DCE-VMS ALPDCE03_014 DCE V1.4 OpenVMS Alpha ECO Summary

TITLE: DCE-VMS ALPDCE03_014 DCE V1.4 OpenVMS Alpha ECO Summary
 
NOTE:  An OpenVMS saveset or PCSI installation file is stored
       on the Internet in a self-expanding compressed file.
       The name of the compressed file will be kit_name-dcx_vaxexe
       for OpenVMS VAX or kit_name-dcx_axpexe for OpenVMS Alpha.
 
       Once the file is copied to your system, it can be expanded
       by typing RUN compressed_file.  The resultant file will
       be the OpenVMS saveset or PCSI installation file which
       can be used to install the ECO.
 

© Copyright 1998 Compaq Computer Corporation.  All rights reserved. 


PRODUCT:    Distributed Computing Environment For OpenVMS (DCE)

OP/SYS:     DIGITAL OpenVMS Alpha 

SOURCE:     Compaq Computer Corporation


ECO INFORMATION:

     ECO Kit Name:  ALPDCE03_014
     ECO Kits Superseded by This ECO Kit:  ALPDCE02_014
                                           ALPDCE01_014 
     ECO Kit Approximate Size:  28,357 Blocks
                    Saveset A -     90 Blocks
                    Saveset B - 28,242 Blocks
                 Cover Letter -     25 Blocks

     Kit Applies To:  OpenVMS Alpha V6.1, V6.1-1H1, V6.1-1H2,
                                    V6.2, V6.2-1H1, V6.2-1H2,
                                    V6.2-1H3, V7.0, V7.1,
                                    V7.1-1H1

     System/Cluster Reboot Necessary:  No (See Installation Notes)
     Rolling Re-boot Supported:  Not Applicable 
     Installation Rating:  2 - To be installed on all systems running
                               the listed version(s) of OpenVMS and
                               using the following feature(s):

                               This remedial kit contains many Year 2000 
                               related fixes.  Any system running DCE 
                               must have this kit installed.

     Kit Dependencies:

       The following remedial kit(s) must be installed BEFORE
       installation of this kit:

         None

       In order to receive all the corrections listed in this
       kit, the following remedial kits should also be installed:

         None 


ECO KIT SUMMARY:

An ECO kit exists for DCE V1.4 on OpenVMS Alpha V6.1 through V7.1-1H1.  
This kit addresses the following problems: 

Problems addressed in the ALPDCE03_014 kit:

  o  Configuring an OpenVMS DCE 1.4 client into  a  Gradient  server
     running on NT 4.0 results in the following error:                        
                                                                          
       Establishing security environment for principal "cell_admin" . . .       
                                                                          
       ****************************    ERROR    ****************************    
       ***  An error occurred while setting up the security environment         
       ***  using principal name "cell_admin"                                   
       Error: Cannot validate identity for principal "cell_admin"               
       who are you failed (dce / rpc) 236094202                                 
       %SYSTEM-F-ABORT, abort                                                   

  o  Servers abort with the following error messages:

       + Listening...
         (socket) rpc__socket_disp_select
         *** FATAL ERROR at SOCKDISPATCH.C;1\3668***
         %CMA-F-EXCCOP, exception raised; VMS condition code follows
         -SYSTEM-F-OPCCUS, opcode reserved to customer fault at
         PC=FFFFFFFF80538638,PS=0
         %SYSTEM-F-ABORT, abort


  o  User applications passing fixed  arrays  containing  structures
     between  Alpha OpenVMS and other platforms encounter corruption
     in the array contents.

  o  IDL compiler does not find file in a search list:

         $ define idl_sources W1:[GUY.DCE_EXAMPLES.TEST1],
                             W1:[GUY.DCE_EXAMPLES]

         $ Directory W1:[GUY.DCE_EXAMPLES.TEST1]

         TEST1.IDL;1   3/3  6-JAN-1993 10:54:38.21 (RWED,RWED,,RE,)

         Total of 1 file, 3/3 blocks.

         $ sho log idl_sources
               "IDL_SOURCES" = "W1:[GUY.DCE_EXAMPLES.TEST1]" (LNM$PROCESS_TABLE)
                = "W1:[GUY.DCE_EXAMPLES]"

         $ set def idl_sources

         $idl test1

         %IDL-E-OPENREAD, Unable to open idl_sources:[guy]test1.idl
                          for read access
         %IDL-E-SYSERRMSG, System error message: no such file or directory
         %IDL-F-COMPABORT, Compilation aborted

Problems addressed in the ALPDCE02_014 kit:

  o  The ALPDCE01_014 remedial kit did not install on OpenVMS Alpha
     hardware versions.  The ALPDCE02_014 remedial kit corrects
     this.


Problems addressed in the ALPDCE01_014 kit:

  o  When the security server is not running, sec_login_refresh_identity()  
     returns an undocumented status code, 336760967.  The documentation 
     states that the sec_rgy_server_unavailable status code should be 
     returned.  Example programs from OSF and other vendors show the 
     refresh thread testing for the sec_rgy_server_unavailable status 
     to determine if the refresh should be retried.

  o  Executing any RPCLM command results in a fault invalid bound
     message on Alpha systems.

       $RPCLM String Binding of Server:ncadg_ip_udp:16.32.80.42[2301]
        RPCLM> inq
       %CMA-F-EXCCOPLOS, exception raised; some information lost
        -DCERPC-E-FAULTINVALIDBOU, fault invalid bound (DCE / RPC)

  o  In the directory DCE$SPECIFIC:[KRB5], there are hundreds of
     versions of KRB5KDC_RCACHE created by the DCE$SECD process.  
     These files do get cleaned up during a CLEAN operation but, 
     they are not cleaned up during a start or restart of DCE.

  o  If you do not include  prior to including  
     the header will not compile because it uses the datatype FILE*.

  o  Attempting a kinit on an OpenVMS system results in the 
     following error:  

       $ kinit cell_admin
       $5$dkb0:[sys0.syscommon.][sysexe]dce$kinit.exe;4: Malformed
         representation of principal when parsing name T@

  o  When an 'Illegal state transition' occurs, the correct state
     is not reported.  The code corrupts the state before
     reporting it.  A state of 255 is reported and is meaningless
     because it is the code for No State.

  o  Print 4 digit years on output from DCE processes.  Allow four
     digit data inputs from DCE administration functions.  Fix leap
     year calculations for years after 2017.

  o  It has been discovered that OSF/DCE has a potential problem in
     the security server that could allow for a denial of service
     attack.

     If a principal, group, or organization is greater than 1024
     characters (including the cell name, so the actual name limit
     is less than 1024) when passed to security daemon (secd), it
     will cause secd core dump.  The buffer is overrun causing
     memory corruption.  In certain cases, the lookup attempt (or
     add or whatever) on the client will then rebind to another
     secd to make the request, eventually crashing all security
     daemons in the cell.

  o  The new Pathway IP version can cause DCE setup to abort
     abruptly with error messages.  Pathway changes the output of
     an image that returns the Pathway version.  This causes output
     parsing routines to fail because they search for runtime on
     the line containing the version.


INSTALLATION NOTES:

No reboot is necessary after successful installation of the kit.
However, DCE must be re-started after the kit is installed to
complete the installation of the new DCE images.  DCE can be
restarted with the command:

  @SYS$MANAGER:DCE$SETUP START

Colorado Site
Georgia Site

alpdce03_014.README
alpdce03_014.CHKSUM
alpdce03_014.CVRLET_TXT
alpdce03_014.a-dcx_axpexe
alpdce03_014.b-dcx_axpexe