A fix is available
APAR status
Closed as program error.
Error description
zOS FTP client or server configured to be secure using attls (TLSMECHANISM ATTLS) can fail with error '451 Transfer aborted due to file error'. The error only occurs when the zOS FTP client is receiving data from a secure server ; ie GET, or when the zOS FTP server is receiving data from an FTP client, ex client issued a PUT. The situation occurs when the sender of the file, sends an SSL secure shutdown (close alert) and does not send a FIN, but instead sends a reset on the FTP data connection. This error does not occur when the FTP client or server are secured using native SSL (TLSMECHANISM FTP).
Local fix
use FTP with native SSL (TLSMECHANISM FTP) or correct sender of data to ensure FIN is sent
Problem summary
**************************************************************** * USERS AFFECTED: * * All users of the IBM Communications * * Server for z/OS Version 2 Release 1 * * and Release 2: FTP * **************************************************************** * PROBLEM DESCRIPTION: * * An FTP data connection secured by ATTLS is transferring data * * inbound and at the end of the transfer is receiving * * 'EZA2590E recv error from receive_data - EDC8121I Connection * * reset. (errno2=0x74520442)' or '451 Transfer aborted due to * * receive error'. * **************************************************************** * RECOMMENDATION: * * Apply PTF. * **************************************************************** The problem can be summarized as follows: 1. During the termination of the FTP data connection, the remote peer sends an SSL Close Notify alert. 2. The local side will send a SSL Close Notify alert in response. 3. The remote peer in response sends a RST without an intermediate FIN causing a error to be reported to the application.
Problem conclusion
FTP code is updated to indicate a FTP data connection secured by ATTLS in order to allow RST arriving after the SSL Close_Notify alert to be ignored.
Temporary fix
Comments
APAR Information
APAR number
PI62054
Reported component name
TCP/IP V3 MVS
Reported component ID
5655HAL00
Reported release
210
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-05-06
Closed date
2016-07-25
Last modified date
2017-06-27
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PI63041 UI39622 UI39623
Modules/Macros
EZBPFIOC EZBTLFIO EZBTCRD EZBZTLSC EZAFTPFU EZBTCFRD EZBZTLSP
Fix information
Fixed component name
TCP/IP V3 MVS
Fixed component ID
5655HAL00
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"210","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSCY4DZ","label":"DO NOT USE"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"210","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
27 June 2017