IBM Support

PI27764: EZBTCRD (UI16041 14.073)+018BE4 S0C4/00000 WHEN RUNNING AT-TLS

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as unreproducible in next release.

Error description

  • A timing window exists in AT-TLS which can cause data to be
decrypted
when processing inbound data and a SRB to be scheduled to
decrypt the same data.  The SRB will not find any data to
decrypt and will abend.  The timing window exists if data
arrives in to be decrypted after AT-TLS already scheduled a SRB
to decrypt data.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED: All users of the IBM Communications Server   *
*                 for z/OS Version 1 Release(s) 13 IP:         *
*                 ATTLS                                        *
****************************************************************
* PROBLEM DESCRIPTION: EZBTCRD abends processing an ATTLS      *
*                      connection because there is no data     *
*                      available to be decrypted.              *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Encrypted data arrives while the SSL handshake is completing.
A timing window exists where two threads can try to decrypt
data.  This can cause the second thread to abend because
there is no data available on the TLSX receive queue to
decrypt.
+-------------------------------------------------------------+
+ Please check our Communications Server for OS/390 homepages +
+ for common networking tips and fixes.  The URL for these    +
+ homepages can be found in Informational APAR II11334.       +
+-------------------------------------------------------------+

    



Problem conclusion


    

  • 



Temporary fix


    

  • 



Comments


    

  • ATTLS is updated to set a flag which will prevent decryption
from scheduling decryption until the SSL handshake is
complete.
This APAR contains the fix for defect 21941.

    



APAR Information




    

  • APAR number
    PI27764
    • 

  • Reported component name
    TCP/IP V3 MVS
    • 

  • Reported component ID
    5655HAL00
    • 

  • Reported release
    1D0
    • 

  • Status
    CLOSED  UR1
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2014-10-15
    • 

  • Closed date
    2014-10-28
    • 

  • Last modified date
    2015-07-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UI22548
    

    • 



Modules/Macros


    

  •    EZBTLCWK EZBTLWRQ EZBZTLUT

    



Fix information


    

  • Fixed component name
    TCP/IP V3 MVS
    • 

  • Fixed component ID
    5655HAL00
    • 



Applicable component levels


    

  • R1D0  PSY  UI22548
       UP15/06/08  P  F506
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            30 April 2020
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback