PRG005 ABEND IN SSL SERVER - ADDRESSING EXCEPTION
APAR Identifier ...... PI81314 Last Changed ........ 17/11/24
PRG005 ABEND IN SSL SERVER - ADDRESSING EXCEPTION
Symptom ...... AB ABEND Status ........... CLOSED PER
Severity ................... 2 Date Closed ......... 17/08/09
Component .......... 5735FAL00 Duplicate of ........
Reported Release ......... 640 Fixed Release ............ 999
Component Name TCP/IP FOR Z/VM Special Notice
Current Target Date .. Flags
SCP ...................
Platform ............
Status Detail: SHIPMENT - Packaged solution is available for
shipment.
PE PTF List:
PTF List:
Release 540 : UI49437 available 17/08/10 (1000 )
Release 630 : UI49438 available 17/08/10 (1000 )
Release 640 : UI49439 available 17/08/10 (1702 )
Parent APAR:
Child APAR list:
ERROR DESCRIPTION:
An addressing exception occurred in an assertion block in part
SSLDSPTC which is checking to see if a file descriptor is about
to be orphaned.
Lines similar to the following are displayed on the TCP/IP
console:
-> 099928FA L 58115028 ???????? CC 0
*** 099928FA PROG 0005 -> 0139B238 ADDRESSING
LOCAL FIX:
N/A
PROBLEM SUMMARY:
****************************************************************
* USERS AFFECTED: All z/VM TCP/IP users that secure *
* connections via SSL. *
****************************************************************
* PROBLEM DESCRIPTION: *
****************************************************************
* RECOMMENDATION: APPLY PTF *
****************************************************************
The main job of the SSL server is to transparently pass data
between two file descriptors (in both directions). One file
descriptor is a cleartext socket going to an application on
the local system and the other is an SSL protected or
cleartext socket to a remote partner.
There is a code block in the SSL server that detects when
one of the file descriptors is going to be orphaned (it is
still open but is disabled for select processing). The
file descriptor is used as an index into a storage block.
In this case, the file descriptor is -1 indicating that it
has already been closed. Using -1 as an index into the
storage block results in a PROG 5 (addressing exception).
PROBLEM CONCLUSION:
The code block that tests to see if a file descriptor is
orphaned should only get control if both file descriptors are
still open. In this case, one was open and one was closed.
The h_rdr_sslio routine in part SSLDPUMP C has been updated
to avoid orphaning a connection by closing a file descriptor
that still has a handler specified but will never be woken
up because the partner is gone. This will ensure that the
code block that checks for orphaned file descriptors will
not get control when one of the file descriptors is closed.
In addition to the SSLDPUMP C update, the code block in
SSLDSPTC C that checks for orphaned file descriptors has
been modified so that instead of asserting in this case
and bringing down the SSL server, a message is issued to
call attention to this situation.
TEMPORARY FIX:
COMMENTS:
MODULES/MACROS:
SSLDPUMP SSLDSPTC
SRLS:
NONE
RTN CODES:
CIRCUMVENTION:
MESSAGE TO SUBMITTER: