IBM Support

PQ85905: TELNET SSL CLIENT ERROR DURING HANDSHAKE PROCESSING RESULTS IN LOW CORE OVERLAY.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Telnet client begins a connection.  The HandShake completes and
    the Server is expecting normal data from the client.  However,
    the client sends in a surprise SSL V2 Client Hello. This results
    in an overlay of the CVT by OMVS due to a call by SSL with an
    OAPB of X'800000'.
    .
    .
    Sample Traceback data from a dump would resemble:
    .
    Entry         E Addr    E  Offset Stmt   Load Mod   Status
    getpid        06C25FB0  -06C25FAA        CEEEV003   Call
    gsk_getpid()  3A238EC8  +00000052        GSKNM002   Call
    SetNewSessionID(unsigned char*,unsigned int,long,SSLSockAddr
                  3A057A90  +00000198        GSKNM006   Call
    SSLSIDCache::getSessionData(SSLSessionHandle*,const unsigned
                  3A0627B0  +000004FE        GSKNM006   Call
    sidCacheLookup(int,SSLSessionHandle*,unsigned int*,const uns
                  3A0589D8  +000001EE        GSKNM006   Call
    SendV3ServerHello(SSLHandle*)
                  3A070F20  +000006E0        GSKNM006   Call
    SSL_Receive(SSLHandle*,void*,int)
                  3A06AA70  +00000696        GSKNM006   Call
    gsk_secure_soc_read
                  39FAD320  +00000514        GSKNM006   Call
    SKREAD1       3954BF68  +00000086        EZBTTSSL   Call
    SKREAD        3954D8E0  +00000090        EZBTTSSL   Call
    CEEPIPI       00019A98  +000051D2        CEEPIPI    Call
    

Local fix

  • Identify failing ipaddr contained in console error message
      EZZ6034I TELNET CONN nnnnnnnn LU **N/A** CONN DROP ERR 6002
               IPADDR..PORT
    Disconnect from network.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All users of Communications Server           *
    *                 for OS390 Release  10, z/OS Version 1        *
    *                 Release 2, Version 1 Release 4 and           *
    *                 Version 1 Release 5 IP Telnet                *
    *                 facilities.                                  *
    ****************************************************************
    * PROBLEM DESCRIPTION: Numerous abends occur in many tasks     *
    *                      after the CVT is overlaid by OMVS due   *
    *                      to an OAPB Reg2 having X'80000000' in   *
    *                      it.                                     *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    ABEND0C6 in Catalog task and ABEND0C4 in BPX1JSRB due to having
    a call in SRB mode from SSL with the OAPB pointer is
    X'80000000'. OMVS overlays the CVT then. Many tasks abend
    following this, and the system must be IPLed to get out of it.
    A client connects to Telnet over a secure port and SSL is set
    up. After the handshake is complete, the client sends in
    a SSLV2 Cclient Hello (X'804601'). This gets passed to System
    SSL, where a new socket is attempted and a Getpid call
    is made to OMVS where the overlay occurs.  Telnet already
    prevents this for an SSLV3 client.
    
    +-------------------------------------------------------------+
    + Please check our Communications Server for OS/390 homepages +
    + for common networking tips and fixes.  The URL for these    +
    + homepages can be found in Informational APAR II11334.       +
    +-------------------------------------------------------------+
    

Problem conclusion

  • EZBTTSRV will be changed to check for the SSLV2 Client Hello
    and if Handshake is already complete, will close the
    connection with error return code of 6018.
    This will prevent the overlay from being done.
    
    * Cross Reference between External and Internal Names
    

Temporary fix

  • *********
    * HIPER *
    *********
    

Comments

APAR Information

  • APAR number

    PQ85905

  • Reported component name

    TCP/IP V3 MVS

  • Reported component ID

    5655HAL00

  • Reported release

    120

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    YesHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2004-03-11

  • Closed date

    2004-03-16

  • Last modified date

    2004-05-05

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UQ86270 UQ86271 122PC5Ÿ UQ86272 102PC0Ÿ UQ86273 102PC0Ÿ PQ88133

Modules/Macros

  • EZBTTSRV EZBZTPCD
    

Fix information

  • Fixed component name

    TCP/IP V3 MVS

  • Fixed component ID

    5655HAL00

Applicable component levels

  • R120 PSY UQ86270

       UP04/04/08 P F404 Ž

  • R140 PSY UQ86271

       UP04/04/08 P F404 Ž

  • R150 PSY UQ86272

       UP04/04/08 P F404 Ž

  • R50A PSY UQ86273

       UP04/04/08 P F404 Ž

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"120","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSCY4DZ","label":"DO NOT USE"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"120","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
05 May 2004