PEPI73495 SECURE DATA TRANSFER FAILS ON CLIENT RST
APAR Identifier ...... PI83658 Last Changed ........ 17/11/24
PEPI73495 SECURE DATA TRANSFER FAILS ON CLIENT RST
Symptom ...... IN INCORROUT Status ........... CLOSED PER
Severity ................... 3 Date Closed ......... 17/09/26
Component .......... 5735FAL00 Duplicate of ........
Reported Release ......... 630 Fixed Release ............ 999
Component Name TCP/IP FOR Z/VM Special Notice PE
Current Target Date .. Flags
SCP ...................
Platform ............
Status Detail: SHIPMENT - Packaged solution is available for
shipment.
PE PTF List: UI44534
PTF List:
Release 540 : UI50713 available 17/10/05 (1000 )
Release 630 : UI50714 available 17/10/05 (1000 )
Release 640 : UI50715 available 17/10/05 (1702 )
Parent APAR:
Child APAR list:
ERROR DESCRIPTION:
When a RST is done on a secure connection, it is propogated
through the SSL server deleting any data currently in the
buffers that has not been sent. This could lead to data
transfer failures,
LOCAL FIX:
N/A
PROBLEM SUMMARY:
****************************************************************
* USERS AFFECTED: All users of z/VM TCP/IP *
****************************************************************
* PROBLEM DESCRIPTION: *
****************************************************************
* RECOMMENDATION: APPLY PTF *
****************************************************************
PI73495 changed code in the TCP/IP stack to ensure that both
halves of an SSL connection were reset when a client or server
performed a TCP reset. Unfortunately, there are times when
this stack-issued reset occurs before all of the data in the
pipeline has been consumed which causes data transfer failures
for some FTP clients.
PROBLEM CONCLUSION:
To eliminate the problem introduced by PI73495, code has been
updated to implement a short (1 second) delay between when
the stack receives a TCP reset from a client and when the stack
resets the other half of the connection. This provides enough
time for the pipeline to be cleared of any previously received
data prior to resetting the connection.
TEMPORARY FIX:
COMMENTS:
MODULES/MACROS:
CMNETST TCACB TCBASTY TCMON TCPEQUAT TCPRINT TCPSSL
TCPUP TCQUEUE TCTCB TCUTIL
SRLS:
NONE
RTN CODES:
CIRCUMVENTION:
MESSAGE TO SUBMITTER: