NOVELL TECHNICAL INFORMATION DOCUMENT

TITLE:  TCP update for NetWare 6
TID #:  2972240
README FOR:  tcp610m.exe

SUPERSEDES:
tcp610l.exe

NOVELL PRODUCTS and VERSIONS:
TCPIP - NW6CP

ABSTRACT:

October 4, 2005: File re-released as public. No changes made to any binaries.
 
This patch includes an encryption enabled version of the TCP/IP stack (NICI)
and a non-encryption enabled version of the TCP/IP stack (NULL).

The NULL version is the recommended version.

The INSTALLATION INSTRUCTIONS section of this readme outlines when to use the
NICI version.

You can review the list of fixes in the ISSUE section of this readme.


-----------------------------------------------------------------
DISCLAIMER
THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO 
NOVELL.  NOVELL MAKES ALL REASONABLE EFFORTS TO VERIFY THIS 
INFORMATION.  HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT 
IS FOR YOUR INFORMATION ONLY.  NOVELL MAKES NO EXPLICIT OR IMPLIED 
CLAIMS TO THE VALIDITY OF THIS INFORMATION.
-----------------------------------------------------------------


INSTALLATION INSTRUCTIONS:

These files should be installed on a NetWare 6 server with SP1 or later
applied.

Recommended:
The NULL version of the stack is the recommended version.  You will only need
an encrypted version of the stack if you are running BorderManager AND
implementing VPN(s), or you have a NICI application that takes advantage of
MD5.

Other Options:
The VPN code in BorderManager on NetWare 6.0 SP5 and later uses NICI to access
MD5 encryption.

If you are running NetWare 6.0 SP5 or later, AND have BorderManager installed,
AND have implemented VPN's, use the files in the NICI folder.

If you are running BorderManager on NetWare 6.0 with SP4 or earlier installed
AND have implemented VPN's this patch is not designed for your scenario.

If neither of the above situations describes your implementation then use the
recommended version which is contained in the NULL folder.

Install Procedure:
Copy the tcpip.nlm, tcp.nlm, and bsdsock.nlm from one of the folders (NULL, or
NICI) to the sys:system directory and restart the server.

ISSUE: 

New Fixes:
- Fixed TCP advertising an odd receive window size. (91507)
- Removed a spinlock that was causing a deadlock.  It could be seen as a
spinlock deadlock abend in DSDSOCK.NLM|remove_thread_from_skt_operation
(113073)
- Made changes to arp packet processing so it replies to an arp request from
any source; not necessarily from directly connected source. (82822)

Previous Fixes Included:
This patch includes all fixes contained in the NW 6.0 SP5 release.

Security Issue:
- A packet could be received by the server that would cause the following Page
Fault Processor Exception:

Page Fault Processor Exception (0395539)
Abend 1 on P00: Server-5.70.02: Page Fault Processor Exception (Error code
00000000)

Registers:
    CS = 0008 DS = 0010 ES = 0010 FS = 0010 GS = 0010 SS = 0010
    EAX = 00000000 EBX = B7A158E4 ECX = 00000000 EDX = 00000578
    ESI = B75B4CAE EDI = B7A158E4 EBP = 00000000 ESP = B391D6C0
    EIP = B7550843 FLAGS = 00010096 
    B7550843 8B5014         MOV     EDX, [EAX+14]=?
    EIP in TCPIP.NLM at code start +0000C843h
    Access Location: 0x00000014

- When a supernetted IP address is bound and an ICMP Destination Unreachable
message is received by the system with the Don't Fragment Bit Set the addition
of a host route would fail. (100352595)

- Binding an IP address with host mask of 255.255.255.255 could result in an
inccorect routing entry for that IP address with mask 255.255.255.224 instead.
(000401571)
- Application thread hangs forever. (000402657, 000392579, 000406347)
- NetWare 6.0 SP5 multi processor server running TCPIP 6.10.09 would ABEND when
internal Novell Java test cases where run against them.(500370921)
- The TCP stack was not responding to ICMP packets larger than the MTU.
(000382022)
- Client to site VPN policies now allow custom ports on destination ports less
than 1023 (000374244)
- The fix for a packet fragmentation problem with NFS WRITES was removed.
(369320) This issue has been addressed in pkernel 15.01.23.
- CPU Hog abend in TCP.NLM  (000377263) 
- The "Known Issues" section of this readme was removed. It contained a
reference to a Small ECB leak.  Included in this patch are fixes made to the
BSDSOCK.NLM and TCP.NLM.  These fixes addressed multiple Small ECB leaks that
had root cause in these TCP/IP modules.  These same Small ECB leak fixes were
also released in the TCP/IP stack that comes in NetWare 6 Support Pack 5 and
any post SP5 TCP/IP stacks. WINSOCK has also made a fix that addressed a Small
ECB leak and that fix was included in the NetWare 6 Support Pack 5 release.
- Page Fault Processor Exception in TCPIP.NLM at code start +0006EF7Fh
(000366875)
- Ignoring ICMP redirect packets coming from secondary bound IP addresses
(000370438, 000370438)
- Incorrect route added after receiving ICMP Fragmentation Needed packet
causing some TCP SYN packets to get dropped. (000374918)
- Bind fails if original ARP claiming the address is sent and received
(000377830)
- Page fault in BSDSock while running WebAdmin (000343234)
- GroupWise ports disappear out from under the application (000370211,
000370221)
- Abend in TCPIP, EIP in TCPAnyAddrCheck (000379943)
- Additional change (500369216)
- IP Fragmentation issue for NFS gateway (NOVL96866, 000369320)
- ABEND, in TCPIP.NLM in the function SkipDeregister on BorderManager 3.8 Proxy
server.  (500368139)
- ABEND, CPU Hog abend in BSDSOCK (100353276, 000346535)
- ABEND in the TCPSendData()function call (000359158)
- ABEND in BSDSOCK attempting to context switch while holding a spinlock.
(000358496)
- C/S Policies not showing correctly in NORM. (2528)
- The UDP checksum for the UDP encapsulated packet digest is set to zero.
(500351699)
- The wrong source address was being put into ICMP packets when a VPtunnel was
configured.
- PXE clients would not get an IP address if they set the "Broadcast" flag in
their DHCP header. (000348647)

Self-Extracting File Name: tcp610m.exe

Files Included          Size         Date          Time
..\
   TCP610M.TXT   (This file)
..\NICI\
   BSDSOCK.NLM        111275    8-26-2005    2:26:30 pm
       TCP.NLM        805071    8-23-2005    3:34:36 pm
     TCPIP.NLM        813094     9-2-2005   12:17:16 pm
..\NULL\
   BSDSOCK.NLM        110155    8-26-2005    2:25:04 pm
       TCP.NLM        804009    8-23-2005    3:31:20 pm
     TCPIP.NLM        590912     9-2-2005   12:08:48 pm



-----------------------------------------------------------------
Any trademarks referenced in this document are the property of their respective
owners.  Consult your product manuals for complete trademark information.
-----------------------------------------------------------------