TELNET SCEXIT INPUT PARAMETERS CONTAIN INVALID IPV4 ADDRESS
APAR Identifier ...... PI74049 Last Changed ........ 17/08/25
TELNET SCEXIT INPUT PARAMETERS CONTAIN INVALID IPV4 ADDRESS
Symptom ...... IN INCORROUT Status ........... CLOSED PER
Severity ................... 4 Date Closed ......... 17/01/23
Component .......... 5735FAL00 Duplicate of ........
Reported Release ......... 630 Fixed Release ............ 999
Component Name TCP/IP V2 FOR V Special Notice
Current Target Date .. Flags
SCP ...................
Platform ............
Status Detail: SHIPMENT - Packaged solution is available for
shipment.
PE PTF List:
PTF List:
Release 630 : UI44163 available 17/01/25 (1701 )
Release 640 : UI44164 available 17/01/25 (1000 )
Parent APAR:
Child APAR list:
ERROR DESCRIPTION:
When the TELNET Session Connection Exit is enabled and TELNET
connections are statically (implicitly) secured, the input
parameters that are passed in incorrectly indicate that the
connection is coming from an IPv6 address and the IPv4 address
field is set to all zeroes.
LOCAL FIX:
PROBLEM SUMMARY:
****************************************************************
* USERS AFFECTED: All users of the z/VM TELNET server *
****************************************************************
* PROBLEM DESCRIPTION: *
****************************************************************
* RECOMMENDATION: APPLY PTF *
****************************************************************
When the TELNET Session Connection Exit is enabled and TELNET
IPv4 connections are statically (implicitly) secured, the input
parameters that are passed to the exit incorrectly indicate that
the connection is coming from an IPv6 address and the IPv4
address field is set to all zeroes.
PROBLEM CONCLUSION:
TNTOTCP is updated to check the local and foreign IPv4 address,
and also check the IPv4-mapped address format to determine
the type of connection. The IPv6Flag is then set
appropriately. After passing the new local/foreign IPv4
address and IPv6Flag value to the DoSCExit routine, the TELNET
Session Connection Exit will show the correct IPv4 address info
for statically/implicitly secured connections.
While testing the exit with the updated code, the Cipher data
for implicitly secured IPv4 connections was not being passed
correctly. File TNSTMAS has been updated to report Cipher data
of 'Implicitly Secured' for statically/implicitly secured
connections.
Testing the exit with the updated code for IPv6
connections revealed that the local and foreign IPv6 addresses
were not being passed correctly. The SCEXIT assemble file has
been updated to correctly parse the local/foreign IPv6 addresses
and Cipher data.
TEMPORARY FIX:
COMMENTS:
MODULES/MACROS:
SCEXIT TNSTMAS TNTOTCP
SRLS:
NONE
RTN CODES:
CIRCUMVENTION:
MESSAGE TO SUBMITTER: