Release Notes for HP TCP/IP Services for OpenVMS Version 5.7 ECO 5 ________________________________________________________________ © Copyright 2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Intel and Itanium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. UNIX is a registered trademark of The Open Group. Microsoft is a US registered trademark of Microsoft Corporation. --------------------------------------------------------------------------- Installation Note --------------------------------------------------------------------------- This HP TCP/IP Services for OpenVMS Version 5.7 ECO 5 kit is delivered as a complete product kit. It is not necessary to install the HP TCP/IP Services for OpenVMS Version 5.7 kit before installing HP TCP/IP Services for OpenVMS Version 5.7 ECO 5. --------------------------------------------------------------------------- New Features for ECO 5 Updates --------------------------------------------------------------------------- This section describes the new features of TCP/IP Services Version 5.7 ECO 5. 1.1 LDAP Authentication Support in SSH The SSH/SFTP sessions now support user accounts authenticated through Lightweight Directory Access Protocol (LDAP) agent of Authentication and Credentials Management Extensions (ACME) system. To configure access to LDAP server, see "HP OpenVMS ACME LDAP Installation and Configuration Guide". The following restrictions apply for LDAP users using SSH: a. In an SSH session, user cannot reset the password using DCL command "SET PASSWORD". To reset the password, user must run the script "[SYSMGR]TCPIP$SSH_SETPASSWORD.COM". b. If the password in the LDAP server is in mixed case, then the TCPIP$SSH_SETPASSWORD utility cannot validate the password. c. LDAP authentication in SSH does not support secondary password. d. For LDAP accounts, SSH does not prompt for new password on expiry. e. Unlike TELNET, "/local" option to validate user from SYSUAF is not available with SSH. 1.2 CTR mode ciphers in SSH SSH/SFTP/SCP now support Counter (CTR) mode ciphers - aes128-ctr, aes192-ctr and aes256-ctr. In SFTP client, user can enforce encryption using the CTR cipher through any of the following ways (For more information, see "TCPIP Guide to SSH"): a. In command line, using "-c" option. For example: ssh -c aes192-ctr @ b. By updating "Ciphers" parameter in SSH client configuration file "[.SSH2]SSH2_CONFIG." present in user's login directory. c. By updating "Ciphers" parameter in system-wide SSH client configuration file "TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SSH2_CONFIG." If the options are not specified, the client sends default cipher list to the server, in the following order: 1. aes128-cbc 2. 3des-cbc 3. twofish128-cbc 4. cast128-cbc 5. twofish-cbc 6. blowfish-cbc 7. aes192-cbc 8. aes256-cbc 9. twofish192-cbc 10. twofish256-cbc 11. arcfour 12. aes128-ctr 13. aes192-ctr 14. aes256-ctr In SFTP server also, usage of CTR cipher can be mandated by updating "Ciphers" parameter in system-wide SSH server configuration file "TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SSHD2_CONFIG." The default cipher list is same for both server and client. 1.3 Enhanced logging in SFTP server The logging feature in SFTP has been improved to keep track of operations performed by SFTP client sessions. To enable logging, the following logical must be defined: DEFINE /SYSTEM TCPIP$SSH_SFTP_SERVER_DEBUG_LEVEL 1 A log file TCPIP$SSH_SFTP-SERVER2.LOG is created for each user in the home directory. --------------------------------------------------------------------------- New Features for ECO 4 Updates --------------------------------------------------------------------------- This section describes the new features of TCP/IP Services Version 5.7 ECO 4. 2.1 Network File System Server - Identifier based access This feature is broadly focused to support group access for files owned by the resource identifier. In group access, files owned by a resource identifier can be accessed by the group members having same GID value of that identifier. The group protection code associated with that file is used for protection checking for group access to that file. To Support the Group Access, resource identifier is loaded in the NFS proxy database (TCPIP$PROXY.DAT) The group member must have same GID value in Proxy database as of the identifier. The ADD PROXY command has been modified to add a resource Identifier in the proxy database. A logical named TCPIP$UCP_LOAD_RESOURCE_ID_PROXY should be defined for loading this proxy entry. o Example 1. When the logical is defined. Define /System TCPIP$UCP_LOAD_RESOURCE_ID_PROXY 1 TCPIP Add proxy CARD /host=* /gid=1000 /uid=301 /nfs=(incoming,outgoing,resource_identifier) $ TCPIP Show proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 301 1000 * DEBIT OND 500 1000 * MASTER OND 1001 1000 * o Example 2. When the logical is not defined. $ Show logical TCPIP$UCP_LOAD_RESOURCE_ID_PROXY %SHOW-S-NOTRAN, no translation for logical name TCPIP$UCP_LOAD_RESOURCE_ID_PROXY TCPIP Add proxy CARD /host=* /gid=1000 /uid=301 /nfs=(incoming,outgoing,resource_identifier) %TCPIP-E-DYNPROXERR, cannot add record to proxy database (TCPIP$PROXY) in dynamic memory -TCPIP-I-PROXYADD, information added to proxy database (TCPIP$PROXY) -TCPIP-I-PROXYINFO, User: CARD, UID: 301, HOST: * -TCPIP-E-INVPARM, invalid parameter value for User name -SYSTEM-F-NOSUCHID, unknown rights identifier $ TCPIP Show proxy VMS User_name Type User_ID Group_ID Host_name CARD RON 301 1000 * DEBIT OND 500 1000 * MASTER OND 1001 1000 * NFS server provides Group Access for files owned by the resource identifier. In order to grant access to the files which are owned by identifier NFS server performs the following sequence of steps. o Checks if the file is owned by identifier. o GID values of file owner identifier and incoming user requesting the access are same. o Requesting user is a group member of the file owner identifier. The gid of the incoming user and the gid of the resource identifier must match in the TCP/IP proxy database for them to be classified as same NFS group. o File has the necessary group protection access requested by the client user. The NFS client performs below validations before granting the access. o NFS client checks if file owner is resource identifier. o GID value of file owner identifier and user requesting the access on client are same. o Requesting user is a group member of the file owner identifier. These checks are performed if enhancement feature is enabled. Feature is enabled by defining the system logical TCPIP$UCP_LOAD_RESOURCE_ID_PROXY on the client machine. 2.1.1 Operations Supported Following table lists all the supported operations on OpenVMS Server - LINUX Client and OpenVMS Server - OpenVMS Client configurations. No Operation Description OpenVMS-LINUX OpenVMS-OpenVMS 1 Read Read the content of O O the file 2 Write Write or modify the O X file content 3 List List the directory content O X 4 Change Change the directory O X directory 5 Remove Delete the file O X 6 Execute Execute the file O X O - Operation supported, X - Operation not supported 2.1.2 Operation Details OpenVMS NFS Server: a. Define the system wide logical TCPIP$UCP_LOAD_RESOURCE_ID_PROXY, for enabling the usage of IDENTIFIER in the proxy database b. Create Identifier with resource attribute in UAF database. c. Grant the resource identifier to users in SYSUAF d. Add resource identifier entry in proxy database with following command TCPIP Add proxy CARD /host=* /gid=1000 /uid=1000 /nfs=(incoming,outgoing,resource_identifier) e. Add user (holder of resource identifier) in proxy database with same gid as of resource identifier. TCPIP Add proxy MASTER /host=* /gid=1000 /uid=1001 LINUX NFS Client: a. Create virtual user for resource identifier present in NFS server proxy database useradd -u 1000 -g 1000 card b. Create a user with same UID/GID pair values as present in NFS server proxy database useradd -u 1001 -g 1000 master It is necessary to have same GID for resource identifier and incoming user to fall into same NFS group. 2.1.2.1 Read The following conditions must hold true for reading the files owned by an identifier. 1. The incoming user should have a uid/gid mapping in the proxy database in server 2. The identifier should have a uid/gid mapping in the proxy database 3. Incoming user should be a group member of resource identifier on NFS server. The gid of the incoming user and the gid of the identifier as specified in the TCP/IP proxy database must match . 4. File has necessary group privilege for read operation. In the example below, the user MASTER in the Linux client is able to read the file A.TXT owned by the CARD because the GID of MASTER and CARD matches, MASTER is holder of CARD and the file has Group:RE permission. OpenVMS NFS Server: UAF> sh /id card /full Name Value Attributes CARD %X80010003 RESOURCE Holder Attributes DEBIT MASTER tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec A.txt A.TXT;1 CARD (RWED,RWED,RE,) LINUX NFS Client: #su master #cat /mnt/A.txt Hello World # OpenVMS NFS Client: For READ operation on OpenVMS-OpenVMS configuration, NFS client should have the same setup environment as NFS server. In the example below of OpenVMS NFS client, client has the entry with same uid/gid for resource identifier CARD in UAF and proxy database as NFS server. MASTER is holder of CARD. MASTER has same uid/gid values on NFS server and client system's proxy database. Also client system has the system wide logical defined. # sh proc 21-MAR-2012 14:42:10.07 User: MASTER Process ID: 000065E1 Node: MUNAR Process name: "_TNA73:" UAF> sh /id card /full Name Value Attributes CARD %X80010011 RESOURCE Holder Attributes DEBIT MASTER $ tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 900 1000 * SYSTEM OND 0 0 LADAK $ sh log TCPIP$UCP_LOAD_RESOURCE_ID_PROXY (LNM$SYSTEM_TABLE) "TCPIP$UCP_LOAD_RESOURCE_ID_PROXY" = "1" #type dnfs2:[000000]A.txt Hello World # 2.1.2.2 Write Incoming user can modify the files owned by the resource identifier on client if the following conditions are satisfied 1. The incoming user should have a uid/gid mapping in the proxy database in server. 2. The identifier should have a uid/gid mapping in the proxy database 3. Incoming user should be a group member of resource identifier on NFS server. The gid of the incoming user and the gid of the identifier as specified in the TCP/IP proxy database must match. 4. File has necessary group privilege for write operation. In the example below, the user MASTER in the Linux client is able to edit the file A.TXT owned by the CARD because the GID of MASTER and CARD matches, MASTER is holder of CARD and the file has Group:RWE permission. NFS Server: tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec A.txt A.TXT;1 CARD (RWED,RWED,RWE,) NFS Client: #su master #ed /mnt/A.txt Hello World Bye #cat /mnt/A.txt Hello World Bye # 2.1.2.3 Execute Incoming user can execute the file content on client if the following conditions are satisfied. 1. The incoming user should have a uid/gid mapping in the proxy database in server 2. The identifier should have a uid/gid mapping in the proxy database 3. Incoming user should be a group member of resource identifier on NFS server .The gid of the incoming user and the gid of the identifier as specified in the tcp/ip proxy database must match. 4. File has necessary group privilege for read and execute operation. In the example below, the user MASTER in the Linux client is able to edit the file RUN.COM owned by the CARD because the GID of MASTER and CARD matches, MASTER is holder of CARD and the file has Group:RE permission. NFS Server: tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec RUN.COM RUN.COM;1 CARD (RWED,RWED,RE,) NFS Client: #su master #sh RUN.COM # 2.1.2.4 Delete Incoming user can delete the file owned by the resource identifier on client if the following conditions are satisfied. 1. The incoming user should have a uid/gid mapping in the proxy database in server 2. The identifier should have a uid/gid mapping in the proxy database 3. The gid of the incoming user and the gid of the identifier as specified in the tcp/ip proxy database must match. 4. File and its immediate parent directory are owned by the same resource identifier and incoming user should be a group member of resource identifier on NFS server. 5. Parent directory has necessary group privilege of write and execute and world privilege of execute for delete operation. Please refer below example for delete operation. The user MASTER in the Linux client is able to delete the file A.TXT owned by the CARD because its parent directory LEVEL1.DIR is also owned by the CARD and it has Group:WE and World:E permission, the GID of MASTER and CARD matches, MASTER is holder of CARD. NFS Server: tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec LEVEL1.DIR LEVEL1.DIR;1 CARD (RWED,RWED,WE,E) dir /sec [.level1] A.TXT;1 CARD (RWED,RWED,RWE,) NFS Client: #su master #rm A.txt # 2.1.2.5 Directory List Incoming user can list the content of directory owned by the on client if the following conditions are satisfied. 1. The incoming user should have a uid/gid mapping in the proxy database in server 2. The identifier should have a uid/gid mapping in the proxy database 3. Incoming user should be a group member of resource identifier on NFS server. The gid of the incoming user and the gid of the identifier as specified in the tcp/ip proxy database must match. 4. Directory has necessary group privilege of read and execute for directory listing operation. LEVEL1.DIR owned by the CARD because the GID of MASTER and CARD matches, MASTER is holder of CARD and the LEVEL1.DIR has Group:RE permission. NFS Server: tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec LEVEL1.DIR LEVEL1.DIR;1 CARD (RWED,RWED,RE,) NFS Client: #su master #ls LEVEL1.DIR [master@dctxvm65 mnt]$ ls level1.dir dir.dir 2.txt a.txt 3.txt 4.txt 2.1.2.6 Change Directory Incoming user can change the directory owned by the on client if the following conditions are satisfied. 1. The incoming user should have a uid/gid mapping in the proxy database in server 2. The identifier should have a uid/gid mapping in the proxy database 3. Incoming user should be a group member of resource identifier on NFS server .The gid of the incoming user and the gid of the identifier as specified in the tcp/ip proxy database must match. 4. Directory has necessary group privilege of read and execute for change directory operation. In below change directory example, the user MASTER in the Linux client is able to change the directory LEVEL1.DIR owned by the CARD because the GID of MASTER and CARD matches, MASTER is holder of CARD and the LEVEL1.DIR has Group:RE permission. NFS Server: tcpip sh proxy VMS User_name Type User_ID Group_ID Host_name CARD ROND 1000 1000 * MASTER OND 1001 1000 * SYSTEM OND 0 0 * Dir /sec LEVEL1.DIR LEVEL1.DIR;1 CARD (RWED,RWED,RE,) NFS Client: #su master [master@dctxvm65 mnt]$ cd level1.dir [master@dctxvm65 level1.dir]$ pwd /mnt/level1.dir [master@dctxvm65 level1.dir]$ 2.2 Network File System Server - Read_only Exports Feature This feature enables the NFS server to export a directory as Read-Only. The "Read_Only" option of "TCPIP EXPORT" command exports the specified map point in "Read-Only" mode regardless of the access available to a user via proxy. This feature can be used to protect shares from any changes by the user as the WRITE access is blocked. To export the map point as "Read-Only": $ "tcpip add export ""/host= /options=(read_only)" For example, $ tcpip add export "/test" /host=* /options=(read_only) $ tcpip sh export File System Host name /test * Options: Read_only On the client side, mount the exported disk using the MOUNT command. 2.3 Mechanism to control OPCOM logging by NFS service To control the OPCOM messages "Accepted connection" and "Closed connection" logged by NFS Service, the log options for the service can be used. To turn off "Accepted connection" message, use command: TCPIP SET SERVICE NFS /LOG_OPTIONS=NOLOGIN This will suppress below OPCOM message: Message from user NFS Server on SYSTEM1 Accepted connection from host xxx.xxx.xxx.xxx port yyyyy Similarly, to suppress "Closed connection" message, use command: TCPIP SET SERVICE NFS /LOG_OPTIONS=NOLOGOUT This will suppress below OPCOM message: Message from user NFS Server on SYSTEM1 Closed connection from host xxx.xxx.xxx.xxx port yyyyy To use above NFS features, the HP TCP/IP Services V5.7 ECO 4 should be installed on the OpenVMS system that is used as the NFS server as well as NFS client. --------------------------------------------------------------------------- New Features for ECO 3 Updates --------------------------------------------------------------------------- There are no new features added to HP TCP/IP Services for OpenVMS Version 5.7 ECO 3. For information about installing and configuring TCP/IP Services, see the HP TCP/IP Services for OpenVMS Installation and Configuration guide. --------------------------------------------------------------------------- New Features for ECO 2 Updates --------------------------------------------------------------------------- This section describes the new feature of TCP/IP Services Version 5.7 ECO 2. 3.1 Network File System V3 client Network File System (NFS) V3 client is a new file transfer layer protocol in HP TCP/IP Services. The benefits of the NFS V3 client and the additions to the MOUNT command are explained in the following sections: 3.1.1 Enables large file operations The NFS V3 client protocol, by default, enables large file size operations ( > 2 GB), which helps in better performance. 3.1.2 ASYNC WRITE and COMMIT NFS WRITE type can be configured (during TCP/IP MOUNT) using a /SYNC qualifier. The /SYNC qualifier uses the FILE_SYNC and the UNSTABLE options. The FILE_SYNC option enables SYNCHRONOUS WRITE type and the UNSTABLE option enables ASYNC WRITE type on the MOUNT point. The ASYNC is the default option if the /SYNC qualifier is not specified in the MOUNT command. In case of ASYNC WRITE, the number of bytes after which the client has to send an NFS COMMIT request can be configured using the /COMMIT_BUFFER qualifier. The default value of this buffer is 512 KB. For more information, see help for the TCP/IP MOUNT qualifier. Example 1: TCP/IP MOUNT with SYNC WRITE enabled. ------------------------------------------------------------------ TCPIP> mount dnfs0:/path="/home/system/test"/host= ""/sync=file_sync Example 2: TCP/IP MOUNT with ASYNC WRITE enabled for a /COMMIT_BUFFER qualifier of 1 MB. ------------------------------------------------------------------ TCPIP> mount dnfs0:/path="/home/system/test"/host= ""/commit_buff=1024 3.1.3 Updated HELP files The TCPIP HELP contains additional information on the new qualifiers for the MOUNT command. 3.2 New qualifiers added to the MOUNT command In this version of NFS client the following qualifiers are added to the MOUNT command: o /COMMIT_BUFFER o /TRANSPORT o /VERSION 3.2.1 /COMMIT_BUFFER /COMMIT_BUFFER=size Optional. Default: 512 While mounting a new NFS device if a /COMMIT_BUFFER qualifier value is not defined, then the Default /COMMIT_BUFFER qualifier value is taken. NFS V3 client supports ASYNC WRITE by the /COMMIT_BUFFER qualifier. The unit of the qualifier value is KB. For example, /COMMIT_BUFFER=100 KB The data in the commit buffer is flushed during the following conditions: o When the commit buffer reaches high water mark. o When the periodic commit flush timer triggers. 3.2.2 /TRANSPORT /TRANSPORT=protocol Optional. Default: TCP The following protocols are used for communicating with the NFS server: o User Datagram Protocol (UDP) o TCP 3.2.3 /VERSION /VERSION=n Optional. Default: 0 The /Version qualifier selects the NFS protocol version. By default, the NFS client attempts to communicate with the NFS server using the NFS V3 protocol. If this fails, then it uses the NFS V2 protocol. To force the NFS client to use a specific protocol version, use the following options: o 0 for auto. It first attempts to communicate using the NFS V3 protocol, if this fails, then it uses the NFS V2 protocol. o 2 for NFS V2 protocol o 3 for NFS V3 protocol Example for the MOUNT command qualifier ------------------------------------------------------------------- tcpip mount dnfs0:/path="/exportpath"/host="host-ip"/processor= unique/commit=1024 /struc=5/system/adf=create/acp_params=dump /trans=tcp/ver=3 Note: HP recommends that you use /processor=unique to have separate ACP process for each MOUNT point. 3.3 NFS V3 client limitations 1. No support for the NFS client for the PATHCONF and MKNOD operations. These are UNIX commands and might not be relevant to the OpenVMS users. 2. Problems with UDP. NFS WRITE with UDP transport does not work and it uses TCP as the default transport mechanism for all the NFS operations. 3. Client cannot detect server reboots. When ASYNC is enabled for the MOUNT point, and if server reboots in the middle of the ASYNC WRITE and COMMIT process, the data held by the NFS client is lost. If the NFS server is restarted, it affects the NFS READ or WRITE process. Note: If the new OpenVMS NFS V3 client needs to communicate with the OpenVMS NFS server, then you must install HP TCP/IP Services V5.7 ECO 2 on the OpenVMS system that is used as the NFS server. --------------------------------------------------------------------------- New Features for ECO 1 Updates --------------------------------------------------------------------------- This section describes the new features of TCP/IP Services Version 5.7 ECO 1. 4.1 Stream Control Transmission Protocol (SCTP) SCTP is a new transport layer protocol specified by IETF RFC 4960. In the protocol stack, SCTP along with TCP and UDP, communicates over IP. SCTP makes use of the BSD- based sockets API and extensions that are described in the Internet-draft standard. For additional information about Internet-Draft, visit the following World Wide Web address: http://www.ietf.org/id/draft-ietf-tsvwg-sctpsocket-19.txt If the Internet-Draft link for revision 19 does not work, search for the latest Internet-Draft at http://www.ietf.org/. 4.2 SCTP API The SCTP sockets API is implemented as a shareable image. The applications that use SCTP API must be linked with the SYS$COMMON:[SYSLIB]TCPIP$SCTP_SHR.EXE shareable image. When linking the SCTP API with a shareable image, the image must appear in a link options file. For example: $ LINK MY_SCTP_APP, SYS$INPUT:/OPTIONS SYS$LIBRARY:TCPIP$SCTP_SHR/SHARE For more information on the need for link options file, see the OpenVMS Linker Utility Manual. 4.2.1 SCTP API functions The SCTP API functions are based on FreeBSD V7.0 routines. The following routines are derived from the IETF draft, Sockets API Extensions for SCTP, revision 19 (draft-ietf- tsvwg-sctpsocket-19.txt). sctp_bindx() sctp_connectx() sctp_peeloff() sctp_getpaddrs() sctp_freepaddrs() sctp_getladdrs() sctp_freeladdrs() sctp_send() sctp_sendx() sctp_sendmsg() sctp_sendmsgx() sctp_recvmsg() sctp_getaddrlen() sctp_opt_info() sctp_getassocid() These routines require BSD4.4 sockets, hence any application that uses these routines must be compiled with the _SOCKADDR_LEN macro defined. For a detailed description of these routines, see Appendix B. 4.2.2 Building SCTP Applications The following header files are required to compile applications that use SCTP API: o o The file, "sctp_uio.h" is included in "sctp.h", hence, you need not include in the source code. In addition, the header file, "", is modified to define the SCTP protocol type: #DEFINE IPPROTO_SCTP 132 /* SCTP */ This protocol type must be passed as the "protocol" argument in the socket() API. For example, to create a socket that uses SCTP: These header files will be available in the DECC text library, in the future releases of DECC. If the installed version of DECC does not contain the SCTP header files, they can be accessed from the TCPIP$EXAMPLES directory. In this case, to compile the SCTP sources, these header files must be in your include path. You can also define the logicals as follows: $ DEFINE NETINET TCPIP$EXAMPLES $ DEFINE SYSTEM TCPIP$EXAMPLES 4.2.3 Compiling applications The SCTP API requires BSD4.4 sockets. To compile the APIs with BSD4.4 socket definitions, compile the code with _SOCKADDR_LEN defined. By default, _SOCKADDR_LEN is not defined, hence OpenVMS uses BSD4.3 sockets. This parameter can be defined in the source code, before any other inclusions or using the CC command-line- interface. In the source code, the first line of the file or the line before any other header files must be: #DEFINE _SOCKADDR_LEN Alternately, on the command line use the /DEFINE option by executing the following: $ CC /DEFINE=(_SOCKADDR_LEN) ... 4.2.4 Linking applications To link applications, include the SCTP API, SYS$LIBRARY:TCPIP$SCTP_SHR.EXE as a shareable image: Shareable images must be linked with the main object using a link options file. For example, $ LINK MY_SCTP_APP, SYS$INPUT:/OPTIONS SYS$LIBRARY:TCPIP$SCTP_SHR/SHARE For more information on the need for link options files, see the OpenVMS Linker Utility Manual. 4.3 FreeBSD Copyright This implementation of SCTP is ported from FreeBSD. As per the copyright requirements, the FreeBSD copyright notice is as follows: Copyright 1994-2008 The FreeBSD Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE FREEBSD PROJECT "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FREEBSD PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The views and conclusions contained in the software and documentation are those of the authors and should not be interpreted as representing official policies, either expressed or implied, of the FreeBSD Project. --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 BOOTP --------------------------------------------------------------------------- ECO 4 updates ------------- 5.1 Bootp responds from wrong NIC when configured in multihomed system. 14-Feb-12 Integrity servers and Alpha Problem: The BOOT Reply was only directed to the Broadcast IP address and not to the directed IP address in case the Broadcast flag was set in the BOOT Request coming in from the client. Ideally BOOT Reply should be sent to the directed IP address and Broadcast address. Deliverables: TCPIP$BOOTP.EXE Reference: QXCM1001193348 ECO 2 updates ------------- 5.2 LANBOOT command fails on OpenVMS 21-JUN-2010 Integrity servers and Alpha Problem: If a BL8x0c i2 server blade is configured as a satellite node, it fails to boot from the Boot Server. When you try to boot from the network port, a server response timeout message is displayed. This problem has been solved in this release, but the current fix does not work for IPv6. Deliverables: TCPIP$BOOTP.EXE Reference: PTR 75-120-1135/TCPIP_BUGS Note 3771 ECO 1 updates ------------- 5.3 "Lanboot select" command fails on OpenVMS 14-JUN-2010 Integrity servers and Alpha Problem: Although the 'flags' field in the BootRequest is set, BOOTP server sends the BootReply in unicast mode. Solution: BOOTP is made RFC 1542 compliant. BOOTP is modified to check the broadcast flag in the incoming BootRequest packet and to broadcast the BootReply accordingly. Deliverables: TCPIP$BOOTP.EXE Reference: PTR 75-120-1135 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 FTP --------------------------------------------------------------------------- ECO 5 updates ------------- 6.1 FTP adds extra CR/LF characters in ASCII files. 22-Sep-12 Integrity servers and Alpha Problem: While transferring file from HP OpenVMS system to a Windows system using FTP in ASCII mode, extra CR/LF characters are inserted into the output file. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE [SYSEXE]TCPIP$FTP_SERVER.EXE [SYSEXE]TCPIP$FTP_CHILD.EXE Reference: QXCM1001227896 6.2 Inbound connections fail intermittently in FTP Server under heavy load. 26-Sep-12 Integrity servers and Alpha Problem: Under heavy load, FTP Server may throw the following error messages: %TCPIP-I-FTP_USER, user name: FTP_INBILL %TCPIP-I-FTP_OBJ, object: FTPC0014F37D %TCPIP-I-FTP_CHINFO, FTP_INBILL: Error assigning channel to command mailbox %SYSTEM-F-IVDEVNAM, invalid device name %TCPIP-E-FTP_LOGFAL, remote interactive login failure FTP_INBILL Deliverables: [SYSEXE]TCPIP$FTP_CHILD.EXE [SYSEXE]TCPIP$FTP_SERVER.EXE Reference: QXCM1001221332 6.3 FTP/SSL fails when multiple batch files (greater than 1000 blocks) are transferred with VMS_PLUS mode disabled. 8-Oct-12 Integrity servers and Alpha Problem: During FTP over SSL when vms_plus mode is disabled and commands are in batch mode, PUT operation quits abnormally without executing remaining commands in the DCL script. Hence, the session is terminated. Same behavior is seen when commands are executed in the interactive mode where the PUT operation is not successful. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001238508 6.4 FTP/SSL does not allow transfer of file to Windows server. 25-Oct-12 Integrity servers and Alpha Problem: Transferring files to Windows ftps-server using FTP/SSL returns error message "425 Data channel timed out due to not meeting the minimum bandwidth requirement". Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001240946 6.5 In FTP/SSL, GET operation fails with RMS-E-RSZ error for large files. 30-Oct-12 Integrity servers and Alpha Problem: While performing FTP over SSL, get operation over large files in binary mode from Windows Server fails with RMS-E-RSZ error. This problem occurs when ssl_read output is not in multiples of 512. In case of windows the ssl_read output size is 16,000 bytes. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001240464 6.6 Typo in error message in FTP/SSL 11-Dec-12 Integrity servers and Alpha Problem: If SSL is not enabled on the server, below error message is displayed: TCPIP$_FTP_SSLERR,SSL not enabled on server TCPIP$_FTP_SSLERR, Session with continue in plain text. This has been corrected. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: PTR 75-117-128 6.7 APPEND command fails on FTP over SSL. 25-Jan-13 Integrity servers and Alpha Problem: Due to issues in reading file attributes, the APPEND command fails in FTP/SSL. Deliverables: [SYSEXE]TCPIP$FTP_SERVER.EXE [SYSEXE]TCPIP$FTP_CHILD.EXE Reference: PTR 75-117-95 6.8 COPY/FTP converts file names to lower-case when copying from ODS-5 disk to UNIX. 28-Jan-13 Integrity servers and Alpha Problem: When COPY/FTP command is used to transfer files to UNIX system, all target files are created with lower-case file names, instead of preserving the case. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001260558 6.9 SSL qualifier implemented for DIR/FTP. 15-Feb-13 Integrity servers and Alpha Problem: DIR/FTP command was not accepting "/SSL" qualifier. This has been corrected. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: PTR 75-130-33 6.10 FTP Server throws error "%SYSTEM-F-DUPLNAM" in a few scenarios. 18-Apr-13 Integrity servers and Alpha Problem: When FTP Server creates the FTP child, the process name convention is TCPIP$FTPCFFFFF. The last 5 digits are used as hexadecimal. When forming this name FTP server is not checking the presence of another process with that name. In case after recycling of this number if another process exists with the same name then the following error occurs: %SYSTEM-F-DUPLNAM, duplicate name %TCPIP-E-FTP_CREPRC, failed to create a child process. Deliverables: [SYSEXE]TCPIP$FTP_CHILD.EXE [SYSEXE]TCPIP$FTP_SERVER.EXE Reference: QXCM1001313240 PTR 75-117-275 6.11 FTP client on OpenVMS fails to remove circumflexes (^) from file names during put and mput operation to non-OpenVMS platforms. 8-May-13 Integrity servers and Alpha Problem: FTP client on OpenVMS fails to remove the circumflexes (^) from file names during put and mput operation to non OpenVMS platforms. Problem exhibited in put , put , and mput. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001278389 6.12 COPY/FTP does not handle file names correctly, when there is dot in source file name. 23-May-13 Integrity servers and Alpha Problem: When period (dot) character is part of the source file name, COPY/FTP command always appends source file extension to the destination file name. Deliverables: [SYSEXE]TCPIP$FTP_CLIENT.EXE Reference: QXCM1001271751 6.13 FTP server gives error message "550-RMS WRITE RTB record too large". 18-Jul-13 Integrity servers and Alpha Problem: While transferring the file using FTP from other platforms to OpenVMS, system return the error message "550-RMS WRITE RTB record too large" if the record size is more than 32K bytes. Deliverables: [SYSEXE]TCPIP$FTP_CHILD.EXE [SYSEXE]TCPIP$FTP_SERVER.EXE Reference: QXCM1001260962 QXCM1001236431 ECO 4 updates ------------- 6.14 COPY/FTP fails when destination file version is 0. 26-Jun-11 Integrity Servers and Alpha Problem: COPY/FTP fails when the version number 0 is used in the destination file name, instead of creating a new version. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001133990 6.15 TCP/IP OpenVMS FTP Server appends when using FTP in ASCII Mode. 18-Nov-11 Integrity Servers and Alpha Problem: TCP/IP FTP Server on OpenVMS appends in ASCII Mode without considering the text file's record attributes. This behavior creates an issue if the text file's record attribute is NONE. The logical TCPIP$FTP_ASCII_CHECK_RECORD_ATTRIBS has been added and if it is enabled, file attributes are checked and transferred based on that. If the file attribute is NONE, the file is transferred in BINARY mode otherwise it is transferred in ASCII Mode. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: QXCM1001161473 6.16 FTP over SSL does not work for non-privileged account. 15-Apr-12 Integrity Servers and Alpha Problem: The issue occurred due to access restrictions to certificate and key files for non-privileged users. Deliverables: SYS$MANAGER:TCPIP$FTP_STARTUP.COM Reference: QXCM1001185799 6.17 Command interpretation by FTP Client is case sensitive. 03-SEP-2012 Integrity Servers and Alpha Problem: When using the FTP client from OpenVMS, some commands appear case sensitive while others are not. Commands like "BIN" and "ASCII" if given in capital letters won't work, but "SET TYPE ASCII" or "SET TYPE BINARY" works. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001227885 ECO 3 updates ------------- 6.18 COPY/FTP GET operation fails when using wildcards in the file name 10-Dec-2010 Integrity servers and Alpha Problem: An attempt to fetch the files from a remote system by specifying using wildcards in the file name and extension field of the file format fetches multiple versions of the same file. Due to this COPY/FTP GET operation fails. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001092121/TCPIP_BUGS Note 3800 6.19 FTP client fails with /INPUT qualifier 28-MARCH-2011 Integrity servers and Alpha Problem: When GET or MGET operation is used with wildcards, FTP client fails with /INPUT qualifier. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001101524, QXCM1001105187/TCPIP_BUGS Note 3810 6.20 COPY/FTP command fails with an access violation 9-AUG-2011 Integrity servers and Alpha Problem: When double quotation marks are used on the destination file specification, COPY/FTP command fails with an access violation. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001110531/TCPIP_BUGS Note 3820 6.21 Issues while copying files to non-existent directory using COPY/FTP command 24-MAY-2011 Integrity servers and Alpha Problem: COPY/FTP command copies files to non-existent directories instead of displaying the error message. This occurs when double quotation marks are used for the destination directory in the command. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001130553/TCPIP_BUGS Note 3815 6.22 DIR/FTP command is unable to find a directory 1-Jun-2011 Integrity servers and Alpha Problem: DIR/FTP command is unable to find a directory when double quotation marks are not used in the directory specification. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001130237/TCPIP_BUGS Note 3824 6.23 DIR/FTP command displays incorrect directory 1-Jun-2011 Integrity servers and Alpha Problem: DIR/FTP [-] command lists incorrect directory. Example: Assume a login directory DISK:[DIR1] is created. When the user logs into the system, the system should display the default login directory. Instead the root directory DISK:[000000] is displayed. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001142716/TCPIP_BUGS Note 3826 6.24 COPY/FTP command does not understand wildcard characters. 15-SEP-2011 Integrity servers and Alpha Problem: The FTP client is unable to interpret the wildcard characters when the destination specification is enclosed within double quotation marks in the COPY/FTP command. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: PTR 75-117-209/TCPIP_BUGS Note 3837 6.25 COPY/FTP command fails with an ACCVIO 22-SEP-2011 Integrity servers and Alpha Problem: COPY/FTP command fails with an ACCVIO when the destination path within double quotation marks is blank. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: PTR 75-117-214/TCPIP_BUGS Note 3836 ECO 2 updates ------------- 6.26 CONNECT FTP command does not accepts a port number as a parameter 29-JUL-2010 Integrity servers and Alpha Problem: When upgrading to HP TCP/IP Services V5.7 ECO 2, the CONNECT FTP command does not accepts a port number as a parameter. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001060551/TCPIP_BUGS Note 3774 6.27 Insufficient user privilege for the FTP server 17-AUG-2010 Integrity servers and Alpha Problem: The FTP server does not allow a privileged user to copy a file into a directory. This option works fine on HP TCP/IP Services V5.6 ECO 5. The problem occurs when a FTP user has default SYSPRV privilege, but is not a member of the system group (UIC [1000,12]). Interactively, the user can copy files into the directory, but cannot copy a file via the FTP server. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: QXCM1001061592/TCPIP_BUGS Note 3776 6.28 FTP server replies to a SYST command with a NULL character at the end of the response text 21-SEP-2010 Integrity servers and Alpha Problem: When the OpenVMS TCP/IP V5.7 ECO 2 FTP server replies to a SYST command, a NULL character is inserted after the text of the response and before the CRLF. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: QXCM1001070668/TCPIP_BUGS Note 3778 6.29 Passive mode is broken when the OpenVMS FTP client is connecting to the OpenVMS FTP server via FTPS 21-OCT-2010 Integrity servers and Alpha Problem: When attempting to FTP, using File Transfer Protocol Secure (FTPS) in a passive mode, to an OpenVMS FTP server from an OpenVMS FTP client, the FTP client stops responding and displays the following error message: SSL_connect() error (TCPIP$_FTP_SSLERR, SSL_connect failed due to ssl errno: 5) Deliverables: TCPIP$FTP_CLIENT.EXE Reference: QXCM1001074894/TCPIP_BUGS Note 3785 ECO 1 updates ------------- 6.30 FTP data connection fails in passive mode 22-MAR-2010 Integrity servers and Alpha Problem: FTP data connection fails in passive mode with "425 Failed to establish connection" on a multi-homed system. While executing the ftp commands, ls, put, and get in the passive mode with TCP/IP Version 5.7 FTP client from a muliti-homed system, (that is, a system having multiple IP-addresses), client data connection gets disconnected intermittently. When connecting to internet FTP sites, FTP client displays the following error: "425 Failed to establish connection" and when connecting to an OpenVMS FTP server, the FTP client displays "425 Disallowing data connection" error. Deliverables: TCPIP$FTP_CLIENT.EXE Reference: PTR 75-123-105/TCPIP_BUGS Note 3757 6.31 FTP exits with an ACCVIO on idle timeout 14-MAY-2010 Integrity servers and Alpha Problem: The FTP server in which SSL is not enabled, exits with an ACCVIO on idle timeout. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: PTR-75-123-128/TCPIP_BUGS Note 3761 6.32 FTP client displays "421 Service not available" intermittently 17-MAY-2010 Integrity servers and Alpha Problem: The FTP client intermittently displays the following error: "421 Service not available, Remote server has closed the connection" This error is always displayed after all file transfers have been completed successfully. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: QXCM1000948610/TCPIP_BUGS Note 3763 6.33 FTP fails with duplicate name 17-MAY-2010 Integrity servers and Alpha Problem: When the FTP server gets continuously connected and disconnected from the same FTP client it fails with a duplicate name. Solution: This problem occurs only when the FTP server is loaded heavily from the same client. To resolve this problem, define the TCPIP$FTP_MSL_MAX logical in the system table with the tcp_msl value of the system as explained in the following steps: 1. Check the tcp_msl value of the system using the "sysconfig -q inet tcp_msl" command $ sysconfig -q inet tcp_msl inet: tcp_msl = 60 2. Define TCPIP$FTP_MSL_MAX logical in the system table with the tcp_msl value, in this scenario it is 60 DEFINE / SYS TCPIP$FTP_MSL_MAX 60 3. Restart the FTP server. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: QXCM1001019022/TCPIP_BUGS Note 3764 6.34 FTP unable to preserve type case in the PUT operation 18-MAY-2010 Integrity servers and Alpha Problem: An SSL enabled FTP server fails to preserve the type case of filenames in the PUT operation. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: PTR 75-120-1284/TCPIP_BUGS Note 3765 6.35 OpenVMS, TCP/IP, or Non-VMS FTP client access to ODS-5 disk 24-MAY-2010 Integrity servers and Alpha Problem: On a non-VMS FTP client, such as Windows, UNIX, or LINUX, the filenames are displayed in the OpenVMS format with the "^" characters. Also, when retrieving the filenames using the non-VMS FTP client, the filename in OpenVMS format is displayed with "^", such as file^.1^.2^.3^.4.txt. For retrieving the files and saving them on the system, the "^" characters must not be included in the filenames. Solution: To display the OpenVMS filename in the UNIX style, enable the TCPIP$FTPD_UNIX_DISPLAY logical by executing the following steps: 1. $ DEFINE /SYS TCPIP$FTPD_UNIX_DISPLAY TRUE 2. Restart the FTP services. Deliverables: TCPIP$FTP_SERVER.EXE TCPIP$FTP_CHILD.EXE Reference: PTR 75-117-183/TCPIP_BUGS Note 3768 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 BIND --------------------------------------------------------------------------- ECO 5 Updates ------------- 7.1 nslookup performance problems. 21-May-13 Integrity servers and Alpha Problem: nslookup performs poorly when local host is configured as bind server. Deliverables: [SYSEXE]TCPIP$BIND_SERVER.EXE Reference: QXCM1001272750 7.2 DoS vulnerability in Bind server (CVE-2012-4244). 9-Jan-13 Integrity servers and Alpha Problem: Bind server allows remote attackers to cause a denial of service (assertion failure and named daemon exit) through a query for a long resource record. Deliverables: [SYSEXE]TCPIP$BIND_SERVER.EXE Reference: PTR 75-117-284 7.3 CVE-2009-0025 - Certificate chain vulnerability in Bind server. 4-Feb-13 Integrity servers and Alpha Problem: Bind allows remote attackers to bypass validation of the certificate chain through a malformed SSL/TLS signature. Deliverables: [SYSEXE]TCPIP$BIND_SERVER.EXE Reference: PTR 75-117-287 ECO 4 Updates ------------- 7.4 NSLOOKUP fails with the error %system-f-ivbuflen, invalid buffer length. 29-May-12 Integrity servers and Alpha Problem: The problem was due to improper initialization of SOCKADDR_IN structure. This improperly initialized socket address structure was passed to connect call and was causing the issue. Deliverables: TCPIP$NSLOOKUP.EXE Reference: QXCM1001198044 ECO 3 updates ------------- 7.5 OpenVMS BIND error message 12-AUG-2011 Integrity servers and Alpha Problem: Under certain conditions, the named daemon for OpenVMS exits due to an assertion failure. The following message is logged in the BIND-server log file: Fri 22 05:11:11 ERROR: client 172.25.109.11#56088: view internal: update 'dmzc109.mkb.hu/IN' denied Fri 22 06:01:01 CRITICAL: BUILD26$:[TCPIP_V57_BLECO2.SRC.BIND9_SERVER]SOCKET.C;1 :1773: INSIST(!sock->pending_recv) failed Fri 22 06:01:01 CRITICAL: exiting (due to assertion failure) Deliverables: TCPIP$BIND_SERVER.EXE Reference: QXCM1001125714/TCPIP_BUGS Note 3831 ECO 2 updates ------------- 7.6 nsupdate utility fails with the SYSTEM-F-OPCCUST error message 2-SEP-2010 Integrity servers and Alpha Problem: When the nsupdate utility and a TSIG secret key is used to update a CNAME instance in a domain, it fails with the SYSTEM-F-OPCCUST error message. Deliverables: TCPIP$NSUPDATE.EXE Reference: QXCM1001066144/TCPIP_BUGS Note 3777 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 BIND RESOLVER --------------------------------------------------------------------------- ECO 5 updates ------------- 8.1 TELNETSYM process is not reading Bind Resolver changes dynamically. 30-Oct-14 Integrity servers and Alpha Problem: In the current design, the Bind Resolver in TCPIP does not read the configuration changes dynamically. A new logical "TCPIP$BIND_RES_DYNAMIC" has been introduced to control this behavior. If this logical is defined as "1", the process will reload Bind Resolver configuration, if last initialization was more than 30 seconds ago. Deliverables: [SYSLIB]TCPIP$IPC_SHR.EXE Reference: QXCM1001195625 ECO 4 updates ------------- 8.2 getnameinfo() socket routine fails when IPV6 link-local address is passed. 25-Aug-11 Integrity Servers and Alpha Problem: For an IPV6 link-local address, the numeric form of the address is returned by getnameinfo() instead of its name. Deliverables: TCPIP$IPC_SHR.EXE Reference: QXCM1001133433 ECO 2 updates ------------- 8.3 TCPIP$IPC_SHR.EXE fails intermittently with an ACCVIO 19-NOV-2010 Integrity servers and Alpha Problem: When a sample C program which creates multiple threads is run, and each of the thread issue a call to getaddrinfo(), TCPIP$IPC_SHR.EXE fails intermittently with an ACCVIO. If you link this sample C program with the /THREAD=(MULTI,UPCALL) qualifier and run on multiple CPU machines, this issue is seen. If you run the same program on a single CPU machine, then an ACCVIO does not appear. Also, if you do not link the sample C program with the /THREAD=(MULTI,UPCALL) qualifier and run on both single or multiple CPU machines, then an ACCVIO does not appear. The following error message is displayed: $1$DGA11:[TCPIP_V56_BLECO5.SRC.BIND_RESOLVER]MEMCLUSTER. C;1:436:INSIST(stats[size].gets != 0U) failed Deliverables: TCPIP$IPC_SHR.EXE Reference: PTR 75-117-185/TCPIP_BUGS Note 3793 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 DHCP --------------------------------------------------------------------------- ECO 2 updates ------------- 9.1 DHCP client looses static default routes on refresh of the lease 27-OCT-2010 Integrity servers and Alpha Problem: After refresh of the lease by the Dynamic Host Configuration Protocol (DHCP) server, the manually configured static routes on the interfaces are deleted. Deliverables: TCPIP$DHCP_CLIENT.EXE Reference: QXCM1001069319/TCPIP_BUGS Note 3786 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 NTP --------------------------------------------------------------------------- ECO 5 updates ------------- 10.1 The NTP log files are created in system disk. 22-Oct-12 Integrity servers and Alpha Problem: NTP creates a new log files every 24 hours. The first file is created in the defined place but subsequent files get created at SYS$SPECIFIC:[TCPIP$NTP]. To address files getting created at SYS$SPECIFIC:[TCPIP$NTP], a new logical tcpip$ntp_home has been introduced to hold the directory path. This logical has to be defined in the system table. define tcpip$ntp_home DISK$LOG:[TCPIP$NTP] /system/exec The directory name in tcpip set service ntp /log==(file=TCPIP$NTP_RUN.log, all) also needs to be changed. Deliverables: [SYSEXE]TCPIP$NTP_RUN.COM Reference: QXCM1001211327 ECO 4 updates ------------- 10.2 NTP server reports error "TTL: Invalid Argument" 16-Sep-11 Integrity servers and Alpha Problem: The OpenVMS NTP server does not allow TTL value greater than 8 to be specified for NTP broadcasting to the Multicast address. Deliverables: TCPIP$NTP.EXE Reference: QXCM1001139673 ECO 3 updates ------------- 10.3 NTP vulnerability 18-Nov-2010 Integrity servers and Alpha Problem: HP TCP/IP Services for OpenVMS systems is vulnerable for the Network Time Protocol (NTP) Denial of Service issue. Deliverables: TCPIP$NTP.EXE TCPIP$NTPDC.EXE TCPIP$NTP_RES_CHILD.EXE TCPIP$NTPQ.EXE TCPIP$NTPDATE.EXE Reference: QXCM1001088496/TCPIP_BUGS Note 3798 10.4 NTP broadcasting does not work if the TTL value is greater than eight 1-Aug-2011 Integrity servers and Alpha Problem: The OpenVMS NTP server does not allow you to specify TTL value greater than eight for NTP broadcasting to the Multicast address. When you attempt to increase the TTL value to greater than eight, NTP broadcasting stops working. Deliverables: TCPIP$NTP.EXE Reference: QXCM1001139673/TCPIP_BUGS Note 3827 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 RSH --------------------------------------------------------------------------- ECO 4 updates ------------- 11.1 RSH command takes a very long time before getting timed out when remote host is unavailable. 8-AUG-2012 Integrity Servers and Alpha Problem: The RSH command took too long to time out when the remote host was unavailable. Deliverables: TCPIP$RSH.EXE Reference: QXCM1001228243 ECO 3 updates ------------- 11.2 RSH or REXEC command does not display error message 3-DEC-2010 Integrity servers and Alpha Problem: RSH or REXEC command does not display an error message when the connection is rejected from the remote system. However, it displays the status message as success even before executing the RSH or REXEC command. Deliverables: TCPIP$RSH.EXE Reference: QXCM1001090234/TCPIP_BUGS Note 3796 11.3 REXEC command fails with "%RSH-E-SERVNOTAVAIL" error message 8-Aug-2011 Integrity servers and Alpha Problem: While connecting REXEC to multiple systems, the following error message is displayed: %RSH-E-SERVNOTAVAIL, Remote service is not currently available -SYSTEM-F-REJECT, connect to network object rejected Deliverables: TCPIP$RSH.EXE Reference: QXCM1001108463, QXCM1001108468/TCPIP_BUGS Note 3822 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 SSH --------------------------------------------------------------------------- ECO 5 Updates ------------- 12.1 SFTP "get" command creates zero sized block file. 11-Jul-12 Integrity servers and Alpha Problem: OpenVMS SFTP Client "get" command creates an empty file in the local disk, when the client does not have read permission on the source file in the server. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SCP2.EXE Reference: QXCM1001222445 12.2 OpenVMS SFTP, "rm" command with wildcard fails. 5-Sep-12 Integrity servers and Alpha Problem: In an SFTP session, the "rm" command fails when the command is entered with wildcard character "*" as follows: sftp> rm cl_5000_bu*.* Command failed. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001228590 12.3 The SFTP transfer status information truncates file names greater than 34 characters. 27-Sep-12 Integrity servers and Alpha Problem: When SFTP operation is used in batch mode, SFTP log file is limited to 80 characters per line. This results in the SFTP transfer status truncating file names that are greater than 34 characters in the length. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001232112 12.4 SFTP intermittently results in ACCVIO when issued "put" of a non-existent file name. 8-Oct-12 Integrity servers and Alpha Problem: When SFTP operation is executed in batch mode, SFTP intermittently fails with access violation during the 'put' operation of a non-existent file. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SCP2.EXE Reference: QXCM1001234543 12.5 SFTP lrename to an existing filename fails when connected to Linux server. 7-Nov-12 Integrity servers and Alpha Problem: During SFTP connection to a Linux server, lrename to an existing filename fails. Since the file already exists, lrename must simply create a newer version of the file. However, the below error is encountered: "Target already exists, operation aborted". Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001247761 12.6 SFTP GET returns "No such file" although file exists on the WINDOWS SERVER. 19-Feb-13 Integrity servers and Alpha Problem: SFTP GET returns "No such file" when there is no absolute path given. It works as expected with absolute path. sftp> get fcr_parse_raw:(src): no such file (server msg: 'No such file') Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001229174 12.7 SSH does not honor UAF flag LOCKPWD during user login. 26-Feb-13 Integrity servers and Alpha Problem: The SYSUAF flag LOCKPWD signifies that user's password is locked and cannot be changed. If a user tries to login using SSH when password is expired, the user is prompted to change expired password even though LOCKPWD is set. Deliverables: [SYSEXE]TCPIP$SSH_SSHD2.EXE Reference: QXCM1001267437 12.8 OpenVMS SSH Client does not work with IBM AIX. 27-Feb-13 Integrity servers and Alpha Problem: When connecting to an IBM AIX OpenSSH server, the OpenVMS SSH client runs into an ACCVIO with the following message : %SYSTEM-F-ACCVIO, access violation, reason mask=04, virtual address=0000000000AB Deliverables: [SYSEXE]TCPIP$SSH_SSH2.EXE Reference: QXCM1001198586 12.9 Public key authentication in SFTP fails in some scenarios. 28-Mar-13 Integrity servers and Alpha Problem: Public key authentication fails between SFTP client and server, when the user's default login device is represented by a logical defined in the Users Group Logical Name Table. It works fine when the logical is defined in the System table. Deliverables: [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE Reference: QXCM1001219479 12.10 SFTP put with wildcard to Unix server appends a trailing period in the filename. 18-Apr-13 Integrity servers and Alpha Problem: SFTP put with wildcard to Unix server appends a trailing period in the filename if the original file on OpenVMS does not have an extension. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SCP2.EXE Reference: QXCM1001274402 12.11 SFTP directory list command fails to display filenames when lowercase letters and wildcards are used as part of the file name. 25-Apr-13 Integrity servers and Alpha Problem: SFTP clients other than OpenVMS fails to display directory listing from an OpenVMS server whenever lowercase letters and wildcards are used as part of the file name. Deliverables: [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE Reference: QXCM1001272450 12.12 SFTP client exits with error when using SFTP MGET/MPUT commands. 8-May-13 Integrity servers and Alpha Problem: When SFTP is used to transfer large number of files using the SFTP MGET/MPUT commands, the SFTP client exits with the following error: %TCPIP-F-SSH_ALLOC_ERROR, ssh memory allocation error. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001278597 12.13 SFTP put fails to a monitored directory in Solaris system. 18-Jul-13 Integrity servers and Alpha Problem: In TCPIP v5.7,SFTP put fails as in target system the file was allowed to moved in advance to a different directory. Deliverables: NONE Reference: QXCM1001273106 12.14 SFTP "get *" failed immediately after "lcd" command. 22-Aug-13 Integrity servers and Alpha Problem: When "get *" is used immediately after "lcd" command, "get *" tries to get all the files from the changed location from the server, instead of the new working directory. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001297163 12.15 SFTP "ls" command causing ACCVIO. 5-Sep-13 Integrity servers and Alpha Problem: SFTP "ls" command issued from OpenVMS client to Multinet server, resulted in access violation (ACCVIO). Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001297490 12.16 SFTP batch mode throws error message "no such file …". 24-Oct-13 Integrity servers and Alpha Problem: When SFTP is used with batch mode, unexpected error: "no such file (client msg: no such file or directory, or no privilege for attempted operation)" is displayed after listing the files for the ls cmd with wild card. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001314727 12.17 SCP unable to parse logical. 21-Feb-14 Integrity servers and Alpha Problem: SCP is unable to parse device logicals within file name parameters: $scp "sys$login:login.com" nl: Error: Invalid Host given. %TCPIP-E-SSH_FC_ERR_CONN, connecting to host failed. Deliverables: [SYSEXE]TCPIP$SSH_SCP2.EXE Reference: QXCM1001332985 QXCM1001327979 12.18 SCP fails to copy file from one directory to another locally, or on remote host. 10-Mar-14 Integrity servers and Alpha Problem: When SCP was copying file from one directory to another, locally or on remote host it was appending the destination path with the source path resulting in %TCPIP-E-SSH_FC_ERR_FAIL. Deliverables: [SYSEXE]TCPIP$SSH_SCP2.EXE Reference: QXCM1001339265 12.19 SFTP batch mode crashes with SYSTEM-F-ACCVIO. 18-Mar-14 Integrity servers and Alpha Problem: SFTP batch mode operation exits with access violation, usually while executing commands after "ls". This occurs less frequently when executed as part of OpenVMS batch job, or when executed at higher debug levels. sftp> get WELCOME.TXT %SYSTEM-F-ACCVIO, access violation, reason mask=04, virtual address=00000000140219A1, PC=00000000000E9291, PS=0000001B Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001320545 QXCM1001335436 QXCM1001338947 12.20 SFTP Batch mode - Unable to "GET" file from login directory. 4-Apr-14 Integrity servers and Alpha Problem: In SFTP batch mode, performing GET on a file in the default login directory returns below error: sftp> get WELCOME.TXT fcr_parse_raw: /WELCOME.TXT (src): no such file (server msg: 'syserr: no such file or directory, or no privilege for attempted operation, file: /WELCOME.TXT') Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001320545 12.21 SSH connection from OpenVMS to ILO 4 V1.40 firmware fails. 28-May-14 Integrity servers and Alpha Problem: While establishing session between OpenVMS SSH client and ILO 4 firmware of Gen8 server (firmware version V1.40 running mpSSH sever version 0.2.1), the connection fails with error "key exchange or algorithm negotiation failed". Deliverables: [SYSEXE]TCPIP$SSH_SSH2.EXE Reference: QXCM1001352593 12.22 SFTP client hangs during wildcard PUT of file(s) with space in name. 30-Sep-14 Integrity servers and Alpha Problem: In SFTP client, when "PUT" operation is attempted using wildcard parameter, and if any of the entries in the matching list of filenames contain space character, then the client will go into infinite loop and hang. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE Reference: QXCM1001278382 12.23 SSH login to a new account for the first time returns VMS base date and time. 11-Dec-12 Integrity servers and Alpha Problem: On SSH login to a new account for the first time the user sees the VMS base date and time as the time of last interactive/non-interactive login: Last interactive login on Wednesday, 17-NOV-1858 00:00:00.00 Last non-interactive login on Wednesday, 17-NOV-1858 00:00:00.00 Deliverables: [SYSEXE]TCPIP$SSH_SCP2.EXE [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SSH2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE [SYSEXE]TCPIP$SSH_SSH-KEYGEN2.EXE [SYSEXE]TCPIP$SSH_SSH-ADD2.EXE [SYSEXE]TCPIP$SSH_SSH-AGENT2.EXE [SYSEXE]TCPIP$SSH_SSH-SIGNER2.EXE Reference: PTR 75-117-203 12.24 When decc$efs_case_special feature is enabled together with extended process parsing, SFTP does not send the remote filename in upper case. 12-Dec-12 Integrity servers and Alpha Problem: In SFTP if the file to be send to the remote host contains all uppercase letters in its name, then it gets converted to all lowercase letters due to the enablement of DECC$EFS_CASE_SPECIAL feature. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.exe Reference: PTR 75-117-197 12.25 SSH failed to save hostkey file for very long hostname on ODS2 type disk. 7-Jan-13 Integrity servers and Alpha Problem: SSH throws warning messages while saving the host key file having long name on ODS2 disk, due to the filename limitation in ODS2 format. Deliverables: [SYSEXE]TCPIP$SSH_SSH2.EXE Reference: PTR 75-117-248 12.26 When setting the process case to Sensitive, SFTP connection hangs or does not allow host based authentication and public key authentication. 31-Jan-13 Integrity servers and Alpha Problem: During host based and public key authentication process the configuration files and key files are read that are present in the SSH2 directory. When process case is set to sensitive mode it fails to open these configuration and key files. This results in failure of host based and public key authentication in SFTP connection. Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SSH2.EXE Reference: PTR 75-117-196 12.27 SSH user logging prompt behavior change after TCPIP 5.7 ECO4. 8-Oct-14 Integrity servers and Alpha Problem: While logging with non-existing user name, the password prompt is displayed only once. Deliverables: [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE Reference: PTR 75-117-351 12.28 SSH - typo in Accounting records. 20-Oct-14 Integrity servers and Alpha Problem: Accounting records created by SSH has typo error. It has misspelled "authentication" as "authenication". Deliverables: [SYSEXE]TCPIP$SSH_SFTP2.EXE [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SCP2.EXE [SYSEXE]TCPIP$SSH_SSH-ADD2.EXE [SYSEXE]TCPIP$SSH_SSH-AGENT2.EXE [SYSEXE]TCPIP$SSH_SSH-KEYGEN2.EXE [SYSEXE]TCPIP$SSH_SSH-SIGNER2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE [SYSEXE]TCPIP$SSH_SSH2.EXE Reference: PTR 75-117-305 12.29 Unable to use public-key authentication for SFTP/SSH server in some scenarios. 27-Oct-14 Integrity servers and Alpha Problem: Public-key authentication in SFTP/SSH server does not work when the user's : (a) SYSUAF default device is a logical pointing to a directory, and (b) SYSUAF default directory is "[000000]" or starts with "[000000." Deliverables: [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE Reference: PTR 75-117-350 12.30 SSH intrusion detection may block valid users from logging in to the server. 27-Oct-14 Integrity servers and Alpha Problem: When a login attempt using LDAP authentication fails, SSH inserts duplicate records in the intrusion database. This may cause valid users to be blocked from logging in to the server. Also, the SSH Server child process will crash, if the login username is invalid. Deliverables: [SYSEXE]TCPIP$SSH_SFTP-SERVER2.EXE [SYSEXE]TCPIP$SSH_SSHD2.EXE Reference: QXCM1001372927 ECO 4 updates ------------- 12.31 SFTP shows negative data transfer rates and incorrect amount of data for large files (>4GB) 30-Nov-11 Integrity servers and Alpha Problem: The issue was caused due to an overflow of the variable used to denote the size. Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SFTP2.EXE Reference: QXCM1001136398 12.32 SFTP client on OpenVMS, ASCII files are not transferred correctly for Windows Systems 22-Nov-11 Integrity servers and Alpha Problem: The OpenVMS SFTP transfers files in ASCII mode assuming that the remote host also uses newline conventions similar to OpenVMS or UNIX. As a result, the ASCII files are not sent properly when transferred to a Windows system, which has a different newline convention than OpenVMS or Unix. Deliverables: TCPIP$SSH_SFTP2.EXE Reference: QXCM1001172744 12.33 SSH/SFTP fails in authentication for some specific Servers 20-Jan-12 Integrity servers and Alpha Problem: Key exchange algorithm negotiation fails between OpenVMS SSH/SFTP Server and some specific servers such as zFTPServer, WingFTP server, Mocana and Cerberus. Deliverables: TCPIP$SSH_SSH2.EXE Reference: QXCM1001178937, QXCM1001203980, QXCM1001198346, QXCM1001201977, QXCM1001220842 12.34 SSH/SFTP Password prompt alignment problem 1-Feb-12 Integrity Servers and Alpha Problem: There is an alignment issue in the SSH/SFTP prompt which occurs due to an extraneous tab. Deliverables: TCPIP$SSH_SSH2.EXE Reference: QXCM1001191701 12.35 The SCP protocol displays "warning: sys$persona_create for username account failed %SYSTEM-F-NOIMPERSONATE, operation requires IMPERSONATE privilege" 29-Mar-12 Integrity Servers and Alpha Problem: The warning message is seen when SSH runs under an account which is different from the logged in account. Deliverables: TCPIP$SSH_SSH2.EXE Reference: QXCM1001163046 12.36 SSH and SFTP password authentication fails if SSHD2_CONFIG contains QuietMode=Yes. 4-Apr-12 Alpha Problem: The Quietmode feature is used by SSH and SFTP to suppress any logs and warnings. The return value of the authentication procedure is incorrect for Alpha Architecture. Deliverables: TCPIP$SSH_SSHD2.EXE Reference: QXCM1001184232 12.37 OpenVMS SFTP fails to put files to a WingFTP Server 15-Apr-12 Integrity Servers and Alpha Problem: OpenVMS SFTP Server sets the EXEC bits on the destination file before the transfer and this causes issue with transfer to the WingFTP server. Deliverables: TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SCP2.EXE Reference: QXCM1001198346 12.38 OpenVMS SSH/SCP/SFTP Clients fail to connect to respective servers when protocol version string does not contain “OpenVMS” 15-Apr-12 Integrity Servers and Alpha Problem: For OpenVMS Client to successfully connect to OpenVMS Server, it needs to identify that the remote end is OpenVMS. When the server sends the Protocol version string as "3.2.0", the OpenVMS client is unable to determine the server as OpenVMS, and treats the server as non-OpenVMS and hence, incorrectly sets a flag. Deliverables: TCPIP$SSH_SSHD2.EXE Reference: QXCM1001204155 12.39 SFTP fails in batchmode when an OpenVMS formatted pathname is passed for the batch command file 28-Mar-12 Integrity Servers and Alpha Problem: When a directory or path is passed for SFTP batch mode access in OpenVMS format, the SFTP command fails. The OpenVMS directory format isn’t parsed successfully when access to the directory is tried but it works for UNIX standard path. Deliverables: TCPIP$SSH_SFTP2.EXE Reference: QXCM1001204757 12.40 In the sftp prompt,'ls -l' command truncates the file size for large files 9-Apr-12 Integrity Servers and Alpha Problem: In the sftp prompt, 'ls -l' command displays the size of a file. In case of large files, only 10 digits will be displayed. The format specifier for size gets overflown for large file sizes. Deliverables: TCPIP$SSH_SFTP-SERVER2.EXE Reference: QXCM1001206376 12.41 SCP process crash occurs while doing "scp -r" to a Solaris machine 2-May-12 Integrity Servers and Alpha Problem: The problem is seen in TCPIP 5.7 ECO 3 when an "scp -r" to a Solaris machine is done, the SCP process gets an access violation. Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SFTP2.EXE Reference: QXCM1001191728 12.42 On Non-OpenVMS severs, an EOF error is encountered occasionally during SFTP 'put' operations for non streamlf files. 14-SEP-2011 Integrity Servers and Alpha Problem: The SFTP reports EOF(end of file) errors during 'put'operations from OpenVMS to Unix servers on some occasions for non streamlf files. Deliverables: TCPIP$SSH_SFTP-SERVER2.EXE TCPIP$SSH_SSHD2.EXE Reference: PTR 75-117-215 12.43 Checking of the password history file is not consistent in SSH 15-MAR-2011 Integrity Servers and Alpha Problem: SSH assumes that entered password is not in the dictionary if it can not open the dictionary. This usually happens whenever the password dictionary is locked by some other process. Deliverables: TCPIP$SSH_SFTP-SERVER2.EXE TCPIP$SSH_SSHD2.EXE Reference: PTR 75-117-207 12.44 SSH issues related to Disuser, LGI_PWD_TMO, Windows Adjust and incorrect password. 29-Sep-11 Integrity Servers and Alpha Problem: 1)SSH fails to Disuser account 2)SSH login does not take note of setting of LGI_PWD_TMO 3)SSH reports "Bad windows size in WINDOWS_ADJUST". 4)SSH login with an incorrect password increments count incorrectly Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SFTP-SERVER2.EXE TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SSH2.EXE TCPIP$SSH_SSHD2.EXE Reference: QXCM1001101577 12.45 SFTP crashes with ACCVIO when trying to put a directory without the version number. 25-Jul-12 Integrity Servers and Alpha Problem: Using SFTP, trying to put a directory fails when the version number isn't specified. Deliverables: TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SCP2.EXE Reference: QXCM1001221537 12.46 In SFTP, the use of the 'lcd' before 'put' command causes the error 'Encountered EOF'. 2-AUG-2012 Integrity Servers and Alpha Problem: The use of 'lcd'/'lpwd' before 'put' command incorrectly sets the file size resulting in the EOF error message. Deliverables: TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SCP2.EXE Reference: QXCM1001230203, QXCM1001230202 ECO 3 updates ------------- 12.47 SFTP GET command has the UIC of the remote system 7-JAN-2011 Integrity servers and Alpha Problem: When SFTP GET command is used to get files from a remote OpenVMS system, the file has the UIC of the remote system instead of the local system. Deliverables: TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SSH2.EXE TCPIP$SSH_SSHD2.EXE TCPIP$SSH_SFTP-SERVER2.EXE Reference: QXCM1001091837/TCPIP_BUGS Note 3805 12.48 SFTP memory leak with large number of files 11-Jan-2011 Integrity servers and Alpha Problem: When SFTP uses SFTP MGET or SFTP MPUT command to transfer large number of files, the SFTP client exits and displays the following error message: %TCPIP-F-SSH_ALLOC_ERROR, ssh memory allocation error Deliverables: TCPIP$SSH_SFTP2.EXE Reference: QXCM1001093376/TCPIP_BUGS Note 3801 12.49 SCP fails intermittently 21-FEB-2010 Integrity servers and Alpha Problem: While transferring files using Secure Copy Protocol (SCP) the contents of the file is lost. Therefore, ZERO blocks file is created at the server end. This problem occurs intermittently. Deliverables: TCPIP$SSH_SSHD2.EXE Reference: QXCM1001077851/TCPIP_BUGS Note 3806 12.50 TCP/IP 'ls' command returns an empty file list with wildcards 21-FEB-2011 Integrity servers and Alpha Problem: When a remote LINUX or UNIX system connects to an OpenVMS server using SFTP to get the directory file listing, ‘ls’ command returns an empty file list when it is used with wildcards. Deliverables: TCPIP$SSH_SSHD2.EXE TCPIP$SSH_SFTP-SERVER2.EXE Reference: QXCM1001101555/TCPIP_BUGS Note 3811 12.51 SFTP commands delay when large files are present in working directory 15-MAR-2011 Integrity servers and Alpha Problem: When an SFTP client connects to the SFTP server, SFTP commands such as cd, ls, and so on, delay in displaying the output when large files are present in the current working directory. Deliverables: TCPIP$SSH_SSHD2.EXE TCPIP$SSH_SFTP-SERVER2.EXE Reference: PTR 75-117-208/TCPIP_BUGS Note 3480 12.52 SSH Fails with "%SYSTEM-W-NOSUCHDEV, no such device available" 22-MAR-2011 Integrity servers and Alpha Problem: There is a timing problem with TCP/IP Service SSH where the FTA terminal device is deleted before SSH can allocate the device. Deliverables: TCPIP$SSH_SSHD2.EXE TCPIP$SSH_SFTP-SERVER2.EXE Reference: QXCM1001110898/TCPIP_BUGS Note 3813 12.53 Invalid CD command by OpenVMS SFTP client at the home directory causes problems on OpenVMS SFTP servers 20-APR-2011 Integrity servers and Alpha Problem: While using SFTP from an OpenVMS client to an OpenVMS SFTP server, the following issues are observed: - Entering the CD command with an incorrect directory name at the home directory, it displays the incorrect error message. - Entering the incorrect CD command at the home directory is treated as a valid one and the incorrect path is stored as the current working path. Due to these issues, all subsequent commands with any file access or directory access fail with error messages. Deliverables: TCPIP$SSH_SSH2.EXE TCPIP$SSH_SFTP2.EXE Reference: PTR 75-117-211/TCPIP_BUGS Note 3834 12.54 SFTP displays "Bad window size in WINDOW_ADJUST" error message 21-APR-2011 Integrity servers and Alpha Problem: An attempt to connect from an OpenVMS SSH client to a Sparc or SUN system displays the "Bad window size in WINDOW_ADJUST" error message. Due to this error message, the connection terminates abruptly. Deliverables: TCPIP$SSH_SSH2.EXE TCPIP$SSH_SFTP2.EXE Reference: QXCM1001118833/TCPIP_BUGS Note 3833 12.55 SFTP does not work with group level logical 27-APR-2011 Integrity servers and Alpha Problem: When the user’s UAF/DEVICE is pointed to a group level logical that is defined in the user's group table, SFTP is unable to read the logical pointing to the user's login directory. Deliverables: TCPIP$SSH_SSHD2.EXE TCPIP$SSH_SFTP-SERVER2.C Reference: QXCM1001123057/TCPIP_BUGS Note 3814 12.56 SFTP client does not exit out of SFTP prompt 08-JUL-2011 Integrity servers and Alpha Problem: SFTP client does not exit out of SFTP prompt when it receives 'NO SUCH PATH' response from the server. Deliverables: TCPIP$SSH_SSH2.EXE TCPIP$SSH_SFTP2.EXE Reference: QXCM1001110716, QXCM1001110746/TCPIP_BUGS Note 3832 12.57 SFTP/SCP PUT command to SSH maverick server fails 28-July-2011 Integrity servers and Alpha Problem: SFTP/SCP PUT command to an SSH maverick server fails because of the following assertion failure: SshFCTransfer (function name unavailable) Assertion failed: tdata->current_dest_file->attributes != ((void *) 0) Deliverables: TCPIP$SSH_SFTP2.EXE TCPIP$SSH_SCP2.EXE Reference: QXCM1001143424/TCPIP_BUGS Note 3828 12.58 SCP intermittently truncates target file of COPY-PUT operation 11-Aug-2011 Integrity servers and Alpha Problem: SCP intermittently truncates target file of COPY-PUT operation. The degree of failure is random. For example, when the SSH debug logs are enabled, the degree of failure decreases. However, the SCP GET operation is 100% successful. Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SSH2.EXE Reference: QXCM1001072994/TCPIP_BUGS Note 3803 ECO 2 updates ------------- 12.59 SFTP fails when IJOBLIM is reached 15-JUN-2010 Integrity servers and Alpha Problem: When the OpenVMS Interactive Login Limit (IJOBLIM) is reached, the SSH File Transfer Protocol (SFTP) fails. Deliverables: All SSH images Reference: QXCM1001028679/TCPIP_BUGS Note 3772 12.60 NAGIOS system monitoring software reports a remote command execution failure 17-AUG-2010 Integrity servers and Alpha Problem: When upgrading from HP TCP/IP Services V5.6 ECO 2 to HP TCP/IP Services V5.6 ECO 4, the NAGIOS Secure Shell (SSH) plug-in does not work for remote command execution on OpenVMS. It displays a remote command execution failure message. This problem has been resolved. Deliverables: TCPIP$SSH_SFTP-SERVER2.EXE TCPIP$SSH_SSHD2.EXE Reference: QXCM1001026577/TCPIP_BUGS Note 3775 12.61 SSH on background mode from TRU64 UNIX or Solaris to OpenVMS hangs 24-SEP-2010 Integrity servers and Alpha Problem: When you use SSH on the background mode from TRU64 UNIX or Solaris to OpenVMS, the connection is disrupted in some points. Deliverables: TCPIP$SSH_SSHD2.EXE Reference: QXCM1001029284/TCPIP_BUGS Note 3779 12.62 Maximum window size is same as specified by the RFC 4254 24-SEP-2010 Integrity servers and Alpha Problem: OpenVMS SSH server does not allows an SSH client to request a window size adjustment that is larger than 16 MB (=16*1024*1024). Deliverables: TCPIP$SSH_SSHD2.EXE Reference: QXCM1001017215/TCPIP_BUGS Note 3780 12.63 Issues with the wildcard PUT command and file names with multiple periods on the ODS-5 disk with SFTP and SCP 27-OCT-2010 Integrity servers and Alpha Problem: When the wildcard PUT command for Secure Copy (SCP) and SSH File Transfer Protocol (SFTP) is used to copy the files on a remote server, it copies the files with multiple periods on the ODS-5 disk. For example: o Using SCP wildcard PUT command with file name having circumflex character (for example, file name with 1^.2^.3^.4.txt;1) to the non-OpenVMS server fails after first transfer. o Using SFTP wildcard PUT command with *.* to a non-OpenVMS SFTP server, transfers all files and appends a semi-colon to the file name. Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SFTP2.EXE Reference: QXCM1001059611/TCPIP_BUGS Note 3788 12.64 SCP intermittently truncates target file of COPY-PUT operation 1-NOV-2010 Integrity servers and Alpha Problem: SCP intermittently truncates target file of COPY-PUT operation. The degree of failure is random. For example, when the SSH debug logs are enabled, the degree of failure decreases. However, the SCP GET operation is 100% successful. Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SSH2.EXE Reference: QXCM1000945214/TCPIP_BUGS Note 3789 12.65 SFTP issue with the Tumbleweed servers 1-NOV-2010 Integrity servers and Alpha Problem: SFTP cannot copy a file onto the Tumbleweed SSH/SFTP server and creates a zero byte file on the Tumbleweed server. Therefore, the client fails and displays the following error message: FATAL:BUILD13$:[TCPIP_V54_BLECO7.SRC_PAT.SSH2]SSHFC_TRANSFER.C;1:18 35SshFCTransfer (function name unavailable) Assertion failed: 4 Deliverables: TCPIP$SSH_SCP2.EXE TCPIP$SSH_SSH2.EXE Reference: QXCM1000949216/TCPIP_BUGS Note 3790 ECO 1 updates ------------- 12.66 SSH ignores the LGI parameters, such as LGI_BRK_DISUSER 17-MAY-2010 Integrity servers and Alpha Problem: Login failures using SSH resulting in an intrusion record do not enforce the LGI_BRK_DISUSER flag. Deliverables: TCPIP$SSH_SFTP-SERVER2.EXE TCPIP$SSH_SSHD2.EXE Reference: QXCM1001014804/TCPIP_BUGS Note 3762 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 Telnet Server --------------------------------------------------------------------------- ECO 5 Updates ------------- 13.1 TNA device hang. 24-Apr-13 Integrity servers and Alpha Problem: TNA device ends up being owned by a process that no longer exists on the system. This results in no other process being able to use the specific TNA device. Deliverables: [SYS$LDR]TCPIP$TNDRIVER.EXE Reference: QXCM1001260102 QXCM1001011176 QXCM1001096328 QXCM1000972584 13.2 Telnet driver dropping characters during binary mode transfers. 26-Jun-13 Integrity servers and Alpha Problem: Telnet driver dropping characters during binary mode transfers. This data loss occurs when temporary buffer is full and also involves character "FF" - interrupt as command. Deliverables: [SYS$LDR]TCPIP$TNDRIVER.EXE Reference: QXCM1001282681 13.3 Telnet login to C7000 On-board Administrator echoes the password. 18-Jul-13 Integrity servers and Alpha Problem: In TCPIP v5.7, if we enable the Options_view and connect to On-board Administrator on a C7000 enclosure will echo the password back at OpenVMS in plain text. Deliverables: [SYSEXE]TCPIP$TELNET.EXE Reference: QXCM1001264278 ECO 4 Updates ------------- 13.4 Correction in the Documentation 30-Mar-2012 Integrity Servers and Alpha Problem: In the manual "HP TCP/IP Services for OpenVMS Management", section 24.5.1 Printer Characteristics, Table 24–3 Printcap Symbols, the below entry on CR flag: cr Not supported by TCP/IP Services. stands corrected as: cr cr flag. Tells the print symbiont to insert carriage return character '\r' at the end of each record, for remote print queues. No effect on local print queues. Deliverables: NA Reference: QXCM1001204022 ECO 2 updates ------------- 13.5 TNA devices are owned by a non-existent process 19-JUL-2010 Integrity servers and Alpha Problem: When the TNA devices/terminals are owned by a non-existent process, it leads to intermittent print job failures. Deliverables: TCPIP$TNDRIVER.EXE Reference: QXCM1001011176 and QXCM1000972584/TCPIP_BUGS Note 3773 ECO 1 updates ------------- 13.6 Telnet server does not clear the TELNET$L_REMOTE_OPTIONS bit 29-MAR-2010 Integrity servers and Alpha Problem: Telnet server does not clear the TELNET$L_REMOTE_OPTIONS bit in TN UCB after receiving a "WONT BINARY" command. Deliverables: TCPIP$TNDRIVER.EXE Reference: QXCM1001014454/TCPIP_BUGS Note 3767 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 LIBPCAP --------------------------------------------------------------------------- ECO 2 updates ------------- 14.1 Changes to pcap_read_pf and pcap_open_live functions 23-JUL-2010 Integrity servers and Alpha Problem: 1. pcap_loop processes packets after pcap_breakloop is called. 2. pcap_next_ex() is not defined in shareable images. 3. pcap_open_live call with unconfigured interface name does not return an error. Deliverables: TCPIP$LIBPCAP_SHR.EXE Reference: PTR 75-123-30 and PTR 75-67-30/TCPIP_BUGS Note 3782 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 NET --------------------------------------------------------------------------- ECO 5 Updates ------------- 15.1 Failsafe log files are always created in the system disk in sys$sysdevice:[tcpip$fsafe]. 26-Sep-12 Integrity servers and Alpha Problem: Failsafe log files are always created in the system disk in sys$sysdevice:[tcpip$fsafe] and the directory cannot be configured. To address this, a new logical tcpip$failsafe_home is introduced to hold the directory path. This logical has to be defined in the system table. define tcpip$failsafe_home DISK$LOG:[FSLOGS] /system/executive. Deliverables: TCPIP$FAILSAFE_RUN.COM Reference: QXCM1001240292 15.2 TCPIP$SYFAILSAFE procedure is not executed when IP address moved to another system in the cluster. 1-Feb-13 Integrity servers and Alpha Problem: TCPIP$SYFAILSAFE procedure is executed only when IP address is moved to a different interface within the system. It is not executed when IP address moved to another system in the cluster. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$INETACP.EXE [SYSEXE]TCPIP$FAILSAFE.EXE [SYSMGR]TCPIP$FAILSAFE_STARTUP.COM Reference: QXCM1001236688 15.3 TCPIP$FAILSAFE.EXE exited with "%LIB-F-ONEDELTIM - at least one delta time is required". 6-Feb-13 Integrity servers and Alpha Problem: TCPIP$FAILSAFE.EXE exited with "%LIB-F-ONEDELTIM - at least one delta time is required" as lib$add_times call failed. Some times "ERROR: add_times" error logged twice. Deliverables: [SYSEXE]TCPIP$FAILSAFE.EXE Reference: QXCM1001247460 15.4 SYSTEM crash during TCPIP startup with SSRVEXCEPT at INET$PPE_QUEUE_TCPIP_KRP_C+002C0. 19-Feb-13 Integrity servers and Alpha Problem: TCPIP shutdown process does not disable/stop the PPE process when PPE is enabled. As a result during TCPIP startup, the system crashes. Deliverables: [SYSEXE]TCPIP$SET_PPE.EXE [SYS$STARTUP]TCPIP$SHUTDOWN.COM Reference: QXCM1001258323 15.5 Call to gethostbyname through sys$qio fails. 18-Jul-13 Integrity servers and Alpha Problem: In TCPIP v5.7, sys$qio will fail with the status code $system-f-badparam for sub function code "inetacp_func$c_gethostbyname". Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYSEXE]TCPIP$INETACP.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE Reference: QXCM1001266335 15.6 CPUSPINWAIT system crash due to high volume of TCPIP packet processing. 20-Dec-13 Integrity servers and Alpha Problem: TCPIP packet processing routines will run at IPL8 level, due to lot of TCPIP traffic these IPL 8 TCPIP codes continue to execute and this resulted in Lower IPL related processing to wait and resulted in crash. Deliverables: [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYS$LDR]TCPIP$BGDRIVER.EXE [SYSEXE]TCPIP$INETACP.EXE Reference: QXCM1001322541 15.7 System crash during TCPIP startup. 20-Dec-13 Integrity servers and Alpha Problem: System crash during TCPIP startup with foot print of "INVEXCEPTN, Exception while above ASTDEL" in module TCPIP$INTERNET_SERVICES. Deliverables: [SYSEXE]TCPIP$INETACP.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INETACP.STB [SYS$LDR]TCPIP$INTERNET_SERVICES.STB [SYS$LDR]TCPIP$BGDRIVER.STB Reference: QXCM1001323641 15.8 OpenVMS System crash during TCP/IP failsafe IP failover. 27-Feb-14 Integrity servers and Alpha Problem: System crash during TCPIP failsafe IP failover with foot print of "INVEXCEPTN, Exception while above ASTDEL" in module TCPIP$INTERNET_SERVICES. Deliverables: [SYSEXE]TCPIP$INETACP.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INETACP.STB [SYS$LDR]TCPIP$INTERNET_SERVICES.STB [SYS$LDR]TCPIP$BGDRIVER.STB Reference: QXCM1001335055 15.9 INVEXCEPTN crash in PPE, when TCPIP is under heavy load. 28-Aug-14 Integrity servers and Alpha Problem: If Packet Processing Engine (PPE) is enabled, the process TCPIP$INETPPE might cause INVEXCEPTN bugcheck under heavy load. Deliverables: [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE Reference: QXCM1001350126 ECO 4 updates ------------- 15.10 OpenVMS node crashes with SSRVEXCEPTN bugcheck in TCPIP$INETACP while doing failsafe operations. 22-Feb-12 Integrity servers and Alpha Problem: The following issues are addressed with this image. 1) Fix for SSRVEXCEPTN Crash with the footprint of fscb queue corruption 2) Fix for SSRVEXCEPTN crash with footprint of COM$POST in call stack and crash while processing IRP. 3) Fix for SSRVEXCEPTN crash with footprint of INETACP_DISPATCH in call stack and crash while removing entry from queue. 4) Fix for SSRVEXCEPTN crash with footprint of INETACP_PROCESS_IRP in call stack and crash while processing IRP. 5) Fix for SSRVEXCEPTN Crash with footprint fs_granted_ast in call stack and crash in guard_entry 6) Fix for SRVEXCEPTN Crash with footprint doorbell_sendaction_ipl0 in call stack and crash in guard_exit 7) Fix for SSRVEXCEPTN Crash with footprint doorbell_rang_ipl0 in call stack and crash in doorbell_destroy 8) Fix for a memory leak Deliverables: TCPIP$INETACP.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$BGDRIVER.EXE TCPIP$INETACP.STB TCPIP$INTERNET_SERVICES.STB TCPIP$BGDRIVER.STB Reference: QXCM1001192343, QXCM1001190751, QXCM1001135076, QXCM1001163757, QXCM1001223498, QXCM1001233801 15.11 TCPIP SHOW SERVICE "active count" shows an incorrect value 3-Apr-12 Integrity servers and Alpha Problem: TCPIP SHOW SERVICE "Active Count" was showing a high value of 65535 even when there are not as many server processes active. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INETACP.EXE, TCPIP$INTERNET_SERVICES.EXE Reference: QXCM1001184892 15.12 Intermittent data corruption with IP fragmentation. 5-Apr-12 Integrity servers and Alpha Problem: Intermittent data corruption was observed when sending fragmented IP packets with PMTU enabled. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$INETACP.EXE Reference: QXCM1001171559 15.13 INVEXCEPTN at TCPIP$INTERNET_SERVICES while removing Interface 25-Apr-12 Integrity servers and Alpha Problem: When the interface is deleted, the data gets out of sync with what is stored in configuration structure. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$INETACP.EXE Reference: QXCM1001207748 15.14 INVEXCEPTN at TCPIP$INTERNET_SERVICES while starting the TCPIP when "NOAUTONEGOTIATE" flag enabled on LAN interface. 23-Jul-12 Integrity servers and Alpha Problem: If an early datagram arrives, the problem occurs when the uninitialized data structures are referenced. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$INETACP.EXE Reference: QXCM1001198052 15.15 Multicast VCRP memory leak consuming non-paged pool 4-Mar-2012 Integrity Servers and Alpha Problem: While removing the Multicast IP address, non-paged pool memory is not freeing up properly. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$INETACP.EXE Reference: QXCM1001193576 ECO 3 updates ------------- 15.16 System crashes while accessing invalid KVCI interface 19-Nov-2010 Integrity servers and Alpha Problem: The system crashes because TCP/IP internally accesses KVCI interface and the pointer to a particular structure which has NULL value. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE Reference: QXCM1001078133/TCPIP_BUGS Note 3795 15.17 System crashes with INVEXCEPTN bugcheck 15-MAR-2011 Integrity servers and Alpha Problem: The system crashes with "INVEXCEPTN, exception while above ASTDEL" bugcheck when the timer value is set to zero. Deliverables: TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE TCPIP$BGDRIVER.EXE Reference: QXCM1001115073/TCPIP_BUGS Note 3807 15.18 TCPIP$INET_ACP at priority 0 results in a system hang 22-Mar-2011 Integrity servers and Alpha Problem: When an attempt is made to shutdown the TCP/IP services, the TCPIP$INETACP is in a tight loop at priority 0 and this results in a system hang. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE Reference: QXCM1001104786, QXCM1001105210, QXCM1001110839/TCPIP_BUGS Note 3809 15.19 TCP/IP does not start if the CPU 0 is down 28-MAR-2011 Integrity servers and Alpha Problem: TCP/IP does not start if the CPU 0 is down. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE Reference: QXCM1001106883/TCPIP_BUGS Note 3808 15.20 Sendtp() API function fails in 64-bit mode 18-May-2011 Integrity servers and Alpha Problem: Sendto() API function does not work for program compiled with 64-bit pointer_size. Deliverables: TCPIP$IPC_SHR.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE TCPIP$BGDRIVER.EXE Reference: QXCM1001122374/TCPIP_BUGS Note 3817 15.21 Unable to communicate only on FDDI cards 21-JUL-2011 Integrity servers and Alpha Problem: When migrated from HP TCP/IP Services for OpenVMS Version 5.6 ECO 5 to Version 5.7 ECO 1, users are unable to communicate on FDDI cards. The problem occurs when TCPIP sends an ARP packet to determine the MAC address of the destination. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE Reference: QXCM1001115897/TCPIP_BUGS Note 3819 ECO 2 updates ------------- 15.22 Crashes when the service limit is reached 14-OCT-2010 Integrity servers and Alpha Problem: When the service limit for any service is reached, and if any new connection is made to the service, the NET component crashes. Deliverables: TCPIP$BGDRIVER.EXE TCPIP$INTERNET_SERVICES.EXE TCPIP$INETACP.EXE Reference: QXCM1001073956/TCPIP_BUGS Note 3783 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 IPC --------------------------------------------------------------------------- ECO 5 Updates ------------- 16.1 Telnet fails to connect to IP address when the name server is disabled. 30-Jan-12 Integrity servers and Alpha Problem: The reverse host lookup of an IP address fails when name server is disabled. Telnet connection to an IP address which is not present in the localhost database, fails with the following error: %TELNET-E-IVHOST, Invalid or unknown host nn.nn.nn.nn Deliverables: [SYSEXE]TCPIP$IPC_SHR.EXE Reference: QXCM1001258562 16.2 Intermittent errors returned from getaddrinfo(), gethostbyaddr(), and getinfobyname() in multithreaded applications. 8-Oct-13 Integrity servers and Alpha Problem: When multithreaded application using getaddrinfo(), gethostbyaddr(), and getinfobyname() calls in frequently, once the call fails, all subsequent calls will fail. Deliverables: [SYSEXE]TCPIP$IPC_SHR.EXE Reference: QXCM1001304335 16.3 "tcpip show proxy" command results in ACCVIO. 8-Apr-14 Integrity servers and Alpha Problem: The special proxy TCPIP$NOBODY with a hostname causes "tcpip show proxy" command to ACCVIO after a sequence of commands. Deliverables: [SYSEXE]TCPIP$ACCESS_SHR.EXE Reference: QXCM1001341415 16.4 Process hang in TCPIP$IPC_SHR after memory exhaustion. 25-Jun-14 Integrity servers and Alpha Problem: A process hangs while calling GETADDRINFO() in TCPIP$IPC_SHR, if the call is made after exceeding page file quota. Deliverables: [SYSEXE]TCPIP$IPC_SHR.EXE Reference: QXCM1001351468 ECO 4 Updates ------------- 16.5 The GETADDRINFO socket routine returns an invalid address when an IPV4 format address is passed with the AI_V4MAPPED flag set. 23-Feb-12 Integrity servers and Alpha Problem: The problem was occurring because all the fields of addrinfo structure are not populated properly in certain conditions. Deliverables: TCPIP$IPC_SHR.EXE Reference: QXCM1001148214 16.6 getaddrinfo() socket routine fails with an ACCVIO when the first argument is NULL. 22-Nov-11 Integrity servers and Alpha Problem: The application using the getaddrinfo() socket routine fails with an ACCVIO when NULL is specified as the first argument. Deliverables: TCPIP$IPC_SHR.EXE Reference: QXCM1001176364 16.7 Socket call sendto() fails with error 'invalid buffer length' when the destination address has zero value. 23-Feb-12 Integrity servers and Alpha Problem: Sendto() call was changed to support addresses from P2 space. If the destination address has zero value, the descriptor address is expected to be NULL. Deliverables: TCPIP$IPC_SHR.EXE Reference: QXCM1001194530 ECO 2 updates ------------- 16.8 Getting NaT consumption fault in TCPIP$INET_NTOA 14-SEP-2010 Integrity servers and Alpha Problem: When the TCPIP$INET_NTOA function takes an argument of Struct sockaddr_in type, it generates NaT consumption fault. Deliverables: TCPIP$IPC_SHR.EXE Reference: PTR 75-117-192/TCPIP_BUGS Note 3781 16.9 Threads get blocked in select() call 14-OCT-2010 Integrity servers and Alpha Problem: Threads get blocked in select() call on a LOCK_LONG instruction and this leads to incoming packets occupying non-paged pool. Deliverables: TCPIP$IPC_SHR.EXE Reference: QXCM1001030924/TCPIP_BUGS Note 3784 16.10 AF_UNIX support 23-OCT-2010 Integrity servers and Alpha Problem: The AF_UNIX address family support is added. 1. Performance might be similar to the loopback AF_INET sockets. 2. No support for QIO interfaces. 3. Uses the logicals TCPIP$AF_UNIX_MIN_PORT and TCPIP$AF_UNIX_MAX_PORT to configure minimum and maximum ports for AF_UNIX. Deliverables: TCPIP$IPC_SHR.EXE Reference: TCPIP_BUGS Note 3792 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services V5.7 SCTP --------------------------------------------------------------------------- ECO 1 updates ------------- 17.1 SCTP is enabled on the system 29-May-2010 Integrity servers and Alpha Problem: SCTP is enabled on the system, by default. Deliverables: TCPIP$INTERNET_SERVICES.EXE TCPIP$BGDRIVER.EXE TCPIP$INETACP.EXE Reference: TCPIP_BUGS Note 3766 Note: By default, SCTP is now disabled on the system. SCTP can be enabled on the system using the TCPIP> SYSCONFIG -C SCTP command. To disable SCTP again, reboot the system. --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 SNMP --------------------------------------------------------------------------- ECO 5 Updates ------------- 18.1 MIB values are not getting updated when polling is enabled. 9-Oct-12 Integrity servers and Alpha Problem: SNMP Poll timer is dependent on POLL_TIMER logical, by default the value is 30 seconds. When polling is enabled, it is observed that disk usage statistics are not reflected correctly. Deliverables: [SYSEXE]TCPIP$OS_MIBS.EXE [SYSEXE]TCPIP$HR_MIB.EXE Reference: QXCM1001165121 18.2 OpenVMS SNMP Master agent quits searching the rest of the table and terminates. 20-Jun-12 Integrity servers and Alpha Problem: OpenVMS SNMP Master agent quits searching the rest of the table and terminates. With this change, for single instance cache, the walk through is done correctly. Deliverables: [SYSEXE]TCPIP$ESNMP_SERVER.EXE Reference: QXCM1001198444 18.3 SNMP shutdown does not clean up all processes. 22-Nov-12 Integrity servers and Alpha Problem: After running the SNMP shutdown procedure TCPIP$SNMP_SHUTDOWN.COM, all the active processes are not getting deleted and some SNMP processes remains active. Deliverables: [SYSMGR]TCPIP$SNMP_SHUTDOWN.COM Reference: QXCM1001009261 18.4 Data overflow when disk size in TeraBytes. 4-Apr-13 Integrity servers and Alpha Problem: SNMP Data overflow for hrDiskStorageCapacity, hrStorageUsed, and hrStorageSize. The disk size in TeraBytes(TB) resulted in integer overflow and also caused an incorrect value. Deliverables: [SYSEXE]TCPIP$HR_MIB.EXE Reference: QXCM1001262840 18.5 In multi-home environment (multiple NICs), always default IP address is used for sending response. 28-Feb-14 Integrity servers and Alpha Problem: In multi-home environment (multiple NICs), SNMP server is not sending response from the IP address on which request was received. Deliverables: [SYSEXE]TCPIP$ESNMP_SERVER.EXE Reference: QXCM1001320449 ECO 4 updates ------------- 18.6 The MIB process takes too much CPU time while gathering pool data. 8-Jan-12 Integrity Servers and Alpha Problem: The gathering of the pool data is a time consuming activity. This has been made optional based on the logical TCPIP$SNMP_DISABLE_POOL_COUNT. The logical can have multiple values to control the behavior of SNMP as seen below:- 0 (or Logical not defined) - Enable paged and non-paged packet counting. 1 - Enable paged packet counting. 2 - Enable Non-paged Pool packet counting. 3 - Disable paged and Non-paged Pool packet counting. Deliverables: TCPIP$HR_MIB.EXE Reference: QXCM1001206200 18.7 OpenVMS SNMP cannot get information about their disks, which makes remote monitoring more difficult. 27-AUG-2012 Integrity Servers and Alpha Problem: When walking the MIB tree, not all MIBs answer to the request. The behavior began when their systems running OpenVMS 8.4 had upgraded from TCPIP5.7 ECO2 to TCPIP5.7 ECO 3. The behavior is also not seen on alpha running OpenVMS 8.3 and TCPIP5.6 ECO 3. As part of this change, the logical "TCPIP$SNMP_SCAN_ALLDEV" is no longer available and "TCPIP$SNMP_NODEV" logical is added and We have added 2 more left devices such as MAILBOX, MISC (Miscellaneous Devices)in it. The data for all the devices will be collected by default. Whatever devices needs to be disabled that can be achieved by "TCPIP$SNMP_NODEV" logical. Deliverables: TCPIP$HR_MIB.EXE Reference: QXCM1001216859 ECO 3 updates ------------- 18.8 TCPIP$HR_MIB process consumes more CPU time 16-DEC-2010 Integrity servers and Alpha Problem: TCPIP$HR_MIB process consumes more CPU time in HP TCP/IP Services for OpenVMS Version 5.4 ECO 4. Deliverables: TCPIP$HR_MIB.EXE Reference: QXCM1001088502/TCPIP_BUGS Note 3829 18.9 TCPIP$SNMP process does not start in a cluster member node 14-Apr-2011 Integrity servers and Alpha Problem: During cluster reboot, TCPIP$SNMP process does not start in one of the cluster member node and the following error message is displayed: 22-MAR-2010 00:33:30.83 **ERROR VMS_CONFIG.C line 648: Cannot open SYS$SYSDEVICE:[TCPIP$SNMP]TCPIP$SNMP_CONF.DAT or SYS$SYSDEVICE:[TCPIP$SNMP]TCPIP$TMP_SNMP_CONF.DAT configuration files. Deliverables: TCPIP$ESNMP_SERVER.EXE TCPIP$HR_MIB.EXE TCPIP$OS_MIBS.EXE Reference: QXCM1001022757/TCPIP_BUGS Note 3825 18.10 SNMP TRAP_END message identifier 25-Apr-2011 Integrity servers and Alpha Problem: Problem occurs in determining the end of one trap and the beginning of the next one. This mechanism must allow TCPIP$SNMP_TRAPRCV.EXE to notify a receiving application that the end of a trap event is reached. Deliverables: TCPIP$SNMP_TRAPRCV.EXE Reference: QXCM1001123045/TCPIP_BUGS Note 3696 18.11 SNMP does not start due to an ACCVIO 20-May-2011 Integrity servers and Alpha Problem: SNMP does not start due to an ACCVIO in the TCPIP$ESNMP_SERVER process. Deliverables: TCPIP$ESNMP_SERVER.EXE Reference: QXCM1001091800 /TCPIP_BUGS Note 3823 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 SMTP --------------------------------------------------------------------------- ECO 5 Updates ------------- 19.1 TCPIP SHOW MAIL command not able to display the information contained in the execution queues. 25-Sep-12 Integrity servers and Alpha Problem: TCPIP SHOW MAIL command was not able to display the information contained in the execution queues. This was working till TCPIP V5.6. Deliverables: [SYSEXE]TCPIP$UCP.EXE Reference: QXCM1001197764 19.2 SMTP mail always uses alternate gateway even in local domain. 29-Aug-13 Integrity servers and Alpha Problem: SMTP is ALWAYS using the alternate gateway setting even if SMTP mail is sent to local domain nodes. Deliverables: [SYSLIB]TCPIP$SMTP_MAILSHR.EXE Reference: QXCM1001304009 19.3 E-mail delivery failures due to domain name mismatch. 23-Sep-13 Integrity servers and Alpha Problem: While sending mail to users on certain domains, it gets modified by SMTP. As a result the mail is either not delivered when it should be, or delivered when it should not. Deliverables: [SYSLIB]TCPIP$SMTP_MAILSHR.EXE Reference: QXCM1001298111 19.4 SMTP does not handle Mail forwarding properly. 14-Mar-14 Integrity servers and Alpha Problem: SMTP fails delivery when specifying multiple users and second recipient is a local OpenVMS account that has email forwarded to the same domain as the first recipient. Deliverables: [SYSLIB]TCPIP$SMTP_MAILSHR.EXE [SYSEXE]TCPIP$SMTP_SYMBIONT.EXE Reference: QXCM1001331601 19.5 TCPIP does not accept multiple zones for SMTP configuration. 8-Apr-14 Integrity servers and Alpha Problem: When using multiple zones, TCPIP$SMTP_STARTUP reports the following error message: %TCPIP-E-GENSYNERR, invalid syntax in value zone1,zone2 for field Zone Deliverables: [SYSLIB]TCPIP$SMTP_MAILSHR.EXE Reference: QXCM1001345150 19.6 POP Server hang issue. 13-Jan-14 Integrity servers and Alpha Problem: POP Server crash or hang while retrieving multiple large mail messages. A new parameter "Message-Size" has been introduced in TCPIP$POP.CONF, which can be used to restrict the mail message size in MB. Deliverables: [SYSEXE]TCPIP$POP_SERVER.EXE Reference: QXCM1001302976 19.7 The customization of log file location is not supported in SMTP configuration file. 31-Jan-13 Integrity servers and Alpha Problem: The SET CONFIGURATION SMTP command is obsolete post V5.7. All the parameters which were configured through this command, are now configured using SMTP configuration file TCPIP$SMTP.CONF. /LOG option of SET CONFIGURATION SMTP was used to specify the path where the logfile is to be created. However, TCPIP$SMTP.CONF does not currently support this option. A new configuration parameter "Logfile-Location" has been introduced in configuration file that serves the purpose of /LOG option. Deliverables: [SYSEXE]TCPIP$SMTP_MAILSHR.EXE [SYSHLP]TCPIP$UCP_HELP.HLB [SYSEXE]TCPIP$UCP.EXE Reference: PTR 75-117-289 ECO 4 updates ------------- 19.8 Upgrade to TCPIP V5.7 results in only one SMTP execution queue 3-Jan-12 Integrity servers and Alpha Problem: The post SMTP upgrade executable, TCPIP$SMTP_V57_ROLLOVER.EXE, which migrates the SMTP configuration information does not take care of the number of SMTP queues. This results in only one SMTP queue to be started, irrespective of how many had been configured previously. Deliverables: TCPIP$SMTP_V57_ROLLOVER.EXE Reference: QXCM1001177145 19.9 Error with the "Deliver-NoXVMS" configuration option in the SMTP Symbiont Configuration file. 13-Jun-12 Integrity Servers and Alpha Problem: The XVMS headers appear in the mail output even after the configuration option "Deliver-NoXVMS" is set to TRUE in TCPIP$SMTP.CONF. Deliverables: TCPIP$SMTP_MAILSHR.EXE Reference: 75-117-237 19.10 SMTP gives error %TCPIP-E-GENSYNERR when there is underscore in the name of the alternate gateway. 4-Nov-11 Integrity Servers and Alpha Problem: Whenever an underscore is present in the host-name for a DNS or Gateway, SMTP gives the following error during SMTP startup:- %TCPIP-E-GENSYNERR, invalid syntax in value BLUE_SYSTEM for field Alternate-Gateway RFC 952 and 1034 do not allow the underscore in DNS names but RFC 2181 allows it. Deliverables: [SYSLIB]TCPIP$SMTP_MAILSHR.EXE Reference: QXCM1001174553 ECO 3 updates ------------- 19.11 SMTP mail messages are not received properly 11-Jan-2011 Integrity servers and Alpha Problem: Occasionally, incoming SMTP mail messages are not received properly and returns them to the senders. The SMTP node log file contains the following error message: %%%%%%%%%%%% 31-AUG-2010 23:29:01.62 %%%%%%%%%%%% %MAIL-E-INVITMLEN, invalid item length Failed to deliver local mail to %MAIL-E-INVITMLEN, invalid item length Deliverables: TCPIP$SMTP_MAILSHR.EXE TCPIP$SMTP_RECEIVER.EXE TCPIP$SMTP_SYMBIONT.EXE TCPIP$SMTP_SFF.EXE Reference: QXCM1001072171:/TCPIP_BUGS Note 3804 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 NFS --------------------------------------------------------------------------- ECO 5 Updates ------------- 20.1.1 BACKUP command fails for NFS drive mounted with /TRANSPORT=UDP option. 09-Apr-12 Integrity servers and Alpha Problem: For an NFS drive mounted with /TRANSPORT=UDP option, the BACKUP command fails to perform write operation on the drive. The failure occurs and the following message is displayed: -RMS-F-WER, file write error -SYSTEM-F-MEDOFL, medium is offline Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE [SYSEXE]TCPIP$DNFS_MOUNT_SHR.EXE Reference: QXCM1001236899 20.1.2 The option "/DATA" of MOUNT command does not work with NFSv3. 09-Apr-12 Integrity servers and Alpha Problem: For NFSv3 client, the values for Read/Write size is always (8192/32768 respectively), regardless of the values passed using /DATA option in MOUNT command. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE [SYSEXE]TCPIP$DNFS_MOUNT_SHR.EXE Reference: QXCM1001236899 20.2 The NFS V3 client reports an incorrect volume size after the first NFS read operation. 30-Aug-12 Integrity servers and Alpha Problem: The NFS V3 client reports an incorrect volume size after the first NFS read operation for shares having size more than 4 GB. It reports a volume size of -1 (4294967295). Deliverables: [SYSEXE]TCPIP$DNFSDRIVER.EXE [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001202153 20.3 EDIT/TPU on VFC file results in file corruption when NFS device is mounted using CONVERT. 14-Sep-12 Integrity servers and Alpha Problem: When a NFS device is mounted using CONVERT, editing a VFC file using EIDT/TPU results in file corruption. Lots of characters are seen in the resultant file. Deliverables: [SYSEXE]TCPIP$DNFSDRIVER.EXE Reference: QXCM1001231833 20.4 TCPIP show mount command fails with NOPRIV error. 26-Sep-12 Integrity servers and Alpha Problem: TCPIP show mount command fails when auto mount is enabled on DNFS disk with the below error message: %TCPIP$DNFSMOUNT-E-SHOWFAIL, error showing information for _DNFS1: -SYSTEM-F-NOPRIV, insufficient privilege or object protection violation Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001220002 20.5 System crash during NFS server restart. 22-Oct-12 Integrity servers and Alpha Problem: Restarting of the NFS server resulted in system crash with the following footprint : INVEXCEPTN, Exception while above ASTDEL Failing PC: FFFFFFFF.800884EC SMP$CPU_SWITCH_C+0034C Failing PS: 10000000.00000604 Module: SYSTEM_SYNCHRONIZATION_MIN (Link Date/Time: 10-FEB-2012 12:34:07.92) Offset: 000004EC Deliverables: [SYSEXE]TCPIP$NFSSTAT.EXE [SYSEXE]TCPIP$NFS_SERVER.EXE [SYS$LDR]TCPIP$NFS_SERVICES.EXE Reference: QXCM1001222795 20.6 The command "SET FILE /PROTECTION" fails for a read-only file in NFSv3 client. 20-Nov-12 Integrity servers and Alpha Problem: In NFS v3 client (with Linux NFS server), any attempt to change the permission of a read-only file/directory using command "SET FILE /PROTECTION" fails, even if that file is owned by the user. This is working fine in NFS v2 client. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001233053 20.7 NFS client directory access returns "ACP data lost" error if subdirectory is deleted and recreated at NFS server. 20-Nov-12 Integrity servers and Alpha Problem: If the subdirectory within an exported directory is deleted and recreated on NFS server and the OpenVms NFS v3 client tries to access that directory, it returns "ACP data lost" error. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001237441 20.8 Unable to create various NFS related log files in user specified locations. 20-Nov-12 Integrity servers and Alpha Problem: NFS related log files (TCPIP$NFS_RUN.LOG and TCPIP$MOUNTD_RUN.LOG) were always getting created in SYS$SYSDEVICE:[TCPIP$NFS]. It was not possible for the user to change this path. A new logical TCPIP$NFS_DEV has been introduced to create the NFS related log files in the user specified location as shown below. $ DEFINE/SYSTEM TCPIP$NFS_DEV :[desired directory name] Deliverables: NONE Reference: QXCM1001248275 20.9 NFS mount command with /TRANSPORT=TCP, uses UDP. 11-Dec-12 Integrity servers and Alpha Problem: Even When NFS disk is mounted using /TRANSPORT=TCP, NFS uses UDP protocol as transport. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001213229 20.10 DNFSACP process crashes with ACCVIO, when a RPC call returns error status. 22-Jan-13 Integrity servers and Alpha Problem: For a NFS mount point using TCP transport, if the RPC call returns error status from the server eg: Cancel, Link disconnected etc., the DNFSACP process crashes. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001249066 QXCM1001257901 20.11 Issues with BACKUP operation on files exported from OpenVMS NFS server. 30-Jan-13 Integrity servers and Alpha Problem: The BACKUP of files exported from OpenVMS NFS server, has the following issues: (a) For mount points using TCP transport, BACKUP operation completes successfully, but performance is extremely slow. (b) For mount points using UDP transport, BACKUP operation fails with "device timeout" error. (c) For UDP mount points with increased RPC timeout, BACKUP completes successfully; but the performance is still slow, just as in TCP. Deliverables: [SYS$LDR]TCPIP$BGDRIVER.EXE [SYSEXE]TCPIP$INETACP.EXE [SYS$LDR]TCPIP$INTERNET_SERVICES.EXE [SYSEXE]TCPIP$NFSSTAT.EXE [SYSEXE]TCPIP$NFS_SERVER.EXE [SYS$LDR]TCPIP$NFS_SERVICES.EXE Reference: QXCM1001255176 20.12 NFS ODS-5 mount points does not work correctly with file names having '$' character. 20-Feb-13 Integrity servers and Alpha Problem: In a DNFS drive mounted as ODS-5 file system, files which has '$' character in name, cannot be created. When writing such file to DNFS drive, the file name gets distorted. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001245910 20.13 NFS Server not functioning properly with udp_threads=0 setting. 25-Apr-13 Integrity servers and Alpha Problem: If NFS service is restarted while udp_threads is set to zero, the service will not come back online. After this, the NFS Server will not function properly until the system is rebooted. Deliverables: [SYSEXE]TCPIP$NFSSTAT.EXE [SYSEXE]TCPIP$NFS_SERVER.EXE [SYS$LDR]TCPIP$NFS_SERVICES.EXE Reference: QXCM1001256853 20.14 NFS Server restart fails on rare occasions. 25-Apr-13 Integrity servers and Alpha Problem: During shutdown of NFS Server using TCPIP$NFS_SHUTDOWN script, sometimes the execlet TCPIP$NFS_SERVICES does not get unloaded properly. This prevents proper restart of NFS Server, and the only option is to reboot the system. Deliverables: [SYSMGR]TCPIP$NFS_SHUTDOWN.COM Reference: QXCM1001270503 20.15 OpenVMS TCPIP NFS Client hangs when NFS Server is resumed after long disconnect interval. 29-Oct-13 Integrity servers and Alpha Problem: Whenever NFS Server is disconnected for a long duration and resumes back, the NFS Client hangs. Problem is observed only when the transport is TCP. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE [SYSLIB]TCPIP$DNFS_MOUNT_SHR.EXE [SYS$LDR]TCPIP$DNFSDRIVER.EXE Reference: QXCM1001263691 20.16 NFS client unable to mount secure exported file systems over TCP Transport. 14-Feb-14 Integrity servers and Alpha Problem: When NFS client tries to mount a secure exported file system using /TRANSPORT=TCP, mount fails. This is because NFS client was using random ports to mount secure file system while using TCP transport. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE [SYSLIB]TCPIP$DNFS_MOUNT_SHR.EXE [SYS$LDR]TCPIP$DNFSDRIVER.EXE Reference: QXCM1001294629 QXCM1001307052 20.17 Copy from DNFS disk to local disk resulted in system crash. 4-Apr-14 Integrity servers and Alpha Problem: COPY command from DNFS device to local disk results in system crash when Local system does not have host alias set and tcpip host name contributes to 12 characters. Deliverables: [SYS$LDR]TCPIP$DNFSDRIVER.EXE [SYSEXE]TCPIP$DNFSACP.EXE [SYSLIB]TCPIP$DNFS_MOUNT_SHR.EXE Reference: QXCM1001317148 20.18 NFS server encounters ACCVIO during copy. 8-Jul-14 Integrity servers and Alpha Problem: When access_date has been set on the volume, NFS server reports ACCVIO during copy from NFS disks exported from that volume. Deliverables: [SYSLIB]TCPIP$CFS_SHR.EXE Reference: QXCM1001342725 20.19 Amount of memory freed by garbage collector in NFS client is incorrect. 6-Sep-12 Integrity servers and Alpha Problem: In DNFSACP process, if the threshold value is less than or equal to 209715200 then it is supposed to free up 20% of allocated memory. However, the calculation of amount of memory to be released is not done properly. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: PTR 75-117-269 20.20 NFS reports extraneous OPCOM messages. 8-May-14 Integrity servers and Alpha Problem: NFS reports unwanted OPCOM messages : %%%%%%%%%%% OPCOM 6-MAY-2014 14:14:59.14 %%%%%%%%%%% (from node at 6-MAY-2014 14:14:59.14) Message from user NFS Server on FIler owner is not an IDENTIFIER. Deliverables: [SYSEXE]TCPIP$NFSSTAT.EXE [SYSEXE]TCPIP$NFS_SERVER.EXE [SYS$LDR]TCPIP$NFS_SERVICES.EXE Reference: 75-117-338 ECO 4 Updates ------------- 20.21 The NFS Client goes into an infinite loop when file/directory access rights are modified on NFS served disk. 5-Jun-12 Integrity Servers and Alpha Problem : The NFS Client goes into a loop when the file or directories access rights are changed on a NFS served disk. The process does not produce a crash dump but loops infinitely. Deliverables : [SYSLIB]TCPIP$CFS_SHR.EXE Reference : QXCM1001140557 20.22 NFS client process hangs when trying to mount a device and the Remote NFS server crashes. 28-Nov-11 Integrity Servers and Alpha Problem: While using background mount command if user aborts the command or program while it is retrying, the NFS client process enters in the RWAST state until the NFS server responds. A RWAST process cannot be terminated. If user tries to terminate such a process, the device hangs. This is due to the graceful exit of the process not taking place. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001159988 20.23 DNFSACP process aborts with ACCVIO while deleting a file with multiple versions. 14-Nov-11 Integrity Servers and Alpha Problem: DNFSACP process aborts with ACCVIO while deleting a file with multiple versions. This problem is observed only with NFS version2 client (/VERSION=2 qualifier is given in mount command) Deliverables: SYS$COMMON:[SYSEXE]TCPIP$DNFSACP.exe;1 SYS$COMMON:[SYS$LDR]TCPIP$DNFSDRIVER.exe;1 SYS$COMMON:[SYSLIB]TCPIP$DNFS_MOUNT_SHR.exe;1 Reference: QXCM1001167740 20.24 The DNFSACP process hangs while querying a huge directory structure 9-May-12 Integrity Servers and Alpha Problem: The DNFSACP process, when querying a directory structure with 10K+ files, goes into an infinite loop. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001114792, QXCM1001235450 20.25 NFS Client does not work properly with filenames without extensions. 10-Apr-12 Integrity Servers and Alpha Problem: When dealing with filenames with no extension on a UNIX/LINUX server, 1) $ RENAME fails 2) $ DELETE command succeeds, but the DELETE operation never occurs. This is because "." is always appended to the end of a filename without any extension which the NFS server doesn’t properly convert for ODS5 file structure. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001180973 20.26 NFS Client shows Incorrect File Creation Date with "/version=2 /noconvert" mount qualifiers. 19-Jun-12 Integrity Servers and Alpha Problem: When using qualifiers "/version=2 /noconvert" for mounting, the creation date of 1st version of the file is displayed incorrectly. Deliverables: [SYSEXE]TCPIP$DNFSACP.EXE Reference: QXCM1001212349 20.27 NFSv3 client performance is slow for file deletion from a large directory. 25-JUN-12 Integrity Servers and Alpha Problem: For NFSv3 client, performance is slow while deleting files from a large directory. The time required for deletion increases drastically with the number of files in the directory. Deliverables: TCPIP$DNFSACP.EXE Reference: QXCM1001211164 20.28 OpenVMS node crashes with INVEXCEPTN bug check when NFS server is restarted. 26-Jun-12 Integrity Servers and Alpha Problem: The disable service command orders a rundown of the NFS Server process, currently in the hibernate state, which is woken up and the execlet is checked to see if the process can be rundown. However, the INETACP flags indicate that the process has shutdown. The new process, when it tries to reference the execlet, gets an exception because the previous process hasn’t removed the reference yet. Deliverables: TCPIP$NFS_SERVER.EXE Reference: QXCM1001188670, QXCM1001200894 20.29 TCPIP$MOUNTD process aborts with PGFLQUOTA error 20-Sep-11 Integrity Servers and Alpha Problem: There is a memory leak in TCPIP$MOUNTD and over time the TCPIP$MOUNTD process runs out of PGFLQUOTA. For every 55 mounts, TCPIP$MOUNTD_1 allocates an additional 128 pages from the page file. Eventually TCPIP$MOUNTD_1 will run out of PGFLQUOTA and the process will abort. Deliverables: [SYSEXE]TCPIP$MOUNTD.EXE Reference: QXCM1001124867 ECO 3 updates ------------- 20.30 NFS copy is incomplete if file size is greater than 2 GB 14-Mar-2011 Integrity servers and Alpha Problem: With HP TCP/IP Services for OpenVMS Version 5.7 ECO 2, when an attempt is made to copy files greater than 2 GB, the copy operation from NFS server fails. Deliverables: TCPIP$DNFSACP.EXE Reference: QXCM1001104084 20.31 NFS V3 client has incorrect OpenVMS file attributes 23-Mar-2011 Integrity servers and Alpha Problem: NFS V3 client has incorrect OpenVMS file attributes at the initial directory access on mount point. It is found that the header file formats are incorrect at the initial access of the files. Deliverables: TCPIP$DNFSACP.EXE Reference: QXCM1001106570 20.32 Unable to mount while using a local directory as mount point 25-Mar-2011 Integrity servers and Alpha Problem: After upgrading to HP TCP/IP Services for OpenVMS Version 5.7 ECO 2, the user is unable to mount while using a local directory as mount point. As a result, NFS V3 client ACVIOs. Deliverables: TCPIP$DNFSACP.EXE Reference: QXCM1001108472 20.33 NFS V3 client directory creation fails with Solaris and HP-UX NFS servers 7-Jun-2011 Integrity servers and Alpha Problem: After upgrading the running system to OpenVMS Version 8.3 and HP TCP/IP Services for OpenVMS Version 5.7 ECO 2, the user is unable to create directories on Solaris and HP-UX NFS servers. Deliverables: TCPIP$DNFSACP.EXE TCPIP$DNFS_MOUNT_SHR.EXE Reference: QXCM1001122011 20.34 DNFS1ACP process hangs and a MOUNT NFS is not possible 14-Jun-2011 Integrity servers and Alpha Problem: After upgrading to OpenVMS Version 8.3 and HP TCP/IP Services for OpenVMS Version 5.7 ECO 2, the DNFS1ACP process hangs and a MOUNT NFS is not possible. Due to this, the DNFS1ACP process cannot be stopped. Deliverables: TCPIP$DNFSACP.EXE TCPIP$DNFS_MOUNT_SHR.EXE Reference: QXCM1001123643 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 TCPMON --------------------------------------------------------------------------- ECO 3 updates ------------- 21.1 TCPMON file truncate problem 18-Apr-2011 Integrity servers and Alpha Problem: When TCPMON is used from TCPIP$EXAMPLES, the following issues are observed: - The CSV file name is truncated to two characters. - Access violation when an extension is not specified to a file name. Deliverables: TCPIP$TCP_MON.EXE Reference: QXCM1001082124, QXCM1001122009/TCPIP_BUGS Note 3818 and 3794 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 UNINSTALL/INSTALL --------------------------------------------------------------------------- ECO 4 Updates ------------- 22.1 TCPIP uninstallation does not clean some of the components properly. 27-JUN-12 Integrity servers and Alpha Problem: TCPIP PCSI kit uninstallation using PRODUCT REMOVE command does not remove some of the command verbs and HELP modules. A complete removal of TCPIP product and its configuration using TCPIP$CLEANUP.COM also leaves behind some directories and files. Deliverables: TCPIP 5.7 ECO4 PCSI kit TCPIP$CLEANUP.COM Reference: QXCM1001210678 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 UCP --------------------------------------------------------------------------- ECO 4 Updates ------------- 23.1 TCPIP SHOW MAIL fails on every alternate attempt. 19-Sep-11 Integrity Servers and Alpha Problem: The 'TCPIP Show Mail' command doesn’t display any output for every alternate attempt. Deliverables: TCPIP$UCP.EXE Reference: QXCM1001151419 23.2 TCPIP dynamic communication proxies cannot be deleted from all the nodes in a multi-node shared disk cluster 29-Mar-12 Integrity Servers and Alpha Problem: In a multi-node cluster with a common proxy database, when a proxy entry is added on a cluster member it is added in TCPIP$PROXY.DAT and dynamically on the node on which the 'Add Proxy' command is executed. Using "$TCPIP SET TCP/SIGNAL" it can be loaded on the dynamic database of the other systems of the cluster as well. When removing the proxy on one of the cluster systems, it will be removed from TCPIP$PROXY.DAT and the dynamic database of the node on which the 'Delete Proxy' command is executed. On the remaining cluster members the proxy can't be seen, but the dynamic entry is still present and can be used. Deliverables: TCPIP$UCP.EXE Reference: QXCM1001115422 23.3 TCPIP START MAIL and TCPIP STOP MAIL commands do not work 11-Oct-11 Integrity Servers and Alpha Problem: TCPIP START MAIL and TCPIP STOP MAIL commands do not work. However they start once the SMTP service is started explicitly using the commands @sys$startup:tcpip$smtp_shutdown and @sys$startup:tcpip$smtp_startup Deliverables: TCPIP$UCP.EXE Reference: QXCM1001151546 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 PRINT SYMBIONT --------------------------------------------------------------------------- ECO 5 Updates ------------- 24.1 Printing utilizing telnetsym incur a delay before a job gets printed. 8-Jul-13 Integrity servers and Alpha Problem: Printing utilizing telnetsym incur a delay before a job gets printed, the delay is usually a few seconds. By defining logical TCPIP$TELNETSYM_NO_DECSERVER_300, this delay can be reduced to 0.5 seconds. Now, the delay of 0.5 second is removed. With this change the default delay is 2 seconds. By defining logical TCPIP$TELNETSYM_NO_DECSERVER_300 there will not be any delay in printing. Deliverables: [SYSEXE]TCPIP$TELNETSYM.EXE Reference: QXCM1001290716 ECO 3 Updates ------------- 24.2 Print jobs sent to loopback LPD queue ends up in incorrect queue. 13-Jan-11 Integrity servers and Alpha Problem: When a print job is submitted to a remote LPD printer pointing back to same node, the job actually ends up in a different queue. Deliverables: [SYSEXE]TCPIP$LPD_RCV.EXE [SYSEXE]TCPIP$LPD_SMB.EXE [SYSEXE]TCPIP$LPD_UTILITIES.EXE [SYSEXE]TCPIP$LPRSETUP.EXE [SYSLIB]TCPIP$LPD_SHR.EXE Reference: QXCM1001084250 --------------------------------------------------------------------------- Corrections for HP TCP/IP Services for OpenVMS V5.7 TCPDUMP --------------------------------------------------------------------------- ECO 5 Updates ------------- 25.1 Optimize tcpdump capture. 21-Mar-13 Integrity servers and Alpha Problem: tcpdump drops packets while collecting network data. This has been optimized. Deliverables: [SYSLIB]TCPIP$LIBPCAP_SHR.EXE [SYSEXE]TCPIP$TCPDUMP.EXE Reference: QXCM1001245253 --------------------------------------------------------------------------- Known Problems for ECO 5 Updates --------------------------------------------------------------------------- This section describes the known problems for HP TCP/IP Services for OpenVMS Version 5.7 ECO5 1) In NFS client, the recommended value for "/DATA" option in MOUNT command is "(8192,8192)", if the user intends to perform parallel copy/backup operations in the DNFS drive. Otherwise, user may encounter below error: -RMS-F-WER, file write error -SYSTEM-F-PROTOCOL, network protocol error 2) In header file TCPIP$EXAMPLES:NETDB.H, a few definitions will have to be corrected as below, if 64-bit pointer compilation is used: typedef struct __addrinfo64 *__addrinfo_ptr64; typedef const struct __addrinfo64 *__const_addrinfo_ptr64; typedef struct __addrinfo32 *__addrinfo_ptr32; typedef const struct __addrinfo32 *__const_addrinfo_ptr32; 3) While transferring files using SFTP between OpenVMS client and server systems, problems may occur if the file name has one or more dot, and all characters after last dot are numeric. For example, if the file "A.B.52813" is transferred using SFTP, the operation will fail because the destination filename will be constructed as "A.B;52813". This is because of the standard behavior in OpenVMS file systems - if the filename has more than one dot and if the value after last dot is numeric, it is treated as file version. To avoid this issue, user can append semicolon at the end of source filename (eg: "A.B.52813;"). 4) TCPIP in OpenVMS does not provide any mechanism for limiting a service to a single interface. Even though "TCPIP SET SERVICE" command accepts interface IP addresses as parameter in "/ADDRESS" qualifier, it has no effect on functionality. 5) In TCPIP 5.7 Release Notes section "2.4 SSH configuration files must be updated", the names of SSH scripts are given incorrectly as SSH_STARTUP.COM and SSH_CLIENT_STARTUP.COM. Please note that the correct names are TCPIP$SSH_STARTUP.COM and TCPIP$SSH_CLIENT_STARTUP.COM respectively. 6) If the LOGINPLUS kit ("HP-I64VMS-_LOGINPLUS-VXXXX--4" or "DEC-AXPVMS-_LOGINPLUS-VXXXX--4") is installed in the system, then the DCL command "SET PASSWORD" will not work for SSH sessions. 7) TCPIP Stream Control Transmission Protocol (SCTP) functionality was introduced in 5.7 ECO1 release. However, this component has following defects: - Continuous flow of data can result in hangs in SCTP that renders TCPIP non-responsive. - SCTP usage may lead to system crash under heavy load. - Usage of large buffer in sending message may result in data loss. - Changes send/receive buffer can cause system crash. A few of the above defects were reported by customers. The next steps on these issues are being evaluated currently. --------------------------------------------------------------------------- Known Problems for ECO 4 Updates --------------------------------------------------------------------------- This section describes the known problems for HP TCP/IP Services for OpenVMS Version 5.7 ECO4 1) While removing the entire TCP/IP product and configuration using TCPIP$CLEANUP.COM, the script might exit abruptly after finishing the TCPIP PCSI kit uninstallation, reporting below error: %RMS-E-FNF, file not found %RMS-F-ISI, invalid internal stream identifier (ISI) value If the error is encountered, the user will have to run the TCPIP$CLEANUP.COM script again for complete removal of entire TCPIP configuration, 2) If the Bind Resolver is disabled then no name lookup will be performed on TCPIP$ETC:IPNODES.DAT Correction to the manual - The Manual "IPv6 doc in chapter 6.4.2 and 6.5.2" mentions that the Bind Resolver uses file TCPIP$ETC:TCPIP$IPNODES.DAT but the correct file name is TCPIP$ETC:IPNODES.DAT. 3) The '$tcpip show interface' has become obsolete in TCPIP V5.7 ECO 3. To display interface addresses, including IP alias addresses, use the following TCP/IP management command: TCPIP> ifconfig -a Also, '$ tcpip set noint' command is no longer used to remove a pseudo interface. Instead use the command, '$ ifconfig ie0 -alias ipaddress' 4) The documentation states that the default value of tcp_keepidle is 150, but the actual value is 14400. 5) The logical TCPIP$FAILSAFE_HOME is used to form a path for failsafe configuration file. This logical is used when logical TCPIP$FAILSAFE is not defined. In subsequent V5.7 release (i.e. V5.7 ECO5) the failsafe log files will be created in a directory pointed by this logical TCPIP$FAILSAFE_HOME. The default value for the logical is SYS$SYSDEVICE:[TCPIP$FSAFE]. 6) During the shutdown of NFS server process, the unloading of NFS execlet is prevented until all of the NFS process shuts down gracefully and the process clean-up is complete. This is done to allow synchronization of stopping of the NFS server process and the removal of execlets 7) The OpenVMS NFSv3 client does not support Asynchronous write operations. Note that the New Features section on ECO2 Release Notes incorrectly states that this feature is supported. The MOUNT command only supports the option /SYNC=FILE_SYNC. 8) The default value of /RETRIES qualifier in MOUNT command is 4, though the HELP section mentions this as 0. 9) NFS server on OpenVMS keeps incrementing directory's MTIME by milliseconds causing HPUX NFS client to go into READDIRPLUS loop with 'ls' command. Issue is observed only when the mount point is a device. Workarounds : 1. Content of the directory is displayed by attempting 'ls' command couple of times 2. Mount the disk on HPUX using "MOUNT-o READDIR" 10) For the Read Only Exports feature mentioned in the "New Features" for ECO4 Release on HP-UX (B.11.31.1003 and B.11.31.1009) as a client and OpenVMS as server, the "ls" command issue is seen. This command does not work properly for normal as well as "read_only" exported device. 11) OpenVMS NFS, being historically developed as a file sharing mechanism, the file access permissions are governed in the same way that UNIX does. The delete permissions for any file on a Unix based machines is by providing 'write' access on the directory holding the file. Hence, any NFS client can delete a file on OpenVMS NFS server if the directory containing that file is having "write" access irrespective of "delete" access. 12) Any OpenVMS command that refreshes the display can have unexpected results when executed as a remote SSH command. For example, the following command exhibits this behavior: type/page=save filename.ext Type/page refreshes the page after displaying each page. When login is done from one OpenVMS to another OpenVMS machine using SSH and the command "type/page=save filename.ext" is executed, display anomalies appear on the screen when we page through the file in quick succession. 13) In OpenVMS systems, the GENPWD flag is used to indicate that a user whose password is expired should use a system generated password during the password change. However, as per SSH protocol, any banner message or data exchange is not possible prior to the authentication of the client. Hence this feature is unavailable in OpenVMS TCPIP SSH. 14) NFS client receives an IO_ERROR status from NFS server when the “COPY/REPLACE” operation is performed on an NFS share while some other application is doing some I/O operation on the same version of the file. --------------------------------------------------------------------------- Known Problems for ECO 3 Updates --------------------------------------------------------------------------- This section describes the known problems for HP TCP/IP Services for OpenVMS Version 5.7. - QIO API function used with IO$ACPCONTROL parameter for host name lookups does not reflect any changes made to the BIND resolver configuration without a reboot. For example, some applications such as Telnet Server and NFS use QIO API function with IO$ACPCONTROL parameter for host name lookups. Hence, a reboot is required for these applications to reflect BIND resolver configuration changes. --------------------------------------------------------------------------- Appendix A - Sample SCTP Programs --------------------------------------------------------------------------- Any TCP application can be modified to use SCTP by changing the socket call to use IPPROTO_SCTP. This appendix provides some of the sample programs that illustrate the use of SCTP API. For example: TCP_socket = socket(AF_INET, SOCK_STREAM, 0); SCTP_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); The following sample programs illustrate the use of SCTP API: o sctp_server.c : In this sample program, the server uses select() to read data over the SCTP socket. o sctp_client.c : In this sample program, the client reads user input and sends it over the SCTP socket. o sctp_clientx.c : In this sample program, the client uses sctp_connectx(). A.1 SCTP Server Sample Program This section provides the sample sctp_server.c program. #pragma module SCTP_SERVER "V5.7-00" /* ** BUILD ENVIRONMENT: ** ** If the current version of DECC does not support SCTP, then ** you must manually configure the environment as follows: ** ** $ define netinet tcpip$examples ** $ define sys tcpip$examples ** ** BUILD INSTRUCTIONS: ** ** $ cc sctp_server ** $ link sctp_server,sys$input:/options ** sys$library:tcpip$sctp_shr/share ** ** SYNTAX: ** ** sctp_server [port] ** ** EXAMPLE: ** ** Define a foreign symbol to point at the application. ** ** $ sctp_server :== $MYDEV:[MYDIR]sctp_server ** $ sctp_server */ #define _SOCKADDR_LEN #include #include #include #include #ifndef __VMS #include #else #include #endif typedef unsigned int socklen_t; /* usually defined in socket.h */ #include #include #include #include #include /* SCTP */ #define DEF_PORT 55555 #define SA(x) ((struct sockaddr *)x) int main(int argc, char *argv[]) { int listen_sd, sd, cc, port; struct sockaddr_in local, peer; socklen_t peerlen = sizeof(peer); char peer_name[INET6_ADDRSTRLEN]; char buf[128]; if(argc == 2) port = atoi(argv[1]); else port = DEF_PORT; /* setup the local address that we will bind to and listen on */ local.sin_len = sizeof(local); local.sin_family = AF_INET; local.sin_port = htons(port); local.sin_addr.s_addr = INADDR_ANY; /* create an SCTP socket */ listen_sd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); if(listen_sd == -1) {perror("socket"); return 1;} /* bind to local port and address(es) */ if(bind(listen_sd, SA(&local), local.sin_len) == -1) {perror("bind"); return 1;} /* prepare to accept connections */ if(listen(listen_sd, 5) == -1) {perror("listen"); return 1;} printf("Waiting for connections on SCTP port %d ...\n", port); peerlen = sizeof(peer); if((sd = accept(listen_sd, (struct sockaddr *)&peer, &peerlen)) == -1) {perror("accept"); return 1;} close(listen_sd); /* finished with listen socket */ printf("Accepted connection from: %s:%d\n", inet_ntop(AF_INET, &peer.sin_addr.s_addr, peer_name, INET6_ADDRSTRLEN), ntohs(peer.sin_port)); while(1) { cc = recv(sd, &buf, sizeof(buf), 0); if(cc == -1) /* error on socket */ {perror("recv"); break;} if(cc == 0) /* peer disconnect */ {printf("Peer closed connection."); break;} /* data available */ buf[cc] = '\0'; printf("Received: %s\n", buf); if(buf[0] == 'Q') break; } /* read forever */ close(sd); printf("All done\n"); } A.2 SCTP Client Sample Program This section provides the sample sctp_client.c program. #pragma module SCTP_CLIENT "V5.7-00" /* ** BUILD ENVIRONMENT: ** ** If the current version of DECC does not support SCTP, then ** you must manually configure the environment as follows: ** ** $ define netinet tcpip$examples ** $ define sys tcpip$examples ** ** BUILD INSTRUCTIONS: ** ** $ cc sctp_client ** $ link sctp_client,sys$input:/options ** sys$library:tcpip$sctp_shr/share ** ** SYNTAX: ** ** sctp_client hostname [port] ** ** EXAMPLE: ** ** Define a foreign symbol to point at the application. ** ** $ sctp_client :== $MYDEV:[MYDIR]sctp_client ** $ sctp_client myserver */ #define _SOCKADDR_LEN #include #include #include #ifndef __VMS #include #else #include #endif typedef unsigned int socklen_t; /* usually defined in socket.h */ #include #include #include #include #include /* SCTP */ #define DEF_PORT 55555 #define SA(x) ((struct sockaddr *)x) int main(int argc, char *argv[]) { int sd; int count = 0, cc; struct sockaddr_in peer; int peerlen = sizeof(peer); char peername[INET6_ADDRSTRLEN]; char *hostname; int port; in_addr_t in_addr; struct hostent *hent; char line[128]; if(argc == 1) {printf("Usage: client [port]\n"); return 1;} hostname = argv[1]; if(argc == 3) port = atoi(argv[2]); else port = DEF_PORT; /* convert hostname string to in_addr_t */ in_addr = inet_addr(hostname); /* first try dotted decimal notation? */ if(in_addr == (in_addr_t)-1) { hent = gethostbyname(hostname); /* now try DNS */ if(hent == NULL) {printf("No host information for %s\n", hostname); return 1;} in_addr = *(int *)hent->h_addr; } /* setup the local address that we will connect to */ peer.sin_len = sizeof(peer); peer.sin_family = AF_INET; peer.sin_port = htons(port); peer.sin_addr.s_addr = in_addr; /* create an SCTP socket */ sd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); if(sd == -1) {perror("socket"); return 1;} /* connect to server */ if(connect(sd, SA(&peer), peerlen) == -1) {perror("connect"); return 1;} printf("Connected to: %s:%d\n", inet_ntop(AF_INET, &peer.sin_addr.s_addr, &peername[0], sizeof(peername)), ntohs(peer.sin_port)); /* write loop */ do { printf("Enter a line to send:"); if(scanf("%[^\n]%*c", line) == -1) {perror("scanf"); return 1;} cc = write(sd, line, strlen(line)); if(cc == -1) {perror("send"); return(1);} } while(cc != -1 && line[0] != 'Q'); if(close(sd) == -1) {perror("close"); return 1;} return 0; } A.3 SCTP Clientx Sample Program This section provides the sample sctp_clientx.c program. #pragma module SCTP_CLIENTX "V5.7-00" /* ** PURPOSE: ** ** Simple SCTP client using the sctp_connectx() API. ** ** BUILD ENVIRONMENT: ** ** If the current version of DECC does not support SCTP, then ** you must manually configure the environment as follows: ** ** $ define netinet tcpip$examples ** $ define sys tcpip$examples ** ** BUILD INSTRUCTIONS: ** ** $ cc sctp_clientx ** $ link sctp_clientx,sys$input:/options ** sys$library:tcpip$sctp_shr/share ** ** SYNTAX: ** ** sctp_clientx hostname [port] ** ** EXAMPLE: ** ** Define a foreign symbol to point at the application. ** ** $ sctp_clientx :== $MYDEV:[MYDIR]sctp_clientx ** $ sctp_clientx myserver */ #define _SOCKADDR_LEN #include #include #include #ifndef __VMS #include #else #include #endif typedef unsigned int socklen_t; /* normally found in socket.h */ #include #include #include #include #include /* SCTP */ #define SA(x) ((struct sockaddr *)(x)) #define SIN(x) ((struct sockaddr_in *)(x)) #define DECODE_AF(af) ((af) == AF_INET ? "AF_INET" : \ (af) == AF_INET6 ? "AF_INET6" : \ "Unknown"), af #define DECODE_ST(st) ((st) == SOCK_STREAM ? "SOCK_STREAM" : \ (st) == SOCK_DGRAM ? "SOCK_DGRAM" : \ (st) == SOCK_RAW ? "SOCK_RAW" : \ (st) == SOCK_SEQPACKET ? "SOCK_SEQPACKET" : \ "Unknown"), st #define DECODE_PR(pr) ((pr) == IPPROTO_TCP ? "IPPROTO_TCP" : \ (pr) == IPPROTO_UDP ? "IPPROTO_UDP" : \ (pr) == IPPROTO_SCTP ? "IPPROTO_SCTP" : \ "Unknown"), pr #define DEF_PORTNAME "55555" void display_sockaddr(struct sockaddr *sa) { struct sockaddr_in *sin; struct sockaddr_in6 *sin6; char name[256]; int err; /* retrieve the nodename */ err = getnameinfo(sa, sa->sa_len, name, sizeof(name), NULL, 0, 0); if(err) { if(err == EAI_SYSTEM) perror("getnameinfo"); else printf("getnameinfo: %s\n", gai_strerror(err)); return; } printf("sockaddr:\n"); printf(" len : %d\n", sa->sa_len); printf(" family: %s (%d)\n", DECODE_AF(sa->sa_family)); switch(sa->sa_family) { case AF_INET: printf(" IPV4 Address Details:\n"); sin = (struct sockaddr_in *)sa; printf(" sin_port : %d\n", ntohs(sin->sin_port)); printf(" sin_addr : %#x (%s)\n", sin->sin_addr.s_addr, name); break; case AF_INET6: printf(" IPV6 Address Details:\n"); sin6 = (struct sockaddr_in6 *)sa; printf(" sin6_port : %d\n", ntohs(sin6->sin6_port)); printf(" sin6_flowinfo: %d\n", sin6->sin6_flowinfo); printf(" sin6_addr[1] : %#Lx (%s)\n", sin6->sin6_addr.s6_qaddr[1], name); printf(" sin6_addr[0] : %#Lx\n", sin6->sin6_addr.s6_qaddr[0]); break; default: printf("Unknown address family: %d\n", sa->sa_family); } } void display_addrinfo(struct addrinfo *ai) { int i = 0; for(; ai; ai = ai->ai_next) { printf("--- %d ----------------------------\n", ++i); printf("ai_family : %s (%d)\n", DECODE_AF(ai->ai_family)); printf("ai_socktype : %s (%d)\n", DECODE_ST(ai->ai_socktype)); printf("ai_protocol : %s (%d)\n", DECODE_PR(ai->ai_protocol)); printf("ai_addrlen : %d\n", ai->ai_addrlen); printf("ai_canonname: %s\n", ai->ai_canonname); display_sockaddr(ai->ai_addr); } } void display_packed_sockaddrs(struct sockaddr_storage *ss, int count) { int i, len; len = 0; for(i = 0; i < count; i++) { printf("+++ %d of %d +++++++++++++++++++++++++++++\n", i+1, count); display_sockaddr(SA((char *)ss + len)); len += ss->ss_len; } } struct addrinfo *parse_addrinfo(char *server, char *service, int protocol, int socktype) { struct addrinfo *res, hints; int err; memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET; hints.ai_protocol = protocol; hints.ai_socktype = socktype; hints.ai_flags = AI_ADDRCONFIG | AI_V4MAPPED; err = getaddrinfo(server, /* name, alias, or numeric address IPV4/IPV6 */ service,/* service name or port number */ &hints, /* hints limit search to sock type, AF or proto */ &res); /* linked list of addrinfo structures */ if(err) { if(err == EAI_SYSTEM) perror("getaddrinfo"); else printf("%s", gai_strerror(err)); return NULL; } return res; } int main(int argc, char *argv[]) { int sd; int count, cc; char *server, *portname; struct addrinfo *ai; char line[128]; in_addr_t in_addr; struct hostent *hent; struct sockaddr_storage *connectx_addrs = NULL; /* packed addresses */ struct sockaddr_storage *paddrs, *laddrs; /* packed addresses */ if(argc == 1) {printf("Usage: connectx [port]\n"); return 1;} server = argv[1]; if(argc == 3) portname = argv[2]; else portname = DEF_PORTNAME; ai = parse_addrinfo(server, portname, IPPROTO_SCTP, SOCK_STREAM); if(ai == NULL) {printf("Error retrieving address information\n"); return 1;} printf("Addresses matching %s\n", server); display_addrinfo(ai); /* pack socket addresses into the connectx buffer */ count = 0; cc = 0; for(; ai; ai = ai->ai_next) { connectx_addrs = realloc(connectx_addrs, cc + ai->ai_addrlen); /* add an element */ if(connectx_addrs == NULL) {perror("realloc"); return 1;} memcpy((char *)connectx_addrs + cc, ai->ai_addr, ai->ai_addrlen); count++; /* one more address packed in */ cc += ai->ai_addrlen; } freeaddrinfo(ai); /* finished with address info */ printf("\nAddresses (packed) to connect to (%d):\n", count); display_packed_sockaddrs(connectx_addrs, count); /* create socket */ sd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); if(sd == -1) {perror("socket"); return 1;} if(sctp_connectx(sd, SA(connectx_addrs), count, 0) == -1) {perror("sctp_connectx"); return 1;} /* call getpaddrs to get list of peer addresses in association */ count = sctp_getpaddrs(sd, 0, (struct sockaddr **)&paddrs); if(count == -1) {perror("sctp_getpaddrs"); return 1;} printf("\nPeer Addresses in association 0:\n"); display_packed_sockaddrs(paddrs, count); /* call getladdrs to get list of local addresses in association */ count = sctp_getladdrs(sd, 0, (struct sockaddr **)&laddrs); if(count == -1) {perror("sctp_getladdrs"); return 1;} printf("\nLocal Addresses in association 0:\n"); display_packed_sockaddrs(laddrs, count); /* write loop */ count = 0; do { printf("Enter a line to send:"); if(scanf("%[^\n]%*c", line) == -1) {perror("scanf"); return 1;} cc = write(sd, line, strlen(line)); if(cc == -1) {perror("send"); return 1;} if(cc == 0) {printf("Peer disconnected\n"); break;} } while(cc != -1 && line[0] != 'Q'); if(close(sd) == -1) {perror("close"); return 1;} } --------------------------------------------------------------------------- Appendix B - SCTP API Definition --------------------------------------------------------------------------- This appendix describes the SCTP API routine specifications. This content is from open source, FreeBSD Library Functions Manual. Following are the supported SCTP API routines: sctp_bindx() sctp_connectx() sctp_peeloff() sctp_getpaddrs() sctp_freepaddrs() sctp_getladdrs() sctp_freeladdrs() sctp_send() sctp_sendx() sctp_sendmsg() sctp_sendmsgx() sctp_recvmsg() sctp_getaddrlen() sctp_opt_info() sctp_getassocid() B.1 SCTP_BINDX Binds or unbinds an SCTP socket to a list of addresses. SYNOPSIS #include #include #include int sctp_bindx(int sd, struct sockaddr *addrs, int addrcnt, int flags); DESCRIPTION The sctp_bindx() call binds or unbinds an address or a list of addresses to an SCTP endpoint. This allows a user to bind a subset of addresses. The sctp_bindx() call operates similarly to bind() but allows a list of addresses and also allows a bind or an unbind. The argument s must be a valid SCTP socket descriptor. The argument addrs is a list of addresses (where the list can be only 1 in length) that the user wants to bind or unbind to the socket. The argument type must be one of the following values. SCTP_BINDX_ADD_ADDR - This value indicates that the listed address(es) must be added to the endpoint. SCTP_BINDX_REM_ADDR - This value indicates that the listed address(es) must be removed from the endpoint. When a user adds or deletes an address to an association and the dynamic address flag net.inet.sctp.auto_ asconf is enabled, any associations in the endpoint will attempt to add the address(es) dynamically to the existing association. RETURN VALUES The call returns 0 on success and -1 upon failure. ERRORS The sctp_bindx() can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [EINVAL] This value is returned if the flags field is not one of the allowed values. [ENOMEM] This value is returned if the number of addresses being added causes a memory allocation failure in the call. [EBADF] The argument s is not a valid descriptor. [ENOTSOCK] The argument s is not a socket. ___________________________________________________________ B.2 SCTP_CONNECTX Connects an SCTP socket with multiple destination addresses. SYNOPSIS #include #include #include int sctp_connectx(int sd, struct sockaddr *, int addrcnt, sctp_assoc_t *id); DESCRIPTION The sctp_connectx() call attempts to initiate an association to a peer SCTP endpoint. The call operates similarly to connect() but it also provides the ability to specify multiple destination addresses for the peer. This allows a fault tolerant method of initiating an association. When one of the peers addresses is unreachable, the subsequent listed addresses will also be used to set up the association with the peer. The user also needs to consider that any address listed in an sctp_connectx() call is also considered "confirmed". A confirmed address is one in which the SCTP transport will trust is a part of the association and it will not send a confirmation heartbeat to it with a random nonce. If the peer SCTP stack does not list one or more of the provided addresses in its response message then the extra addresses sent in the sctp_connectx() call will be silently discarded from the association. On successful completion the provided sctp_assoc_t * will be filled in with the association identification of the newly forming association. RETURN VALUES The call returns 0 on success and -1 upon failure. ERRORS The sctp_connectx() can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [EINVAL] An address listed has an invalid family or no addresses were provided. [E2BIG] The size of the address list exceeds the amount of data provided. [EBADF] The argument s is not a valid descriptor. [ENOTSOCK]____________The_argument_s_is_not_a_socket.______ B.3 SCTP_PEELOFF Detaches an association from a one-to-many socket to a separate one-to-one socket. SYNOPSIS #include #include #include int sctp_peeloff(int sd, sctp_assoc_t id); DESCRIPTION The sctp_peeloff() system call attempts to detach the association specified by ID into its own separate socket. RETURN VALUES The call returns -1 on failure and the new socket descriptor upon success. ERRORS The sctp_peeloff() can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [ENOTCONN] The ID given to the call does not map to a valid association. [E2BIG] The size of the address list exceeds the amount of data provided. [EBADF] The argument is not a valid descriptor. [ENOTSOCK] The argument is not a socket. ___________________________________________________________ B.4 SCTP_GETPADDRS, SCTP_GETLADDRS Returns a list of addresses to the caller. SYNOPSIS #include #include #include int sctp_getpaddrs(int sd, sctp_assoc_t id, struct sockaddr **addrs); int sctp_getladdrs(int sd, sctp_assoc_t id, struct sockaddr **addrs); DESCRIPTION The sctp_getpaddrs() function is used to get the list of the peers addresses. The sctp_getladdrs() function is used to get the list of the local addresses. The association of interest is identified by the asocid argument. The addresses are returned in a newly allocated array of socket addresses returned in the argument addrs upon success. After the caller is through the function sctp_freepaddrs() or sctp_freeladdrs() should be used to release the memory allocated by these calls. RETURN VALUES The call returns -1 upon failure and a count of the number of addresses returned in addrs upon success. ERRORS These functions can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [EINVAL] An address listed has an invalid family or no addresses were provided. [ENOMEM] The call cannot allocate memory to hold the socket addresses. [EBADF] The argument is not a valid descriptor. [ENOTSOCK] The argument is not a socket. ____________________________________________________________ B.5 SCTP_FREEPADDRS, SCTP_FREELADDRS Releases the memory returned from a previous call. SYNOPSIS #include #include #include void sctp_freepaddrs(struct sockaddr *addrs); void sctp_freeladdrs(struct sockaddr *addrs); DESCRIPTION The sctp_freepaddrs() and sctp_freeladdrs() functions are used to release the memory allocated by previous calls to sctp_getpaddrs() or sctp_getladdrs() respectively. RETURN VALUES None. B.6 SCTP_SEND, SCTP_SENDX Sends a message from an SCTP socket. SYNOPSIS #include #include #include ssize_t sctp_send(int sd, const void *msg, size_t len, const struct sctp_sndrcvinfo *sinfo, int flags); ssize_t sctp_sendx(int sd, const void *msg, size_t len, struct sockaddr *addrs, int addrcnt, const struct sctp_sndrcvinfo *sinfo, int flags); DESCRIPTION The sctp_send() system call is used to transmit a message to another SCTP endpoint. sctp_send() can be used to send data to an existing association for both one-to-many (SOCK_ SEQPACKET) and one-to-one (SOCK_STREAM) socket types. The length of the message msg is given by len. If the message is too long to pass automatically through the underlying protocol, errno is set to EMSGSIZE, -1 is returned, and the message is not transmitted. No indication of failure to deliver is implicit in a sctp_ send(). Locally detected errors are indicated by a return value of -1. If no space is available at the socket to hold the message to be transmitted, then sctp_send() normally blocks, unless the socket has been placed in non-blocking I/O mode. The select(2) system call can be used to determine when you can send more data on one-to-one type (SOCK_ STREAM) sockets. The sinfo structure is used to control various SCTP features and has the following format: struct sctp_sndrcvinfo { u_int16_t sinfo_stream; // Stream sending to u_int16_t sinfo_ssn; // valid for recv only u_int16_t sinfo_flags; // flags to control sending u_int32_t sinfo_ppid; // ppid field u_int32_t sinfo_context; // context field u_int32_t sinfo_timetolive; // timetolive for PR-SCTP u_int32_t sinfo_tsn; // valid for recv only u_int32_t sinfo_cumtsn; // valid for recv only sctp_assoc_t sinfo_assoc_id; // The association id }; The sinfo-_sinfo_ppid argument is an opaque 32 bit value that is passed transparently through the stack to the peer endpoint. It will be available on reception of a message (see sctp_recvmsg(2)). Note that the stack passes this value without regard to byte order. The sinfo-_sinfo_flags argument may include one or more of the following: #define SCTP_EOF 0x0100 // Start a shutdown procedures #define SCTP_ABORT 0x0200 // Send an ABORT to peer #define SCTP_UNORDERED 0x0400 // Message is un-ordered #define SCTP_ADDR_OVER 0x0800 // Override the primary-address #define SCTP_SENDALL 0x1000 // Send this on all associations // for the endpoint // The lower byte is an enumeration of PR-SCTP policies #define SCTP_PR_SCTP_TTL 0x0001 // Time based PR-SCTP #define SCTP_PR_SCTP_BUF 0x0002 // Buffer based PR-SCTP #define SCTP_PR_SCTP_RTX 0x0003 // Num retransmissions based PR-SCTP The flag SCTP_EOF is used to instruct the SCTP stack to queue this message and then start a graceful shutdown of the association. All remaining idata in queue will be sent after which the association will be shut down. SCTP_ABORT is used to immediately terminate an association. An abort is sent to the peer and the local TCB is destroyed. SCTP_UNORDERED is used to specify that the message being sent has no specific order and should be delivered to the peer application as soon as possible. When this flag is absent messages are delivered in order within the stream they are sent, but without respect to order to peer streams. The flag SCTP_ADDR_OVER is used to specify that a specific address should be used. Normally SCTP will use only one of a multi-homed peers addresses as the primary address to send to. By default, no matter what the argument is, this primary address is used to send data. By specifying this flag, the user is asking the stack to ignore the primary address and instead use the specified address not only as a lookup mechanism to find the association but also as the actual address to send to. For a one-to-many type (SOCK_SEQPACKET) socket the flag SCTP_SENDALL can be used as a convenient way to make one send call and have all associations that are under the socket get a copy of the message. Note that this mechanism is quite efficient and makes only one actual copy of the data which is shared by all the associations for sending. The remaining flags are used for the partial reliability extension (RFC3758) and will only be effective if the peer endpoint supports this extension. This option specifies what local policy the local endpoint should use in skipping data. If none of these options are set, then data is never skipped over. SCTP_PR_SCTP_TTL is used to indicate that a time based lifetime is being applied to the data. The sinfo-_sinfo_ timetolive argument is then a number of milliseconds for which the data is attempted to be transmitted. If that many milliseconds elapse and the peer has not acknowledged the data, the data will be skipped and no longer transmitted. Note that this policy does not even assure that the data will ever be sent. In times of a congestion with large amounts of data being queued, the sinfo-_sinfo_timetolive may expire before the first transmission is ever made. The SCTP_PR_SCTP_BUF based policy transforms the sinfo-_ sinfo_timetolive field into a total number of bytes allowed on the outbound send queue. If that number or more bytes are in queue, then other buffer-based sends are looked to be removed and skipped. Note that this policy may also result in the data never being sent if no buffer based sends are in queue and the maximum specified by timetolive bytes is in queue. The SCTP_PR_SCTP_RTX policy transforms the sinfo-_sinfo_ timetolive into a number of retransmissions to allow. This policy always assures that at a minimum one send attempt is made of the data. After which no more than sinfo-_sinfo_ timetolive retransmissions will be made before the data is skipped. sinfo-_sinfo_stream is the SCTP stream that you wish to send the message on. Streams in SCTP are reliable (or partially reliable) flows of ordered messages. The sinfo-_sinfo_assoc_id field is used to select the association to send to on a one-to-many socket. For a one-to-one socket, this field is ignored. The sinfo-_sinfo_context field is used only in the event the message can not be sent. This is an opaque value that the stack retains and will give to the user when a failed send is given if that notification is enabled (see sctp(4)). Normally a user process can use this value to index some application specific data structure when a send cannot be fulfilled. The flags argument holds the same meaning and values as those found in sendmsg(2) but is generally ignored by SCTP. The fields sinfo-_sinfo_ssn, sinfo-_sinfo_tsn, and sinfo-_ sinfo_cumtsn are used only when receiving messages and are thus ignored by sctp_send(). The function sctp_sendx() has the same properties as sctp_send() with the additional arguments of an array of sockaddr structures passed in. With the addrs argument being given as an array of addresses to be sent to and the addrcnt argument indicating how many socket addresses are in the passed in array. Note that all of the addresses will only be used when an implicit association is being set up. This allows the user the equivalent behavior as doing a sctp_connectx() followed by a sctp_send() to the association. Note that if the sinfo-_sinfo_assoc_id field is 0, then the first address will be used to look up the association in place of the association id. If both an address and an association id are specified, the association id has priority. RETURN VALUES The call returns the number of characters sent, or -1 if an error occurred. ERRORS The sctp_send() system call fails if: ___________________________________________________________ Error_________________Definition___________________________ [EBADF] An invalid descriptor was specified. [ENOTSOCK] The argument s is not a socket. [EFAULT] An invalid user space address was specified for an argument. [EMSGSIZE] The socket requires that message be sent atomically, and the size of the message to be sent made this impossible. [EAGAIN] The socket is marked non-blocking and the requested operation would block. [ENOBUFS] The system was unable to allocate an internal buffer. The operation might succeed when buffers become available. [ENOBUFS] The output queue for a network interface was full. This generally indicates that the interface has stopped sending, but might be caused by transient congestion. [EHOSTUNREACH] The remote host was unreachable. [ENOTCON] On a one-to-one style socket no association exists. [ECONNRESET] An abort was received by the stack while the user was attempting to send data to the peer. [ENOENT] On a one-to-many style socket no address is specified so that the association cannot be located or the SCTP_ABORT flag was specified on a non-existing association. [EPIPE] The socket is unable to send anymore data (SBS_CANTSENDMORE has been set on the socket). This typically means that the socket is not connected and is a one-to-one style socket. ___________________________________________________________ B.7 SCTP_SENDMSG, CTP_SENDMSGX Sends a message from an SCTP socket. SYNOPSIS #include #include #include ssize_t sctp_sendmsg(int sd, const void *msg, size_t len, const struct sockaddr *to, socklen_t tolen, uint32_t ppid, uint32_t flags, uint16_t stream_no, uint32_t timetolive, uint32_t context); ssize_t sctp_sendmsgx(int sd, const void *msg, size_t len, const struct sockaddr *to, int addrcnt, uint32_t ppid, uint32_t flags, uint16_t stream_no, uint32_t timetolive, uint32_t context); DESCRIPTION The sctp_sendmsg() system call is used to transmit a message to another SCTP endpoint. The sctp_sendmsg() may be used at any time. If the socket is a one-to-many type (SOCK_SEQPACKET) socket then an attempt to send to an address that no association exists to will implicitly create a new association. Data sent in such an instance will result in the data being sent on the third leg of the SCTP four-way handshake. Note that if the socket is a one-to-one type (SOCK_STREAM) socket then an association must be in existance (by use of the connect(2) system call). Calling sctp_sendmsg() or sctp_sendmsgx() on a non-connected one-to-one socket will result in errno being set to ENOTCONN, -1 being returned, and the message not being transmitted. The address of the target is given by to with tolen specifying its size. The length of the message msg is given by len. If the message is too long to pass atomically through the underlying protocol, errno is set to EMSGSIZE, -1 is returned, and the message is not transmitted. No indication of failure to deliver is implicit in a sctp_ sendmsg(2) call. Locally detected errors are indicated by a return value of -1. If no space is available at the socket to hold the message to be transmitted, then sctp_sendmsg(2) normally blocks, unless the socket has been placed in non-blocking I/O mode. The select(2) system call may be used to determine when it is possible to send more data on one-to-one type (SOCK_ STREAM) sockets. The ppid argument is an opaque 32 bit value that is passed transparently through the stack to the peer endpoint. It will be available on reception of a message (see sctp_ recvmsg(2)). Note that the stack passes this value without regard to byte order. The flags argument may include one or more of the following: #define SCTP_EOF 0x0100 // Start a shutdown procedures #define SCTP_ABORT 0x0200 // Send an ABORT to peer #define SCTP_UNORDERED 0x0400 // Message is un-ordered #define SCTP_ADDR_OVER 0x0800 // Override the primary-address #define SCTP_SENDALL 0x1000 // Send this on all associations // for the endpoint // The lower byte is an enumeration of PR-SCTP policies #define SCTP_PR_SCTP_TTL 0x0001 // Time based PR-SCTP #define SCTP_PR_SCTP_BUF 0x0002 // Buffer based PR-SCTP #define SCTP_PR_SCTP_RTX 0x0003 // Num retransmissions based PR-SCTP The flag SCTP_EOF is used to instruct the SCTP stack to queue this message and then start a graceful shutdown of the association. All remaining data in queue will be sent after which the association will be shut down. SCTP_ABORT is used to immediately terminate an association. An abort is sent to the peer and the local TCB is destroyed. SCTP_UNORDERED is used to specify that the message being sent has no specific order and should be delivered to the peer application as soon as possible. When this flag is absent messages are delivered in order within the stream they are sent, but without respect to order to peer streams. The flag SCTP_ADDR_OVER is used to specify that an specific address should be used. Normally SCTP will use only one of a multi-homed peers addresses as the primary address to send to. By default, no matter what the to argument is, this primary address is used to send data. By specifying this flag, the user is asking the stack to ignore the primary address and instead use the specified address not only as a lookup mechanism to find the association but also as the actual address to send to. For a one-to-many type (SOCK_SEQPACKET) socket the flag SCTP_SENDALL can be used as a convenient way to make one send call and have all associations that are under the socket get a copy of the message. Note that this mechanism is quite efficient and makes only one actual copy of the data which is shared by all the associations for sending. The remaining flags are used for the partial reliability extension (RFC3758) and will only be effective if the peer endpoint supports this extension. This option specifies what local policy the local endpoint should use in skipping data. If none of these options are set, then data is not skipped over. SCTP_PR_SCTP_TTL is used to indicate that a time based lifetime is being applied to the data. The timetolive argument is then a number of milliseconds for which the data is attempted to be transmitted. If that many milliseconds elapse and the peer has not acknowledged the data, the data will be skipped and no longer transmitted. Note that this policy does not even assure that the data will be sent. In times of a congestion with large amounts of data being queued, the timetolive might expire before the first transmission is made. The SCTP_PR_SCTP_BUF based policy transforms the timetolive field into a total number of bytes allowed on the outbound send queue. If that number or more bytes are in queue, then other buffer based sends are looked to be removed and skipped. Note that this policy may also result in the data never being sent if no buffer based sends are in queue and the maximum specified by timetolive bytes is in queue. The SCTP_PR_SCTP_RTX policy transforms the timetolive into a number of retransmissions to allow. This policy always assures that at a minimum one send attempt is made of the data. After which no more than timetolive retransmissions will be made before the data is skipped. stream_no is the SCTP stream that you want to send the message on. Streams in SCTP are reliable (or partially reliable) flows of ordered messages. The context field is used only in the event the message cannot be sent. This is an opaque value that the stack retains and will give to the user when a failed send is given if that notification is enabled (see sctp(4)). Normally a user process can use this value to index some application specific data structure when a send cannot be fulfilled. sctp_sendmsgx() is identical to sctp_sendmsg() with the exception that it takes an array of sockaddr structures in the argument to and adds the additional argument addrcnt which specifies how many addresses are in the array. This allows a caller to implicitly set up an association passing multiple addresses as if sctp_connectx() had been called to set up the association. RETURN VALUES The call returns the number of characters sent, or -1 if an error occurred. ERRORS The sctp_sendmsg() system call fails if: ___________________________________________________________ Error_________________Definition___________________________ [EBADF] An invalid descriptor was specified. [ENOTSOCK] The argument s is not a socket. [EFAULT] An invalid user space address was specified for an argument. [EMSGSIZE] The socket requires that message be sent automically, and the size of the message to be sent made this impossible. [EAGAIN] The socket is marked non-blocking and the requested operation would block. [ENOBUFS] The system was unable to allocate an internal buffer. The operation may succeed when buffers become available. [ENOBUFS] The output queue for a network interface was full. This generally indicates that the interface has stopped sending, but may be caused by transient congestion. [EHOSTUNREACH] The remote host was unreachable. [ENOTCON] On a one-to-one style socket no association exists. [ECONNRESET] An abort was received by the stack while the user was attempting to send data to the peer. [ENOENT] On a one-to-many style socket no address is specified so that the association cannot be located or the SCTP_ABORT flag was specified on a non-existing association. [EPIPE] The socket is unable to send anymore data (SBS_CANTSENDMORE has been set on the socket). This typically means that the socket is not connected and is a one-to-one style socket. _______________________________________________________________ B.8 SCTP_RECVMSG Receives a message from an SCTP socket. SYNOPSIS #include #include #include ssize_t sctp_recvmsg(int sd, void *msg, size_t len, struct sockaddr * from, socklen_t * fromlen, struct sctp_sndrcvinfo *sinfo, int *msg_flags); DESCRIPTION The sctp_recvmsg() system call is used to receive a message from another SCTP endpoint. The sctp_recvmsg() call is used by one-to-one (SOCK_STREAM) type sockets after a successful connect() call or after the application has performed a listen() followed by a successful accept(). For a one-to-many (SOCK_SEQPACKET) type socket, an endpoint may call sctp_recvmsg() after having implicitly started an association via one of the send calls including sctp_ sendmsg(), sendto() and sendmsg(). Or, an application might also receive a message after having called listen() with a positive backlog to enable the reception of new associations. The address of the sender is held in the from argument with fromlen specifying its size. At the completion of a successful sctp_recvmsg() call from will hold the address of the peer and fromlen will hold the length of that address. Note that the address is bounded by the initial value of fromlen, which is used as an in/out variable. The length of the message msg to be received is bounded by len. If the message is too long to fit in the users receive buffer, then the flags argument will not have the MSG_EOF flag applied. If the message is a complete message then the flags argument will have MSG_EOF set. Locally detected errors are indicated by a return value of -1 with errno set accordingly. The flags argument might also hold the value MSG_NOTIFICATION. When this occurs it indicates that the message received is not from the peer endpoint, but instead is a notification from the SCTP stack (see sctp(4) for more details). Note that no notifications are ever given unless the user subscribes to such notifications using the SCTP_ EVENTS socket option. If no messages are available at the socket then sctp_ recvmsg() normally blocks on the reception of a message or NOTIFICATION, unless the socket has been placed in non- blocking I/O mode. The select(2) system call can be used to determine when you can receive a message. The sinfo argument is defined as follows. struct sctp_sndrcvinfo { u_int16_t sinfo_stream; // Stream arriving on u_int16_t sinfo_ssn; // Stream Sequence Number u_int16_t sinfo_flags; // Flags on the incoming message u_int32_t sinfo_ppid; // The ppid field u_int32_t sinfo_context; // context field u_int32_t sinfo_timetolive; // not used by sctp_recvmsg u_int32_t sinfo_tsn; // The transport sequence number u_int32_t sinfo_cumtsn; // The cumulative acknowledgment point sctp_assoc_t sinfo_assoc_id; // The association ID of the peer }; The sinfo-_sinfo_ppid is an opaque 32 bit value that is passed transparently through the stack from the peer endpoint. Note that the stack passes this value without regard to byte order. The sinfo-_sinfo_flags field can include the following: #define SCTP_UNORDERED 0x0400 // Message is un-ordered The SCTP_UNORDERED flag is used to specify that the message arrived with no specific order and was delivered to the peer application as soon as possible. When this flag is absent the message was delivered in order within the stream it was received. sinfo-_sinfo_stream is the SCTP stream that the message was received on. Streams in SCTP are reliable (or partially reliable) flows of ordered messages. The sinfo-_sinfo_context field is used only if the local application set an association level context with the SCTP_CONTEXT socket option. Optionally a user process can use this value to index some application specific data structure for all data coming from a specific association. The sinfo-_sinfo_ssn will hold the stream sequence number assigned by the peer endpoint if the message is not unordered. For unordered messages this field holds an undefined value. The sinfo-_sinfo_tsn holds a transport sequence number (TSN) that was assigned to this message by the peer endpoint. For messages that fit in or less than the path MTU this will be the only TSN assigned. Note that for messages that span multiple TSNs this value will be one of the TSNs that was used on the message. The sinfo-_sinfo_cumtsn holds the current cumulative acknowledgment point of the transport association. Note that this might be larger or smaller than the TSN assigned to the message itself. The sinfo-_sinfo_assoc_id is the unique association identification that was assigned to the association. For one-to-many (SOCK_SEQPACKET) type sockets this value can be used to send data to the peer without the use of an address field. It is also quite useful in setting various socket options on the specific association (see sctp(4)). The sinfo-_info_timetolive field is not used by sctp_ recvmsg. RETURN VALUES The call returns the number of characters sent, or -1 if an error occurred. ERRORS The sctp_recvmsg() system call fails if: ___________________________________________________________ Error_________________Definition___________________________ [EBADF] An invalid descriptor was specified. [ENOTSOCK] The argument s is not a socket. [EFAULT] An invalid user space address was specified for an argument. [EMSGSIZE] The socket requires that message be sent automtically, and the size of the message to be sent made this impossible. [EAGAIN] The socket is marked non-blocking and the requested operation would block. [ENOBUFS] The system was unable to allocate an internal buffer. The operation might succeed when buffers become available. [ENOBUFS] The output queue for a network interface was full. This generally indicates that the interface has stopped sending, but might be caused by transient congestion. [EHOSTUNREACH] The remote host was unreachable. [ENOTCON] On a one-to-one style socket no association exists. [ECONNRESET] An abort was received by the stack while the user was attempting to send data to the peer. [ENOENT] On a one-to-many style socket no address is specified so that the association cannot be located or the SCTP_ABORT flag was specified on a non-existing association. [EPIPE] The socket is unable to send anymore data (SBS_CANTSENDMORE has been set on the socket). This typically means that the socket is not connected and is a one-to-one style socket. ____________________________________________________________ B.9 SCTP_GETADDRLEN Returns the address length of an address family. SYNOPSIS #include #include #include int sctp_getaddrlen(sa_family_t family); DESCRIPTION The sctp_getaddrlen() function returns the size of a specific address family. This function is provided for application binary compatibility since it provides the application with the size the operating system thinks the specific address family is. Note that the function will actually create an SCTP socket and then gather the information via a getsockopt() system calls. If for some reason a SCTP socket cannot be created or the getsockopt() call fails, an error will be returned with errno set as specified in the socket() or getsockopt() system call. RETURN VALUES The call returns the number of bytes that the operating system expects for the specific address family or -1. ERRORS The sctp_getaddrlen() function can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [EINVAL] The address family specified does NOT ______________________exist._______________________________ B.10 SCTP_OPT_INFO Gathers SCTP socket information. SYNOPSIS #include #include #include int sctp_opt_info(int sd, sctp_assoc_t id, int opt, void *arg, socklen_t *size); DESCRIPTION The sctp_opt_info() call provides a multi-OS compatible method for getting specific getsockopt() data where an association identification needs to be passed into the operating system. For FreeBSD a direct getsockopt() can be used, since FreeBSD has the ability to pass information into the operating system on a getsockopt() call. Other operating systems might not have this ability. For those who want to write portable code amongst multiple operating systems this call should be used for the following SCTP socket options. o SCTP_RTOINFO o SCTP_ASSOCINFO o SCTP_PRIMARY_ADDR o SCTP_SET_PEER_PRIMARY_ADDR o SCTP_STATUS o SCTP_GET_PEER_ADDR_INFO o SCTP_AUTH_ACTIVE_KEY o SCTP_PEER_AUTH_CHUNKS o SCTP_LOCAL_AUTH_CHUNKS ERRORS The sctp_opt_info() function can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [EINVAL] The argument arg value was invalid. [EOPNOTSUPP] The argument opt was not one of the above listed SCTP socket options. [EBADF] The argument s is not a valid descriptor. [ENOTSOCK] The argument s is not a socket. ___________________________________________________________ B.11 SCTP_GETASSOCID Returns an association ID for a specified socket address. SYNOPSIS #include #include #include sctp_assoc_t sctp_getassocid(int sd, struct sockaddr *addr); DESCRIPTION The sctp_getassocid() call attempts to look up the specified socket address addr and find the respective association identification. RETURN VALUES The call returns the association ID upon success and 0 is returned upon failure. ERRORS The sctp_getassocid() function can return the following errors: ___________________________________________________________ Error_________________Definition___________________________ [ENOENT] The address does not have an association setup to it. [EBADF] The argument s is not a valid descriptor. [ENOTSOCK] The argument s is not a socket. ___________________________________________________________