***************************************** ECO SUMMARY INFORMATION ***************************************** Release Date: September 9, 2005 Kit Name: ALP_DNVOSIECO17-V0603 Kit Applies To: OpenVMS Alpha V6.2 Approximate Uncompressed Kit Size: 74752 Blocks Installation Rating: INSTALL_2 Kits Superseded By This Kit: ALP_DNVOSIECO15-V0603 Kit Dependencies: None System Reboot Necessary: Yes Checksum of Compressed Kit: 1864220407 Release Notes for ECO17 DECnet/OSI V6.3 for OpenVMS Alpha This ECO applies to DECnet/OSI V6.3 systems only. To verify that you are running the correct version of DECnet/OSI, enter the following NCL command: NCL SHOW IMPLEMENTATION The version is: DECnet/OSI for OpenVMS Version V6.3. Installation Caution After you install this ECO kit, an error in the POLYCENTER Software Installation (PCSI) prevents installation of the OSAK SPI Interface V3.0. The X.25 and OSAK PCSI installations require DECnet/OSI V6.3, which causes the installation process to remove DNVOSIECO11. This situation leaves the system without a SYS$NETWORK_SERVICES.EXE file. Therefore, the system cannot be rebooted. You must preserve the original installation order, indicated below. This will be corrected in a future release. Installation Order Place each PCSI kit in a unique source directory: 1) DECNET_OSI V6.3 /Source=[KITS.DECNET] 2) X.25 V1.0-G /Source=[KITS.X25] 3) OSAK V3.0 /Source=[KITS.OSAK] 4) FTAM V3.2 /Source=[KITS.FTAM] 5) DNVOSIECO17 V6.3 /Source=[KITS.ECO] ------------------------------------------------------------------------------- A. Corrections for Base Components Corrections made to SYS$LIBRARY:CDI$SHR.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 01:38:02.65 - Added ability to close NET$LOCAL_NAME_DATABASE.DAT after each use (see NET$LOGICALS.COM for more information). - Improved sticky bit processing. Corrected error seen when full name was changed but synonym was not. The synonym was incorrectly referencing the old full name. - Modified code to return first portion of IP fully-qualified name as the synonym. ECO16: - Prevent loop on possible unexpected BG device error. - Improve CDI cache short term checkpoint interval processing. ECO15: - Domain name search path processing does not require DOMAIN:. - Include support for Common Directory Service Dynamic Cache. - Deassign BG device for TCP/IP restart. - Add support for sticky cache entry. - Set default cache expiration timer to 0 (i.e., infinite). (Previously the default was either 7 or 30 days) - Convert old V1.0 and V2.2 cache files to V2.3 cache files to preserve cache with upgrades. - Allow sticky cache entry even when sys$fullname is not defined. - ASTs needed to be disabled longer to protect the node information data structures from being corrupted. - Modify cache write logic around sticky bit changes. - Prevent access violations for some string manipulations in CDI search path. - Prevent system crash on return to session control with an invalid node parameter. - Allow DOMAIN to return a compressed name from the fully qualified domain full name. - Properly re-open the TCP/IP BG device channel for the TCP/IP DOMAIN lookups. - Prevent memory leak when looking up a null node name. Corrections made to SYS$SYSTEM:CTF$DCP.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:00:50.05 - Corrected SSRVEXCEPT system crash at V_IOC$INIT_IO_BRIDGE\CTF$DCP when CTF tracing is used. This occurs because of a timing problem in CTF whereby a trace if being terminated but the routine in question does not know that it data structure infrastructure is being pulled out from under it. - Prevent possible system crash during CTF START /LIVE "SESSION PORT *" command by correcting deallocation logic for trace records and CTF work queue elements in CTF$DISPATCH. ECO15: - Modify trace to collect remote records in the trace file, alpha only. - Modify collector to keep more trace records. - Add spinlocks so that two undeclare threads are forced to run serially in SMP environments. - Prevent possible system crash with invalid tracepoint address. - Prevent possible access violation on an illegal command. Corrections made to [SYSLIB]CTF$OSITP_ANALYZE.EXE: Image Identification: "I-10" 20-APR-2005 02:12:59.32 - Corrected a INVEXCEPTN system crash at OSITP$PSI_PORTMGMT_COMPLETE_C\ NET$TRANSPORT_OSI when shutting down DECnet and disabling the OSI transport. Corrections made to [SYSESE]CTF$UI.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:01:25.68 - The CTF utility has always required that the invoking process have certain rights identifiers in order to use the START and STOP commands to control the collection of trace records. These rights identifiers are described in Chapter 3 of the DECnet/OSI for VMS CTF Use manual. Now, in addition to one or more of the required rights identifiers, the invoking process must have the following process privileges before invoking CTF for any purpose: ALTPRI, BYPASS, CMKRNL, NETMBX, PRMGBL, PRMMBX, PSWAPM, SYSGBL, SYSLCK, SYSNAM, TMPMBX, and WORLD If you invoke CTF from a process without the required process privileges, the utility exits with an error message indicating the first of the required privileges not granted. Corrections made to SYS$UPDATE:DECNET_MIGRATE.EXE: File Identification: "V6.3-ECO17" 20-APR-2005 02:06:45.02 ECO15: - Include COLLECT and SHOW PATH correction for the error "Unsupported primary directory service." - Correct MOP Client NCL Script load file name. Corrections made to SYS$SYSTEM:DECNET_REGISTER.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:01:04.77 - DECnet_REGISTER.EXE did not have sufficient wait time for decdns clerk commands to allow for failover to another server. Now the wait time has been increased to allow failover. ECO09: - Use DECdns high confidence to register nodes correctly. This prevents the error: %DNS-E-UNKNOWNENTRY, Requested name does not exist. After the initial error, the node object was deleted, but the .DNA_BackTranslation was left so that subsequent attempts to register the node failed with "name already in use". Corrections made to SYS$SYSTEM:DNS$ADVER.EXE: Image Identification: "V2.0-1" 20-APR-2005 02:02:26.78 - Corrected a problem that could cause more than three copies of the DNS$CHFAIL.LOG to be present on the system. This condition occurred when the file version of DNS$CHFAIL.LOG cycled through the upper version boundary (that is, cycling from version 32767 back to version 1). The code now correctly handles this situation and maintains three copies of the file. File versions are rolled over when the file version reaches 32000. For example, if versions 31998, 31999, and 32000 are present, the code renumbers the files to version 1, 2, and 3, respectively. - Corrected a problem that caused a subsequent device to remain uninitialized if a lower device of the same type was offline or unavailable. - Corrected a problem that could cause multiple copies of the file used to maintain the current cache file version (SYS$SYSTEM:DNS$CACHE.VERSION) to be present on the system. This condition occurred when the file version of DNS$CACHE.VERSION cycled through the upper version boundary (that is, cycling from version 32767 back to version 1). The code now correctly handles this situation and maintains a single version of the file. Corrections made to SYS$STARTUP:DNS$CLERK_STARTUP.COM: File Identification: "V6.3-ECO17" 6-MAR-2003 11:36:22.70 ECO11: - Allow the user to specify the location of the NCL script via logical name definitions. - Add DNS$ADVER_AST_LIMIT logical and increase clerk quotas. Translate each of the logicals from the system table if it exists, otherwise use the defaults. Increase default quota for direct I/O, file_limit, enqueue limit, queue limit, adver_buffer_limit, and adver_max_working_set. Corrections made to SYS$STARTUP:DNS$CLERK_STOP.COM File Identification: "V6.3-ECO17" 6-MAR-2003 10:41:26.41 ECO11: - Included file SYS$MANAGER:NET$DNS_CLERK_STOP.NCL - Allow DECdns clerk to be disabled and deleted. - Prevent "no such file" warnings on shutdown. Corrections made to [SYSUPD]DTSS$INSTALL_TIMEZONE_RULE.COM: File Identification: "V6.3-ECO17" 19-JAN-2004 14:44:09.54 - This correction eliminates a problem with the TDF getting incorrectly set on reboot if DTSS startup is disable via the NET$DISABLE_DTSS logical. - Correct the situations where the SYS$TIMEZONE_RULE logical was undefined when the NET$DTSS_DISABLE logical was defined. Corrections made to SYS$SYSTEM:DTSS$SERVICE.EXE Image Identification: "DECDTS V2.1-0" 20-APR-2005 02:01:43.65 - Corrected DTSS$SERVICE process crash when network shutdown occurs with an Invalid rule. - Corrected "unavailable user buffer" message. Driver will handle buffers when no read is outstanding by allocating the extra buffer. - Corrected a problem with the show dtss all command that occasionally caused the invalid message detected attribute to have a negative number. - Added the RESIDENT attribute to several high-IPL code psects to prevent PGFIPLHI crash at high IPL. - Lock certain code, data & linkage sections into the process working set to prevent a PGFIPLHI system crash seen primarily on systems running with small working sets. - Corrected a problem that caused programs using the JAVA runtime code to go into a COM state loop when the TDF change occurs. A TDF change notification event was added. Also, there are some VMS/THREADS corrections that are related to this problem. - Removed the static device tables formerly used to determine the devices used by DTSS. Now, DTSS uses the $DEVSCAN and $GETDVI system services to build a list of devices that have a device class of DC$SCOM (synchronous communication device), a device characteristic of DEV$V_NET, a device status of UCB$V_ONLINE and UCB$V_TEMPLATE, and a device name in the form _xxy0:. The logical name DTSS$ETHERNET_DEVICE can be used to provide a list of devices that DTSS should NOT use. All devices must be in the form _xxy0:. The string can contain spaces and other text which is ignored by DTSS. For example, the following command tells DTSS not to use the _EIA0: and _FWA0: devices. $ DEFINE/SYSTEM DTSS$ETHERNET_DEVICE "Don’t use _EIA0: and _FWA0: " - Corrected a problem that caused a subsequent device to remain uninitialized if a lower device of the same type was offline or unavailable. - Fixed 655 bytes memory leak when DTSS SET or SHOW commands were issued. - Fixed the command,"show dtss all status" to display all the attributes. ECO15: - Correct PGFIPLHI crash on startup. Insure that any linkages which may be touched at an elevated IPL are in a page which is locked. - Prevent possible crash on boot in read cluster time. - Resolve error for NCLSHR when using NET$CONFGIURE Option 5. - Prevent the clerk from sending advertisements when the cache is purged. - Add a system logical NET$DISABLE_DTSS. - Prevent possible PGFIPLHI crash in DTSS$CLOCK_ROUTINES. Corrections made to SYS$SYSTEM:DTSS$SET_TIMEZONE.EXE Image Identification: "V1.0" 20-APR-2005 02:06:52.51 - Included for compatibility with DTSS$SERVICE. Corrections made to SYS$LIBRARY:DTSS$SHR.EXE Image Identification: "DTSS V2.1-0" 20-APR-2005 01:38:55.72 - This change corrects a problem reported in IPMT cfs.108167. The problem involved the API routine VMS_LOCALTIME giving the wrong time when the timezone was set to AUSTRALIA/WEST. ECO14: - Modify user callable DTSS routine "mulftime" as this returned a value that is inaccurate starting with the lsb of the high order longword, with all lower order longwords being similarly inaccurate. Corrections made to SYS$STARTUP:DTSS$STARTUP.COM: File Identification: "V6.3-ECO17" 1-OCT-2001 10:45:53.23 ECO14: - Allow the user to specify the location of the NCL script via logical name definitions. - Add a system logical NET$DISABLE_DTSS. Corrections made to DTSS$TIMEZONE_RULES.DAT: File Identification: "V6.3-ECO17" 9-SEP-2003 17:50:08.66 - Corrected the time zone rule values for Tasmania in the DTSS$TIMEZONE_RULES.DAT file. ECO14: - Change DTSS MET time zone rule for 1996 and 1997 daylight savings time from the last Sunday in September to the last Sunday in October. - Change DTSS Brazilian time zone rule. - Change DTSS British time zone rule from 4th Sunday in October to 5th Sunday in October. - Modify Australia and New Zealand for the 2001 time zone rules. NET$CONFIGURE.COM must be run to update these rules. Corrections made to SYS$LOADABLE_IMAGES:LES$LES_V30.EXE Image Identification: "LES V3.0-2" 20-APR-2005 02:05:01.26 - Prevent CPUSPINWAIT crash by appropriate spinloick handling. ECO16: - Remove gratuituous IOLOCK8 acquisition and release. ECO15: - Item list definitions had to be harmonized between VAX and Alpha to prevent system crashes on Alpha. - Prevent crash in LES$LPD_DONE when running SNA TE session over a QLLC link. Corrections made to SYS$LOADABLE_IMAGES:LES$NETMAN.EXE: Image Identification: "LESNM V2.0-1" 20-APR-2005 02:34:45.44 - Include for compatibility with LES$NETMANLDR. Corrections made to SYS$LOADABLE_IMAGES:LES$NETMANLDR.EXE: Image Identification: "LESNM V2.0-1" 20-APR-2005 02:34:39.28 - Correct NET$SHUTDOWN hang on FDDI circuits when executing the "delete routing circ *" command. - All NCL SHOWS require NET$EXAMINE or NET$MANAGE or BYPASS, and NCL Actions require NET$MANAGE or BYPASS. - Corrections for routing and VAX P.S.I. event logging. - Allow duplicate attributes for LES-managed entities, i.e. routing and X.25. - Prevent crash on sanity check in Les_sync_suspend. - Correct the timestamp on a routing event. Corrections made to SYS$LIBRARY:LES$NETMANSHR.EXE: Image Identification: "LESNM V2.0-1" 20-APR-2005 02:34:30.15 - Include support for compatibility with LES$NETMANLDR. Corrections made to SYS$SYSTEM:NCL.EXE: Image Identification: "X-4" 20-APR-2005 02:06:44.65 ECO16: - CMIP encoding/decoding correction for "CML-E-INVALID_PDU". - Add support for "with" clause. - Modifed SetDefaultEntity, SetDefaultAccess and SetDefault routines to correct memory allocation and new defaults. - Correct default entity and global parsing vector when the initial connect attempt failed. - "With" cause corrected to allow parsing end user specification attributes using the UIC format. - Correct default entity and global parsing vector when the initial connect attempt failed. ECO15: - Include for compatibility with NCLSHR. Corrections made to SYS$LIBRARY:NCLSHR.EXE: File Identification: "V6.3-ECO17" 20-APR-2005 01:53:08.07 - Corrected backtranslation of IP address so address displays now display thefully qualified host name following the IP address. (See also NET$SESSION_CONTROL.EXE.) If a BIND server is not available and you still want to see the fully qualified name, do the following: 1. Modify the local IP host database: $ tcpip set nohost trundy $ tcpip set host trundy.xpr.eds.vendors.cpqcorp.net - /addr=161.114.95.148/alias=trundy 2. Flush the old cache entry so the next lookup will get the fully qualified name. ECO16: - Correct the order of the IP address display now that the ISO format is used to store the address within the towerset. - Added a CMIP code for "OpenVMS I64" systems. Changed CMIP code for "OpenVMS AXP" systems to "OpenVMS Alpha" systems. Corrections made to SYS$SYSTEM:NCP.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:09:46.53 ECO08: - Prevent possible access violation with proxies. - Correction for Show Known Nodes Characteristics. Corrections made to SYS$UPDATE:NET_ISHFILTER.EXE: File Identification: "V6.3-ECO17" 20-APR-2005 02:37:22.65 ECO16: - Include as support for NET$ROUTING_ES. Corrections made to [SYSEXE]NET$ACP.EXE: Image Identification: "V6.3-ECO17" 30-MAY-2005 21:52:24.84 - Include for compatibility with CDI$SHR. ECO16: - Include support for CDI$SHR.EXE Corrections made to SYS$LOADABLE_IMAGES:NET$ALIAS.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:00:59.14 - Prevent hangs on calls to $ENQ system service because a thread of execution was running at an elevated IPL. - Make exclusive mode lock conversion synchronous in Alias$Update_App to prevent possible hang while enabling (or re-enabling) alias port. ECO16: - Prevent hangs on calls to $ENQ system service on ALPHA because a thread of execution was running at an elevated IPL. ECO15: - Alias member with selection weight set to 0 should not receive any incoming alias connection. - Correct single member cluster alias selection weight. - Correction for incoming alias objects over 128. - Prevent alias hang on startup. If NET$ACP was very busy, the alias task could sometimes get suspended while holding the object lock in exclusive mode. The solution is to increase the priority of the alias task. - Correct alias selection weight of one. - Correct the format of the Phase V node address in Alias forwarding packets to prevent logical links from being unexpectedly aborted. - Prevent possible system crash if the alias round robin queue was corrupted by disabling the AST delivery when the alias port was toggled. - Allow only the use of ALIAS DISABLE instead of ALIAS DELETE because the port should not be deleted once it has been allocated and accessed. - Correction for incoming selection weight on objects. - Prevent startup hang during the enable while waiting for the Object lock that was held in exclusive mode by another alias member. - Prevent Round Robin queue corruption. Corrections made to SYS$SYSTEM:NET$CCR.EXE: File Identification: "V6.3-ECO17" 20-APR-2005 02:34:57.01 - Include for compatibility with NET$MOP. ECO16: - Modify "%CCR-F-UNRCMIPRSP, unrecognized CMIP error status" to "%CCR-F-ACCESSDENIED, NET$MANAGE, NET$DIAGNOSE or BYPASS required". Corrections made to SYS$MANAGER:DNS$CONFIGURE.COM: File Identification: "V6.3ECO17" 16-MAY-2001 15:02:13.10 ECO15: - Include for compatibility with NET$CONFIGURE.COM Corrections made to SYS$MANAGER:NET$CONFIGURE.COM: File Identification: "V6.3-ECO17" 27-MAY-2005 19:47:30.39 - Correct defaults for the routing "end system hello time" and the session "update interval" when NET$CONFIGURE is run twice without exiting. - Correct node rename. - Find PSI$050.PSI in SYS$COMMON, which is needed for VAX P.S.I. to configure. - Correct attributes for FDDI devices and the associated routing circuits. - Session control "application add" will default to "false" for outgoing alias. - Correct search for Phase IV node name database in SYS$COMMON. - Correct the use of SYS$COMMON for DECnet Migration temporary files. - Require LOCAL in the Session Control Search Path on DECdns servers. - Correct the use of logical name definitions for script files. - NET$STARTUP_RENAME.COM could be created with an invalid node name. - Add a Flow Control Policy Option for NSP Transport. - Correct DCL command syntax error on NSP configuration section within option 4. - Correct circuits to be configured as FDDI. - Add spaces in fddi_yes = 1. - Modify text for the EWdevice to indicate that it can be a DExxx device. Also add EB device. - Modify error handling on temporary files. - Prevent %RMS-W-RTB, byte record too large for user's buffer. - Correct password generation. - Change NET$CONFIGURE option 1. - Remove obsolete decnet_loc_register calls. - Display a warning that the sysem must be rebooted if the DECnet address has been changed. - Make sure that all temporary files from an aborted session will be deleted. Corrections made to SYS$UPDATE:NET$CONFIGURE_UPGRADE.COM: File Identification: "V6.3-ECO17" 27-MAY-2005 19:48:10.67 - Include for compatibility with NET$CONFIGURE.COM Corrections made to SYS$UPDATE:NET$CONVERT_DATABASE.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:07:49.50 ECO15: - Remove erroneous log file message "found 0 nodes". - Prevent database conversion to an invalid command: "SET NODE 0 CSMA-CD STATION MNA-0 STATION BUFFERS 15" in NET$CSMACD_STARTUP.NCL. - Add support for the DEFPA device. - Convert the Phase IV routing maximum visit count of 255 to the Phase V limit of 63. - Properly convert FDDI device, DEFPA, from Phase IV. The communications port should have been FWA not FPA. Corrections made to SYS$LOADABLE_IMAGES:NET$DRIVER.EXE: Image Identification: "X-3" 20-APR-2005 02:13:37.22 - Server application gets lots of SS$timeout messages on incoming links.The SS$_TIMEOUT status return happened as a result of the user trying to accept or reject a connection using a given link-ID and NET$DRIVER not finding the entry in its table. - Improved DECnet and System performance by changing the spinlock management so as to minimize the contention for IOLOCK8 on the basic I/O paths in the various layers. - Corrected a problem causing a process using the NET device to hang in the RWAST state. This problem was seen when multiple deassign calls were made for a connection instance. (For example, a remote system requesting a disconnect at the same time as the local system.) - Corrected a problem seen when a user program received notification of I/O completion of $IPC and QIO to NET device using LOCAL event flags. Occasionally, the event flag was set before the IOSB and the data buffer were properly set. - Improved the reporting of connection timeouts in the transmit and receive queue processing code. The code now returns the traditional, more specific timeout error status SS$_LINKEXIT instead of the generic error status SS$_ FILNOTACC. - Added spinlock synchronization to two routines responsible for determining that a NET device’s connection count has gone to zero. Before the spinlock synchronization, each routine could independently detect the condition and attempt to close the association at the same time. This resulted in a hung NET device. ECO16: - Remove gratuituous IOLOCK8 acquisition and release on I/O completion. ECO15: - For DNA, map NET$_CONTIMEOUT to the SS$_LINKEXIT system service status/MSG$_EXIT mailbox message type instead of to the incorrect SS$_UNREACHABLE/MSG$_PATHLOST. - Prevent access violation on zero length probe. - Prevent crash in sys$network_services by reordering IRP completion. - Prevent remote shutdown from stopping local servers by mapping remoteshut to msg$_abort and the ss$status to LINKABORT. - Allow the channel to be re-used after the reception of a msg$_netshut or msg$_thirdparty mailbox message. - Modify mapping table for Phase IV compatibility: A) When session is disabled an attempt to connect: 1) Mailbox Message MSG$_Reject 2) %System-F-Shut, remote node no longer accepting connects B) When session is disabled with existing connections: 1) Mailbox Message, Msg$_Thirdparty 2) SS$_Thirdparty abort status - Correct incoming disconnect with DNA where a a UCB was not deallocated. - Correct disconnect path that could lead to hanging transport ports if the outgoing connect initiate was not getting properly disconnected. - Correct mailbox disconnect message by removing an invalid check for a corrupt QLB queue in IO$_ACCESS. - Include spinlocks to synchronize all I/O completion. - Always delete the session association when an incoming connection times out. If many incoming connections failed, this could eventually lead to a resource exhaustion and a system crash. - SMP synchronization was added to the executeDeAccess to prevent a network device hang on a very heavily loaded system. - Prevent possible system crash on an incoming connect timeout where close association could have been called twice. - Correct PFGIPLHI crash in execute deaccess. - Prevent possible application RWAST or network device hangs with QIOUCB$V_closeassocdone. Double close associations precipitated this modification. Both QIO_EXECUTE and QIO_COMPLETION were modified to add a new bit to check if the association has already been closed and if the channel can be deallocated. - Modify disconnect data counted string to emulate Phase IV behavior of stepping on the first byte of user data to make it a counted string IF the user application did not supply this necessary count. - Correct ExecuteDeaccess code latency when the connection was not yet in the run state and it was aborted. This will now allow the abort to happen if 1) the channel type indicates that there is some semblance of a connection and b) in all states except for those that indicate that the connection is already in the process of being torn i.e., ACinProg, CAinProg or DCinProg. - Prevent NET device $ASSIGN before the driver has been initialized. - Prevent possible page fault at elevated IPL bugcheck in deaccess. - Acquire and release IOLOCK8 in a macro for the DAB queue. Corrections made to SYS$SYSTEM:NET$EVENT_DISPATCHER.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:34:42.94 - Prevent system crash with a SSRVEXCEPT bugcheck in NET$EVENT_DISPATCHER. This was due to the improper definition of the condition handlers on Alpha. ECO11: - Prevent INVEXCEPTN crash in SYS$NETWORK_SERVICES. - Create new filters to block the following CSMA and FDDI events to correct the command RESET EVENT DISPATCHER OUTBOUND STREAM. The global filter will block the following events by default: ((node,csma,station), unrecognized multicast destination pdu) ((node,csma,station), unavailable station buffer) ((node,fddi,station,link), unrecognized multicast pdu destination) If you do not want these events blocked by default at creation time, create a new SYS$MANAGER:NET$EVENT_LOCAL.NCL by copying the NET$EVENT_LOCAL.TEMPLATE and include appropriate commands to pass one or more of these events. Corrections made to SYS$MANAGER:NET$EVENT_LOCAL.TEMPLATE: File Identification: "V6.3-ECO17" 4-JUN-1999 10:29:40.37 ECO11: - If a NET$EVENT_LOCAL.NCL was previously created from the old NET$EVENT_LOCAL.TEMPLATE, then your site-specific NET$EVENT_LOCAL.NCL should be edited to remove the following duplicate block command: BLOCK EVENT DISPATCHER OUTBOUND STREAM local_stream GLOBAL FILTER ((NODE,MOP,CIRCUIT), Unrecognized Dump Client). - Since new filters now block the CSMA and FDDI events by default, the following pass commands have been added: !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,CSMA-CD,STATION), Unrecognized Multicast Destination PDU) !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,CSMA-CD,STATION), Unavailable Station Buffer) !PASS EVENT DISPATCHER OUTBOUND STREAM * GLOBAL FILTER - ! ((NODE,FDDI,STATION,LINK), Unrecognized Multicast PDU Destination) If you have previously created a NET$EVENT_LOCAL.NCL script by copying the old .TEMPLATE, regardless of whether you choose to use these commands or not, please update that site-specific NET$EVENT_LOCAL.NCL script. Corrections made to SYS$LOADABLE_IMAGES:NET$LOOP_APPLICATION.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:05:45.99 ECO08 - Prevent NET$MIRROR_SERVER from consuming CPU time. - Correct application loopback error "Agent is invalid" when connecting by destination tower. Corrections made to SYS$SYSTEM:NET$MGMT.EXE: Image Identification: "V1.0" 20-APR-2005 02:09:18.50 - Modified internal tables to support more than 500 ports. Previously, the tables were hard-coded to support 500 ports and a system crash occurred if the table size was exceeded; they are now allocated dynamically. ECO15: - Correct OSI Transport display. Corrections made to SYS$SYSTEM:NET$MOP.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:34:34.35 - Corrected a routine to explicitly set IPL to 0 before issuing thread signal calls that require an IPL of 0. Also, corrected which thread signal calls were used. This problem caused the MOP process to hang when it was trying to load multiple servers simultaneously. ECO16: - Correct the buffer length derived from the terminal server's SYSID message for MOP Console Carrier Protocol used by TSM. - Modify threads signal calls to prevent MOP process hang. ECO15: - Save unnecessary disk access on dump requests. - Add a new diagnostic error for Console Carrier Request "CCR$_DuplicateAddr, duplicate address error" to help resolve a configuration error. - Prevent SSRVEXCEPTN crashes in NET$MOP. One of these crashes (Alpha only) occurred in response to NCL BOOT MOP CLIENT and TSM TRIGGER SERVER. Also fixed various other SSRVEXCEPTN crashes (on both VAX and Alpha) that were caused by MOP's use of $CMA thread routines in kernel mode. Those crashes were recognizable by kernel stack corruption, and they could occur while TSM, MOP, or the NCP Emulator were in use. - Modify the CCR timer to allow SET HOST/MOP and TSM commands to complete more quickly when one or more of the remote consoles is unavailable. Corrections made to SYS$LOADABLE_IMAGES:NET$MOPS0.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:34:42.78 - Include for compatibility with NET$MOP. ECO16: - VAX only correction for a kernel dispatch table to a nonpaged psect. - Included for compatibility with NET$MOP. - Add debugging code for DECthreads. ECO15: - Include for compatibility with NET$MOP. Corrections made to SYS$LIBRARY:NET$NISCS_LAA.EXE: Image Identification: "MOPLAA V3.0" 28-AUG-2001 17:43:05.90 ECO14: - Prevent KRNLSKNV crash during load with host based shadowed disk. Corrections made to SYS$LOADABLE_IMAGES:NET$OSDRIVER.EXE: Image Identification: "X-3" 20-APR-2005 02:14:02.63 - Improved DECnet and System performance by changing the spinlock management so as to minimize the contention for IOLOCK8 on the basic I/O paths in the various layers. - Corrected a possible double deallocation problem that occurred on incoming sessions where the remote session partner and the device driver simultaneously attempted to close the session. - Corrected a problem seen when a user program received notification of I/O completion of $IPC and QIO to NET device using LOCAL event flags. Occasionally, the event flag was set before the IOSB and the data buffer were properly set. - Improved the reporting of connection timeouts in the transmit and receive queue processing code. The code now returns the traditional, more specific timeout error status SS$_LINKEXIT instead of the generic error status SS$_FILNOTACC. - Corrected a problem causing a process using the OS device to hang in the RWAST state. This problem was seen when multiple deassign calls were made for a connection instance. (For example, a remote system requesting a disconnect at the same time as the local system.) - Fixed system crashes on OSAK startup or FTAM copy cmmands. Symptoms included corruption of the CPU specific I/O postprocessing queue (whose queue headers reside at offsets CPU$L_PSFL and CPU$L_PSBL of the CPU database), freelist corruption and a variety of other crashes because deallocated structures had been referenced. ECO16: - Include for compatibility with NET$DRIVER. ECO15: - Correct incoming disconnect with VOTS when a a UCB could fail to be deallocated. - Prevent system crash when running a VOTS trace with a bad NCB descriptor. Corrections made to SYS$LOADABLE_IMAGES:NET$OSVCM.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:12:18.01 - Corrected a possible double deallocation problem that occurred on incoming sessions where the remote session partner and the device driver simultaneously attempted to close the session. - This release has changes in NET$OSVCM which would fix the hung OS device and process going to LEF state while attempting to deaccess the OS device. ECO16: - Remove only data transmit fork for performance on I/O completion by just calling session directly. ECO15: - Corrections for Passive TSEL (defined by NCL) that is deleted when the program subsequently declares TSEL and exits. - Correct lost "fillm" when a connection was not processed by the application before the timeout. Corrections made to SYS$LIBRARY:NET$PROCESS_EMAA.EXE: Image Identification: "V6.3-ECO17" 30-MAY-2005 21:51:40.77 - Corrected a system crash seen while managing a MOP entity. A block deallocation routine was running at an elevated IPL (IOLOCK8) when a page fault occurred. The elevated IPL is not required and was removed, thus allowing the page faulting to occur at a lowered IPL (IPL 11). - Corrected a system crash caused by a problem with MCRP buffer allocation and initialization in the NET$EMAA_Response routine. The buffer consists of a fixed length control block which includes a pointer to a variable length output string that is appended to the control block. The code was not properly 7 initializing the output string pointer to null when the output string length was zero. ECO16: - Include for compatibility with SYS$NETWORK_SERVICES. ECO15: - Correct EMAA$BUILD_RESPONSE to make sure data exists in the MRCP output buffer before attempting to use it. - Correct more Process EMAA PGFILPHI crashes. - Prevent an EMAA$BUILD_RESPONSE INVEXCEPTN crash with NCP Emulator. - Prevent possible system crash with a negative entity count in the IVK. Corrections made to SYS$LOADABLE_IMAGES:NET$ROUTING_ES.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:37:32.46 - Corrected a system crash caused by improper integrity checking of incoming ES Hello messages. Also, if the integrity checking failed, a bugcheck was forced. This integrity check was corrected and the routine returns appropriate status instead of bugchecking. - The maximum number of circuits that DECnet supports has been modified from 16 to 32 as documented in DECnet documents. - Corrected a system crash seen when disabling alias ports. The code was not handling the case where there were no ports to disable. - Ensure that an FDDI circuit is enabled before sending the last chance ES_HELLO (for all bcst circuits). - Added a check for the supplied MAC address pointer to the LAN circuit receive completion code. Previously, if the MAC address pointer was invalid a INVEXCEPTN system crash occurred. Now, the VCRP containing the invalid MAC address pointer is simply discarded. ECO16: - Remove check for invalid NSAP on initial ES hello message by not checking the area address of the NSAP. - Remove gratuituous IOLOCK8 acquisition and release. ECO15: - Prevent alias_id in LPD from being corrupted during fork processing. - Check the packet size against datalink buffer size for all packets. Do not send probe packets if the datalink size is too small. When flooding the circuits, segment packets if necessary. - In the HDLC VCI interface, if the datalink reported an unusable port with an unexpected reason code, report a physical layer failure only. - Correct ES cache creation when receiving a redirect from a direct path to an indirect path. - Correct NET$SHUTDOWN hang with FDDI circuits with "delete routing circ *". - Correction for inactive area address handling over FDDI. - Prevent crash when flooding a packet over a point-to-point circuit that was in the "down" state. - Prevent bugcheck when the alias database free queue was empty. - Prevent the FDDI large blocksize flag in the cache entry from being enabled unless the circuit type is set to FDDI. - Prevent a crash when deleting a reachable address due to erroneous cache size. - Prevent possible crash in routing shutdown. - Prevent possible crash by discarding all invalid PDUs. - Event logging on Alpha was corrected. - Routing over HDLC check the validity of the NSAP length for incoming PDUs when there is no adjacency. - Correction for redirect PDUs that should not have been discarded. - Padded IS hello should not have been discarded. - Correct Phase V to Phase IV translation padding on transmit header. - Prevent possible shutdown crash on disable when a WCB contained an unexpected Routing Routine, net$clns_transmit_discard. Clear the CLNS_CDB before deleting the TSEL in the CLNS port close. - Prevent invalid NSAP on initial ES hello message by checking the area address and not the HIORD of the NSAP. Corrections made to [SYS$LDR]NET$ROUTING_VCM.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:37:19.90 - Improved DECnet and System performance by changing the spinlock management so as to minimize the contention for IOLOCK8 on the basic I/O paths in the various layers. Corrections made to SYS$LIBRARY:NET$SDA.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:09:47.60 ECO08: - Include support for compatibility with NET$ROUTING_ES. - Alpha only correction for "NETWORK SHOW EMAA". - Correction for "SHOW NSP PORT". Corrections made to SYS$SYSTEM:NET$SERVER.EXE: Image Identification: "V6.3-ECO17" 30-MAY-2005 21:01:20.97 ECO16: - Prevent possible %IPC-F-DCLSRVFAIL when the NETSERVER$TIMEOUT is set to zero. Corrections made to SYS$LOADABLE_IMAGES:NET$SESSION_CONTROL.EXE: Image Identification: "V6.3-ECO17" 30-MAY-2005 21:01:11.66 - Prevent DECnet detected a fatal error bugcheck in NET$SESSION_CONTROL. This was due to a earlier deallocation of a VCRP. - Corrected connection failures to commonly used DECnet objects such as MAIL, CML if NET_CALLOUTS is set to 255. - Corrected a rare SMP issue with cleanup of orphan sessions. Occasionally, a connect reject response is in the process of being delivered to the caller before the transport takedown has completed. In this case, the internal transport takedown event is completed directly to the caller instead of the connect reject. Because session control completion code did not expect this type of event, a crash occurred. - Modified how Session Control responds when a node's cache entry is stale (that is, the node name is found but the address is not reachable). Formerly, the node would remain unreachable until the cache was updated. Now, the cache is bypassed, the proper address found, and the cache is updated. - Fix incoming alias table. All named objects were incorrectly assumed to be the TASK object. - Corrected an IPL level problem that in turn caused session control to honor unreasonably large memory allocation requests from the $IPC interface. - Correct some buffer sanity checking logic in the $IPC interface. - Modified how Session Control responds when a node’s cache entry is stale (that is, the node name is found but the address is not reachable). Formerly, the node would remain unreachable until the cache was updated. Now, the cache is bypassed, the proper address found, and the cache is updated. - Corrected a rare SMP issue with cleanup of orphan sessions. Occasionally, a connect reject response is in the process of being delivered to the caller before the transport takedown has completed. In this case, the internal transport takedown event is completed directly to the caller instead of the connect reject. Because session control completion code did not expect this type of event, resulting in "DECNET, DECnet detected a fatal error" at DNAQIOEVENTROUTINE_C /NET$DRIVER.EXE. crash. - Corrected a rare SMP issue with cleanup of orphan sessions. Occasionally, a connect reject response is in the process of being delivered to the caller before the transport takedown has completed. In this case, the internal transport takedown event is completed directly to the caller instead of the connect reject. Because session control completion code did not expect this type of event, resulting in "DECNET, DECnet detected a fatal error" at DNAQIOEVENTROUTINE_C /NET$DRIVER.EXE crash. - DECnet bugchecks in the module NET$SESSION_CONTROL when shutting down on a busy system was fixed. A timing window allowed a state crash to happen with a connection on its way up while another threads is tearing it down. - Prevent possible double deallocation of a disconnect VCRP by dereferencing a pointer in the session port block immediately after the disconnect VCRP is completed. - Corrected DECnet Bugcheck in NET$SESSION_CONTROL while handling an incoming connection. - Prevent system crashes due to the execution of $MC NCL SHOW NODE locally from an unprivilaged user OR $MC NCL SHOW NODE from a remote node. ECO16: - Prevent premature deallocation of session disconnect VCRPs. - Remove gratuituous IOLOCK8 acquisition and release. - Correct IP address backtranslation to display the fully qualified host name in the following commands; MCR NCL SHOW ADDR ... MCR NCL SHOW OSI TRANSPORT PORT * REMOTE RFC1006 IP ADDR ... MCR NCL SHOW OSI TRANSPORT LOCAL NSAP IP_ANY REMOTE NSAP * IP ADDR ... - Prevent possible double deallocation of a disconnect VCRP by dereferencing a pointer in the session port block immediately after the disconnect VCRP is completed. ECO15: - Correct DNA CONTROLCOMPLETE while processing connect accept during association rundown. These crashes have been seen on STOP/ID for the DECdns server process. - Correct crash TESTLCLAPPDB Accept complete. - Prevent DECnet bugcheck in SCL$OUTGOINGTIMEREXPIRED. - Correct crash on DEALLOCATEPORTSUBENTITY. - Correct outgoing connect timer synchronization caused by threads starting and stopping this timer. - Reduce the amount of time required to report that an application does not exist. This time was not being reported until after the incoming timer expired. The connection will now be rejected as soon as Session determines that the application does not exist. - Correct the disconnect reason code used when an incoming connection request times out. Use SCL$K_RC_TimedOut as the disconnect reason code when an incoming connection request times out without being either explicitly accepted or rejected by the user application. - Modify $IPC user data to be compatible with $QIO by adding receive disconnect user data to the RECEIVE_EVENT function. - Prevent NET$SHUTDOWN hang or crashes on Disable Session Control. - Change application outgoing alias default to "false" for compatibility with Phase IV. - Prevent decnet fatal bugcheck on NET$SHUTDOWN. - Prevent "invalid access" with user IDs longer than 12 characters. - Use proxy first regardless of session attributes. - Add support for the configuring of multiple aliases by setting the outgoingalias name and default in the application. - Prevent SMP crash with synchronization of NET$GQ_Association_Queue. - Prevent for so-called alias hang on startup. Actually caused by SCL_BASE_ACP incorrect status check on backtranslaction. - Change the disconnect status sent to the remote node when session control is disabled on an existing connection from "%SYSTEM-F-SHUT, remote node no longer accepting connects" to "%SYSTEM-F-THIRDPARTY, network logical link disconnected by a third party". - Prevent "PGFIPLHI, Page Fault IPL Too High", in NET$ACP on system boot. - Prevent possible incoming disconnect crash. - Modify session control so that breakin attempts do not occur when proxy access was correctly used. - Prevent an SMP crash with the DeclareSession completion function. - Modify SMP synchronization for stale association by replacing DSBINT and ENBINT with IOLOCK8 acquire and release in SSRV$$GETPORTINFORMATION routine. - Prevent a doubly deallocated CRPROC structure. - Conditionalize out SCL spinlock checking because this check is now obsolete. - Prevent crash in NET$ACP from a bad DECdns and CDI cache entry. A stale pointer in DNSResult[DNSREQ$A_Pointer] with ACP$CheckBackTransTask could cause a double deallocation. - Resolve SMP PGFIPLHI trying to access an EIB port that no longer existed. - Include proxy information for use by LOGINOUT with SYSGEN parameter, NET_CALLOUTS 255. - Alpha only use the name string from the PSB instead of GETJPI. - Correct "Incoming Connect Orphan Queue" VCRP disconnect deallocation. - Modify EXE$IPC to always return the caller to IPL 0 so that callers will never unknowingly inherit the ASTDEL IPL. Corrections made to SYS$MANAGER:NET$SHUTDOWN.COM: File Identification: "V6.3-ECO17" 27-MAY-2005 19:48:07.08 ECO15: - Allow DECdns Clerk shutdown to be last. - Check for the existence of a NET$APPLICATION_SHUTDOWN logical which, if used, should point to a site-specific application shutdown procedure. If the logical is defined and the procedure exists, NET$SHUTDOWN will execute that procedure. The NET$AUX_CONTROL logical will continue to use the previously defined indexed file. - Prevent NET$SHUTDOWN from aborting when a NET process logical was defined. - Prevent possible shutdown hang in Transports or Routing. Corrections made to SYS$LOADABLE_IMAGES:NET$TPCONS.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:14:04.65 - Corrected system crashes due to zeroed longword in deallocated packet when POOL check is enabled. - Prevent INVEXCEPTN system crash at NET$TPCONS while unbinding after disconnect received. - The fix is related to a TPCONS state transition crash. The TPCB state and event history showed that PWIPDRIVER had passed TPCONS an ERROR_ACK in an openstate (DATA_T_OPEN). Since this is an unanticipated state transition, the system crashed when the TPCB_ACT$Bugcheck action routine was called. This may be due to connectivity or latency problems between the local and remote systems. As a solution ERROR_ACK event in a DATA_T_OPEN state is called by the action routine TPCB_ACT$Ignore_Event. - Remove a forced bugcheck that occurred during connection takedown if a deferred transmit was pending. - Clean up Connect Initiate error handling so that the code does not try to reference fields in a Connect Init structure that could not be allocated. - Removed sanity checking in DeallocateTPCB that was no longer compatible with newer HP TCP/IP Services for OpenVMS releases. - Corrected a stale pointer problem when taking down a connection. Added a test of the pointer before using it to complete the take down. - Corrected a self-imposed system crash seen during OSI transport disabling where, under certain timing conditions, a local control block being processed for deallocation was found to be still active. The block is now deactivated prior to deallocation. - Modified the code to correctly handle a control block inconsistency seen during processing of an incoming disconnect when the local system is also initiating a disconnect (rather than force a system crash). - Corrected a DECnet Bugcheck at TPCONS$DEALLOCATETPCB_C/NET$TPCONS when making a DECnet over IP connection. - Corrected a forced crash dump (BUGCHECK) caused during network shutdown. The Deactivate TPCB routine was incorrectly called before the connection reached the UNBND state. This occurred because the calling code had attempted to UNBIND the PWIP driver at the same time that the PWIP driver was shutting down. This resulted in an ERROR_ACK to the UNBIND request which was not properly handled. - Prevented DECnet BUGCHK system crash while shutting down. The fix is to remove the forced bugcheck and just return an error to the caller instead of taking the system down. - Corrected a timing problem TPCONS & TRANSPORT_OSI. Logic was improved to prevent timing-related problems between the two modules as they deallocate internal data structures. - Modified the code to correctly set up local IP address and TCP port fields. See also NET$TRANSPORT_OSI for more information about how this change allowed the correct local RFC1006 and remote RFC1006 IP address and port number characteristics to be displayed. ECO16: - Modify TPCONS design to enable the TCP/IP PWIPdriver to be restarted without a DECnet restart. - Multiple changes to prevent exotic timing problems with the latency in TCP/IP Services I/O completion. - Reverse the IP address in the towerset from DNA format to use the ISO format (i.e., transmitted most significant byte first). - Remove a forced bugcheck on a change of address when the VCIB ECO15: - Change handling of Report Event VCRPs, for Alpha only. - Prevent hanging tcp links by rejecting the connection on the listen port (tpcb) when this initiation fails. - Prevent a BGDRIVER socket leak that could under some incoming connect error conditions eventually cause the available sockets to become exhausted. - Prevent possible system crash on a disconnect indication. - Remove statetable bugchecks. - Include VCIB sanity checks in all locations which fork to a completion routine since it is theoretically possible for an I/O completion after port deletion in any of these routines. - Correct a design problem to allow for very long latency in TCP/IP Services between the transmit request and the actual completion, if there are any problems in TCP/IP delivering the data message. Corrections made to SYS$LOADABLE_IMAGES:NET$TRANSPORT_NSP.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:10:49.27 - Prevent system crash with an INVEXCEPTN bugcheck in NET$TRANSPORT_NSP. The crash happened in the transmit routine of the Common Transport Interface while trying to access a NULL pointer. - Prevent system crash in ACT$RCV_CI of NET$TRANSPORT_NSP. The crash was due to referencing invalid or Null data structures. - Improved DECnet and System performance by changing the spinlock management so as to minimize the contention for IOLOCK8 on the basic I/O paths in the various layers. - Improved file-transfers performance between clusters on two sites connected via routers when directed to the cluster-alias. This was caused by discarded packets received out-of-order on the destination node and not fitting into the out-of-order cache, because it was too small. The subsequent timeout caused a performance loss on the total throughput. - Corrected a problem that caused circuit fail over on a dual LAN connection system to fail when the NSP transport was in use. - Corrected a problem resulting in poor throughput when NSP was using piggyback ACKs. The code now sends a standalone ACK if no data segment is queued for transmission. - Corrected the DECnet COPY performance issues seen when the RMS NETWORK_BLOCK_COUNT was set to 128. The incorrect logic in the code caused the transmit window to approach zero frequently. - This release has changes in NET$TRANSPORT_NSP.EXE which will result in all pending I/Os to compelete with SS$_ABORT status when a cancel is issued.Prior to this, pending I/Os would complete with SS$_LINKDISCON status after a CANCEL. - This release has changes in NET$TRANSPORT_NSP.EXE which will prevent crashes(of type NETNOSTATE) due to faulty frame received during connect initiate attempt. - Prevent INVEXCEPTN systems crash at OSITP$SETUPSEGMENTS_TP0_C+ in module NET$TRANSPORT_OSI due to unintended sharing of data across buffers. - Corrected INVEXCEPTN system crash caused by a fork to 0 seen during retransmissions on high traffic LAN connections. The problem occurred when the LAN driver was completing the initial transmission request while NSP had already timed out and was trying to retransmit the data. ECO16: - Corrected the transmit copy code to handle the occurrence of an internal zero pointer value which could occur with some I/O cancellations. - Correct null pointer crash in ACT$RCV_CI. - Remove gratuituous IOLOCK8 acquisition and release. - Enlarge NSP OOOP cache from 7 to 32. - Reformat transmit VCRPs to prevent buffer possible buffer overflow which might in a very unusual case result in non-paged pool corruption. ECO15: - Include support for Routing LPD change. - Correct for dropped links while SET HOST to a Phase IV node. - Prevent NSP ports from remaining until they time out, sending disconnects. - Correct NETNOSTATE crashes. - Prevent crash on shutdown in NSP alias processing. - Prevent link hang on disconnect. - Prevent crash on incoming Disconnect Initiate with retransmit in progress. - Prevent hang on shutdown. - Correct possible hang when the NSP maximum window size was greater than 20. - Disconnect data from Phase IV nodes was incorrectly reported as a protocol error. When io$m_synch was used, the mailbox read hung waiting to receive a disconnect with optional data. - The default retransmits was lowered from 12 to 8 for faster error detection and recovery. - NSP connect initiate will be resent every 5 seconds instead of 10 seconds. This allows NSP to timeout before session by default even when the remote node is not reachable. - NSP was corrected to prevent logical links from hanging on a retransmission of an interrupt message. - Insure that I/O will complete even if the IO$_Multiple bit is set in the QIO function. - Allow NSP flow control to be more efficient and deliver the XON as soon as possible after a new receive request is received. - Prevent a remote TCID from attempting to be reused for a connection if the previous connection failed to be deaccessed. - Corrected the possible delivery of protocol errors with disconnect data. If the user string (P2) is not a counted string this will now be included on behalf of the user. Phase IV compatibility also writes over the first byte of the user data while making it counted. - Allow a connection to be disconnected immediately for a dysfunctional link rather then waiting for the timeouts to complete. Corrections made to SYS$LOADABLE_IMAGES:NET$TRANSPORT_OSI.EXE: Image Identification: "V6.3-ECO17" 20-APR-2005 02:12:34.48 - Prevent OSITP crash while referencing a NULL VCRP on a retransmit. - Prevent crash in OSITP when a packet was received with a negative TPDU byte count with checksums turned on. - Prevent system crash with INVEXCEPTN in NET$TRANSPORT_OSI. The crash was in OSITP$PSI_RECEIVE_COMPLETE when trying to access certain fields in a datastructure which were invalid. - Prevent Crash in NET$TRANSPORT_OSI when OSITP received and processed a DT event when the port is in closed state. Modified state tables such that if the port is in a close state and receives a DT, the port ignores the message rather than bugchecks. - Prevented a DECnet Bugcheck when a data AK was received in response to a connect request. - Prevent possible INVEXCEPTN system crash in routine OSITP$FINDREMOTETCID_C of module NET$TRANSPORT_OSI due to queue corruption when OSI transport attempts to establish new connection. - Prevent INVEXCEPTN systems crash at OSITP$SETUPSEGMENTS_TP0_C+ in module NET$TRANSPORT_OSI due to unintended sharing of data across buffers. - Corrected the code to properly handle a rare situation that can occur if a request to transmit is made to routing and the permission is not granted until transport has begun to terminate a connection. A null buffer pointer was not being handled properly. Added the same null pointer check to several other transport routines. - Prevent forced OSITP crash in OSITP$PSI_DELETE_PORTE. Ensure that the TPCB structure is properly deallocated in the port deletion code responsible for the final rundown of DECnet over TCP/IP connections. - Corrected a timing problem TPCONS & TRANSPORT_OSI. Logic was improved to prevent timing-related problems between the two modules as they deallocate internal data structures. - corrected a problem seen during connection takedown where the Remote Service Provider(RSP) list was in the process of being modified as it was referenced during the take down. Checking has been added to ensure the returned RSP structure is valid. - Modified the code to correctly set up local IP address and TCP port fields. See also NET$TRANSPORT_OSI for more information about how this change allowed the correct local RFC1006 and remote RFC1006 IP address and port number characteristics to be displayed. - Corrected a INVEXCEPTN system crash at OSITP$PSI_PORTMGMT_COMPLETE_C\ NET$TRANSPORT_OSI when shutting down DECnet and disabling the OSI transport. - Corrected a session hang problem seen when a disconnect was received from the remote system and was being processed at the same time that a request to deaccess the NET channel came from the local system. - Corrected INVEXCEPTN system crash caused by a fork to 0 seen during retransmissions on high traffic LAN connections. The problem occurred when the LAN driver was completing the initial transmission request while NSP had already timed out and was trying to retransmit the data. ECO16: -Modify the deallocation of chained receive DCBs from PWIPdriver to prevent possible system crash in OSI Transport or TPCONS. -Modify check for a valid NCCB which had been optimized out of the code by the ALPHA BLISS compiler. - Prevent crash in remote service provider counter routine with more integrity checking. - Modify OSITP design to enable the TCP/IP PWIPdriver to be restarted without a DECnet restart. - Multiple changes to prevent exotic timing problems with the latency in TCP/IP Services I/O completion. - Remove gratuituous IOLOCK8 acquisition and release. - Reformat transmit VCRPs to prevent buffer possible buffer overflow which might in a very unusual case result in non-paged pool corruption. ECO15: - Prevent class 2 hang when xmitsegquota was equal to xmitsegcount. - Correct INVEXCEPTN bugcheck due to bad "reason code." - Correct memory leak on Solicit VCRP. - Correct transmit failure "%REM-F-NETERR, DECnet channel error on remote terminal link" with more than 127 chained DCBs given to CTI. - Prevent crash on handling of duplicate CR with a bad checksum. - Prevent crash on duplicate/clone VCRP. - Remove unnecessary CTI buffer caching. - Change handling of Report Event VCRPs, for Alpha only. - Improve performance over links active for many hours. - Correct reassignment which could lead to a 64-byte pool leak (CONSTmpList memory leak) and, in one instance, to a pool corruption. - Add "try hard" for "keep alive" acknowledgements to allow idle link failover. - Avoid excessive retransmission. - Prevent crash on invalid window size negotiation. - Remove maximum limit and allow more than 260 alias connections. - Prevent possible system loop with class 2 processing. - Prevent hang in NET$SHUTDOWN. - Prevent possible crash with deactivate port. - Prevent crash with maximum connections. - Prevent possible crash when expedited data had just been transmitted and the message sequence number to be retransmitted did not match the expected message. - Correct Alias Transport Connection Table for connections using cluster alias because the TC ID range was not properly allocated. - Prevent a crash on connect initiate where the port had not yet been activated and the solicit VCRP was zero. - Prevent a crash when a port block was inserted into a queue in the RSP (Remote Service Provider) and an element in the queue found an invalid pointer. - Correct the checksum calculation for messages larger than 4,399 bytes. - Prevent crash in OSITP disable port if this same port had already been disabled. - Remove forced bugcheck from BUILD_DATA routines. - Insure that I/O will complete even if the IO$_Multiple bit is set in the QIO function. - Prevent transport bugcheck when an X.25 connection was abnormally terminated and a protocol error was in the process of being logged. - Correct timing window to prevent a VCRP leak if user data could not be delivered to the application because it was disconnected. - Correct possible crash when the port is found and the associated remote TCID was not valid. - Modify state tables such that if the port is in a WFNC state and receives a DR or DC, just ignore the message rather then bugcheck. - Correct restraint mode window. - Correct default packet size when remote fails to set the size. - Prevent OSITP retransmission timeouts with zero credit. - Prevent OSITP premature port deallocation. - Change the action routine on a TPDU error in a WFNC (wait for network confirm) state to ACT$P_TPDUERR rather then bugcheck. Corrections made to SYS$STARTUP:NET$STARTUP.COM: File Identification: "V6.3-ECO17" 27-MAY-2005 19:48:01.48 - Added check to make sure that net$disable_dtss is not defined before attempting to start DTSS to avoid error message display "trying to start DTSS" when the logical was defined previously. ECO16: - Allow NET$STARTUP_RENAME.COM to execute only after the full network startup completes. - Do not run RTTLOAD or start DNS$SERVER until after NET$ACP is running. - Remove "block event dispatcher outbound stream" command lines as the code as been modified in the event dispatcher to block these events by default. Update to SYS$LOADABLE_IMAGES:SYS$NETWORK_SERVICES.EXE: Image Identification: "V6.3-ECO17" 30-MAY-2005 21:52:18.07 - Corrected a system crash caused by a problem with MRCP buffer allocation and initialization in the NET$EMAA_Response routine. The buffer consists of a fixed length control block which includes a pointer to a variable length output string that is appended to the control block. The code was not properly initializing the output string pointer to null when the output string length was zero. - Corrected a system crash seen when CTF tracing was active during a shutdown of the OSI transport. During transport shutdown, the common code for handling trace terminations failed to verify the existence of the trace information buffer before using a pointer within the buffer. - Corrected a system crash seen when using the NCL SHOW SESSION CONTROL PORT * command. The code was incorrectly releasing an internal data structure (but not the pointer to the structure) during port takedown while processing was in progress for the NCL command. - Fixed DECnet bugchecks in the module NET$SESSION_CONTROL when shutting down on a busy system. A timing window allowed a state crash to happen with a connection on its way up while another threads is tearing it down. ECO16: - Include SMP change for interlocked queue manipulation in NET_MACRO_UTILITIES. - Increase the maximum size of NET$CONFIG.DAT to 100 blocks for RAID system disk. - Disallow SET directive for FDDI and CSMA modules. - Probe EMAA's EAB to prevent crash with WANDD. - Include maximum address validation in node agent. - Include Session Control Tower Maintenance. - Prevent possible pool corruption with X.400 or X.500. - Correct queue for Error MRCP with flink/blink initialization. - Allow more than one Error MRCP for full process entities, MOP and EVD. - Bump up maximum file size of NET$CONFIG.DAT file from 100 to 125. - Update ECO number in DECnet version "050910". New trace images included in SYS$LIBRARY for compatibility: CTF$ALIAS_ANALYZE.EXE 20-APR-2005 02:02:03.61 CTF$DNA_ANALYZE.EXE 20-APR-2005 02:13:46.42 CTF$ESEVENT_ANALYZE.EXE 20-APR-2005 02:37:17.94 CTF$MOP_ANALYZE.EXE 20-APR-2005 02:35:01.88 CTF$NSPTP_ANALYZE.EXE 20-APR-2005 02:11:18.03 CTF$OSITP_ANALYZE.EXE 20-APR-2005 02:12:59.32 CTF$OSVCM_ANALYZE.EXE 20-APR-2005 02:12:40.32 CTF$SCL_ANALYZE.EXE 30-MAY-2005 21:01:28.22 CTF$TPCONS_ANALYZE.EXE 20-APR-2005 02:14:14.62 CTF$VOTS_ANALYZE.EXE 20-APR-2005 02:14:13.24 ------------------------------------------------------------------------------- B. Common Directory Service Dynamic Cache CDI$SYSTEM_TABLE A logical table (CDI$SYSTEM_TABLE) defines node nicknames. The following commands are used to create and examine logicals in a CDI_SYSTEM_TABLE. A system named "foo.zko.dec.com" can be nicknamed "foo". TO DEFINE TABLE: create/name_table/exec/parent=LNM$SYSTEM_DIRECTORY CDI$SYSTEM_TABLE TO DEFINE LOGICAL: define/table=CDI$SYSTEM_TABLE foo "foo.zko.dec.com" TO EXAMINE LOGICAL: show logical/table=CDI$SYSTEM_TABLE foo "foo" = "foo.zko.dec.com" (CDI$SYSTEM_TABLE) REQUIRED SYSTEM PRIVILEGES: SYSNAM Changes to Checkpoint File Operation CDI contains a local cache image of the most recently accessed nodes. A short time after power up on a new system, a disk file image of the cache is written. This file is called a checkpoint file. A checkpoint file is generated every eight (8) hours. The system uses this file after reboots for quick access to nodes that have been previously addressed. Problem When Generating New Checkpoint File At checkpoint time, a new file of the cache image is written to disk. The name of this file is "SYS$SYSTEM:DECNET$CDI_CACHE.TMP". This temporary file contains the latest memory image of CDI Cache. The original file "SYS$SYSTEM:DECNET$CDI_CACHE.DAT;1" is then deleted. A RENAME request is made to the system to change the name of the temporary file to the original file. If an error occured, the temporary file was also deleted, leaving the system without a file. Solution At checkpoint time, the same temporary file is generated. The original file is deleted. A RENAME command is attempted. If this operation fails, the temporary file is not deleted. At next reboot or the next checkpoint interval, the existence of a temporary file is tested. If this file is on the disk, this temporary file will be used instead of the original file. This ensures that an original or temporary file always remains on the system disk. This operation is automatic. No operator intervention is required. Added Variables in CDI$SYSTEM_TABLE The CDI Cache has a number of entities called an Entry. Each Entry contains a Full name, Simple name, Compressed name, Synonym, and a Tower Set. The Entry also contains the Input name as received from the calling routine as well as the source of that name. A time and date is included in each Entry at the time the Entry is made. 15 minutes after the system is started, a checkpoint file is written to disk. The checkpoint file is used in subsequent reboots to ensure that a time-dependent Digital Distributed Name Service (DECdns) call will not be made for the location of nodes previously used by this system. The system default suggests that updates to the checkpoint file are made every eight (8) hours. Three variables determine the operational size of the CDI Cache and how the CDI cache reacts to changes in the DECNET load as messages are received or transmitted. The three variables are as follows: CDI$CACHE_MIN - This is the size of CDI cache that is allocated on a new system. This is the startup size of the number of Entries that are cached. A suggested size for this parameter is in the range of 128 for small systems to as large as 512 or more for busy systems. This parameter is only used once for the initial startup. The default value is presently set at 128 entries. CDI$CACHE_INC - This is the size of the increase in ENTRIES that is added to the existing cache as all entries are filled. A suggested size of this parameter for typical systems would be 128 entries. This value could change as the variable is changed in the system table CDI$SYSTEM_TABLE. The default value is presently set at 128 entries. CDI$CACHE_MAX - This is the maximum size in entries that the CDI cache will grow to as the system accumulates node information. This parameter was fixed at 512 entries on small systems. Some very large systems were fixed at 4096 entries, but when allowed to grow, they reached sizes of 8k to 10k. The limiting factor when selecting this parameter is the amount of memory allocated and the size of the checkpoint file. Each entry is about 1060 bytes, or 2 blocks per entry. This value could change as the variable is modified in the system table CDI$SYSTEM_TABLE. The cache WILL NOT shrink if the variable is made smaller then the current cache size at the present time. The default value is presently set at 4096 entries. TO DEFINE LOGICAL: define/table=CDI$SYSTEM_TABLE CDI$CACHE_MIN 128 define/table=CDI$SYSTEM_TABLE CDI$CACHE_MAX 2048 define/table=CDI$SYSTEM_TABLE CDI$CACHE_INC 128 ------------------------------------------------------------------------------- C. DECdns Update ECO 73 1.1 Kits superseded by this kit: DECDNSAECO01070, DECDNSAECO01071 1.2 Files patched or replaced: o SYS$COMMON:[SYSEXE]DNS$ADVER.EXE 20-APR-2005 02:02:26.78 o SYS$COMMON:[SYSEXE]DNS$ANALYZE.EXE 12-JUN-2001 14:11:14.64 o SYS$COMMON:[SYSEXE]DNS$CONFIGURE.EXE 12-JUN-2001 14:12:36.18 o SYS$COMMON:[SYSEXE]DNS$CONTROL.EXE 12-JUN-2001 14:12:28.00 o SYS$COMMON:[SYSMSG]DNS$MSG.EXE 12-JUN-2001 14:10:42.89 o SYS$COMMON:[SYSLIB]DNS$RTL.EXE 12-JUN-2001 14:10:55.70 o SYS$COMMON:[SYS$LDR]SYS$NAME_SERVICES.EXE 20-APR-2005 02:04:08.65 1.3 Problems Corrected (DECdns ECO 73) o Include cache rollover correction, poolcheck and read permanent decnet database to get local towerset. o Add support for new trace code. o Add support for EB and EI device types. o Brann Cache Calculation modified to accommodate cache sizes in a large memory environment. 1.4 Problems Corrected (DECdns ECO 72) o Prevents NSAP's with a prefix of %x49 from being inserted in the cache if the configured prefix is other than %x49. Also, there is a correction to preserve the STICKY bit in the cache, if it was previously set, when the address of an item in the cache is updated. o Prevents the DNS$ADVER process from crashing when a "SHOW DNS CLERK REMOTE CLEARINGHOUSE ..." command is issued. This problem sometimes appears as hang to the user when a command similar to the one shown above is issued. o Added the ability to define the following logical names in the system logical name table: DNS$ADVER_AST_LIMIT DNS$ADVER_BUFFER_LIMIT DNS$ADVER_EXTENT DNS$ADVER_MAX_WORKING_SET DNS$ADVER_PAGE_FILE These logical names correspond to qualifiers on the RUN statement which are described in the OpenVMS documentation. If any of these logical names are defined at the time the DNS$ADVER process starts up, then the values defined for these logical names are used instead of the default quotas. Typically, these logical names are defined in the file: SYS$MANAGER:SYLOGICALS.COM This is necessary because the logical names need to be defined before the DNS$ADVER process starts up. One reason for using these logical names is if you have a system is configured with more than two ethernet controllers. Another reason is to define increased quota for the DNS$ADVER process when you receive a message on the console during startup that the DNS cache is not initialized (DNS$_NOCACHE,"Clerk cache not initialized"). Selected default quotas for the DNS$ADVER process have also been increased for the ECO 72. The selected quotas that have been increased include direct I/0, enqueue limit, queue limit, buffer limit and maximum_working_set. o Corrected the clerk treewalk algorithm to prevent the algorithm from failing to find the desired clearinghouse to satisfy the name lookup request. Typically, the symptom of this problem was the return status of DNS$_NOCOMMUNICATIONS on a "SHOW CLEARINGHOUSE ..." command when the clerk should have been able to connect the proper clearinghouse. 1.5 Problems Corrected (DECdns ECO 71) o Corrected the clerk (SYS$NAME_SERVICES.EXE) to provide better handling for the expiration of the null_port_timeout. This correction prevents the NEW EPOCH (SET DIRECTORY x TO NEW EPOCH ...) and CREATE REPLICA commands from being retried if the link times out. If the timeout occurs during the NEW EPOCH command processing, you may experience one or more of the following symptoms: - "Directory replicas are not synchronized" message in the DNS$SERVER.LOG. - "Insufficient local resources at the server" message while using the DNS$CONTROL program. - Transaction log file (for example: MY_CH.TLOG0000003907) growing to an unusually large size. If the timeout occurs during CREATE REPLICA command processing, you may observe the following symptom: - "Specified clearinghouse already contains a replica of that directory" message while using the DNS$CONTROL program. If any of the above symptoms occur, you should upgrade to ECO71 or greater which reports the timeout as a communications error ("Unable to communicate with any DECdns server"). Additionally, you should increase the value for the null_port_timeout parameter on the server. Please consult the release notes for the DECdns ECO 71 for VAX for more information. o Corrected the clerk (SYS$NAME_SERVICES.EXE) to prevent a crash. The symptom of this crash is that the variable CTL$GL_DNSPTR is zero when entering routine RECEIVED_DISCONNECT_AST or when entering routine RECEIVED_DISCONNECT_AST_PROC. o Corrected the DNS$ADVER process to prevent it from aborting. The symptom of this aborting process is an access violation on a call to the DECC$FREE routine. 1.6 Enhancement (DECdns ECO 71) o Enabled more communications logging information in the SYS$MANAGER:DNS$CHFAIL.LOG. Prior to this enhancement, hard communications errors were only reported to the DNS$CONTROL program and the DECnet-Plus IPC status was lost. With this new feature enabled, these errors are reported to the DNS$CHFAIL.LOG (along with the DECnet-Plus IPC status). To enable this feature, define the logical name DNS$MORE_COMMO_LOGGING in the DNS$SYSTEM_TABLE and give it a value of one as shown below: DEFINE/TABLE=DNS$SYSTEM_TABLE DNS$MORE_COMMO_LOGGING 1 To disable this feature, deassign the logical name. ------------------------------------------------------------------------------- D. OSAK API Changes Updates made to SYS$LIBRARY:OSAK$OSAKSHR.EXE: File Identification: "OSAK V3.0-006K" 11-SEP-1998 16:33:53.94 o Called_aei Parameter on A-ASSOCIATE and S-CONNECT Indication Events For A-ASSOCIATE indication events in the OSAK API, and S-CONNECT indication events in the SPI, the nsap field of the called_aei parameter is no longer filled in by OSAK. Previously, the called_aei.paddress.nsap structure contained the values specified in the local_aei.paddress.nsap parameter on the osak_open_responder or spi_open_responder call. However, these values are not used by osak_open_responder or spi_open_responder and may not contain correct information about the received connection (for example, the transport type). o New Status Code The routines osak_send_more and spi_send_more can now return a status code of OSAK_S_NODATA which indicates that there is no data remaining. In previous versions the status code OSAK_S_INVFUNC may have been returned when this error occurred. o ROSE Minimum Workspace Increased The minimum required size for the parameter block workspace for ROSE has increased. If your ROSE application is using the old minimum workspace size, you will now get a bad parameter error. It is recommended that your application use the constant ROSE_WS_SIZE defined in osak_api.h to get the correct minimum workspace size. o Transport Template Settings Honored All items set in the transport template are now honored by OSAK when establishing a connection. In particular, OSAK no longer always asks for expedited data. Instead, it uses whatever the transport template setting is. o Swapped called and calling aei's in redirected association In some circumstances, OSAK would swap the called and calling aei information in an association that had been redirected. This problem would only be noticed by applications that used the aei information and the osak routines osak_redirect() and osak_wait_for_redirect(). This problem is resolved in this release of OSAK. o Interoperability for X.500 and SUN implementations This release of OSAK resolves an interoperability problem encountered with the SUN X.500 implementation. In some situations, OSAK was reporting incorrect EOC (end of contents) counts to X.500, which would cause X.500 to abort the association. o Correct handling of CN SPDU's in OSAK SPI If another implementation were to send OSAK an invalid CN SPDU, the OSAK SPI interface would consider all subsequent CN SPDU's to be invalid (even though they were not). This problem has only been observed when using the async completion routines with the SPI. This problem has been resolved with this release of OSAK. o Using OSAK over RFC1006 On the initiator side, to make a connection over RFC1006, specify as the NSAP the IP address as a 6-byte nibble packed hex value including the port number in the first 2 bytes. For example, the address of 16.36.12.142 on port 102 would be encoded as follows: 102 16.36.112.142 | | | | | 0066 10 24 70 8E In this case, the NSAP would be 00661024708E (hex). Specify the NSAP type as OSAK_C_RFC1006. For the transport template, specify either the pseudo-template "1006" or no template at all. OSAK uses a default template of "1006" if the NSAP type is OSAK_C_RFC1006. On the responder side, to listen for RFC1006 connections, specify as the transport template the pseudo-template "1006". o User Data Size Restriction for Tracing OSAK does not support tracing with user data buffers larger than 32765 bytes. ------------------------------------------------------------------------------- E. New NCL Global Section Update made to SYS$LIBRARY:NCL$GLOBALSECTION.DAT: File Identification: "V6.3-ECO14" 16-JAN-2001 13:22:52.65 Updates for X.400 and X.500 have been included. ------------------------------------------------------------------------------- F. New NCL Help file Update made to SYS$HELP:NCLHELP.HLB File Identification: 24-MAR-2000 15:41:21.49 Please_Read_Me explains how the help file is organized and how to use it. Network_Management contains subtopics on Controlling_Access, Logical_Names, Startup_Scripts, MOP, Event_Dispatcher, Shutdown_and_Restart, Running_over_TCP-IP, Namespace_Management and Remote_Node_Management. It also has a Tools subtopic with descriptions of the various netman utilities. The new Entity_Hierarchy topic allows you to type: NCL> HELP ENTITY SUBENTITIES to obtain diagrams and descriptions of the subentities for any module. Or you can view the entire entity heirarchy from the top down by typing: NCL> HELP ENTITY Phase IV compatibility information was added to show some frequently sought-after NCP commands, such as "show known links", "Show know node counter", "connect node", and "connect via". These will direct the user to the Phase V NCLGUI task. The syntax for the SHOW DTSS LOCAL SERVERS and SHOW DTSS GLOBAL SERVERS commands was changed in order to distinguish DECnet servers from DCE servers. This update for the help file contains the new versions of these commands: SHOW DTSS DECNET LOCAL SERVERS and SHOW DTSS DECNET GLOBAL SERVERS. This update to the NCLHELP.HLB will preserve previous changes that may have been included by other products such as X.400. NCL HELP Updated with Access Control and Proxy Information ---------------------------------------------------------- NCL HELP has been updated to more clearly describe access control policies, especially with regard to the use of wildcard proxies. Note that there has NOT been any recent change to DECnet's access control checking procedures; this HELP update is merely for documentation purposes. The following text is now included under HELP NETWORK_MANAGEMENT ACCESS_CONTROL OPENVMS_POLICY: Access can be established using an explicitly specified account, a default proxy account, an application-specific default account, or a nonprivileged default account. The following steps are used to determine if a remote user will be granted access. (Note that access control checking is handled in the same fashion for a local user who specifies the local node or 0 in a command.) 1. If explicit access control information is provided, this information is evaluated first. When an empty access control string is provided, as in: $ DIR PRKCHP"":: $ DIR 0"":: No proxy checking is performed. Instead, access checking is continued at Step 3. When both a username and password are explicitly provided, as in the following examples: $ DIR PRKCHP"PRKCHP_USER PASSWD":: $ DIR 0"PRKCHP_USER PASSWD":: $ MCR NCL SHOW NODE PRKCHP"PRKCHP_USER PASSWD" ALL that account must be accessible using that password (even if a valid proxy exists), in order for access to succeed. If this fails (say, for example, the password is wrong or the account does not exist), then no further checking is performed and access is denied. When only the username is explicitly provided, as in: $ DIR PRKCHP"PRKCHP_USER":: $ DIR 0"PRKCHP_USER":: $ MCR NCL SHOW NODE PRKCHP"PRKCHP_USER" ALL the local proxy database is searched for one proxy record matching source_node::username_on_source. An exactly matching proxy record is preferred over a wildcard match. (Refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL PROXIES for more information if a wildcard proxy is present.) If a match is not found, then no further checking is performed and access is denied. If a match is found, the selected proxy record is examined to determine if access should be attempted using this explicitly specified local username. It does not matter if this local username is specified in the proxy record as the default account or not. As long as that username is included somewhere in that proxy record, then access will be attempted via that account. For example, if the following command were issued by SYSTEM on LAMCHP: $ DIR PRKCHP"PRKCHP_USER":: And PRKCHP had one of the following proxy records in its database: LAMCHP::SYSTEM PRKCHP_USER LAMCHP::SYSTEM PRKCHP_USER (D) LAMCHP::SYSTEM SYSTEM (D) PRKCHP_USER Then access would be attempted using the explicitly specified PRKCHP_USER account. If this access succeeds, the remote user is mapped into the specified account and granted the rights and default privileges for that account. If there is a problem (say, for example, the directory for that account does not have the correct owner), then no further checking is performed and access is denied. 2. If no access control information was provided at all (not even an empty string), as in: $ DIR PRKCHP:: $ DIR 0:: $ MCR NCL SHOW NODE PRKCHP ALL The proxy database is scanned for a proxy record matching source_node::username_on_source. (A default wildcard proxy may not be sufficient. Refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL PROXIES for more information.) If no matching proxy record is found, then access control checking proceeds to Step 3. If a matching proxy record is found, but it does not specify a default account, then access will NOT be attempted using that proxy. Instead, access checking proceeds to Step 3. If the matching proxy record specifies a default account, then access is attempted using that account. If this succeeds, the user is granted the rights and default privileges of this default account. If this fails (say, for example, the directory for that account does not have the proper owner), then no further checking is done and access is denied. 3. If an application-specific default is present, as indicated by the session control application user name attribute, then access will be attempted using that account. If this access fails (say, for example, the specified account is non-existent), then no further checking is performed and access is denied. If no default was specified for that particular application, access checking is continued with Step 4. --- NOTE --- The CMIP Management Listener (CML) application uses this method of access to allow remote users to perform NCL SHOW commands. This is why the session control application CML user name is usually set to CML$SERVER, and this account is generally granted the NET$EXAMINE right. Even if a remote user does not include explicit access control information in an NCL command, and even if he does not possess a default proxy account with NET$EXAMINE or BYPASS, his NCL SHOW requests will still be permitted via the CML$SERVER account. 4. If a non privileged default has been established, as indicated by the session control non privileged user attribute, then access will be attempted using that account. If this access fails, or if the session control non privileged user attribute has not been set, then access is denied. The following text is now included under HELP NETWORK_MANAGEMENT ACCESS_CONTROL PROXIES to describe why wildcard proxies are sometimes ignored during proxy evaluation: Proxies are managed using the AUTHORIZE facility. Each proxy record should specify a default account, regardless of whether a default wildcard proxy exists, to ensure that at least one valid destination account is specified. For example, if a default wildcard proxy existed on PRKCHP: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) The SYSTEM user on node LAMCHP would have default proxy access into the SYSTEM account on PRKCHP. If the network manager then wished to add ALTERNATE as an alternate account to be used from the SYSTEM account on LAMCHP, while still retaining SYSTEM as the default, he would need to explicitly specify that default in the new proxy record like so: UAF> ADD/PROXY LAMCHP::SYSTEM SYSTEM/DEFAULT, ALTERNATE So the proxy database on PRKCHP would now look like this: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) LAMCHP::SYSTEM SYSTEM (D) ALTERNATE If he instead did this: UAF> ADD/PROXY LAMCHP::SYSTEM ALTERNATE So the proxy database looked like this: UAF> SHOW/PROXY * Default proxies are flagged with (D) LAMCHP::* * (D) LAMCHP::SYSTEM ALTERNATE then LAMCHP::SYSTEM would no longer have default access to PRKCHP's SYSTEM account. That is because only one proxy record is considered for proxy processing; and in this case, the exact match LAMCHP::SYSTEM is preferred over the LAMCHP::* match. This LAMCHP::SYSTEM proxy record does not specify any default account. For further information on how proxies are used to grant access, refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL OPENVMS_POLICY. NCL HELP Updated Regarding FDDI Station Link Event Reporting ------------------------------------------------------------ NCL HELP EVENT_MESSAGES FDDI_STATION LINK has been updated to reflect restrictions in FDDI Station Link event reporting which are imposed by the VMS device drivers. The following events cannot be logged, but their respective counters will increment if these events occur: block check error directed beacon received duplicate address test failure duplicate token detected fci strip error frame status error link buffer unavailable pdu length error receive data overrun ring beacon initiated ring purge error trace initiated transmit failure transmit underrun The "unrecognized individual pdu destination", "unrecognized multicast pdu destination", and "user buffer unavailable" events can be reported, and their respective counters can increase accordingly. However, DECnet blocks "unrecognized multicast pdu destination" by default. Refer to SYS$MANAGER:NET$EVENT_LOCAL.TEMPLATE if you wish to pass this event. The "ring initialization initiated" and "ring initialization received" events can now be logged by certain versions of the VMS device drivers. (Consult VMS Engineering for more information about what VMS versions or patches are necessary to log these events.) Even in those cases where the drivers support these events, they will not be logged on a one-to-one basis with increases in their corresponding counters. Instead, only one error report will be issued for any number of these events that occur within a sampling period. This is intended to decrease any possibility of flooding OPCOM. ---------------------------------------------------------------------- G. Clarifying the Use of SET NCL DEFAULT ENTITY Establishing Default Context ---------------------------- The NET$EXAMINE right is required to issue SET NCL DEFAULT ENTITY and SET NCL DEFAULT ACCESS commands. Once established, default entity and access control information will remain in effect for the duration of an NCL session until it is modified by subsequent SET NCL DEFAULT commands. When supplying access information, both the username and password should be provided in a single command. Here are a few acceptable forms of the SET NCL DEFAULT command: NCL>SET NCL DEFAULT ENTITY - _NCL>NODE nodename"username password" [subentity | subentities] NCL>SET NCL DEFAULT ENTITY NODE nodename [subentity | subentities], - _NCL>ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password, - _NCL>ENTITY NODE nodename [subentity | subentities] When a SET NCL DEFAULT command contains new access information but lacks a default node entity, as in: NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ENTITY [subentity | subentities], - _NCL>ACCESS BY USER=username, PASSWORD=password NCL>SET NCL DEFAULT ACCESS BY USER=username, PASSWORD=password, - _NCL>ENTITY [subentity | subentities] then the new access information is stored, but it will not be used until some subsequent SET NCL DEFAULT ENTITY NODE command is issued. In the following example, new access control information is stored: NCL>SHOW NCL DEFAULT No NCL Default Access has been set NCL Default Entity () NCL>SET NCL DEFAULT ACCESS BY USER=user1, PASSWORD=goodpassword NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity () but that access control information remains unused until the default node entity is modified. The following SET command would then result in the establishment of a connection to node remnod using the user1 account: NCL>SET NCL DEFAULT ENTITY NODE remnod NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Once you have set a default node entity, all subsequent SET NCL DEFAULT ENTITY [subentity | subentities] commands apply to that node until the user attempts to modify the default node entity. For example, now that the default node entity is remod, in order to set the default entity to Session Control on node remnod, you can do so without re-specifying the node entity, as in: NCL>SET NCL DEFAULT ENTITY Session Control NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control To change to another subentity on the remote node, you must include (or re-specify) any subentities beneath the node entity. Even though the current default entity in this example is Node remnod Session Control, you must re-specify the Session Control subentity if you want to set default to a lower subentity on that node. In other words, NCL would not parse the following command because the Session Control entity needs to be re-specified. Since the command could not be parsed, the NCL defaults remained unchanged: NCL>SET NCL DEFAULT ENTITY Application fal %NCL-E-INVALIDCOMMAND, unrecognized command SET NCL DEFAULT ENTITY \Application\ fal NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Instead, this command would be necessary to change the default to a lower subentity on node remnod: NCL>SET NCL DEFAULT ENTITY Session Control Application fal NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Application fal Note that in the example above the "fal" instance identifier specified a particular instance of a Session Control Application. But it is also acceptable to use wildcards to specify the default entity. In the example below, the wildcard "*" is used as an instance identifier to refer to all session control applications on the default node. NCL>SET NCL DEFAULT ENTITY Session Control Application * NCL>SHOW NCL DEFAULT NCL Default Access by User user1, Password xxx NCL Default Entity Node remnod Session Control Application * If default access control information and the default entity were then modified, but no node entity was specified, as in: NCL>SET NCL DEFAULT ACCESS BY USER=user2, PASSWORD=badpassword, _NCL>ENTITY Session Control NCL>SHOW NCL DEFAULT NCL Default Access by User user2, Password xxx NCL Default Entity Node remnod Session Control Application * The new default access information would be stored, but contrary to the default access information displayed by SHOW NCL DEFAULT, the connection to node remnod through the user1 account will remain in use until the default node entity is changed. This next command would request a new connection to node remnod using the latest default access information (through the user2 account), but the connection would fail because the password information provided earlier for the user2 account was incorrect: NCL>SET NCL DEFAULT ENTITY NODE remnod %NCL-E-REQUESTFAILED, command failed due to: -CML-E-SESSPROB, error returned from session control -IPC-E-BADUSER, access control rejection -NET-F-REMOTEDISCONN, connection disconnected by remote user %NCL-E-NOCONNECTION, cannot establish CMIP connection to remote node set ncl default entity node remnod Whenever a connection to a default entity node fails, the default entity will be reset to the local node entity. Default subentity information is cleared as well because subentities are node-specific. The default access information will be left as is, but it will remain unused until the default node entity is reset. For example, after the above failure to modify the default node entity, the NCL defaults would look like this: NCL>SHOW NCL DEFAULT NCL Default Access by User user2, Password xxx NCL Default Entity () ---------------------------------------------------------------------- H. Installation Install this kit with the POLYCENTER Software Installation utility (PCSI) by logging into the SYSTEM account and entering the following command at the DCL prompt: $ PRODUCT INSTALL DNVOSIECO17/SOURCE=[location of the .PCSI file] Note that you can use the DECwindows Motif interface to PCSI if you wish. Special Note: For the corrections to take effect, you must reboot the system. If you are a member of a VMScluster, you must reboot the entire cluster. You can postpone rebooting if it is not convenient for you to do so now; however, the new driver(s) will not take effect until after a reboot. ---------------------------------------------------------------------- I. Known Problem with NET$SHUTDOWN NET$SHUTDOWN may still fail to complete if there are network applications that issue new connections during the shutdown. A solution is to invoke the application shutdown prior to the network shutdown by use of the NET$AUX_CONTROL logical. Define NET$AUX_CONTROL to point to an auxiliary application shutdown DCL command procedure. ---------------------------------------------------------------------- © Copyright 2005 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.