IBM Support

PI21477: RDZ V8516 INTERNAL DEFECTS AND ENHANCEMENTS - RSE

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • RDZ V8516 INTERNAL DEFECTS AND ENHANCEMENTS - RSE
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: 01.All RDz users                             *
    *                 02.All RDz users using DBCS text             *
    *                 03.All RDz users using APPC TSO command      *
    *                    server                                    *
    *                 04.All RDz users who login by certificates   *
    *                 05.All RDz users                             *
    *                 06.All RDz users                             *
    *                 07.All RDz users                             *
    *                 08.All RDz users                             *
    ****************************************************************
    * PROBLEM DESCRIPTION: 01.When a long MVS filter name is       *
    *                         used, no data set information will   *
    *                         be displayed when the filter is      *
    *                         expanded.                            *
    *                      02.Host log shows unexpected message    *
    *                         U_BUFFER_OVERFLOW_ERROR              *
    *                      03.Passwords in APPC TSO command        *
    *                         server are visible                   *
    *                      04.User can login using revoked         *
    *                         certificate                          *
    *                      05.If an IO/security exception occurs   *
    *                         in RDz server while downloading a    *
    *                         big sequential data set,             *
    *                         *rejectLogon status that is marked   *
    *                         on a RDz server process sometimes    *
    *                         remains set.                         *
    *                      06.RDz receives one or more             *
    *                         ABEND878-10 in native LE HEAP        *
    *                         storage                              *
    *                      07.RSE daemon might enable the SSLv3    *
    *                         protocol if it was previously        *
    *                         disabled.                            *
    *                      08.RDz TSO shell incorrectly            *
    *                         translates "<" and ">"         *
    *                         strings to "<" and ">".              *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    01.The RDz server added wild card characters to a given filter
       string which included wild cards to find datasets, so that
       the filter length was longer than the limitation of the
       filter string.
    02.Host log shows unexpected message U_BUFFER_OVERFLOW_ERROR
       when the local code page is windows-31j or MS932 and the
       host code page is IBM-1390.
    03.When RDz server is configured to use APPC TSO command
       server, the passwords of the users who currently log in are
       visible in a memory dump image.
    04.A user can login using a revoked certificate via "Remote
       daemon" z/OS connection with certificate authentication
       method.
    05.When RDz client starts editing a big sequential data set, an
       RDz server process is marked *rejectLogon while downloading
       the content and it can be seen by display process console
       command. If an IO/security exception occurs while
       downloading it, *rejectLogon status sometimes remains set,
       and the process marked *rejectLogon does not handle a new
       client any more.
    06.RDz 9.1.0 of 31bit version has a memory leak in the trace
       code even if the trace is set to minimum (error only). RDz
       has another memory leak while opening a data set or a member
       in read mode.
    07.RSE daemon might enable the SSLv3 protocol if it was
       previously disabled. Note that RSE server does not, so SSLv3
       encrypted communication between client and host is not
       possible if SSLv3 is disabled for RSE server, even if RSE
       dameon enabled it.
    08.RDz TSO shell incorrectly translates "&lt;" and "&gt;"
       strings to "<" and ">".
    

Problem conclusion

  • 01.The RDz server was fixed to use proper length filters.
    02.The code is updated to allocate enough buffer not to cause
       U_BUFFER_OVERFLOW_ERROR.
    03.The code is updated to encrypt the passwords in APPC TSO
       command server.
    04.The code is updated to check the CRL on a LDAP server in a
       remote daemon connection.
    05.RDz server is updated to clear *rejectLogon status even if
       any exception occurs while downloading a big sequential data
       set.
    06.The code is updated to fix the memory leaks.
    07.RDz server is updated to always disable SSLv3.
    08.RDz client is updated to escape '&' and ';' characters,
       before the input string is encoded in xml data and is sent
       to server. RDz server is updated to unescape '&' and ';'
       characters, after the received xml data is decoded. Only if
       both client and server can handle them, they are actually
       escaped.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI21477

  • Reported component name

    RD/Z HOST

  • Reported component ID

    5724T0723

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-07-09

  • Closed date

    2015-01-20

  • Last modified date

    2015-02-05

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UI24911

Modules/Macros

  • FEKDSI   FEKFCMSG FEKFCORE FEKFCOR6 FEKFDIVP
    FEKFENVR FEKFLDSL FEKFMAIN FEKFMAI6 FEKFMINE FEKFTSO  FEKFZOS
    

Fix information

  • Fixed component name

    RD/Z HOST

  • Fixed component ID

    5724T0723

Applicable component levels

  • R850 PSY UI24911

       UP15/02/05 I 1000

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.



Document information

More support for: Rational Developer for System z

Software version: 8.5

Reference #: PI21477

Modified date: 05 February 2015