IBM Support

PI25167: EZBTCRD S0C4/00000 WHEN RUNNING AT-TLS

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as unreproducible in next release.

Error description

  • A timing window exists in AT-TLS which can cause data to be
decrypted when processing inbound data and a SRB to be scheduled
to decrypt the same data.  The SRB will not find any data to
decrypt and will abend.  The timing windows exists if data
arrives in to be decrypted after AT-TLS already scheduled a SRB
to decrypt the data.

Local fix

  • none
.
KEYWORDS: SYSROUTE OF: PI27764

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* All users of the IBM Communications Server for z/OS Version  *
* 2 Release(s) 1 IP: ATTLS                                     *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* EZBTCRD abends processing an ATTLS connection because there  *
* is no data available to be decrypted.                        *
****************************************************************
* RECOMMENDATION:                                              *
* Apply PTF.                                                   *
****************************************************************
Encrypted data arrives while the SSL handshake is completing.  A
timing window exists where two threads can try to decrypt data.
This can cause the second thread to abend because there is no
data available on the TLSX receive queue to decrypt.

Problem conclusion

  • ATTLS is updated to set a flag which will prevent decryption
from scheduling decryption until the SSL handshake is complete.

Temporary fix

  • 



Comments


    

  • This is a logical route of PI27764.
This APAR contains the fix for defect 21941

    



APAR Information




    

  • APAR number
    PI25167
    • 

  • Reported component name
    TCP/IP V3 MVS
    • 

  • Reported component ID
    5655HAL00
    • 

  • Reported release
    210
    • 

  • Status
    CLOSED  UR1
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2014-09-05
    • 

  • Closed date
    2015-06-08
    • 

  • Last modified date
    2015-07-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    
PI24894
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UI28306
    

    • 



Modules/Macros


    

  • EZBTLWRQ EZBTLCWK

    



Fix information


    

  • Fixed component name
    TCP/IP V3 MVS
    • 

  • Fixed component ID
    5655HAL00
    • 



Applicable component levels


    

  • R210  PSY  UI28306
       UP15/06/23  P  F506
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 May 2020
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback