IMPLICIT SECURE CONNECTIONS ARE CLOSED UNEXPECTEDLY


 
 APAR Identifier ...... PI53104      Last Changed ........ 16/04/18
 IMPLICIT SECURE CONNECTIONS ARE CLOSED UNEXPECTEDLY
 
 Symptom ...... IN INCORROUT         Status ........... CLOSED  PER
 Severity ................... 2      Date Closed ......... 16/01/13
 Component .......... 5735FAL00      Duplicate of ........
 Reported Release ......... 540      Fixed Release ............ 999
 Component Name TCP/IP V2 FOR V      Special Notice
 Current Target Date ..              Flags
 SCP ...................
 Platform ............
 
 Status Detail: SHIPMENT - Packaged solution is available for
                           shipment.
 
 PE PTF List:
 
 PTF List:
 Release 540   : UI34487 available 16/02/04 (1000 )
 Release 620   : UI34462 available 16/02/04 (1000 )
 Release 630   : UI34463 available 16/02/03 (1000 )
 
 Parent APAR:
 Child APAR list:
 
 ERROR DESCRIPTION:
 The TCP/IP stack has been configured to protect connections for
 an application server using Impllicit TLS.  When client
 connections are attempted for this application, they are seen to
  close unexpectedly.  Initial problem investigation has shown
 that data supplied by the client is not being properly handled
 by the TCP/IP stack and its SSL server.
 
 LOCAL FIX:
 N/A
 
 PROBLEM SUMMARY:
 ****************************************************************
 * USERS AFFECTED: All users of the z/VM SSL server             *
 ****************************************************************
 * PROBLEM DESCRIPTION:                                         *
 ****************************************************************
 * RECOMMENDATION: APPLY PTF                                    *
 ****************************************************************
 The TCP/IP stack has been configured to protect connections for
 an application server using Impllicit TLS.  When client
 connections are attempted for this application, they are seen to
  close unexpectedly.  Initial problem investigation has shown
 that data supplied by the client is not being properly handled
 by the TCP/IP stack and its SSL server.
 
 PROBLEM CONCLUSION:
 SSL/TLS server is updated to check the received SSL header, and
 determine whether it is necessary to reassemble the data based
 on the content of the SSL header and application data.
 
 TEMPORARY FIX:
 
 COMMENTS:
  **** PE16/04/11 FIX IN ERROR. SEE APAR PI60636  FOR DESCRIPTION
 
 MODULES/MACROS:   SSLADMIN SSLADMIO SSLADMNP SSLCACHE SSLCTLIO
 SSLDPUMP SSLDSPTC SSLGSKCF SSLMNTOR SSLPARGS SSLSCBEX SSLSTART
 SSLTOOLS SSLTRACE SSLTRSIT
 
 SRLS:      NONE
 
 RTN CODES:
 
 CIRCUMVENTION:
 
 MESSAGE TO SUBMITTER: