line. TELL EXTERNAL $PPD.#TCPALTR, "TIMEOUT val" Implementation: Move in the new SSLSRV and TCPSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV or TCPSRV. Re-start the previously stopped stations. Dependencies: None SCR #3452 TCPSRV/SSLSRV - rel3_ver0_ssls11_080915 15-SEP-08 rel3_ver0_tcps42_080915 Reference: Case #476202 Symptom: TCPSRV dumps. Problem: If the LAST CONN option is being used it is possible that the TCPSRV can reply an XPNET CTS RECV with an invalid tag number causing TCPSRV to dump. Change: When using LAST CONN and a connection attempt comes into TCPSRV that matches a server stations configured RADDR the code moves the control block ctsi recvinfo message tag into the recv tag field. The code then replies to XPNET with that tag. The control block ctsi recvinfo message tag is the saved tag number from the last IO. In the chance that the LAST CONN accept completes after an IO is posted that is not a RECV this non recv tag could get moved into the reply tag and cause the dump. Added code to reply to the XPNET RECV when a LAST CONN accept completes without moving the control block ctsi recvinfo message tag into the recv_tag field. The recv tag will contain the recv tag from the last recv IO. Implementation: Move in the new SSLSRV and TCPSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV or TCPSRV. Re-start the previously stop stations. Dependencies: None. SCR #3458 SSLSRV - rel3_ver0_ssls12_081215 15-DEC-08 Reference: Case #480141 Symptom: TCPSRV dumps when using LASTCONN. Problem: When an ACCEPT CONN is posted to TCPSRV it searches a linked list of outstanding ACCEPTS that have completed from the TCPIP process. If one matches the RADDR of the ACCEPT CONN from XPNET the outstanding ACCEPT is deleted from the linked list. The code incorrectly returned out of the search even if it did not find a match with an address. This address signaled the calling proc to free up the returned memory. This memory was actually still linked into the linked list. When the linked list was accessed again the search tried to free up the memory that was already freed causing TCPSRV to dump. Change: Changed code to only return an address when a match was found. Implementation: Move in the new SSLSRV and TCPSRV modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV or TCPSRV. Re-start the previously stop stations. Dependencies: None. SCR #3465 SSLSRV - rel3_ver0_ssls12_081215 15-DEC-08 SSLCLI - rel3_ver0_sslc11_081215 Reference: Case #478173 Symptom: SSL stations go abnormal when any SSL error is reported. Problem: The issue here is that the SSLSRV/CLI code looks at any return code from the SSLLIB other then INS_SSL_RC_OK as a fatal error and the station is sent to the ABNORMAL state. In this case the error INS_SSL_RC_AL_CERTIFICATE_UNKNOWN is sending the station to ABNORMAL. The customer questioned whether in a POS enviroment an error such as this could be sent back to STARTING so that the station could be available for another viable Client. Change: Added code to allow a new param SSL^ERR^ACT to indicate whether SSL errors will be handled as either fatal errors or retryable errors. This param will take affect after a succsseful startup of the SSLSRV/CLI process. Any SSL errors during startup will be considered FATAL. New go file startup param: SSL^ERR^ACT - values - RETRY or FATAL. New TELL commands: NCPCOM> TELL EXTERNAL $SRV.#SSLALTR,"SSLERRACT RETRY" NCPCOM> TELL EXTERNAL $SRV.#SSLALTR,"SSLERRACT FATAL" NCPCOM> TELL EXTERNAL $CLI.#SSLALTR,"SSLERRACT RETRY" NCPCOM> TELL EXTERNAL $CLI.#SSLALTR,"SSLERRACT FATAL" Implementation: Move in the new GOTCPSRV and GOTCPCLI macros and set the new param as required. Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Install the new TCPTPLS file re-build the EMSNRES and EMSRES template files using the GOINST obey file. Dependencies: None. SCR #3467 SSLSRV - rel3_ver0_ssls12_081215 15-DEC-08 SSLCLI - rel3_ver0_sslc11_081215 Reference: Case #484415 Symptom: TCPSRV Dumps. Problem: Ten years ago a fix was placed into the CTSE part of the TCPSRV/SSLSRV. This fixed added the #pragma nostdfiles which instructs the CRE run time library to omit opening the standard streams. This requires CTS/E to explicitly open whichever streams are needed using the fopen_std_file function. This fix missed the printf statements in the TCPSRV/SSLSRV TCPLIBs. The printf statement that caused this dump is used when the Primary log file and Alt log file are unavailable to log a message. A printf statement in CTSE was missing an argument. Found during testing this caused a dump. Change: Added the OPEN_STDOUT_D to open the standard out and added the define CLOSE_STDOUT_D to close standard out when a printf statement is executed. Added the argument for the printf statement in CTSE. Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3466 SSLSRV - rel3_ver0_ssls13_090110 10-JAN-09 SSLCLI - rel3_ver0_sslc12_090110 Reference: Internal. Symptom: Link fails because server doesn't accept the protocol version (3.2) offered in the client hello handshake message. Problem: SafeTGate SSL Library didn't have the support for the TLS version 1.1. Change: Support for the TLS protocol version 1.1 is added to the SafeTGate SSL Library. Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3482 SSLSRV - REL3_VER0_SSLS14_090320 SSLCLI - REL3_VER0_SSLC13_090320 20-MAR-09 Reference: case #491524 Symptom: SSLSRV/CLI shuts down connections when a Certificate refresh is done. Problem: Original code design was to shut down the connection when a Certificate refresh was done. Change: Removed the code that performed the connection shut down when a Certificate Refresh is done. Implementation: Move in the new SSLSRV and SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV and or SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3483 TCPSRV/SSLSRV - rel3_ver0_ssls15_090330 09-MAR-30 rel3_ver0_tcps44_090330 TCPCLI/SSLCLI - rel3_ver0_sslc14_090330 rel3_ver0_tcpc39_009330 Reference: Case #492742 Symptom: TCPSRV Abends. Problem: A BIP station on start up sends (BSTUNINIT) an active bit. The send is in the JUST_CONNECTED state of the FSM. Before the SEND completed back to the TCPSRV a CTS_RECV was received by the TCPSRV. This put the TCPSRV FSM into the RECV_PEND state. The RECV_PEND state was coded go to the WAIT_DEALLOC state when a BSTUNINIT send completed. While in the WAIT_DEALLOC state a CTS_SEND data was received from XPNET. When in the WAIT_DEALLOC state a CTS_SEND will cause the TCPSRV to reply to the CTS_SEND with a NO_CONN error. The NO_CONN error causes XPNET to send a CTS_SUSPend to TCPSRV. TCPSRV replies correctly to the CTS_SUSP over the CTS_RECV IO that had been posted by XPNET. XPNET now has no RECV posted to TCPSRV. TCPSRV receives the ACTIVE BIT and tries to reply to XPNET with an invalid tag. Change: Changed the FSM so that when TCPSRV/CLI is in the RECV_PEND state and a BSTUNINIT completes the FSM remains in the RECV_PEND state. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3497 TCPSRV/SSLSRV - REL3_VER0_SSLS16_090715 09-JUL-15 REL3_VER0_TCPS45_090715 REL3_VER0_TCPL33_090715 TCPCLI/SSLCLI - REL3_VER0_SSLC15_090715 REL3_VER0_TCPC40_090715 REL3_VER0_TCPL33_090715 Reference: Case #500266 Symptom: - TCPSRV dumps. - issue on Tcp/ip For WinEpts device Problem: Station is configured with the following userdata: "-5,L5,F5,TA,PB5A00000 -K+" TCPSRV incorrectly receives five bytes of ASCII 0's "00000". The TCPLIB code does not take into account the length of the PB (PAD BACK) when determining the MIN length of the first step of the two step read to get the entire length indicator. Because of the F5 factor in the length indicator the code thinks that the MIN of the first read is 5. When determining the position in the read buffer the code uses the actual length of the entire length indicator including the Back Pad. This causes the code to pass on an invalid length of what was read, in this case it passes -5 to a memcpy call forcing the dump. In this case because the message received was invalid the code should not dump but should log a message and shutdown the socket. Change: Include the length of the BPAD in the calculation of the MIN length when reading the first step of the two step read. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3503 TCPSRV/SSLSRV - REL3_VER0_SSLS16_090715 15-JUL-09 REL3_VER0_TCPS45_090715 REL3_VER0_TCPL33_090715 TCPCLI/SSLCLI - REL3_VER0_SSLC15_090715 REL3_VER0_TCPC40_090715 REL3_VER0_TCPL33_090715 Reference: case #503852 Symptom: - TCP/IP server stations are going into abnormal state when a client tries to connect and a timeout occurs. - Error 4126 (ETIMEDOUT) occurs on accept_nw2. - Log Messages: 09-17-16;10:10:18.720 \SYS.$P1TS ACI.XPTCP.3000 2002 S1A^01 - accept_nw2() error 4126 - (ETIMEDOUT) Connection timed out - ADDR - 2345:11.222.333.44. 09-17-16;10:10:18.726 \SYS.$P1AN ACI.XPNET.3100 6290 CTS request error 5 (connection request rejected) for station S1A^01 on line L1A^01, request ACCEPT_CONN CTS subsystem error 4126 (4126), operator intervention required. 09-17-16;10:10:18.728 \SYS.$P1AN ACI.XPNET.3100 2105 Station S1A^01 on Line L1A^01 closed because of a fatal CTS error - connection request rejected on req ACCEPT_CONN, detail 4126, station will remain closed. Previous STARTING, Current ABNORMAL Problem: Error 4126 to accept_nw2 is treated as a fatal error causing the station to go into the abnormal state. Change: Make accept_nw2 error 4126 (ETIMEOUT) a retryable error. This allows the station to go back into the starting state if station retries and/or station error action is configured to do so. Implementation: Stop all lines/station using the TCPSRV process, stop the TCPSRV process, install new TCPSRV object, restart TCPSRV, and restart the lines/stations. If running on a RISC machine, execute the TCPAXCL file. Rebuild template files on the scribe subvolume as normal (see TMPLMAKE and GOINST). Dependencies: None SCR #3505 TCPSRV/SSLSRV - REL3_VER0_SSLS16_090715 09-AUG-14 REL3_VER0_TCPS45_090715 REL3_VER0_TCPL33_090715 TCPCLI/SSLCLI - REL3_VER0_SSLC15_090715 REL3_VER0_TCPC40_090715 REL3_VER0_TCPL33_090715 Reference: Internal RFE Symptom: - New requirement to handle a message SUFFIX. - Strip and add a SUFFIX to the TCP message without impact to the XPNET application process. - Handle one very specific "leased line" message format as documented on page 1 of the "FDMS RISC/6000 Implementation of TCP/IP" version 1.3 document dated 10/21/04. Problem: No problem. This is an enhancement. Change: Modified the "-5" userdata format to allow specification of a message SUFFIX. This SUFFIX will be added to the end of outbound messages and stripped from the end of incoming ones. The general syntax and handling is the same as for "pad front" (pf) and "pad back" (pb) except the new specifier (s or S) is used to designate a SUFFIX. As stated in the "NET24-XPNET TCP/IP Protocol Implementation Guide" (XN-PL300-03), the CTSE userdata field has a limit of 63 bytes; that limit has not changed. The number of bytes of SUFFIX is limited by the total number of bytes used by the other parts of the -5 configuration up to 63 bytes. A userdata example for the FDMS message described above follows. Note the "s4" which specifies a 4 byte SUFFIX. "-5,pf4%h02%h46%h44%h02,l2,tb,f0,s4%h03%h46%h44%h03" Note: While changing the parsing of -5 userdata, two problems were found and corrected. 1) "PF" was properly identified as pad front, but "Px" (where x is anything other than "F" or "B") was improperly identified as pad back. Changed the parsing to accept "PF" and "PB" only. 2) Valid value types are "A", "E", and "%H". Some old code that attempted to handle type "B" had not been removed, and could cause unpredictable results. That old code was removed. For example, "-5,pf3B123" is invalid and should now be rejected. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3506 SSLSRV - REL3_VER0_SSLS16_090715 09-JUL-15 SSLCLI - REL3_VER0_SSLC15_090715 SSLLIB - T0000G06_13_STGSSLLIB_12AUG2009_V1R1_SPCL Reference: Internal. Symptom: None. Problem: None. Change: New release of SSLLIB bound into SSLSRV/CLI supports following NEW PARAMS in the SSLCONFIG file. Please see the latest version (March 09) of the "SafeTGate SSL Library Guide". · SERVERMINPROTVERSION: specifies the lowest version of SSL that will be accepted from an incoming client connection Possible values are SSL30, TLS10 and TLS11, and the default is SSL30. · CLIENTMINPROTVERSION: specifies the lowest version of SSL that will be accepted for an outgoing client connection Possible values are SSL30, TLS10 and TLS11, and the default is TLS11. · CLIENTHELLOPROTVERSION: specifies the version of SSL that is specified in the SSL "client hello". This parameter may be needed for those SSL server implementations that don't support TLS 1.1 and reject the connection if this option is presented in the "client hello" Possible values are SSL30, TLS10 and TLS11, and the default is the current value of CLIENTMINPROTVERSION. · ALLOWMD5SIGNATURES: specifies if certificates with a signature based on an MD5 hash will be accepted during certificate authentication and verification. It is recommended that this is left to the default value of NO, in order to protect against the recently published MD5 based signature vulnerability when used with PKI. The default is NO. **** NOTE: * Impact due to new release of SSLLIB that is bound into SSLSRV/CLI. * MD5 Hash Based Digital Signature Support Due to security vulnerabilities associated with digital signatures based on MD5 hashes, X.509 certificates with MD5 based digital signatures will no longer be supported by default. Although not recommended, if you wish to continue to support these signatures, set the ALLOWMD5SIGNATURES in the SSLCONFIG file to YES; this allows for continued support of MD5 based signatures. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3509 TCPSRV/SSLSRV - REL3_VER0_SSLS17_091019 19-OCT-09 REL3_VER0_TCPS46_091019 TCPCLI/SSLCLI - REL3_VER0_SSLC16_091019 REL3_VER0_TCPC41_091019 Reference: 1012846 Symptom: - TCPCLI, SSLCLI, TCPSRV, or SSLSRV abend with tcp_fsm and ctse_stop at the top of the stack. Problem: A message with a bad length was received while in the suspended state. Event "e_0_recv_comp_bad_lgth" was not allowed for in state "suspended". Change: Allow for event "e_0_recv_comp_bad_lgth" in the "suspended" state. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3515 TCPSRV/SSLSRV - REL3_VER0_SSLS17_091019 15-DEC-09 REL3_VER0_TCPS46_091019 Reference: Case #925818 Symptom: Error in EMS after CPU Failure - An Accept_NW2 error 60 occurs hours after the CPU take over and the stations go abnormal. Problem: The code treats the Accept_nw2 error 60 as a fatal error. Change: Altered the code to treat the Accept_NW2 as a retryable error. The existing socket will be torn down, a new socket will be created after the station transitions back to the starting state. The station will then be available as an endpoint for new connections. Implementation: Bring down the existing TCPSRV/SSLSRV process. Move in the new TCPSRV/SSLSRV modules. See implementation guide for configuration along with above info. Re-start TCPSRV/SSLSRV. Re-start corresponding stations. Dependencies: None. SCR #3516 SSLSRV - REL3_VER0_SSLS17_091019 17-DEC-09 SSLCLI - REL3_VER0_SSLC16_091019 SSLLIB - T0000D48_03_STGSSL10DEC20092009__SPCLV1R1 Reference: Case 01015668 Symptom: SSLSRV or SSLCLI abend. Problem: Arithmetic error in cryptographic routines. Change: New release of SSLLIB bound into SSLSRV/CLI. The new SSLLIB was created to correct an abend caused by a SSL key exchange handshake message that triggered an arithmetic error in the cryptographic routines. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None SCR #3528 GOTCPSRV - n30tcps.gotcps12 30-JUN-10 GOTCPCLI - n30tcpc.gotcpc11 Reference: Case #1082075 Symptom: None. Problem: Update comments to make the DNS defines clear. Change: Updated comments for the DNS Defines. =tcpip^host^file =tcpip^resolver^name Implementation: Move in the new GOTCPSRV and GOTCPCLI macros and set the new param as required. Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Dependencies: None. SCR #3530 TCPSRV/SSLSRV - REL3_VER0_SSLS19_100815 15-AUG-10 REL3_VER0_TCPS48_100815 TCPCLI/SSLCLI - REL3_VER0_SSLC18_100815 REL3_VER0_TCPC43_100815 TCPTPLO - $data01.n30tcpl.tcpl15o TCPTPLS - $data01.n30tcpl.tcpl15s Reference: Case #1085901 Symptom: SSLSRV code goes into a looping condition. Problem: SCR3525 did not handle the situation where a SSLSRV station that was STOPPED or ABORTED and then STARTED again and a rougue connection was accepted. SCR3525 created a condition where the last member of an internal linked list NEXT pointer was not updated which caused the NEXT pointer to point to the head of the list. When a rouge connection was accepted and not found on the list the code would then go into the loop condition. Change: Replaced code involved with SCR3525 with code that preforms a INS_SSL_SHUTDOWN_NW() on any socket that had an INS_SSL_ACCEPT2_NW() posted or had a INS_SSL_ACCEPT2_NW() complete on it when an ABORT command was issued. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Install the new TCPTPLO file re-build the EMSNRES and EMSRES template files using the GOINST obey file. Dependencies: None. SCR #3546 TCPSRV/SSLSRV - REL3_VER0_SSLS20_110130 30-JAN-11 REL3_VER0_TCPS49_110130 Reference: Case #1087457 & #1104279 Symptom: - Hours after a CPU dump and an error 211 reported by the TCPSRV process the following log messages are seen. 10-11-23;11:19:37.157 \PROD.$ASIT1 ACI.XPTCP.3000 2002 S1E^N50DIAL164 - accept_nw2() error 60 - The file resides on a removed volume, the device is downed or not open, or a server has failed and a process has been replaced by a different process with the same name since the server was opened. 10-11-23;11:19:37.161 \PROD.$Q1EN ACI.XPNET.3100 6289 CTS request error 10 (file system error encountered by CTS/E) for station S1E^N50DIAL164 on line L1E^N50DIAL164, request ACCEPT_CONN, Guardian error 60 (60), operator intervention required. Problem: When XPNET TCPIP server stations are in the STARTING state, the TCPSRV process has an open (SOCKET) posted to the HP TCPIP process associated with that Station. When a CPU fails containing the HP TCPIP stack the opens(SOCKETS) are not cleaned up from the TCPSRV perspective. These opens where done on the Primary HP TCPIP Stack and after the CPU failure the backup takes over. When a connection is accepted by the TCPSRV process it then posts an ACCEPT_NW2() on the open (SOCKET) on behalf of the XPNET station in the STARTING state. The new primary HP TCPIP Stack fails the ACCEPT_NW2() with an error 60 because it does not know about the open (SOCKET). The reason the HP TCPIP Stack does not know about the open is because the HP TCPIP Stack is not coded to do checkpointing. Change: When the TCPSRV process detects an ACCEPT_NW() completing with an error 211 - CPUDOWN. The TCPSRV process will close all stations that are in the STARTING state. Stations in the STARTED will be handled by the completion of the RECV_NW()s that are posted to the HP TCPIP process. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3543 SSLSRV - REL3_VER0_SSLS21_110715 01-SEP-11 SSLCLI - REL3_VER0_SSLC19_110715 SSLLIB - T0000D48_03_STGSSLLIB_12AUG2011_V5R0 1) Reference: Case #1101863 Symptom: - SSLSRV Dumps. Problem: SSLLIB returns from INSESSION_AWAITIOX() with a filenum that no longer is in use. A susequent call to GET_FILEINFO() causes the SSLSRV to dump. Change: If the CONNECTIONTIMEOUT expires without recv_nw posted by an application, SSL Library wouldn't queue the completion code properly, resulting in the connection not being cleaned up properly when recv_nw eventually gets issued, and even abend if send_nw gets called instead. Fixed. (11090930 090930-CR60) 2) Reference: Case #1132341 Symptom: A server process using the SafeTGate SSL Library abends when a client attempts to renegotiate existing connection after the certificate refresh has been performed. Problem: Library was attempting to use the old certificate that has been removed. Change: SafeTGate SSL Library fixed to properly handle the scenario. Dependencies: None. (11100930 100930-CR139) 3) Reference: Case #01135691 Symptom: Process abends - unable to allocate memory. Problem: Memory leak caused by improper increment to session reference count when Client requests SSL session renegotiation. Change: Ensure reference count is not incremented when client requests SSL session renegotiations SSL session. Dependencies: None. (11110706 110731-CR216) 4) Reference: Internal. Symptom: A server process using the SafeTGate SSL Library abends while trying to process client key exchange message during the handshake. Problem: In some rare circumstances, core library for large integer arithmetics produces an error that causes the process to abend. Change: SafeTGate SSL Library changed to internally handle this issue. (11100331 090930-CR77) 5) Reference: Internal. Symptom: A client process using the SafeTGate SSL Library is not attempting to reuse existing sessions with the known server when configured to do so. This results in extensive memory consumption when there are lots of connection attempts to the same server. Problem: Faulty code for session reuse on the client side. Change: SafeTGate SSL Library fixed to properly reuse the existing sessions. Dependencies: None. (11100930 100930-CR136) 6) Reference: Internal. Symptom: A process using the SafeTGate SSL Library aborts the renegotiation attempt's handshake after receiving the finished message from the peer, when the renegotiated connection used the TLS 1.1 protocol version. Problem: Library wasn't changing the cipher state because of the change cipher state message being ignored. Change: SafeTGate SSL Library fixed to properly handle the scenario. (11100930 100930-CR150) * New SSLLIB version release: $DATA01.U10SSLL1.SSLL16 GMT Binder timestamp: 08JUL2011 06:13:28 Version procedure: T0000D48_03_STGSSLLIB_06JUL2010_V1R1 Version procedure: T0000D48_03_DSXLALIB_30SEP2010_V4R2 Version procedure: T0000D48_03_ICAPLIB_30SEP2010_V4R2 Version procedure: T0000D48_03_CSEVENTLIB_30SEP2010_V4R2 Version procedure: T0000D48_03_PRODUCTIA_30SEP2010_V4R2 Native Mode: Not runnable file 7) Reference: Case #01156470 Symmptom: Various undeserved decode errors on connections, even possible ABEND Problem: TCPIP proocess delivers messages sent to socket that had connection timeout to another socket. Change: Issue internal shutdown_nw after the connection timeout. Dependencies: None. (50110812 110812-CR220) 8) Reference: Case #01102894 Symptom: SSLSRV Dump with 100930 SSLLIB Problem: Attempt to fix case #01107255 Change: Change backed out. Dependencies: None. (50110812 110812-CR164) 9) Reference: Case #01107255 Symptom: SSLSRV stuck in SEND_PENDING state Problem: SEND_NW sometimes not being completed by the library when STOP STATI ON command is issued on XPNET station Change: ins_ssl_ssl_shutdown_nw() processing improved to ensure all send_nw() operations from application receive a reply Dependencies: None. (50110812 110812-CR183) * Newest SSLLIB version release: $DATA01.U10SSLL1.SSLL17 GMT Binder timestamp: 15AUG2011 01:08:21 Version procedure: T0000G06_13_STGSSLLIB_12AUG2011_V5R0 Version procedure: T0000G06_13_DSXLALIB_12AUG2011_V5R0 Version procedure: T0000G06_13_ICAPLIB_12AUG2011_V5R0 Version procedure: T0000G06_13_CSEVENTLIB_12AUG2011_V5R0 Version procedure: T0000G06_13_PRODUCTIA_12AUG2011_V5R0 Native Mode: Not runnable file Implementation: Move in the new SSLSRV and or SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV and or SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3578 TCPSRV/SSLSRV - REL3_VER0_SSLS22_120430 30-APR-12 REL3_VER0_TCPS51_120430 TCPCLI/SSLCLI - REL3_VER0_SSLC20_120430 REL3_VER0_TCPC45_120430 Reference: Case #1197970 Symptom: - CTS external process reported invalid value for attribute STATION USERDATA. Station goes ABNORMAL. Problem: The buffer used for Userdata is only 64 bytes long. When using the -5 option this length can easily be exceeded as in this case. Initially the CTS\I code uses the configured station userdata seen in an INFO station detail from NCPCOM when starting the connection. This allows the initial attempt to succeed. Once the initial connection attempt is made the CTS/E will send back to CTS/I userdata with the default values. This is what is used in subsequent connection attempts. As stated above If using the -5 options, it is possible that the defaults along with the -5 information exceed the 64 bytes. This string is passed back to CTS/E from CTS\I and in this case the default of "BT1" is truncated at the 64 byte limit, it should have been "BT10-". The CTS\E code detects a invalid configuration and handles as an error condition. The string passed back from CTS\E is only supposed to be used for display in the status station detail in XPNET 3.1. In Xpnet 3.0 this information is displayed in the info station detail. In either case the code was overwriting the memory copy of the information from the NEF with this string. Change: Altered the TCPL routines that handle the UDATA information to determine what was passed up from CTS\I and save that information, then add any default values that will fit in the remaining space upto 64 bytes. The information passed up from CTS\I plus the added default information will be passed back to CTS\I for display in the XPNET 3.0 info station ,detail command and in the status station ,detail command in XPNET 3.1. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3589 TCPSRV/SSLSRV - rel3_ver0_ssls23_120915 15-SEP-12 rel3_ver0_tcps52_120915 TCPCLI/SSLCLI - rel3_ver0_sslc32_120915 rel3_ver0_tcpc46_120915 rel3_ver0_tcpl39_120915 rel3_ver0_ctse26_120915 CTSE - rel3_ver0_ctse26_120915 CTSEPLS - n30ctse.ctse09ps CTSEPLO - n30ctse.ctse09po CTSEEC - n30ctse.ctse05ec CTSEEDDL - n30ctse.ctse05es CTSEETAL - n30ctse.ctse05et CTSEETCL - n30ctse.ctse05ea Reference: Case #1222522 Symptom: An XPNET node running on one HP node opens a port ( TCPSRV process ) running on a different HP node. Due to an Expand failure XPNET reports an error 249 which causes the station to recycle and transition back to the STARTING state, however, the corresponding remote TCPSRV->ATM TCPIP connection is still viable. Problem: When XPNET generates the error 249 EMS event on a station it can be assumed that the TCPSRV and XPNET are out of sync in regards to the XPNET open file number and the openers table in the TCPSRV. This is a result of the Expand error 249. Xpnet receives the 249 for each IO pending to the TCPSRV process. This causes XPNET to recycle the station causing a new open being sent (successfully) to the TCPSRV over expand. TCPSRV does not know about the Expand problem (it does not have an open to XPNET it just replies to XPNET). TCPSRV retains the already established connection to the ATM and will remain in this state until either the ATM does a shutdown of the connection or the TCPSRV is recycled. Communication to TCPSRV for this channel (XPNET open filenum - TCPSRV openers table - TCPIP connection ) is broken. If the XPNET station transitions from the STARTED state to STARTING, via the error 249 a new open (this will be a different filenum then the original open that the 249 was reported on) will occur and a new ACCEPT_CONN IO will be posted to the TCPSRV. In the case of ATM's and a configured RADDR this station will remain in starting because the ATM and TCPSRV still believes original connection is viable. Change: In order to control this situation a new Tell command has been implemented. This command must be issued from an NCPCOM on the same HP node that the TCPSRV is running. The Tell command will contain the HP node name and ppd name of the remote XPNET process that is associated with the Station (channel) that is in the out of sync condition. The command will also contain the symbolic name of the station. With this information the TCPSRV process will search the openers table, match on the Pri-Handle and station name then close the tcpip connection, reply to any outstanding IO's and initialize the opener table entry. This will allow the ATM to reconnect and will acquire the XPNET station that transitioned from STARTED to STARTING via the error 249 and opened the TCPSRV with a posting of an ACCEPT_CONN. ---------------------------------------------- *** New TELL command and Log Message Ex: NCPCOM> TELL EXTERNAL $SRV.#TCPRSET,"\XXXX.$P1AN S1A^SRX000" 12-09-05;17:14:02.908 \XXXX.$SRV ACI.XPCTSE.3000 1025 TELL TCPRSET COMMAND - STA (S1A^SRX000) STA NOT FOUND. NCPCOM> TELL EXTERNAL $SRV.#TCPRSET,"\XXXX.$P1AN S1A^SRV000" 12-09-05;17:12:23.841 \XXXX.$SRV ACI.XPCTSE.3000 1026 TELL TCPRSET COMMAND - STA (S1A^SRV000) STA RESET. ----------------------------------------------- Implementation: Move in the new SSLSRV/CLI and TCPSRV/CLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start SSLSRV/CLI or TCPSRV/CLI. Re-start the previously stopped stations. Install the new CTSEPLS file re-build the EMSNRES and EMSRES template files using the GOINST obey file. Dependencies: None. SCR #3586 TCPSRV/SSLSRV - REL3_VER0_SSLS24_120830 30-AUG-12 REL3_VER0_TCPS53_120830 TCPCLI/SSLCLI - REL3_VER0_SSLC22_120830 REL3_VER0_TCPC47_120830 TCPTPLS - n30tcpl.tcp16ps TCPTPLO - n30tcpl.tcp16po Reference: Symptom: None. Problem: None. Change: Added code to support the request for a Socket Probing facility. This enhancement will send probe requests at configurable intervals. It will also respond to probe requests with a probe response. If a configured number of probe requests are unanswered or no text level messages are received from the session partner the code will ISOLATE the connection. ISOLATE will mean that XPNET will enter Suspend and Reinstate logic for the associated station. If a probe response or a text level message is received prior to the Maximum number of unanswered probes, the station will be reinstated. If the number of probe requests unanswered and no text level messages received surpasses the Maximum number of probes, the TCPSRV/CLI will disconnect the station. Params in the TCPSRV and TCPCLI startup files are Global to the running process. Tell commands can be used to override Global params on line. Station userdata configuration can be used to override any Global param for the indivdual station. Go file params: param PROBETIMER 10 - 1500 ticks. param MAXMISSEDPROBES 1 - 99 param ISOLATEMISSEDPROBES 1 - 99 param SOCKETPROBING ON/OFF/MON If SOCKETPROBING is not set the TCPSRV/CLI code will behave as if there is no probe enhancement. If SOCKETPROBING is set OFF the TCPSRV/CLI code will be aware that if a probe request is received the Node and Switch are in different modes and log a message. If SOCKETPROBING is set ON the TCPSRV/CLI code will set remaining parameters as the default for all connections in the process and all connections will use Probes unless overridden in USERDATA. If SOCKETPROBING is set to MON the TCPSRV/CLI code will set remaining parameters as the default for all connections in the process and all connections will run as Probe Monitor unless overridden in USERDATA. Probe Monitor will detect all the conditions PROBEON will detect and log messages to indicate when the Probe limits are exceeded. No other action will be taken. The above defaults can be altered on line by TELL commands. The following are examples: NCPCOM> TELL external $ppd.#TCPALTR, "PROBE ON" NCPCOM> TELL external $ppd.#TCPALTR, "PROBE OFF" NCPCOM> TELL external $ppd.#TCPALTR, "PROBE MON" NCPCOM> TELL external $ppd.#TCPALTR, "PROBE UNAWARE" NCPCOM> TELL external $ppd.#TCPALTR, "PROBETIMER 1000" NCPCOM> TELL external $ppd.#TCPALTR, "MAXMISSEDPROBES 8" NCPCOM> TELL external $ppd.#TCPALTR, "ISOLATEMISSEDPROBES 7" The following TELL command will give the default config: NCPCOM> TELL external $ppd.#TCPSTAT, "ALL" These prior defaults can be overridden at a station level by setting Station Userdata. If the startup params are not set in the start file, Station USERDATA can be used to configure each individual stations Probe settings. Station USERDATA: The following Length Indicator value must be used in order for the socket probing to work. USERDATA [ -5,l2,tb,pf2%h00%h00 ] In addition to the above USERDATA Length indicator value the following will control the Probe settings: [ -P or -p ] will indicate that the following characters are Probe descriptors and that the connection is Probe aware. [ S or s ] will use the following to indicate Probe state: 1 - PROBEON 2 - PROBEMON 3 - PROBEOFF default is - PROBEOFF [ T or t ] will indicate the timer value: Range: 10 - 1500 ticks. default is 100 ticks - 1 second. [ M or m ] will indicate the MAX-MISSED-PROBES: Range: 1 - 99. Default is 10. [ I or i ] will indicate the ISOLATE-MISSED-PROBES: Range: 1 - 99. Default is 5. Examples: USERDATA [ -5,l2,tb,pf2%h00%h00 -ps1t1400 ] The above sets the Length indicator for Probes. The -ps1t1400 indicates that the connection is probe aware and the s1 indicates PROBEON with a probe timer of 1400 ticks - 14 seconds. All other params are defaults. USERDATA [ -5,l2,tb,pf2%h00%h00 -ps3 ] The above sets the Length indicator for Probes. The -ps3 indicates that the connection is probe aware. The s3 indicates PROBEOFF (if a probe is received a log message will indicate the Node and switch are out of sync). All other params are defaults. USERDATA [ -5,l2,tb,pf2%h00%h00 -ps2I7m8 ] The above sets the Length indicator for Probes. The -ps2I7m8 indicates that the connection is probe aware and the s2 indicates PROBEMON. In monitor mode log messages will indicate when thresholds have been exceeded, no action will be taken to ISOLATE or disconnect. The MAX-MISSED-PROBES will be set to 8 and the ISOLATE-MISSED-PROBES will be set to 7. Timer is set to the default. For New log messages please see the TCPTPLS file supplied with this enhancement. ** Other XPNET Station Settings: At the XPNET Station level the ERRORACT attribute needs to be set to REINEVERY in order to take advantage of the ISOLATE functionality of the Probe enhancement. The REINSTATE value needs to be carefully selected in order to be compatible with the PROBE enhancement. Once the station is ISOLATED Suspend/Reinstate logic is enabled. The state of the connection (ISOLATED or not) will be checked each REINSTATE number of seconds. If the REINSTATE value is to large it is possible that a connection that had been ISOLATED and then received a Probe Response will sit in the suspended state for more time then necessary. If a value to low is selected it could impact performance. ** XPNET processing note: When entering the Isolated state( XPNET Suspened State ) XPNET will send a 9512 message to the process. When the REINSTATE interval is reached XPNET will attempt to reinstate the station. This means a 9513 message is sent to the process, the XPNET station will transition from SUSPENDED to STARTED and check the TCPSRV/CLI for the status of the connection. If the connection is still Isolated XPNET will send a 9512 back to the process and the station will transition back to SUSPENDED. If the connection exceeds the MAXMISSEDPROBES value then XPNET will send a 9519 message to the process and tr transition the station to STARTING and close the connection. When the connection is Isolated and the REINSTATE interval is reached XPNET will check the TCPSRV/CLI for the status of the connection. This means a 9513 message is sent to the process, the XPNET station will transition from SUSPENDED to STARTED. If a message or a Probe Response has been recieved from the connection partner the station will remain STARTED and a 9513 message is sent to the process. Implementation: Move in the new TCPSRV/SSLSRV and TCPCLI/ SSLCLI modules. Stop any of the associated stations. See implementation guide for configuration along with above info. Stop and re-start TCPSRV/SSLSRV and or TCPCLI/SSLCLI. Re-start the previously stopped stations. Dependencies: None. SCR #3623 TCPCLI/SSLCLI - rel3_ver0_sslc24_140215 15-FEB-14 - rel3_ver0_tcpc49_140215 - rel3_ver0_tcpl41_140215 TCPSRV/SSLSRV - rel3_ver0_ssls26_140215 - rel3_ver0_tcps55_140215 - rel3_ver0_tcpl41_140215 SSLLIBI - U10ssl21.SSL204 Reference: Internal Symptom: SSL security vulnerability. Change: Recompiled with new SSLLIB. Implementation: Move in the new SSLCLI/SSLSRV modules. Stop associated XPNET stations. Stop and re-start SSLCLI/SSLSRV processes. Re-start the previously stopped stations. XPNET 3.2 - move the new SSLLIBI to the XPNET subvol and rerun the NETBC obey file to build a new network object. Stop the node move in the new object and start the node. Dependencies: None. SCR #3635 TCPTPLO TCPTPLS - n30tcpl.tcp18ps TCPTPLO - n30tcpl.tcp18po Reference: Needed to recompile Symptom: didn't pull in the last message created Problem: wasn't showing message 2129 Change: recompiled the source to create a new tplo file Dependencies: none SCR #3638 SSLCLI - rel3^ver0^sslc25^20140730 30-JUL-14 SSLSRV rel3^ver0^ssls27^20140730 SSLLIBI - U10SSLL1.SSLL21 Reference: CASE # 1651176 Symptom: error 26 was occurring Problem: Since the error 26 fix was done as a special the change did not get pulled into the new library with the Heartbleed fix. Change: Rebind in the new SSL library. Implementation: Move in the new SSLCLI/SSLSRV modules. Stop associated XPNET stations. Stop and re-start SSLCLI/SSLSRV processes. Re-start the previously stopped stations. Dependencies: None \need off;\need SCR #3656 SSLCLI - rel3_ver0_sslc27_150527 27-MAY-15 SSLSRV - rel3_ver0_ssls29_150527 SSLLIB - T0000G06_13_STGSSLLIB_08MAY2015_V5R4_SPCL Reference: 1968799 Symptom: the SSLLIB was not completing the SHUTDOWN_NW() back to the SSLCLI. Problem: When an application issues ins_ssl_shutdown_nw() and the send_nw() for the closing alert sent by the library completes with the FE_EPIPE, the library doesn't send the shutdown completion to the application. Change: Properly send the shutdown completion to the application when the send_nw() for the closing alert completes with the FE_PIPE. Application will receive a proper shutdown completion when the send_nw() for the closing alert completes with the FE_PIPE. Implementation: Move in the new SSLCLI/SSLSRV modules. Stop associated XPNET stations. Stop and re-start SSLCLI/SSLSRV processes. Re-start the previously stopped stations. Dependencies: None \need off;\need SCR #3659 SSLCLI - rel3_ver0_sslc28_150727 27-JUL-15 SSLSRV - rel3_ver0_ssls30_150727 SSLLIB - T0000G06_13_STGSSLLIB_29JUN2015_V5R4_SPCL A description of your fixes are as follows: * Fix the AuthorityKeyIdentifier certificate checks Change Request: CR680 Case #: 02018237 Issue: A certificate with a KeyIdentifier in the AuthorityKeyIdentifier extension, that also had an authCertSerialNumber but not a certissuer would be wrongfully rejected. Solution: Accept certificates that have KeyIdentifier in the AuthorityKeyIdentifier extension regardless of whether they have both authCertSerialNumber and certissuer or not. Expected Result: Certificates with a KeyIdentifier in the AuthorityKeyIdentifier extension not being rejected for having authCertSerialNumber only. (55yymmdd 201555-CR680) * Changes to prevent LogJam attack on the DHE key exchange Change Request: CR679 Case #: N/A Issue: When server sends a DH modulus smaller than 1024 bits, it might be susceptible to a LogJam attack. Solution: Send 2048 bit p modulus when acting as a server, and reject modulus smaller than 1024 bits when acting as a client. Expected Result: Server will be able to handle connections from clients that expect larger modulus, and client will reject smaller modulus received from a server. (55yymmdd 201555-CR679) * Fix the missing shutdown_nw() completion for an application when the send_nw for the closing alert completes with FE_EPIPE Change Request: CR669 Case #: 01968799 Issue: When an application issues ins_ssl_shutdown_nw() and the send_nw() for the closing alert sent by the library completes with the FE_EPIPE, the library doesn't send the shutdown completion to the application. Solution: Properly send the shutdown completion to the application when the send_nw() for the closing alert completes with the FE_PIPE. Expected Result: Application will receive a proper shutdown completion when the send_nw() for the closing alert completes with the FE_PIPE. (55150915 201555-CR669) Implementation: Move in the new SSLCLI/SSLSRV modules. Stop associated XPNET stations. Stop and re-start SSLCLI/SSLSRV processes. Re-start the previously stopped stations. Dependencies: None \need off;\need SCR #3664 SSLCLI - rel3_ver0_sslc30_151015 15-OCT-15 - T0000H06_03_STGSSLLIB_16OCT2015_V5R5_SPCL SSLSRV - rel3_ver0_ssls32_151015 - T0000H06_03_STGSSLLIB_16OCT2015_V5R5_SPCL Change Request: CR724 Issue: Incoming records with message sizes close to 16K in length were being incorrectly rejected when using the TLS 1.2 protocol. Solution: Ensure that TLS1.2 is added to TLS1.1 for checking the explicit initialisation vector is taken into account when checking the maximum plain text message length overflow. Expected Result: Received TLS records of size close to maximum of 16K not being rejected when using TLS 1.2. (56yymmdd 201556-CR724) scr #3672 TCPCLI/SSLCLI - rel3_ver0_sslc32_230316 23-mar-16 rel3_ver0_tcpc51_230316 Reference: Case #2225532 Symptom: A RECV_COMP event occurred while in the SEND_PEND state. Caused an impossible event 20. Problem: In the TCPCLI state machine code was not done to allow for a RECV_COMP in the SEND_PEND state logic. Change: Changed code to handle a RECV_COMP event in the SEND_PEND state. Implementation: Move in the new SSLCLI/TCPCLI modules. Stop associated XPNET stations. Stop and re-start SSLCLI/TCPCLI processes. Re-start the previously stopped stations. Dependencies: None. SCR #3678 SSLCLI - REL3_VER0_SSLC33_050716 05-JUL-16 SSLSRV - REL3_VER0_SSLS34_050716 SSLLIB - T0000G06_13_STGSSLLIB_27JUN2016_V5R5_SPCL Reference: case # 02335340 Symptom: The TLS 1.2 implementation does not send the signatue_algorithms extension Problem: if the client supports only the default hash and signature_algorithms it may omit the signature_algorithms extension. If the server doesn't have the certificate the connection closes. Change: A change was made to the ssllib. Implementation: Move in the new SSLCLI/SSLSRV module. Stop associated XPNET stations. Stop and re-start SSLCLI/SSLSRV processes. Re-start the previously Stopped stations. Dependencies: None.