ECO NUMBER: ALPDCE04_014 ----------- PRODUCT: Digital Distributed Computing Environment (DCE) for OpenVMS 1.4 -------- UPDATED PRODUCT: Digital Distributed Computing Environment (DCE) for OpenVMS 1.4 ---------------- APPRX BLCK SIZE: 29916 ---------------- COVER LETTER 1 KIT NAME: ALPDCE04_014 2 KITS SUPERSEDED BY THIS KIT: ALPDCE03_014 3 KIT DEPENDENCIES: 3.1 The following remedial kit(s) must be installed BEFORE installation of this, or any required kit: None. 3.2 In order to receive all the corrections listed in this kit, the following remedial kits should also be installed: None. 4 KIT DESCRIPTION: 4.1 Version(s) of OpenVMS to which this kit may be applied: OpenVMS Alpha V6.2, V6.2-1H2, V6.2-1H3, V7.1, V7.1-1H1, V7.1-1H2 4.2 Files patched or replaced: o [SYSEXE]DCE$DCE$ACL_EDIT.EXE (new image) o [SYSEXE]DCE$DCE$ADD_ID.EXE (new image) o [SYSEXE]DCE$DCE$CADUMP.EXE (new image) o [SYSEXE]DCE$CDSADV.EXE (new image) o [SYSEXE]DCE$CDSBROWSER.EXE (new image) o [SYSEXE]DCE$CDSCLERK.EXE (new image) o [SYSEXE]DCE$CDSCP.EXE (new image) o [SYSEXE]DCE$CDSD.EXE (new image) o [SYSEXE]DCE$CHECK.EXE (new image) -- COVER LETTER -- Page 2 17 September 1999 o [SYSEXE]DCE$CHPASS.EXE (new image) o [SYSEXE]DCE$DCE_LOGIN.EXE (new image) o [SYSHLP.EXAMPLES.DCE.DTSS]DCE$DTS_PROVIDER_HOPF.EXE (new image) o [SYSEXE]DCE$DTSCP.EXE (new image) o [SYSEXE]DCE$DTSD.EXE (new image) o [SYSEXE]DCE$EXPORT.EXE (new image) o [SYSEXE]DCE$GDAD.EXE (new image) o [SYSEXE]DCE$CDSGETCELLS.EXE (new image) o [SYSEXE]DCE$IDL.EXE (new image) o [SYSLIB]DCE$IDL_CXX_SHR.EXE (new image) o [SYSMSG]DCE$IL_MSG.EXE (new image) o [SYSEXE]DCE$IMPORT.EXE (new image) o [SYSEXE]DCE$KDESTROCY.EXE (new image) o [SYSLIB]DCE$KERNEL.EXE (new image) o [SYSEXE]DCE$KINIT.EXE (new image) o [SYSEXE]DCE$KLIST.EXE (new image) o [SYSLIB]DCE$LGI_CALLOUTS.EXE (new image) o [SYSLIB]DCE$LIB_SHR.EXE (new image) o [SYSEXE]DCE$NSEDIT.EXE (new image) o [SYSLIB]DCE$NSEDIT_SHR.EXE (new image) o [SYSEXE]DCE$NSID.EXE (new image) o [SYSEXE]DCE$RGY_EDIT.EXE (new image) o [SYSEXE]DCE$RPCCP.EXE (new image) o [SYSEXE]DCE$RPCD.EXE (new image) o [SYSEXE]DCE$RPCLM.EXE (new image) o [SYSEXE]DCE$SECD.EXE (new image) o [SYSEXE]DCE$SEC_ADMIN.EXE (new image) -- COVER LETTER -- Page 3 17 September 1999 o [SYSEXE]DCE$SEC_CLIENTD.EXE (new image) o [SYSEXE]DCE$SEC_CREATE_DB.EXE (new image) o [SYSEXE]DCE$SEC_SETUP.EXE (new image) o [SYSLIB]DCE$SOCKSHR_DNET_IV.EXE (new image) o [SYSLIB]DCE$SOCKSHR_DNET_OSI.EXE (new image) o [SYSLIB]DCE$SOCKSHR_IP.EXE (new image) o [SYSLIB]DCE$SOCKSHR_TPS.EXE (new image) o [SYSEXE]DCE$SX.EXE (new image) o [SYSUPD]DCE$SEC_TAILOR.EXE (new image) o [SYSEXE]DCE$SEC_UAF.EXE (new image) o [SYSUPD]DCE$UAF_CONVERT.EXE (new image) o [SYSLIB]DCE$UAF_SHR.EXE (new image) o [SYSLIB]DCE$UTIL_SHR.EXE (new image) o [SYSEXE]DCE$UUIDGEN.EXE (new image) o [SYSEXE]DCE$X500_ADDCELL.EXE (new image) o [SYSEXE]DTSS$GRAPH.EXE (new image) o [SYSLIB]DTSS$RUNDOWN.EXE (new image) o [SYSEXE]DTSS$SET_TIMEZONE.EXE (new image) o [SYSLIB]DTSS$SHR.EXE (new image) o [DCE$LIBRARY]DCE_CF.H o [SYSMGR]ANL.COM o [SYSMGR]DCE$SETUP.COM o [SYSMGR]DCE$SETUP_PATHWAY.COM o [SYSMGR]DCE$SETUP_UCX.COM o [SYSMGR]DCE$SETUP_MULTINET.COM o [SYSHLP.EXAMPLES.DCE.DTSS]DCE$DTS_PROVIDER.C -- COVER LETTER -- Page 4 17 September 1999 5 PROBLEMS ADDRESSED IN ALPDCE04_014 KIT o DCE daemons and DCE user applications terminate abnormally due to with page file exhaustion. For Example, DCE endpoint mapper, DCE$RPCD, aborts unexpectedly on systems where DECnet OSI is a supported DCE protocol. Examination of the rpcd out file shows insufficient dynamic memory errors. $ type Dce$Specific:[Var.Rpc.Adm]DCE$RPCD.Out (socket) (SOCKET_MEM_ALLOC) *** FATAL ERROR at SOCKMEM.C;1\293 *** %SYSTEM-F-INSFMEM, insufficient dynamic memory%CMA-F-EXCCOP, exception raised; VMS condition code follows Please note, there are still memory management problems with DCE when DCEnet OSI as used as a transport. If you site requires 24 by 7 operation, it you can disable DECnet OSI as a DCE protocol if you have no application requirementto use OSI. Installation of the DECthreads kit, ALPTHREADS04_071 is highly recommended on Alpha V7.1 systems. Page file leakage of DCE process is greatly reduced after the installation of the ALPTHREADS04_071 kit. o When a dce_login is performed, six files are created in the credentials cache directory, DCE$SPECIFIC:[VAR.SECURITY.CREDS]. An example is the following files: 16 029D9101.;2 1-OCT-1998 15:28:18.37 17 029D9101.;1 1-OCT-1998 15:28:17.76 18 029D9102.;1 1-OCT-1998 15:28:19.27 19 029D9200.;1 1-OCT-1998 15:28:19.02 20 029D9200.DATA;1 1-OCT-1998 15:28:19.38 21 029D9200.NC;1 1-OCT-1998 15:28:19.18 After a kdestroy, two files remain from the original login. In the login example above, the following files are left: 16 029D9101.;1 1-OCT-1998 15:28:17.76 17 029D9102.;1 1-OCT-1998 15:28:19.27 o DCE login fails when the input for the password is not obtained from a terminal. The login fails with the error below: $ rgy_edit Current site is: registry server at /.../adu26a_cell/subsys/dce/sec /master l cell_admin -dce- login: Credentials cache I/O operation failed XXX Error in input password. Login failed. exit bye -- COVER LETTER -- Page 5 17 September 1999 o Every one hour, the sec_clientd daemons deletes stale credentials files out of the DCE credentials cache directory. If run in debug mode, the daemons deletes the files every five minutes. The interval is not adjustable. Changes were made to make the interval adjustable between 5 minutes and one hour. The interval cannot be greater than 60 minutes or less than 5 minutes. To set the interval, define the logical FCC_CCACHE_CLEANUP_INTERVAL, to the number of minutes between cache cleanups. The logical may be defined at the system level, or may be defined in the sec_clientd startup command procedure. If you change the interval while the security client daemon is running, the new interval will be effective after the next credentials cache cleanup. o A new version of TCP/IP services for OpenVMS is shipping which eliminates some of the UCX commands used by the DCE$SETUP.COM and DCE$SETUP_UCX.COM procedures. o Updates to multinet changed the BGO device characteristics breaking old logic checking if multinet was installed. o An account created from a V1.4 or V1.5 OpenVMS system via rgy_edit caused a principal unknown error to be returned from a NT 2.2 or UNIX 3.0 system when the principal account was used in an rpc_binding_set_auth_info() call. o Attempting to restart a DCE server with a well known endpoint, such as RPCD (port 135) or PERF server (port 2001) fails with an "unable to bind socket" error, when there is no process using the port. Restart of RPCD could fail with a message that RPCD was already running. Client incoming packets referencing the well-known endpoint create Port Control Blocks for the endpoint. A socket cannot be bound to a port with an existing PCB unless the SO_REUSEADDRESS socket option is set. 6 PROBLEMS ADDRESSED IN ALPDCE03_014 KIT o Configuring an OpenVMS DCE 1.4 client into a Gradient server running on NT 4.0 results in the following error: Establishing security environment for principal "cell_admin" . . . **************************** ERROR **************************** *** An error occurred while setting up the security environment *** using principal name "cell_admin" Error: Cannot validate identity for principal "cell_admin" who are you failed (dce / rpc) 236094202 %SYSTEM-F-ABORT, abort -- COVER LETTER -- Page 6 17 September 1999 o Servers abort with the following error messages: + Listening... (socket) rpc__socket_disp_select *** FATAL ERROR at SOCKDISPATCH.C;1\3668*** %CMA-F-EXCCOP, exception raised; VMS condition code follows -SYSTEM-F-OPCCUS, opcode reserved to customer fault at PC=FFFFFFFF80538638,PS=0 %SYSTEM-F-ABORT, abort o User applications passing fixed arrays containing structures between Alpha OpenVMS and other platforms encounter corruption in the array contents. o IDL compiler does not find file in a search list: $ define idl_sources W1:[GUY.DCE_EXAMPLES.TEST1], W1:[GUY.DCE_EXAMPLES] $ Directory W1:[GUY.DCE_EXAMPLES.TEST1] TEST1.IDL;1 3/3 6-JAN-1993 10:54:38.21 (RWED,RWED,,RE,) Total of 1 file, 3/3 blocks. $ sho log idl_sources "IDL_SOURCES" = "W1:[GUY.DCE_EXAMPLES.TEST1]" (LNM$PROCESS_TABLE) = "W1:[GUY.DCE_EXAMPLES]" $ set def idl_sources $idl test1 %IDL-E-OPENREAD, Unable to open idl_sources:[guy]test1.idl for read access %IDL-E-SYSERRMSG, System error message: no such file or directory %IDL-F-COMPABORT, Compilation aborted 7 PROBLEMS ADDRESSED IN ALPDCE02_014 KIT o The ALPDCE01_014 remedial kit did not install on OpenVMS Alpha hardware versions. The ALPDCE02_014 remedial kit corrects this. -- COVER LETTER -- Page 7 17 September 1999 8 PROBLEMS ADDRESSED IN ALPDCE01_014 KIT o When the security server is not running, sec_login_refresh_identity() returns an undocumented status code, 336760967. The documentation states that the sec_rgy_server_unavailable status code should be returned. Example programs from OSF and other vendors show the refresh thread testing for the sec_rgy_server_unavailable status to determine if the refresh should be retried o Executing any RPCLM command results in a fault invalid bound message on Alpha systems. $RPCLM String Binding of Server:ncadg_ip_udp:16.32.80.42[2301] RPCLM> inq %CMA-F-EXCCOPLOS, exception raised; some information lost -DCERPC-E-FAULTINVALIDBOU, fault invalid bound (DCE / RPC) o In the directory DCE$SPECIFIC:[KRB5] there are hundreds of versions of KRB5KDC_RCACHE created in it by the DCE$SECD process. These files do get cleaned up during a CLEAN operation but, they are not cleaned up during a start or restart of DCE. o If you do not include prior to including the header will not compile because it uses the datatype FILE*. o Attempting a kinit on an OpenVMS system results in the error below: $ kinit cell_admin $5$dkb0:[sys0.syscommon.][sysexe]dce$kinit.exe;4: Malformed representation of principal when parsing name T@ o When an 'Illegal state transition' occurs, the correct state is not reported. The code clobbered the state before reporting it. A state of 255 is reported and is meaningless because it is the code for No State. o Print 4 digit years on output from DCE processes. Allow four digit data inputs from DCE administration functions. Fix leap year calculations for years after 2017. o It has been discovered that OSF/DCE has a potential problem in the security server that could allow for a denial of service attack. -- COVER LETTER -- Page 8 17 September 1999 If a principal, group, or organization is greater than 1024 characters (including the cell name, so the actual name limit is less than 1024) when passed to security daemon (secd), it will cause secd core dump. The buffer is overrun causing memory corruption. In certain cases, the lookup attempt (or add or whatever) on the client will then rebind to another secd to make the request, eventually crashing all security daemons in the cell. o The new Pathway IP version can cause DCE setup to abort abruptly with error messages. Pathway changes the output of an image that returns the Pathway version. This causes output parsing routines to fail because they search for runtime on the line containing the version. 9 KIT INSTALLATION RATING: The following kit installation rating, based upon current CLD information, is provided to serve as a guide to which customers should apply this remedial kit. (Reference attached Disclaimer of Warranty and Limitation of Liability Statement) INSTALLATION RATING: INSTALL_2 : To be installed by all customers using the following feature(s): This remedial kit contains many Year 2000 related fixes. Any customer running DCE must install this kit. 10 INSTALLATION INSTRUCTIONS: This kit is supplied as a self extracting ZIP file. Use the following command to expand the kit into its VMSINSTAL savesets: $ Run ALPDCE04_014.ZIPEXE Once the kit is expanded, install it with the VMSINSTAL utility by logging into the SYSTEM account, and typing the following at the DCL prompt: @SYS$UPDATE:VMSINSTAL ALPDCE04_014 [location of the saveset] The saveset location may be a tape drive, CD, or a disk directory that contains the kit saveset. No reboot is necessary after successful installation of the kit. Copyright (c) Compaq Computer Corporation, 1999 All Rights Reserved. Unpublished rights reserved under the copyright laws of the United States. The software contained on this media is proprietary to and embodies the confidential technology of Compaq Computer Corporation. Possession, use, or dissemination of the software and media is authorized only pursuant to a valid written license from Compaq Computer Corporation. -- COVER LETTER -- Page 9 17 September 1999 DISCLAIMER OF WARRANTY AND LIMITATION OF LIABILITY THIS PATCH IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE EXTENT PERMITTED BY APPLICABLE LAW. IN NO EVENT WILL COMPAQ BE LIABLE FOR ANY LOST REVENUE OR PROFIT, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, WITH RESPECT TO ANY PATCH MADE AVAILABLE HERE OR TO THE USE OF SUCH PATCH.