Patch Name: PHSS_18612 Patch Description: s700_800 10.24 VirtualVault 3.01 NES NSAPI fix Creation Date: 99/04/19 Post Date: 99/06/09 Hardware Platforms - OS Releases: s700: 10.24 s800: 10.24 Products: VirtualVault/SAFE A.03.01 US/Canada Release; VirtualVault/SAFE A.03.01 International Release Filesets: VaultNES.NES-VAULT VaultTS.INES-COMMON VaultTS.VAULT-CORE-CMN Automatic Reboot?: Yes Status: General Superseded Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHSS_18612 Symptoms: PHSS_18612: Under certain conditions, the Netscape Enterprise Server (NES) does not function as expected. This has been observed in the NES bundled with VirtualVault A.03.01 . PHSS_16974: Repackage patch PHSS_16550 Due to the fact that PHSS_16550 installed a file into the wrong directory, PHSS_16550 did not correct all of the problems for which it was released. PHSS_16550: TGA waits an extended period of time, or cannot establish its master endpoint. Connections to an outside web server result in a "server error" message. The stand alone version of TGA does not execute. The creation of the SERVER_SOFTWARE environment variable returns an invalid value Defect Description: PHSS_18612: Under certain conditions, the Netscape Enterprise Server (NES) does not function properly. This has been observed in the NES bundled with VirtualVault A.03.01 . PHSS_16974: Patch PHSS_16550 incorrectly installed /opt/nes/3.5/bin/https/libvvtga.so which should have been installed as /var/opt/nes/3.5/bin/https/libvvtga.so The TGA binary /var/opt/vaultTS/outside/app/cgibin/tga (and /tcb/bin/tga) was linked with the incorrect shared libraries. PHSS_16550: If an outside web server is running when the TGA daemon is restarted, it can take a number of retries before the TGA daemon can re-establish its persistent TCP master listening endpoint. This is because the TGA NSAPI has the connection bound, and unless an HTTP request comes to the web server in the interim, the NSAPI does not release the connection to the master. This situation is worse with multiple outside web servers, and can result in the TGA daemon giving up on the bind to its master port. The stand alone version of TGA has been relinked so that it will execute. The creation of the SERVER_SOFTWARE environment variable is now set correctly. SR: 0000000000 4701402420 4701408807 Patch Files: /var/opt/nes/3.5/bin/https/libvvtga.so /var/opt/vaultTS/inside/nes/bin/https/libvvauth.so /tcb/bin/tga /var/opt/vaultTS/outside/app/cgibin/tga /tcb/lib/tgad what(1) Output: /var/opt/nes/3.5/bin/https/libvvtga.so: $Source: src/gateway/cgi2/nsapi/tgansapi.c, vaultNES , vaultNES_3.1 $Date: 99/05/14 16:02:55 $ $R evision: 1.29 PATCH_10.24 (PHSS_16550) $ $Source: src/gateway/cgi2/nsapi/env.c, vaultNES, vau ltNES_3.1 $Date: 99/05/14 16:02:55 $ $Revisi on: 1.15 PATCH_10.24 (PHSS_16550) $ 95 1.13 src/gateway/cgi2/nsapi/argv.c, vaultNES, v aultNES_3.1 06/30/98 18:02:06 65 1.2.1.1 src/gateway/cgi2/nsapi/log.c, vaultNES, vaultNES_3.1 05/18/99 13:31:24 PATCH_10.24 (PHSS_18612) 93 1.17 io.c, vaultTS, vaultTS_3.1 05/24/99 14:21: 43 PATCH_10.24 (PHSS_18612) /var/opt/vaultTS/inside/nes/bin/https/libvvauth.so: src/lib/vvcertutil/b64dec.c, vaultTS, vaultTS_3.1 1. 1 06/07/97 src/misc/nsapi/vvauth/auth.c, vaultTS, vaultTS_3.1 1 .12 09/22/97 05 1.6.2.1 src/misc/nsapi/vvauth/log.c, vaultTS, v aultTS_3.1 05/18/99 13:35:57 PATCH_10.24 (PH SS_18612) src/lib/vvcertutil/certutil.c, vaultTS, vaultTS_3.1 1.9 08/14/98 /tcb/bin/tga: $Source: src/gateway/cgi2/cgi/tga.c, vaultTS, vaultT S_3.1 $Date: 99/05/14 16:01:11 $ $Revision: 1.10 PATCH_10.24 (PHSS_16974) $ 93 1.17 io.c, vaultTS, vaultTS_3.1 05/24/99 14:21: 43 PATCH_10.24 (PHSS_18612) /var/opt/vaultTS/outside/app/cgibin/tga: $Source: src/gateway/cgi2/cgi/tga.c, vaultTS, vaultT S_3.1 $Date: 99/05/14 16:01:11 $ $Revision: 1.10 PATCH_10.24 (PHSS_16974) $ 93 1.17 io.c, vaultTS, vaultTS_3.1 05/24/99 14:21: 43 PATCH_10.24 (PHSS_18612) /tcb/lib/tgad: lib/libc/core/gen/mktemp.c, hpuxlibc, vvos_davis, da vis22 $Date: 97/07/18 11:58:12 $ $Revision: 1.2 PATCH_10.24 (PHCO_11183) $ $Source: communications.c, vaultTS, vaultTS_3.1 $Dat e: 98/09/30 08:53:29 $ $Revision: 1.14 PATCH _10.24 (PHSS_16550) $ $Source: execute.c, vaultTS, vaultTS_3.1 $Date: 98/0 9/30 08:53:53 $ $Revision: 1.18 PATCH_10.24 (PHSS_16550) $ HP VirtualVault, tgad, revision A.03.00 src/lib/swp/setlocale.c, vaultTS, vaultTS_3.1, A.03. 01.A 1.1 09/29/97 lib/libsecurity/accept_pw.c, libsecurity_ia, vvos_da vis, davis26 $Date: 97/10/01 15:16:10 $ $Rev ision: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis26 $Date: 97/10/01 15:16:15 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis26 $Date: 97/10/01 15:16:16 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis26 $Date: 97/10/01 15:16:17 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis26 $Date: 97/10/01 15:16:11 $ $ Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_errlst.c, libsecurity_util, vvos _davis, davis26 $Date: 97/10/01 15:16:18 $ $ Revision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis26 $Date: 97/10/01 15:16:10 $ $Revis ion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis26 $Date: 97/10/01 15:17:50 $ $Re vision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis26 $Date: 97/10/01 15:16:12 $ $Revis ion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis26 $Date: 97/10/01 15:16:13 $ $Revisi on: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis26 $Date: 97/10/01 15:18:19 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis26 $Date: 97/10/01 15:19:47 $ $Revi sion: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis60 $Date: 97/10/01 16:00:20 $ $Revision : 1.1.1.4 PATCH_10.24 (PHCO_12734) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis26 $Date: 97/10/01 15:16:13 $ $Re vision: 1.14 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Jul 18 1997 15:26:17 cksum(1) Output: 3421421123 41065 /var/opt/nes/3.5/bin/https/libvvtga.so 3079116602 61635 /var/opt/vaultTS/inside/nes/bin/https/ libvvauth.so 1361056032 28743 /tcb/bin/tga 1361056032 28743 /var/opt/vaultTS/outside/app/cgibin/tga 3572193509 673776 /tcb/lib/tgad Patch Conflicts: None Patch Dependencies: s700: 10.24: PHCO_18615 s800: 10.24: PHCO_18615 Hardware Dependencies: None Other Dependencies: None Supersedes: PHSS_16550 PHSS_16974 Equivalent Patches: PHSS_18616: s700: 10.24 s800: 10.24 PHSS_18620: s700: 10.24 s800: 10.24 PHSS_18621: s700: 10.24 s800: 10.24 Patch Package Size: 890 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHSS_18612 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHSS_18612.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHSS_18612.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHSS_18612. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHSS_18612.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHSS_18612.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: The PHCO_18615 (libsecalarm) patch should be installed prior to installing this patch in order to maintain application library compatibility.