� Harris CSD Software Development
Software Patch Report
Patch Name: cnd6.2-001
Project: HCX
Product: cnd
Date Issued: Wed Oct 4 10:57:19 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: None.
Related Modification Numbers: None.
Related SARs: None.
Problem Description:
During heavy network usage, a Condor Ethernet controller port can
experience performance problems due to contention for port resources.
Resolution Description:
Correct port resource queue access problem in the Condor device driver
by implementing a round-robin approach to port queue access management.
Modified Source:
usr/src/uts/machine/hcxif/if_cnd.c
usr/src/uts/machine/hcxif/if_cnd.h
Object Modules:
lib_cnd if_cnd.o
Conditions for Installation:
A Series 4000 or Series 5000 system with a Condor Ethernet controller
installed on the system and configured into the operating system.
Possible Side Effects:
None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: cnd6.2-002
Project: HCX
Product: cnd
Date Issued: Thu Dec 14 09:19:11 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description:
1) Could not reconfigure MAC address without system hang
2) No ethersnoop probe point
Resolution Description:
1) Decrement cc_init_wait correctly
2) Add in if_snoop() probe point
Modified Source:
usr/src/uts/machine/hcxif/if_cnd.c
Object Modules:
lib_cnd if_cnd.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: cnd6.2-003
Project: HCX
Product: cnd
Date Issued: Thu Jan 11 15:22:23 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-130
Related Modification Numbers: none
Related SARs: none
Problem Description:
(1) The mkassure(1MS) assurance tape utility does not know how to add
the Condor Ethernet device driver product to the assurance tape
it creates.
(2) Default Condor configuration limits DMA burst mode affecting
performance.
Resolution Description:
(1) Add a Trusted Computing Base (TCB) TCB.cnd file under the
/mls/assure/TCB directory which lists those files to be added to
the assurance tape by mkassure(1MS).
(2) Performance of the kernel library lib_cnd has been improved by
modifying the Condor Ethernet interface's DMA burst mode configuration.
Modified Source:
usr/src/cmd/assure/TCB/TCB.cnd
usr/src/uts/machine/hcxif/if_cnd.c
usr/src/uts/machine/hcxif/if_cnd.h
Object Modules:
mls/assure/TCB/TCB.cnd
usr/src/uts/machine/hcxif/if_cnd.h
lib_cnd
Conditions for Installation:
Patch may be installed on either an NH4000 or NH5000 6.2-based
system which has both the Interphase Condor Ethernet product and
and all applicable Condor patches installed. The cx6.2-130 patch
must be installed with this patch.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: cnd6.2-004
Project: HCX
Product: cnd
Date Issued: Mon Mar 25 18:18:49 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: cx6.2-135
Related Modification Numbers: N/A
Related SARs: N/A
Problem Description:
(See Resolution Description below)
Resolution Description:
Kernel support for up to 128 Condor interfaces was added.
Configurations with up to four Condor controllers,
with up to four interfaces per controller, for a maximum of
16 interfaces, are possible.
The number of slots available for these controllers depends
on the machine's hardware configuration.
A problem was corrected regarding Controller hangs when doing a
reset during booting.
Modified Source:
usr/src/uts/machine/hcxif/if_cnd.c
Object Modules:
usr/src/uts/machine/M88K/lib_cnd if_cnd.o
usr/src/uts/machine/M88K-RT/lib_cnd if_cnd.o
usr/src/uts/machine/NH5000/lib_cnd if_cnd.o
usr/src/uts/machine/NH5000-RT/lib_cnd if_cnd.o
Conditions for Installation:
Patch cx6.2-135 must be installed for this patch to work properly.
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-001
Project: HCX
Product: eg
Date Issued: Fri Aug 26 14:28:51 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-091, ise6.2-001, pg6.2-001
Related Modification Numbers: None
Related SARs: None
Problem Description:
Unbundling of the ethernet product requires this patch to the eg
product to provide the appropriate version of the system header file.
Resolution Description:
This patch provides the appropriate version of the eg system header
file.
Modified Source: None
Object Modules:
usr/src/uts/machine/hcxif/if_eg.h
Conditions for Installation:
Install on CX/UX 6.2 only.
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-002
Project: HCX
Product: eg
Date Issued: Fri Nov 4 10:33:41 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description:
1. A system panic with a "unknown work queue" message from
the Eagle driver.
2. A system hang when there is a large volume of VME traffic.
Resolution Description:
1. Changed the Eagle driver to get the correct information from the
Eagle board.
2. Added detection of error condition to the Eagle driver.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
usr/src/uts/machine/hcxif/if_eg.h
Object Modules:
lib_eg: if_eg.o
usr/src/uts/machine/hcxif/if_eg.h
Conditions for Installation:
Patch cx6.2-091 must be installed prior to installing this patch.
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-003
Project: HCX
Product: eg
Date Issued: Tue Dec 27 12:55:14 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None.
Related Patches: cx6.2-107, ise6.2-003, pg6.2-002
Problem Description:
Need a way to monitor network traffic at the packet level, in order to
diagnose and correct networking problems.
Resolution Description:
Add support for the REIOGETSNOOP ioctl to the raw ethernet interface.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
Object Modules:
lib_eg if_eg.o
Conditions for Installation:
None.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-004
Project: HCX
Product: eg
Date Issued: Fri Feb 3 14:59:17 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: tcp_ip6.2-020
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
If a packet longer than 1500 bytes is sent to the ip layer, and the
ip layer breaks it into smaller packets, it is possible that a zero
size transmit buffer will be generated. If the Eagle driver attempts
to send this zero-size buffer, the controller will hang.
Resolution Description:
Look for transmission of zero-size messages and ignore them in the driver.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
Object Modules:
lib_eg if_eg.o
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-005
Project: HCX
Product: eg
Date Issued: Wed Mar 22 15:45:25 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches:
None.
Related Modification Numbers:
None.
Related SARs:
None.
Problem Description:
DMA burst mode of a later version of the Condor controller
was not detected by the driver.
Kernel virtual pages were not being mapped to extended memory
on the Eagle controller due to an early exit in the egslave routine.
This failure to use extended memory caused an ENOMEM error
when performing direct I/O.
Resolution Description:
Detection of the controller variation was added and the slave routine
was modified to use the extended memory of the Condor controller.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
usr/src/uts/machine/hcxif/if_eg.h
Object Modules:
usr/src/uts/machine/hcxif/if_eg.h
lib_eg if_eg.o
Conditions for Installation:
None.
Possible Side Effects:
None.
Other Requirements:
This patch is MANDATORY for CyberGuard systems that utilize the Condor
Ethernet controller.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-006
Project: HCX
Product: eg
Date Issued: Thu Jun 22 11:35:09 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches:
cx6.2-123.
Related Modification Numbers:
None.
Related SARs:
None.
Problem Description:
The Multiple completion per interrupt capability of Eagle/Condor controller
was not being utilized. Differences between 6.2 source and 7.1 source
did not allow a correction discovered in one release to be easily
incorporated into another release.
Resolution Description:
Added support for multiple completions per interrupt and consolidated
differences between the 6.2 and 7.1 versions of the driver.
The driver is currently set up such that only
one #define needs to be changed in order to make the driver under the
7.1 or 6.2 hcxif directory.
The same header file is used for both versions of the driver.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
usr/src/uts/machine/hcxif/if_eg.h
Object Modules:
usr/src/uts/machine/hcxif/if_eg.h
lib_eg if_eg.o
Conditions for Installation:
Patch cx6.2-123 must be installed prior to installing patch eg6.2-006
in order to have an up-to-date /usr/src/uts/cf/comspace.c file.
Possible Side Effects:
None.
Other Requirements:
This patch is not mandatory for CyberGuard systems but is recommended.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-007
Project: HCX
Product: eg
Date Issued: Thu Jan 11 17:24:08 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
The mkassure(1MS) assurance tape utility does not know how to add
the Eagle Ethernet device driver product to the assurance tape
it creates.
Resolution Description:
Add a Trusted Computing Base (TCB) TCB.eg file under the
/mls/assure/TCB directory which lists those files to be added to
the assurance tape by mkassure(1MS).
Modified Source:
usr/src/cmd/assure/TCB/TCB.eg
Object Modules:
mls/assure/TCB/TCB.eg
Conditions for Installation:
Patch may be installed on either an NH4000 or NH5000 6.2-based
system which has the Interphase Eagle Ethernet product installed.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: eg6.2-008
Project: HCX
Product: eg
Date Issued: Mon Mar 25 18:33:46 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: N/A
Problem Description:
(See Resolution Description below)
Resolution Description:
This change fixed a problem where the Eagle controller "stopped"
working and all transmit packets were dropped.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
Object Modules:
usr/src/uts/machine/M88K/lib_eg if_eg.o
usr/src/uts/machine/M88K-RT/lib_eg if_eg.o
usr/src/uts/machine/NH5000/lib_eg if_eg.o
usr/src/uts/machine/NH5000-RT/lib_eg if_eg.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-001
Project: HCX
Product: ethernet
Date Issued: Wed Nov 4 15:40:47 1992
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-003 tcp_ip6.2-001
Related Modification Numbers: none
Related SARs: none
Problem Description:
Users require a higher performance interface to send and receive
raw IP packets.
Resolution Description:
Develop user level library routines and direct I/O for Ethernet
transmission to improve performance when transmitting and
receiving raw IP packets. The library /usr/lib/libip.a is
provided to have a streamlined interface when sending and
receiving raw IP packets.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
usr/src/uts/machine/hcxif/if_eg.h
usr/src/uts/machine/hcxif/if_ie.c
Object Modules:
lib_hcxif if_eg.o
lib_hcxif if_ie.o
usr/src/uts/machine/hcxif/if_eg.h
Conditions for Installation: none
Possible Side Effects: Use of the ip_lib(3n) library IP_RAW_IO mode for
reading may not operate properly when connected to networks having
other network traffic.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-002
Project: HCX
Product: ethernet
Date Issued: Tue Feb 2 12:49:25 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.0
Related Patches:
None
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
The networking driver for the model CD0937 (Interphase Eagle) networking
controller does not utilize the optimum transfer modes on the VME bus.
Resolution Description:
Enhance the Eagle Networking driver to utilize full 32-bit async block
mode DMA when possible.
Modified Source:
usr/src/uts/machine/hcxif/if_eg.c
Object Modules:
lib_hcxif if_eg.o
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-003
Project: HCX
Product: ethernet
Date Issued: Tue Mar 9 15:44:34 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
NH5800 systems require an up-to-date patch for ethernet products.
Resolution Description:
Create patch with all ethernet patches for NH5800.
Modified Source:
Object Modules:
lib_hcxif if_eg.o
lib_hcxif if_ie.o
usr/src/uts/machine/hcxif/if_eg.h
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-005
Project: HCX
Product: ethernet
Date Issued: Mon Dec 6 09:17:08 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1P
Related Patches: cx6.2-068
Related Modification Numbers: None
Related SARs: None
Problem Description:
This Patch supersedes patch ethernet6.2-004 which was never released.
1) The Ethernet driver problem occurs because the driver tries to maintain
the data buffer address as an even address. When an odd address
is found, the driver tries to write the first byte of data
to the end of the previous buffer. However, the driver
writes the data byte to another area of memory. If the memory
is outside of the address range, the kernel panics in the
ie_transmit routine. If the memory is within the
data buffers, the byte may overwrite a chain address. This
will cause the kernel to panic some time later when this
chain address (now corrupted) is accessed.
2) The ise was generating large number of underruns on systems with
global memory.
Resolution Description:
1) This patch resolves the problem by writing the data byte to
the proper place, thus not corrupting any data area, and
not accessing memory outside the addressable range.
2) The outbound data is now being double-buffered in local memory.
Modified Source:
usr/src/uts/machine/hcxif/if_ie.c
usr/src/uts/machine/hcxif/if_ie.h
Object Modules:
lib_hcxif if_ie.o
usr/src/uts/machine/hcxif/if_ie.h
Conditions for Installation: Installation of patch cx6.2-068.
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-006
Project: HCX
Product: ethernet
Date Issued: Tue Apr 26 10:43:23 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-086
Related Modification Numbers: None
Related SARs: None
Problem Description:
VME64 needs to be utilized by the Interphase 5211 FDDI board.
Resolution Description:
Update configuration files to support VME64 as the default when
an Interphase 5211 FDDI board is used on a system which supports
VME64.
Modified Source:
usr/src/uts/machine/hcxif/if_pg.c
usr/src/uts/machine/hcxif/if_pg.h
Object Modules:
usr/src/uts/machine/hcxif/if_pg.h
lib_hcxif if_pg.o
Conditions for Installation:
This patch requires the installation of patch cx6.2-086.
Possible Side Effects: None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ethernet6.2-007
Project: HCX
Product: ethernet
Date Issued: Wed May 11 16:00:18 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description:
When there is heavy frontplane activity, devices connected to
the Integraged Ethernet interface cannot open connections.
Resolution Description:
This patch permits the number of output messages queued at
the Integrated Ethernet, Interphase Eagle Ethernet, and
Interphase FDDI interfaces to be selected by the user, rather
than be limited to the default value of 50. This prevents the
dropping of messages which resulted in the inability to connect
to the Integrated Ethernet interface.
Modified Source:
usr/src/uts/machine/hcxif/if_ie.c
usr/src/uts/machine/hcxif/if_eg.c
usr/src/uts/machine/hcxif/if_pg.c
usr/src/uts/machine/cf/space.c
Object Modules:
lib_hcxif: if_ie.o
lib_hcxif: if_eg.o
lib_hcxif: if_pg.o
usr/src/uts/machine/cf/space.c
Conditions for Installation:
The three defines in the /usr/src/uts/machine/cf/space.c file:
ieMaxQLen
egMaxQLen
pgMaxQLen
must be set to the value desired by the user before the kernel
is recompiled following installation of this patch.
Possible Side Effects:
If the values chosen are too high, the queues may hold all the
mbufs in the system. This patch attempts to keep this from happening
by setting the number of mbufs to five (5) times the sizes chosen.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: int_network6.2-001
Project: HCX
Product: int_network
Date Issued: Tue Feb 2 12:27:29 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.0
Related Patches:
cx6.2-015, tcp_ip6.2-005
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
1) Intelligent Networking driver would hang on systems having only
local memory.
2) Various typographical errors existed in the release notes for
Intelligent Networking.
3) Data loss could occur on transmission when multiple processes are
utilizing the same interface.
4) Busy systems could result in exhaustion of buffer pools for the
driver, preventing reception of further data.
5) The last bytes of a file being sent via ftp could be lost.
Resolution Description:
1) Correct the VME Modifier Code used on DMA transfers.
2) Correct errors in release notes and manual page.
3) Add semaphores to protect the transmission and retransmission routines.
4) Enhance the buffer management logic to properly notify the controller
when the system is low on memory.
5) Delay issuance of the close function when there are untransmitted messages
and improve buffer management.
Modified Source:
usr/src/uts/machine/intnet/iph.c
Object Modules:
usr/catman/a_man/man7/iph.7.z
usr/catman/a_man/man7/intelligent.7.z
usr/catman/a_man/man7/networking.7.z
usr/man/a_man/man7/iph.7
usr/src/PRODUCTS/int_network_6.2_lpr
usr/src/PRODUCTS/int_network_6.2_rel
usr/src/PRODUCTS/int_network_6.2_si
usr/src/uts/machine/intnet/iph.h
usr/src/uts/machine/intnet/net_stat.h
usr/include/intnet/iph.h
usr/include/intnet/net_stat.h
lib_intnet iph.o
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-001
Project: HCX
Product: ise
Date Issued: Fri Aug 26 14:06:55 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-091, eg6.2-001, pg6.2-001
Related Modification Numbers: None
Related SARs: None
Problem Description:
Unbundling of the ethernet product requires this patch to the ise
product to provide the appropriate version of the system header files.
Resolution Description:
This patch provides the appropriate version of the ise system header
files.
Modified Source:
None
Object Modules:
usr/src/uts/machine/hcxif/if_ie.h
usr/src/uts/machine/sys/mbuf.h
Conditions for Installation:
Install on CX/UX 6.2 only.
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-002
Project: HCX
Product: ise
Date Issued: Fri Nov 4 14:57:32 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-101
Related Modification Numbers: None
Related SARs: None
Problem Description:
During high volumes of output, the Integrated Ethernet driver
panics.
Resolution Description:
Increase the number of command block structures to match the
number of transmit messages that may be queued within the
Integrated Ethernet driver.
Modified Source:
usr/src/uts/machine/hcxif/if_ie.c
usr/src/uts/machine/hcxif/if_ie.h
Object Modules:
lib_ise: if_ie.o
usr/src/uts/machine/hcxif/if_ie.h
Conditions for Installation:
Patch cx6.2-091 must be installed prior to installing this patch.
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-003
Project: HCX
Product: ise
Date Issued: Tue Dec 27 12:51:02 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None
Related Patches: cx6.2-107, eg6.2-003, pg6.2-002
Problem Description:
Need a way to monitor network traffic at the packet level, in order to
diagnose and correct networking problems.
Resolution Description:
Add support for the REIOGETSNOOP ioctl to the raw ethernet interface.
Modified Source:
usr/src/uts/machine/hcxif/if_ex.c
usr/src/uts/machine/hcxif/if_ie.c
Object Modules:
usr/man/a_man/man7/ethernet.7
usr/catman/a_man/man7/ethernet.7.z
lib_ise if_ex.o
lib_ise if_ie.o
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-004
Project: HCX
Product: ise
Date Issued: Thu Jun 8 11:52:47 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem:
None.
Related Patches:
cx6.2-121
Related Modification Numbers:
None.
Related SARs:
None.
Problem Description:
There is no support for multiple ports on the Condor ethernet
controller.
Resolution Description:
This patch adds support for the Condor ethernet driver to enconfig.
Modified Source:
usr/src/cmd/enconfig.c
usr/man/a_man/man1/enconfig.1m
Object Modules:
usr/sbin/enconfig
usr/catman/a_man/man1/enconfig.1m.z
Conditions for Installation:
None.
Possible Side Effects:
None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-005
Project: HCX
Product: ise
Date Issued: Tue Sep 5 15:48:01 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: N/A
Related SARs: N/A
Problem Description:
When all ise ethernet command buffers are exhausted, the machine will
panic. This was caused by not checking if the buffer had any room left.
Resolution Description:
Check the command buffers, and pause if they are all full.
Modified Source:
usr/src/uts/machine/hcxif/if_ie.c
Object Modules:
lib_ise if_ie.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-006
Project: HCX
Product: ise
Date Issued: Thu Jan 11 17:29:45 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
The mkassure(1MS) assurance tape utility does not know how to add
the HCSC Integral Ethernet product to the assurance tape it creates.
Resolution Description:
Add a Trusted Computing Base (TCB) TCB.ise file under the
/mls/assure/TCB directory which lists those files to be added to
the assurance tape by mkassure(1MS).
Modified Source:
usr/src/cmd/assure/TCB/TCB.ise
Object Modules:
mls/assure/TCB/TCB.ise
Conditions for Installation:
Patch may be installed on either an NH4000 or NH5000 6.2-based
system which has the HCSC Integral Ethernet SCSI product installed.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-007
Project: HCX
Product: ise
Date Issued: Mon Mar 25 13:53:23 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: NONE
Related Modification Numbers: NONE
Related SARs: NONE
Problem Description:
In file "uts/machine/hcxif/if_ie.c", one assignment statement was
written as a conditional statement -- comparison operator (==) was used
instead of assignment operator (=).
Resolution Description:
Changed the equality operator to an assignment operator
Modified Source:
usr/src/uts/machine/hcxif/if_ie.c
Object Modules:
lib_ise if_ie.o
Conditions for Installation: NONE
Possible Side Effects: NONE
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: ise6.2-008
Project: HCX
Product: ise
Date Issued: Fri Jun 14 14:46:31 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description:
1) When doing an enconfig on a Peregrine 4211 or 5211 FDDI controller,
bogus information was returned.
Resolution Description:
1) It turned out that enconfig was doing an extra read on the kernel
data structure and the file position pointer was being moved past the
end of the structure. Removed the extra read.
Modified Source:
usr/src/cmd/enconfig.c
Object Modules:
usr/sbin/enconfig
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Concurrent Computer Corporation
Software Patch Report
Patch Name: ise6.2-009
Project: HCX
Product: ise
Date Issued: Fri Nov 08 15:22:01 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: None
Problem Description:
Miscellaneous errors in man pages.
Resolution Description:
Fix and redistribute the man pages.
Modified Source: None
Object Modules:
usr/catman/a_man/man1/enconfig.1m.z
usr/catman/a_man/man7/ethernet.7.z
usr/man/a_man/man1/enconfig.1m
usr/man/a_man/man7/ethernet.7
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-001
Project: HCX
Product: nfs
Date Issued: Fri Feb 11 11:17:05 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBA
Related Patches: None
Related Modification Numbers: None
Related SARs: HM10964
Problem Description:
1. When file sharing is used (mostly by PCs using the NightHawk as an NFS
server) rpc.lockd uses a hash function to index a table of sharing
records. This function can sometimes yield negative values, causing
rpc.lockd to coredump.
2. During the boot process, rpc.lockd implements a grace period during which
lockdaemon peers can re-acquire locks they held prior to the reboot.
During this period, kernel messages are acknowledged and kept in a cache,
but no action is taken on their behalf. At the end of the grace period,
rpc.lockd discards all kernel messages from its message cache. rpc.lockd
then gets confused and uses a stale pointer to send a reply back to the
last kernel message it received. This produces a message from rpc.lockd
on the system console (or the debug trace file):
rpc.lockd: unknown klm_reply proc(0)
A truncated reply is then sent to the kernel. The kernel then complains
on the system console with the following message:
lock-manager: RPC error: RPC: Can't decode result
Resolution Description:
1. Modify the hash function so the hash value is always non-negative.
2. Modify the code in rpc.lockd that discards messages from the cache so the
last kernel message pointer is cleared when that message is discarded.
Modified Source:
usr/src/cmd/rpc.lockd/prot_share.c
usr/src/cmd/rpc.lockd/prot_msg.c
Object Modules:
usr/etc/rpc.lockd
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-002
Project: HCX
Product: nfs
Date Issued: Tue Sep 27 16:49:21 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-099, lan_sx6.2-006, tcp_ip6.2-016, cx_sx6.2-008
Related Modification Numbers: None
Related SARs: None
Problem Description:
Need to rebuild nfs modules because of socket size change.
Resolution Description:
Rebuild nfs modules.
Modified Source:
None
Object Modules:
lib_krpc klm_lockmgr.o
lib_nfs nfs_vfsops.o
lib_nfs nfs_server.o
lib_nfs nfs_subr.o
lib_rpc subr_kudp.o
lib_rpc clnt_kudp.o
lib_rpc authdes_subr.o
lib_rpc kudp_fastsend.o
lib_rpc svc.o
lib_rpc svc_kudp.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-003
Project: HCX
Product: nfs
Date Issued: Wed Jun 14 11:35:46 1995
Release on Which Patch May Be Installed:
6.2
Release Which Corrects Problem:
7.1
Related Patches:
None.
Related Modification Numbers:
None.
Related SARs:
HM11516
Problem Description:
When writing to a file that is in a remotely mounted NFS
filesystem, sometimes incorrect data will be written into
the file.
Resolution Description:
Added some vnode/rnode locking protection in several places
in the kernel that deal with modifying the NFS write buffer
count.
Modified Source:
usr/src/uts/machine/nfs/nfs_vnodeops.c
Object Modules:
lib_nfs nfs_vnodeops.o
Conditions for Installation:
Any NFS client CX/UX 6.2P system.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-004
Project: HCX
Product: nfs
Date Issued: Tue Dec 5 11:46:15 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: nfs6.2-003
Related Modification Numbers: None
Related SARs: HM11681
Problem Description:
1. After installing patch nfs6.2-003, sync operations on
remote nfs filesystems will sometimes cause remote files to
be padded out to a filesystem block size boundary.
2. The system may deadlock/hang when a sync of the nfs filesystems
and an nfs write getblk() both try to obtain locks on
the same buffer lock and rnode table hash lock.
Resolution Description:
1. Modified the nfs_strategy() routine.
The code that reduces the write buffer byte count down to
the size of the file would only be done if the vnode lock
was owned by the caller.
In the case of sync operations, the vnode lock may not be
locked by the caller. In this case, the round down to the
end-of-file operation was being skipped. Unfortunately,
sync write operation byte counts tend to be set to blocksize,
which may sometimes write out beyond the end of file.
Therefore, for sync operations that do not own the vnode
lock, execute more cautious code that reduces the buffer
byte count down to the current end-of-file.
2. Changed the rflush() routine, which is used on sync() operations,
so that it releases the rnode table hash lock while flushing out
data of an rnode/vnode.
Modified Source:
usr/src/uts/machine/nfs/nfs_vnodeops.c
usr/src/uts/machine/nfs/nfs_subr.c
Object Modules:
lib_nfs nfs_vnodeops.o
lib_nfs nfs_subr.o
Conditions for Installation:
All CX/UX 6.2P systems using NFS.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-005
Project: HCX
Product: nfs
Date Issued: Tue Nov 21 15:06:43 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
When file sharing is used, rpc.lockd uses a hash function to index a
table of shared records. This function can sometimes yield negative
values, causing rpc.lockd to coredump. This is the same problem that
patch nfs6.2-001 fixes (see problem 1 in the Problem Description for
this patch); however a different part of the code caused the negative
value in the hash function. This was seen from accessing a file from
a PowerUnix filesystem via NFS.
Resolution Description:
Modified hash function so hash value is always non-negative.
Modified Source:
usr/src/cmd/rpc.lockd/udp.c
Object Modules:
usr/etc/rpc.lockd
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-006
Project: HCX
Product: nfs
Date Issued: Tue Feb 27 14:55:47 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None.
Related Modification Numbers: None.
Related SARs: HM11708
Problem Description:
When using touch on a PowerUX system to update the access and modify
times of a file residing on a NFS-mounted CX/UX system disk, the file's modify
time gets set to Dec 31 1969. This occurs only if no time is specified on the
touch command.
Resolution Description:
Changed rfs_setattr() to fill in the current time if it sees a request
with the tv_usec field set to 1000000. PowerUX systems create requests this
way but CX/UX systems do not, apparently because of a discrepancy in NFS
protocol versions with the CX/UX system having the older version of the two.
Modified Source:
usr/src/uts/machine/nfs/nfs_server.c
Object Modules:
lib_nfs nfs_server.o
Conditions for Installation: None.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-007
Project: HCX
Product: nfs
Date Issued: Fri Jun 28 14:01:15 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: NONE
Related Modification Numbers: NONE
Related SARs: HM11843
Problem Description:
NFS automount was not properly deallocating memory and grew in size
during operation.
Resolution Description:
Problem was due to a missing `free(fs)' at the end of procedure
free_filsys. Source code "usr/src/cmd/automount/auto_node.c" was
modified to fix the problem.
Modified Source:
usr/src/cmd/automount/auto_node.c
Object Modules:
usr/etc/automount
Conditions for Installation: NONE
Possible Side Effects: NONE
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: nfs6.2-008
Project: HCX
Product: nfs
Date Issued: Fri Aug 16 10:56:56 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-141
Related Modification Numbers: NONE
Related SARs: HM11453
Problem Description:
For some rpc problems, massive error messages can be dumped to the
system console before the problems got fixed, this will overwhelm
other useful messages.
Resolution Description:
A tunable variable "lock_rpc_error_quiet" is added to "space.c".
Now the rpc error messages to console can be turned on/off by changing
the value of "lock_rpc_error_quiet". The default value is to turn on
the message.
Modified Source:
usr/src/uts/machine/krpc/klm_lockmgr.c
Object Modules:
lib_krpc klm_lockmgr.o
Conditions for Installation:
Need to install patch cx6.2-141 first.
Possible Side Effects: NONE
return to index
================================================================================
Concurrent Computer Corporation Software Development
Software Patch Report
Patch Name: nfs6.2-009
Project: HCX
Product: nfs
Date Issued: Wed Nov 20 09:20:02 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: None
Related SARs: HM11919
Problem Description:
When SATAN was run against a CX/UX system, it would cause
all sorts of problems, including a possible panic. It was
determined that this was occurring when a short packet was
sent to a port being serviced via RPC.
Resolution Description:
The problem was in the code which processes incoming
RPC service requests (which includes NFS requests).
All incoming requests are delivered to this routine in the
form of mbufs.
It is possible for a request to span multiple mbufs (ie: an mbuf
chain where part of the request is in the first mbuf, continues
into the second mbuf, and so on).
As illustrated below, this routine was checking if the current
mbuf had at least 4*sizeof(u_long) (or 16) bytes, and, if it
didn't, it would call m_pullup().
The purpose of m_pullup() is to traverse an mbuf chain and
"pull up" at least n (in this case 16) bytes from the front
of the chain into a new mbuf (it will then recreate the rest
of the mbuf chain as hanging off of that one, and free the old
first mbuf).
Here is the problem that the original coder missed:
When m_pullup() doesn't find at least n bytes,
it will call m_freem(m) (and return an error code).
Here is the code:
----------------------------------------------------------
if ((m->m_len < 4*sizeof(u_long)) &&
(m_pullup(m,4*sizeof(u_long)) == 0)) {
rsstat.rsbadlen++;
goto bad;
}
...
bad:
m_freem(m);
...
----------------------------------------------------------
We are properly checking the error code, but then we
were jumping down to "bad". "bad" would then call
m_freem() on m (whose value never changed to this
calling routine).
The end result was that when we couldn't pull up at least
16 bytes in the incoming request, we would wind up calling
m_freem() on the same chain twice. The first time would put
the chain on the free list. The second time was attempting to
put the chain that's already on the free list on to the free
list.
The end result was that somehow multiple references
to the same mbuf could be acquired, and 'funky' stats
(such as "-574958294/220 mbufs in use") would be
reported.
The fix was as simple as adding one line (see below).
if ((m->m_len < 4*sizeof(u_long)) &&
(m_pullup(m,4*sizeof(u_long)) == 0)) {
rsstat.rsbadlen++;
Insert m=0; /*Don't free -- m_pullup() does that*/
goto bad;
}
...
bad:
m_freem(m);
...
By setting 'm' to NULL when m_pullup() fails, the second m_freem()
(in bad) will not try to (nor will it be able to) free it again.
Modified Source:
usr/src/uts/machine/rpc/svc_kudp.c
Object Modules:
lib_rpc svc_kudp.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Concurrent Computer Corporation
Software Patch Report
Patch Name: nfs6.2-010
Project: HCX
Product: nfs
Date Issued: Fri Nov 08 15:31:55 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: None
Problem Description:
Miscellaneous errors in man pages.
Resolution Description:
Fix and redistribute the man pages.
Modified Source: None
Object Modules:
usr/catman/a_man/man1/spray.1m.z
usr/catman/a_man/man1/yppoll.1m.z
usr/catman/a_man/man1/ypserv.1m.z
usr/catman/a_man/man1/ypwhich.1m.z
usr/catman/a_man/man1/ypxfr.1m.z
usr/catman/p_man/man3/intro.3r.z
usr/catman/p_man/man3/mount.3r.z
usr/catman/p_man/man3/rpc.3n.z
usr/catman/p_man/man3/xdr.3n.z
usr/catman/p_man/man4/nfs.4p.z
usr/catman/p_man/man4/statmon.4.z
usr/catman/u_man/man1/chkey.1.z
usr/catman/u_man/man1/rpcgen.1.z
usr/man/a_man/man1/spray.1m
usr/man/a_man/man1/yppoll.1m
usr/man/a_man/man1/ypserv.1m
usr/man/a_man/man1/ypwhich.1m
usr/man/a_man/man1/ypxfr.1m
usr/man/p_man/man3/intro.3r
usr/man/p_man/man3/mount.3r
usr/man/p_man/man3/rpc.3n
usr/man/p_man/man3/xdr.3n
usr/man/p_man/man4/nfs.4p
usr/man/p_man/man4/statmon.4
usr/man/u_man/man1/chkey.1
usr/man/u_man/man1/rpcgen.1
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Concurrent Computer Corp. Software Development
Software Patch Report
Patch Name: nfs6.2-011
Project: HCX
Product: nfs
Date Issued: Wed Sep 10 14:01:14 1997
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: None
Related SARs: HM11899
Problem Description:
1. HM11899
-------
File creation on an automounted partition did not inherit correct
group id.
Resolution Description:
1. HM11899
-------
Modified the automount command so that it set up the proper mount flags
to be propagated to the lower layers of nfs.
Modified Source:
usr/src/cmd/automount/auto_mount.c
Object Modules:
usr/etc/automount
Conditions for Installation:
Possible Side Effects: None
return to index
================================================================================
Concurrent Computer Corporation Software Development
Software Patch Report
Patch Name: nfs6.2-012
Project: HCX
Product: nfs
Date Issued: Tue Sep 22 15:48:36 1998
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: NONE
Related Modification Numbers: NONE
Related SARs: HM12222, HM12348
Problem Description:
(1) When using the automounter with a large map the automounter dies
and causes user shells in auto-mounted directories to freeze. The
problem has been traced to a pointer not getting reset in a loop
and eventually overwriting the stack for the process.
(2) Init process may hang doing an nfs sync. As a result, the operations
that init does such as spawning new terminal processes or removal of
orphaned zombie processes is not done.
Resolution Description:
(1) Added code to reset pointer in the loop.
(2) The hang was caused by a previous nfs operation. If the file was
truncated during the operation, it could leave pages locked forever.
Fix is to always release page locks even if a file is truncated.
Modified Source:
usr/src/cmd/automount/auto_look.c
usr/src/uts/machine/nfs/nfs_vnodeops.c
Object Modules:
usr/etc/automount
lib_nfs nfs_vnodeops.o
Conditions for Installation: NONE
Possible Side Effects: NONE
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: pg6.2-001
Project: HCX
Product: pg
Date Issued: Fri Aug 26 14:44:23 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-091, ise6.2-001, eg6.2-001
Related Modification Numbers: None
Related SARs: None
Problem Description:
Unbundling of the ethernet product requires this patch to the pg
product to provide the appropriate version of the system header file.
Resolution Description:
This patch provides the appropriate version of the pg system header
file.
Modified Source: None
Object Modules:
usr/src/uts/machine/hcxif/if_pg.h
Conditions for Installation:
Install on CX/UX 6.2 only.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: pg6.2-002
Project: HCX
Product: pg
Date Issued: Tue Dec 27 12:57:38 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None.
Related Patches: cx6.2-107, ise6.2-003, eg6.2-003
Problem Description:
Need a way to monitor network traffic at the packet level, in order to
diagnose and correct networking problems.
Resolution Description:
Add support for the REIOGETSNOOP ioctl to the raw ethernet interface.
Modified Source:
usr/src/uts/machine/if_pg.c
Object Modules:
lib_pg if_pg.o
Conditions for Installation:
None.
Possible Side Effects:
None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: pg6.2-003
Project: HCX
Product: pg
Date Issued: Thu Jan 11 17:56:55 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
The mkassure(1MS) assurance tape utility does not know how to add
the FDDI device driver product libraries to the assurance tape it
creates.
Resolution Description:
Add a Trusted Computing Base (TCB) TCB.pg file under the
/mls/assure/TCB directory which lists those files to be
added to the assurance tape by mkassure(1MS).
Modified Source:
usr/src/cmd/assure/TCB/TCB.pg
Object Modules:
mls/assure/TCB/TCB.pg
Conditions for Installation:
Patch may be installed on either a NH4000 or NH5000 system running
6.2-based CX/UX which has the Interphase Peregrine FDDI device driver
product installed.
Possible Side Effects: None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: pg6.2-004
Project: HCX
Product: pg
Date Issued: Thu Oct 3 11:12:38 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem:
TBD
Related Patches:
None
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
The Interphase 5211 controller would fail to reset at system boot time.
The driver would check hardware status before it was valid.
Resolution Description:
Modified the 5211 driver pg_reset() routine to allow more time for the
hardware to reset itself.
Modified Source:
usr/src/uts/machine/hcxif/if_pg.c
Object Modules:
lib_pg if_pg.o
Conditions for Installation:
None.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: snmp_agent6.2-001
Project: HCX
Product: snmp_agent
Date Issued: Thu Dec 21 13:45:03 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-129 and tcp_ip6.2-027
Related Modification Numbers: None.
Related SARs: None.
Problem Description:
Modifications to the tcpcb structure in the tcp_ip6.2-027 patch have
resulted in a change in that structure's size. This size change
affects the operation of the SNMP agent which relies on specific
knowledge of that structure's size.
Resolution Description:
Resolution to the size change in the tcpcb structure simply requires
that the SNMP agent daemon be rebuilt to incorporate the resized
structure. Additionally naming support for the Condor 4221 Multiport
Ethernet controller and the HCSC Private Virtual Network devices
have been added in support of the ifDescr MIB variable.
Modified Source:
usr/src/snmp/agent/snmpd/snmpd.c
Object Modules:
usr/etc/snmp/snmpd
Conditions for Installation:
Patch can be installed on either NH4000 or NH5000 architectures.
System must have the CX/UX, TCP/IP, SNMP agent, and HCSC-supported
Ethernet driver products installed with latest patch sets upto and
including patches cx6.2-129 and tcp_ip6.2-027.
Possible Side Effects: None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: snmp_agent6.2-001
Project: HCX
Product: snmp_agent
Date Issued: Thu Dec 21 13:45:03 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-129 and tcp_ip6.2-027
Related Modification Numbers: None.
Related SARs: None.
Problem Description:
Modifications to the tcpcb structure in the tcp_ip6.2-027 patch have
resulted in a change in that structure's size. This size change
affects the operation of the SNMP agent which relies on specific
knowledge of that structure's size.
Resolution Description:
Resolution to the size change in the tcpcb structure simply requires
that the SNMP agent daemon be rebuilt to incorporate the resized
structure. Additionally naming support for the Condor 4221 Multiport
Ethernet controller and the HCSC Private Virtual Network devices
have been added in support of the ifDescr MIB variable.
Modified Source:
usr/src/snmp/agent/snmpd/snmpd.c
Object Modules:
usr/etc/snmp/snmpd
Conditions for Installation:
Patch can be installed on either NH4000 or NH5000 architectures.
System must have the CX/UX, TCP/IP, SNMP agent, and HCSC-supported
Ethernet driver products installed with latest patch sets upto and
including patches cx6.2-129 and tcp_ip6.2-027.
Possible Side Effects: None.
return to index
================================================================================
Concurrent Computer Corporation
Software Patch Report
Patch Name: snmp_agent6.2-002
Project: HCX
Product: snmp_agent
Date Issued: Thu Sep 26 15:11:11 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: N/A
Patch Description:
Update trapsend, the SNMP user library (libsnmpuser.a), and the
config files to better integrate with the firewall 2.2.2 system.
Modified Source:
usr/src/snmp/agent/Makefile
usr/src/snmp/agent/lib/snmp-mib.h
usr/src/snmp/agent/mibcomp/Makefile
usr/src/snmp/agent/mibcomp/cybg.my
usr/src/snmp/agent/mibcomp/general.h
usr/src/snmp/agent/mibcomp/version.sh
usr/src/snmp/agent/mibcomp/yacc.y
usr/src/snmp/agent/snmpd/snmpd.c
usr/src/snmp/agent/snmpd/snmpd.communities
usr/src/snmp/agent/snmpd/snmpd.config
usr/src/snmp/agent/snmpd/snmpd.h
usr/src/snmp/agent/trap/trapsend.c
Object Modules:
usr/bin/trapsend
usr/catman/a_man/man1/snmpd.1m.z
usr/catman/p_man/man3/make_dot_from_obj_id.3x.z
usr/catman/p_man/man3/make_obj_id_from_hex.3x.z
usr/catman/p_man/man3/make_pdu.3x.z
usr/catman/p_man/man3/parse_authentication.3x.z
usr/etc/snmp/cybg.my
usr/etc/snmp/snmpd
usr/etc/snmp/snmpd.communities
usr/etc/snmp/snmpd.config
usr/etc/snmp/snmpd.trap_communities
usr/include/snmp/snmp.h
usr/lib/libsnmpuser.a
usr/man/a_man/man1/snmpd.1m
usr/man/p_man/man3/make_dot_from_obj_id.3x
usr/man/p_man/man3/make_obj_id_from_hex.3x
usr/man/p_man/man3/make_pdu.3x
usr/man/p_man/man3/parse_authentication.3x
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Concurrent Computer Corporation
Software Patch Report
Patch Name: snmp_agent6.2-002
Project: HCX
Product: snmp_agent
Date Issued: Thu Sep 26 15:11:11 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: N/A
Patch Description:
Update trapsend, the SNMP user library (libsnmpuser.a), and the
config files to better integrate with the firewall 2.2.2 system.
Modified Source:
usr/src/snmp/agent/Makefile
usr/src/snmp/agent/lib/snmp-mib.h
usr/src/snmp/agent/mibcomp/Makefile
usr/src/snmp/agent/mibcomp/cybg.my
usr/src/snmp/agent/mibcomp/general.h
usr/src/snmp/agent/mibcomp/version.sh
usr/src/snmp/agent/mibcomp/yacc.y
usr/src/snmp/agent/snmpd/snmpd.c
usr/src/snmp/agent/snmpd/snmpd.communities
usr/src/snmp/agent/snmpd/snmpd.config
usr/src/snmp/agent/snmpd/snmpd.h
usr/src/snmp/agent/trap/trapsend.c
Object Modules:
usr/bin/trapsend
usr/catman/a_man/man1/snmpd.1m.z
usr/catman/p_man/man3/make_dot_from_obj_id.3x.z
usr/catman/p_man/man3/make_obj_id_from_hex.3x.z
usr/catman/p_man/man3/make_pdu.3x.z
usr/catman/p_man/man3/parse_authentication.3x.z
usr/etc/snmp/cybg.my
usr/etc/snmp/snmpd
usr/etc/snmp/snmpd.communities
usr/etc/snmp/snmpd.config
usr/etc/snmp/snmpd.trap_communities
usr/include/snmp/snmp.h
usr/lib/libsnmpuser.a
usr/man/a_man/man1/snmpd.1m
usr/man/p_man/man3/make_dot_from_obj_id.3x
usr/man/p_man/man3/make_obj_id_from_hex.3x
usr/man/p_man/man3/make_pdu.3x
usr/man/p_man/man3/parse_authentication.3x
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-001
Project: HCX
Product: tcp_ip
Date Issued: Wed Nov 4 15:27:08 1992
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-003 ethernet6.2-001
Related Modification Numbers: none
Related SARs: none
Problem Description:
Users require a higher performance interface to send and receive
raw IP packets.
Resolution Description:
Develop user level library routines and direct I/O for Ethernet
transmission to improve performance when transmitting and
receiving raw IP packets. The library /usr/lib/libip.a is
provided to have a streamlined interface when sending and
receiving raw IP packets.
Modified Source:
usr/src/lib/libip/cksum.s
usr/src/lib/libip/ip_lib.c
usr/src/lib/libip/libip.mk
usr/src/lib/libip/ping.c
Object Modules:
usr/lib/libip.a
usr/catman/p_man/man3/ip_close.3n.z
usr/catman/p_man/man3/ip_get_buffer.3n.z
usr/catman/p_man/man3/ip_init_buffers.3n.z
usr/catman/p_man/man3/ip_lib.3n.z
usr/catman/p_man/man3/ip_open.3n.z
usr/catman/p_man/man3/ip_receive.3n.z
usr/catman/p_man/man3/ip_send.3n.z
usr/man/p_man/man3/ip_lib.3n
Conditions for Installation: none
Possible Side Effects: Use of the ip_lib(3n) library IP_RAW_IO mode for
reading may not operate properly when connected to networks having
other network traffic.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-002
Project: HCX
Product: tcp_ip
Date Issued: Mon Dec 21 10:33:26 1992
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-007
Related Modification Numbers: none
Related SARs: none
Problem Description:
Add support for Serial Line Interface Protocol (SLIP) to be used as
a network interface.
Resolution Description:
Add support for Serial Line Interface Protocol (SLIP) to be used as
a network interface. The tty device to be used by the SLIP network
interface must be on a HPS serial communications controller.
The TCP/IP daemon /usr/etc/tcpipd and the softclock interrupt daemon
/usr/etc/softclockd must be started prior to initiating connections
over the SLIP network interface.
In order to configure SLIP interfaces on a system the following
parameter must be added to the configuration file
options NSL=2
Where '2' is the number of SLIP interfaces to be configured.
Modified Source:
usr/src/cmd/netstat/main.c
usr/src/cmd/netstat/mbuf.c
usr/src/cmd/slattach.c
usr/src/uts/machine/netinet/tcp_subr.c
Object Modules:
usr/ucb/netstat
usr/etc/slattach
usr/catman/a_man/man1/slattach.1m.z
usr/man/a_man/man1/slattach.1m
lib_netinet tcp_subr.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-003
Project: HCX
Product: tcp_ip
Date Issued: Tue Jan 5 11:11:00 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.0
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
1. Can not send or receive files with ftpd on CX/SX systems.
2. When performing a remote exec command using rexecd, the remote
user's access vectors are not initialized.
Resolution Description:
1. Modify ftpd to perform the data connection while still running as
root.
2. Initialize the remote user's access vector when performing a
remote exec command using the rexec/rexecd protocol.
Modified Source:
usr/src/cmd/ftp/ftpd.c
usr/src/cmd/rexecd.c
usr/src/uts/machine/netinet/if_ether.c
usr/src/uts/machine/netinet/ip_input.c
Object Modules:
usr/etc/ftpd
usr/etc/rexecd
lib_netinet if_ether.o
lib_netinet ip_input.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-004
Project: HCX
Product: tcp_ip
Date Issued: Thu Jan 28 10:25:11 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.0
Related Patches: cx6.2-013
Related Modification Numbers: none
Related SARs: none
Problem Description:
1. Enhance IP library routines to support broadcasting and multiple
protocol support.
2. Retrieving incoming source routes via IP options may crash the
system with a misaligned data exception.
Resolution Description:
1. Enhance IP library routines to support broadcasting and multiple
protocol support.
2. Modify the ip_srcroute() routine to copy source route by bytes
instead of by word (source routes may not be on a word boundry).
Modified Source:
usr/src/lib/libip/ip_lib.c
usr/src/lib/libip/ping.c
usr/src/uts/machine/netinet/ip_input.c
Object Modules:
usr/lib/libip.a
usr/catman/p_man/man3/ip_close.3n.z
usr/catman/p_man/man3/ip_get_buffer.3n.z
usr/catman/p_man/man3/ip_getopt.3n.z
usr/catman/p_man/man3/ip_init_buffers.3n.z
usr/catman/p_man/man3/ip_open.3n.z
usr/catman/p_man/man3/ip_receive.3n.z
usr/catman/p_man/man3/ip_send.3n.z
usr/catman/p_man/man3/ip_sendto.3n.z
usr/catman/p_man/man3/ip_setopt.3n.z
usr/catman/p_man/man3/libip.3n.z
usr/man/p_man/man3/libip.3n
lib_netinet ip_input.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-005
Project: HCX
Product: tcp_ip
Date Issued: Tue Feb 2 13:03:13 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.0
Related Patches:
int_network6.2-001,cx6.2-015
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
1) The telnet daemon (telnetd) would not always connect properly over
an Intelligent Network connection.
2) The rwho daemon (rwhod) did not communicate over an Intelligent
Networking controller.
3) The route daemon (routed) could not update the routing tables
on an Intelligent Networking controller.
4) The netstat command could not output the routing tables stored
on an Intelligent Networking controller.
Resolution Description:
1) Reorder certain system calls in the telnet daemon.
2) Add support for the Intelligent Networking controller in rwhod.
3) Add support for the Intelligent Networking controller in the
route daemon (routed).
4) Correct routing table display in netstat.
Modified Source:
usr/src/cmd/netstat/inet.c
usr/src/cmd/netstat/intnet.c
usr/src/cmd/routed/main.c
usr/src/cmd/routed/routed.mk
usr/src/cmd/routed/startup.c
usr/src/cmd/routed/tables.c
usr/src/cmd/rwhod.c
usr/src/cmd/telnetd.c
Object Modules:
usr/etc/routed
usr/etc/rwhod
usr/etc/telnetd
usr/ucb/netstat
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-006
Project: HCX
Product: tcp_ip
Date Issued: Tue Mar 9 15:49:10 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
NH5800 systems require an up-to-date patch for tcp_ip products.
Resolution Description:
Create patch with all tcp_ip patches for NH5800.
Modified Source:
Object Modules:
usr/lib/libip.a
usr/catman/a_man/man1/slattach.1m.z
usr/catman/p_man/man3/ip_close.3n.z
usr/catman/p_man/man3/ip_get_buffer.3n.z
usr/catman/p_man/man3/ip_getopt.3n.z
usr/catman/p_man/man3/ip_init_buffers.3n.z
usr/catman/p_man/man3/ip_open.3n.z
usr/catman/p_man/man3/ip_receive.3n.z
usr/catman/p_man/man3/ip_send.3n.z
usr/catman/p_man/man3/ip_sendto.3n.z
usr/catman/p_man/man3/ip_setopt.3n.z
usr/catman/p_man/man3/libip.3n.z
usr/man/a_man/man1/slattach.1m
usr/man/p_man/man3/libip.3n
usr/etc/arp
usr/etc/ftpd
usr/etc/rexecd
usr/etc/routed
usr/etc/rwhod
usr/etc/slattach
usr/etc/telnetd
usr/sbin/ifconfig
usr/ucb/netstat
lib_netinet if_ether.o
lib_netinet ip_input.o
lib_netinet tcp_subr.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-007
Project: HCX
Product: tcp_ip
Date Issued: Tue May 18 07:46:59 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: none
Related Modification Numbers: none
Related SARs: HM10804
Problem Description:
Infrequently, when using FTP to transfer a file, a single byte in
the last record of the file may not be transferred.
Resolution Description:
The TCP protocol code under certain unique circumstances does not
properly calculate the send next value when retransmitting a FIN
indication.
Modified Source:
usr/src/uts/machine/netinet/tcp_output.c
Object Modules:
lib_netinet tcp_output.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-008
Project: HCX
Product: tcp_ip
Date Issued: Fri Jun 18 17:26:22 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None
Related Patches: cx6.2-038, cx_sx6.2-002, cx_326.2-001, cx_646.2-001,
cx_NOLIM6.2-001, lan_sx6.2-002
Related Modification Numbers: None
Related SARs: None
Problem Description:
1. Patch cx6.2-038 modifies the initvector function and allows for
very long label names. Commands that use these functions must
be relinked.
2. The assurance system requires that Series 5000 kernel libraries
be listed in the TCB files.
3. The rlogin and telnet daemons do not cause all processes still
holding on to a pty to terminate. This violates CX/SX security
policies.
4. The telnet daemon fails to pass a TZ environment variable to
the login session, causing it to revert to GMT.
Resolution Description:
1. Relink the necessary commands.
2. Modify the TCB.net file to reflect the current filesystem
organization.
3. The telnet and rlogin daemons now kill all processes attached
to the tty and pty before exiting.
4. The telnet daemon now passes a copy of its TZ environment variable
to the login session.
Modified Source:
usr/src/cmd/assure/TCB/TCB.net
usr/src/cmd/rlogind.c
usr/src/cmd/telnetd.c
Object Modules:
mls/assure/TCB/TCB.net
usr/etc/ftpd
usr/etc/rexecd
usr/etc/rlogind
usr/etc/rshd
usr/etc/telnetd
Conditions for Installation:
The related patches that apply to the installation must
be installed with this patch.
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-009
Project: HCX
Product: tcp_ip
Date Issued: Tue Jul 20 15:31:36 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
On a busy system, inetd may reject connect requests.
Resolution Description:
Add an option to inetd for the maximum number of connection
requests allowed for each service in a one minute time period.
Modified Source:
usr/src/cmd/inetd.c
Object Modules:
etc/inetd
usr/catman/a_man/man1/inetd.1m.z
usr/man/a_man/man1/inetd.1m
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-010
Project: HCX
Product: tcp_ip
Date Issued: Fri Oct 22 14:26:01 1993
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: none
Related Modification Numbers: none
Related SARs: HM10977
Problem Description: The Series 4000 and 5000 try to match their
TCP/IP buffer sizes with the remote machine's sizes as given in
the remote machine's connection establishment handshake. If the
remote sends a size of zero, the Series 4000 and 5000 will set their
size to zero also. This keeps the remote machine from sending any
data to the Series 4000 and 5000.
Resolution Description: This patch checks for a size of zero
and will not let the buffer size be set to zero, but will
default to 32K.
Modified Source: usr/src/uts/machine/netinet/tcp_input.c
Object Modules:
lib_netinet tcp_input.o
Conditions for Installation: none
Possible Side Effects: none
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-011
Project: HCX
Product: tcp_ip
Date Issued: Wed Jan 26 13:27:47 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-074
Related Modification Numbers: None
Related SARs: HM10901
Problem Description:
The ARP table needs to be increased on the system.
Resolution Description:
Enhanced the kernel to allow the ARP table to be configurable.
Modified Source:
usr/src/uts/machine/netinet/if_ether.c
Object Modules:
lib_netinet if_ether.o
Conditions for Installation:
Patch cx6.2-074 must also be installed.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-012
Project: HCX
Product: tcp_ip
Date Issued: Thu Apr 14 15:00:05 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: ksh6.2-001, cx6.2-082, cx_sx6.2-005
Related Modification Numbers: None
Related SARs: None
Problem Description:
This is one of several patches carried over from the CX/SX 6.1
B1 product.
1. ftp and inetd do no auditing.
2. inetd from patch tcp_ip6.1-011 attempted to open the audit
device on CX/UX systems.
Resolution Description:
1. ftp, ftpd and inetd have been enhanced to perform auditing.
2. inetd no longer attempts to open the audit device on non-SX
systems.
Modified Source:
usr/src/cmd/ftp/ftp.mk
usr/src/cmd/ftp/ftpcmd.y
usr/src/cmd/ftp/ftpd.c
usr/src/cmd/ftp/audit.c
usr/src/cmd/inetd/audit.c
usr/src/cmd/inetd/inetd.c
usr/src/cmd/inetd/inetd.mk
Object Modules:
usr/etc/ftpd
usr/etc/inetd
Conditions for Installation:
The system on which this patch is installed must be a Series 4000
or 5000 system with CX/SX 6.2.
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-013
Project: HCX
Product: tcp_ip
Date Issued: Wed May 25 10:06:37 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-085
Related Modification Numbers: none
Related SARs: none
Problem Description:
Occasionally there is a panic due to a locking problem in the
network routing code.
Resolution Description:
This patch fixes a locking problem in the network routing code that
can cause system panics.
Modified Source: none
Object Modules:
lib_netinet: in_pcb.o
lib_netinet: ip_input.o
lib_netinet: ip_output.o
Conditions for Installation:
Must be installed with cx6.2-085.
Possible Side Effects: none
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-014
Project: HCX
Product: tcp_ip
Date Issued: Wed Aug 10 14:42:57 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-092, cx_sx6.2-006,
lan_sx6.2-004, cx_86.2-001, cx_166.2-001, cx_326.2-002,
cx_646.2-002, cx_1286.2-001, cx_2566.2-001, cx_NOLIM6.2-003.
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
Need support for CIPSO tag types 128 (information labels),
129 (privilege vector), and 130 (user id).
Resolution Description:
Install CIPSO tag types 128, 129, and 130.
Rebuild ftpd because of socket mls_netattr size change.
Modified Source:
None
Object Modules:
usr/etc/ftpd
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-015
Project: HCX
Product: tcp_ip
Date Issued: Fri Jun 17 13:25:20 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-093
Related Modification Numbers: None.
Related SARs: HM11292
Problem Description:
Occasionally a socket will not be removed following a data transfer.
Resolution Description:
This patch sets a timer on the FIN_WAIT_2 condition to ensure that all
sockets will be removed.
Modified Source:
usr/src/uts/machine/netinet/tcp_input.c
usr/src/uts/machine/netinet/tcp_timer.c
Object Modules:
lib_netinet: tcp_input.o
lib_netinet: tcp_timer.o
Conditions for Installation: None.
Possible Side Effects: None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-016
Project: HCX
Product: tcp_ip
Date Issued: Thu Sep 22 13:50:09 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: 7.1
Related Patches: cx6.2-099, cx_sx6.2-008, lan_sx6.2-006, nfs6.2-002
Related Modification Numbers: None
Related SARs: None
Problem Description:
1. Network mbufs are not being correctly freed and cause a small
memory leak.
2. Inetd does not do auditing correctly.
3. Several mls library changes were made in patch cx6.1-061.
Consequently, the commands which use the mls library need
to be re-compiled with the new library. This patch contains
the new executables for the commands in the tcp_ip product
that use the mls library.
4. ICMP redirect packets are being improperly handled.
Resolution Description:
1. The mbufs are now freed in the correct place in the kernel.
2. A minor fix has been made to inetd for the auditing problem.
3. No source level changes have been made to any of these commands.
They are simply re-compilations.
4. Ensure the kernel route redirect routine, rtredirect(), is passed
properly initialized parameters from the ICMP input routine,
icmp_input().
Modified Source:
usr/src/cmd/inetd/inetd.c
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/ip_icmp.c
Object Modules:
usr/etc/inetd
usr/etc/rlogind
usr/etc/telnetd
lib_netinet ip_icmp.o
lib_netinet tcp_subr.o
lib_netinet tcp_debug.o
lib_netinet ip_input.o
lib_netinet raw_ip.o
lib_netinet udp_usrreq.o
lib_netinet tcp_output.o
lib_netinet tcp_timer.o
lib_netinet ip_output.o
lib_netinet tcp_input.o
lib_netinet in.o
lib_netinet in_pcb.o
lib_netinet tcp_usrreq.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-017
Project: HCX
Product: tcp_ip
Date Issued: Fri Dec 9 11:05:36 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches:
cx6.2-104
cx_sx6.2-010
rje6.2-001
cx_1286.2-002
cx_166.2-002
cx_2566.2-002
cx_326.2-003
cx_646.2-003
cx_86.2-002
cx_NOLIM6.2-004
Related Modification Numbers: None
Related SARs: None
Problem Description:
Modifications to allow up to 4096 members in each group
Resolution Description:
Change the size of the buffer in getgrent()
Modified Source: None.
Object Modules:
usr/etc/ftpd
usr/etc/named
Conditions for Installation: None.
Possible Side Effects: None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-018
Project: HCX
Product: tcp_ip
Date Issued: Sat Nov 19 12:17:03 1994
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None
Related Patches: cx6.2-105, cx_sx6.2-011, lan_sx6.2-008, cx_rt_develop6.2-005
Problem Description:
1) Cyberguard product requires packet filtering code in the kernel.
2) Inetd did not properly initialize access vectors.
3) TCP and UDP should have a longer TTL (time to live) value.
Resolution Description:
1) Provide packet filtering in the kernel.
2) Correct use of access vectors in inetd.
3) Increase TCP_TTL and UDP_TTL.
Modified Source:
usr/src/cmd/inetd.c
usr/src/uts/machine/netinet/if_ether.h
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/ip_output.c
usr/src/uts/machine/netinet/ip_var.h
usr/src/uts/machine/netinet/tcp_timer.h
usr/src/uts/machine/netinet/udp_var.h
usr/src/uts/machine/netinet/tcp_output.c
usr/src/uts/machine/netinet/tcp_subr.c
usr/src/uts/machine/netinet/udp_usrreq.c
usr/src/uts/machine/netinet/ip_icmp.c
usr/src/uts/machine/netinet/in_pcb.c
Object Modules:
usr/etc/inetd
lib_netinet ip_input.o
lib_netinet ip_output.o
lib_netinet tcp_output.o
lib_netinet tcp_subr.o
lib_netinet udp_usrreq.o
lib_netinet ip_icmp.o
lib_netinet in_pcb.o
Conditions for Installation:
None.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-019
Project: HCX
Product: tcp_ip
Date Issued: Tue Jan 31 10:28:35 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None
Related Patches: cx6.2-112 cx_rt_develop6.2-006
Problem Description: Locks were held during calls to the CX/SX audit code.
This could hang CX/SX systems.
Resolution Description: Unlock all locks prior to calling audit routines.
Modified Source:
usr/src/uts/machine/netinet/if_ether.c
Object Modules:
lib_netinet if_ether.o
Conditions for Installation:
This patch applies to CX/SX and Cyberguard machines. It is unnecessary
(but harmless) to install it on CX/UX or CX/RT systems.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-020
Project: HCX
Product: tcp_ip
Date Issued: Fri Feb 3 15:54:47 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: eg6.2-004
Related Modification Numbers:
None
Related SARs:
None
Problem Description:
If a packet longer than 1500 bytes is sent to the ip layer, and the
ip layer breaks it into smaller packets, it is possible that a zero
size transmit buffer will be generated. If certain Ethernet drivers
attempt to send this zero-size buffer, the controller may hang.
Resolution Description:
After breaking up a message, check for trailing zero-length m-bufs
and delete them.
Modified Source:
usr/src/uts/machine/netinet/ip_output.c
Object Modules:
lib_netinet ip_output.o
Conditions for Installation:
None
Possible Side Effects:
None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-021
Project: HCX
Product: tcp_ip
Date Issued: Mon Feb 20 15:33:01 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: n/a
Related Patches: lan_sx6.2-009, cx_sx6.2-012, cx6.2-115
Problem Description: support for cyberguard
Resolution Description:
ifconfig has been updated to support the new cyberguard
product, and man pages have been updated. Entry points
have been added to networking code to support the cyberguard
product. TCP/IP sequence numbering has been modified so
it is more random, and therefore much more difficult to
take over existing connections.
(This was done for a recent CERT advisory).
Modified Source:
usr/src/cmd/ifconfig/ifconfig.c
usr/src/uts/machine/netinet/in_proto.c
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/ip_output.c
usr/src/uts/machine/netinet/tcp_input.c
usr/src/uts/machine/netinet/tcp_timer.c
Object Modules:
usr/sbin/ifconfig
usr/catman/a_man/man1/ifconfig.1m.z
usr/man/a_man/man1/ifconfig.1m
lib_netinet in_proto.o
lib_netinet ip_input.o
lib_netinet ip_output.o
lib_netinet tcp_input.o
lib_netinet tcp_timer.o
Conditions for Installation: n/a
Possible Side Effects: n/a
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-022
Project: HCX
Product: tcp_ip
Date Issued: Wed Apr 5 11:36:36 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: None
Related Patches: None
Related SARs: HM11479
Problem Description: Patch tcp_ip6.2-019 introduced a problem in the ARP
code on CX/RT systems.
Resolution Description: Add missing svlock() to RT code.
Modified Source:
usr/src/uts/machine/netinet/if_ether.c
Object Modules:
lib_netinet if_ether.o
Conditions for Installation:
This patch only applies to CX/RT systems. Patch tcp_ip6.2-019 should be
installed first, followed by this patch.
Possible Side Effects:
None.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-023
Project: HCX
Product: tcp_ip
Date Issued: Fri Sep 1 13:38:59 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches:
None.
Related Modification Numbers:
None.
Related SARs:
HM11475, HM11480
Problem Description:
Patch tcp_ip6.2-015 introduced a bug that causes some remote shell
commands to hang up. The command(s) will execute on the remote machine,
produce the desired output/results, but the connection between the two machines
will not close. Control C will not always terminate the command but Control D
usually will. Examples of commands that will hang up are (sleep 1) and (ls -l)
on a large directory. Certain shell scripts will also hang up.
Resolution Description:
In patch tcp_ip6.2-015, code was added to the source file tcp_input.c
in the FIN_WAIT_1/FIN_WAIT_2 state acknowledgement processing to fix a problem
with NISSIN token ring boards. In the case of the FIN_WAIT_1 state, the
existing code was changed to only execute if such a board is in the system when,
in fact, the code should execute whether or not such a board is installed. To
correct the problem, the check for NISSIN boards was removed from FIN_WAIT_1
acknowledgement processing to allow the socket/connection to properly shut down.
Modified Source:
usr/src/uts/machine/netinet/tcp_input.c
Object Modules:
lib_netinet tcp_input.o
Conditions for Installation:
Install this patch if patch tcp_ip6.2-015 has been installed.
Possible Side Effects:
None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-024
Project: HCX
Product: tcp_ip
Date Issued: Wed Oct 4 18:03:16 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: n/a
Related Patches: cx6.2-125, cx_sx6.2-014, lan_sx6.2-010, cnd6.2-001
Related Modification Numbers: n/a
Related SARs: n/a
Problem Description:
Changes, Additions and Enhancements required for the support of
CyberGuard 2.0 product.
Resolution Description:
Resolution includes updating of scripts, header files and kernel
changes.
Modified Source:
usr/src/cmd/etc/inetd.conf
usr/src/cmd/etc/services
usr/src/cmd/ifconfig/ifconfig.c
usr/src/cmd/netstat/inet.c
usr/src/cmd/netstat/main.c
usr/src/cmd/netstat/mbuf.c
usr/src/cmd/netstat/netstat.mk
usr/src/cmd/netstat/pvn.c
usr/src/uts/machine/netinet/in.h
usr/src/uts/machine/netinet/in_pcb.c
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/ip_output.c
usr/src/uts/machine/netinet/tcp_usrreq.c
usr/src/uts/machine/netinet/udp_usrreq.c
Object Modules:
etc/inetd.conf.tcp_ip6.2-024
etc/services
usr/sbin/ifconfig
usr/src/uts/machine/M88K-RT/lib_netinet
usr/src/uts/machine/M88K/lib_netinet
usr/src/uts/machine/NH5000-RT/lib_netinet
usr/src/uts/machine/NH5000/lib_netinet
usr/ucb/netstat
Conditions for Installation:
A Series 4000 or Series 5000 NightHawk running CX/UX 6.2 release.
Patch cx6.2-125
Possible Side Effects:
/etc/inetd.conf has been changed to support proxies which are part of
firewall product.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-025
Project: HCX
Product: tcp_ip
Date Issued: Wed Oct 25 13:26:52 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description: The command nslookup and the daemon named are old.
They are based on the 4.8 version of bind which has bugs.
Resolution Description: The new code is the 4.9.3-beta version of bind
which corrects many of the bugs in the older version and has
additional enhancements. In addition the latest DNS rfcs are added.
Modified Source:
usr/man/a_man/man1/named-xfer.1m
usr/man/a_man/man1/named.1m
usr/man/u_man/man1/nslookup.1c
usr/src/cmd/named/conf/options.h
usr/src/cmd/named/conf/portability.h
usr/src/cmd/named/include/arpa/inet.h
usr/src/cmd/named/include/arpa/nameser.h
usr/src/cmd/named/include/netdb.h
usr/src/cmd/named/include/resolv.h
usr/src/cmd/named/include/sys/bitypes.h
usr/src/cmd/named/include/sys/cdefs.h
usr/src/cmd/named/include/sys/ioctl.h
usr/src/cmd/named/resolve/gethnamaddr.c
usr/src/cmd/named/resolve/getnetbyaddr.c
usr/src/cmd/named/resolve/getnetbyname.c
usr/src/cmd/named/resolve/getnetent.c
usr/src/cmd/named/resolve/getnetnamadr.c
usr/src/cmd/named/resolve/herror.c
usr/src/cmd/named/resolve/inet_addr.c
usr/src/cmd/named/resolve/libresolv.mk
usr/src/cmd/named/resolve/nsap_addr.c
usr/src/cmd/named/resolve/res_comp.c
usr/src/cmd/named/resolve/res_debug.c
usr/src/cmd/named/resolve/res_init.c
usr/src/cmd/named/resolve/res_mkquery.c
usr/src/cmd/named/resolve/res_query.c
usr/src/cmd/named/resolve/res_send.c
usr/src/cmd/named/resolve/sethostent.c
usr/src/cmd/named/db_defs.h
usr/src/cmd/named/db_func.h
usr/src/cmd/named/db_glob.h
usr/src/cmd/named/db_glue.c
usr/src/cmd/named/db_secure.c
usr/src/cmd/named/dmalloc.c
usr/src/cmd/named/dmalloc.h
usr/src/cmd/named/named-xfer.c
usr/src/cmd/named/named.h
usr/src/cmd/named/named.reload.sh
usr/src/cmd/named/named.restart.sh
usr/src/cmd/named/ns_defs.h
usr/src/cmd/named/ns_func.h
usr/src/cmd/named/ns_glob.h
usr/src/cmd/named/ns_ncache.c
usr/src/cmd/named/ns_validate.c
usr/src/cmd/named/pathnames.h
usr/src/cmd/named/storage.c
usr/src/cmd/named/tree.c
usr/src/cmd/named/tree.h
usr/src/cmd/names/Version.c
usr/src/cmd/named/db.h
usr/src/cmd/named/db_dump.c
usr/src/cmd/named/db_load.c
usr/src/cmd/named/db_lookup.c
usr/src/cmd/named/db_reload.c
usr/src/cmd/named/db_save.c
usr/src/cmd/named/db_update.c
usr/src/cmd/named/named.mk
usr/src/cmd/named/ns.h
usr/src/cmd/named/ns_forw.c
usr/src/cmd/named/ns_init.c
usr/src/cmd/named/ns_main.c
usr/src/cmd/named/ns_maint.c
usr/src/cmd/named/ns_req.c
usr/src/cmd/named/ns_resp.c
usr/src/cmd/named/ns_sort.c
usr/src/cmd/named/ns_stats.c
usr/src/cmd/nslookup/commands.l
usr/src/cmd/nslookup/debug.c
usr/src/cmd/nslookup/getinfo.c
usr/src/cmd/nslookup/list.c
usr/src/cmd/nslookup/main.c
usr/src/cmd/nslookup/nslookup.help
usr/src/cmd/nslookup/nslookup.mk
usr/src/cmd/nslookup/pathnames.h
usr/src/cmd/nslookup/res.h
usr/src/cmd/nslookup/send.c
usr/src/cmd/nslookup/skip.c
usr/src/cmd/nslookup/subr.c
Object Modules:
usr/etc/named
usr/etc/named-xfer
usr/sbin/nslookup
usr/catman/a_man/man1/named-xfer.1m.z
usr/catman/a_man/man1/named.1m.z
usr/catman/u_man/man1/nslookup.1c.z
usr/man/a_man/man1/named-xfer.1m
usr/man/a_man/man1/named.1m
usr/man/u_man/man1/nslookup.1c
usr/doc/rfc1032.lpr
usr/doc/rfc1033.lpr
usr/doc/rfc1034.lpr
usr/doc/rfc1035.lpr
usr/doc/rfc1535.lpr
usr/doc/rfc1536.lpr
usr/doc/rfc1537.lpr
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-026
Project: HCX
Product: tcp_ip
Date Issued: Thu Oct 26 17:48:23 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem:
none
Related Patches:
cx6.2-126
Related Modification Numbers:
none
Related SARs:
none
Problem Description:
1) /etc/protocols: No Private Network definition
2) /etc/services: file broken / missing entries
3) ftpd: crashes
4) gated: breaks routing tables for point-to-point
connections
5) ifconfig: gives spurious p-to-p message an bad input
parameter
6) ifconfig: Private Network stuff displayed incorrectly
7) inetd: Very slow when doing DNS lookups for audit recs
8) inetd: Unable to initiate proxies at incoming packet
level.
9) netstat: -a option losing information in display
10) netstat: Missing Private Network display entries
11) ping: Reports host up when actually host is down
12) routed: Drops routes
13) routed: 'default' in /etc/gateways is ignored
14) TCP: Using CIPSO interface split TCP packets into two.
15) TCP: Broken flow control over 56kb lines
16) UDP: Socket MLS labels on priviliged socket broken
Resolution Description:
1) Update with pnet 99
2) Update /etc/services
3) fix broken audit() calls
4) make gated a little smarter
5) tidy up message
6) fix typos and format output
7) Only record IP address in audit trails
8) Initiate proxies at correct level.
9) Make better use of the space
10) Update
11) Make ping smarter and output icmp error packets received
12) keep O/S and routed in step with usage of flags & structures
13) routed now knows how to handle 'default'
14) Account for CIPSO header in calculating max packet size
15) Fixed flow control
16) Maintain labels on packet transmission
Modified Source:
usr/src/cmd/etc/inetd.conf
usr/src/cmd/etc/protocols
usr/src/cmd/etc/services
usr/src/cmd/ftp/ftpd.c
usr/src/cmd/gated/if.c
usr/src/cmd/gated/if_rt.c
usr/src/cmd/gated/parse.c
usr/src/cmd/gated/task.c
usr/src/cmd/gated/trace.c
usr/src/cmd/ifconfig/ifconfig.c
usr/src/cmd/inetd/audit.c
usr/src/cmd/inetd/inetd.c
usr/src/cmd/inetd/inetd.mk
usr/src/cmd/netstat/inet.c
usr/src/cmd/netstat/pvn.c
usr/src/cmd/ping.c
usr/src/cmd/routed/input.c
usr/src/cmd/routed/main.c
usr/src/cmd/routed/startup.c
usr/src/cmd/routed/table.h
usr/src/cmd/routed/tables.c
usr/src/cmd/routed/timer.c
usr/src/cmd/routed/trace.c
usr/src/description_files/tcp_ip.src
usr/src/uts/machine/netinet/ip_icmp.h
usr/src/uts/machine/netinet/tcp_input.c
usr/src/uts/machine/netinet/tcp_subr.c
usr/src/uts/machine/netinet/tcp_timer.c
usr/src/uts/machine/netinet/udp_usrreq.c
Object Modules:
etc/inetd.conf
etc/protocols
etc/services
usr/etc/ftpd
usr/etc/gated
usr/etc/inetd
usr/etc/ping
usr/etc/routed
usr/include/netinet/ip_icmp.h
usr/sbin/ifconfig
usr/src/uts/machine/netinet/ip_icmp.h
usr/ucb/netstat
lib_netinet tcp_input.o
lib_netinet tcp_subr.o
lib_netinet tcp_timer.o
lib_netinet udp_usrreq.o
Conditions for Installation:
A Series 4000 or Series 5000 NightHawk running CX/UX 6.2 release.
Possible Side Effects:
NONE
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-027
Project: HCX
Product: tcp_ip
Date Issued: Fri Dec 15 17:52:54 1995
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: cx6.2-129
Related Modification Numbers: none
Related SARs: none
Problem Description:
(1) Firewall product dynamic kernel rules would not timeout properly
thus wasting system network resources.
(2) Firewall product's Private Virtual Network was not able to function
correctly in tightly coupled mode.
(3) TCP connections in the FIN_WAIT_2 state would not timeout in a
reasonable time frame.
(4) Size changes to the tcpcb structure effected the network utility
netstat(1) which has knowledge of that structure's size since it
accesses the structure by reading from /dev/kmem directly.
(5) inetd(1M) would consume large amounts of CPU time on non-secure
systems.
(6) Size changes to the tcpcb structure effected archived object files
in the network kernel library lib_netinet.
Resolution Description:
(1) Modified ip_output.o to timeout all dynamic rules.
(2) Add modifications to the process control block logic in the in_pcb.o
file to permit correct firewall Private Virtual Network tightly
coupled mode operation.
(3) Modifications to the tcp_timer.o and tcp_input.o files now ensure
that TCP-based processes in the FIN_WAIT_2 state correctly timeout.
(4) Rebuilt netstat to include the new tcpcb structure and thus allow it
to learn about that structure's new size change.
(5) Corrections to the structure of secure/non-secure logic checks in the
inetd(1M) main driver will eliminate the CPU usage problems experienced
on non-secure systems. Enhancements to the inetd logic also detect
and prevent denial of service attacks via the inetd chargen/echo
components.
(6) Rebuilt the kernel lib_netinet object files tcp_debug.o, tcp_output.o,
tcp_subr.o, and tcp_usrreq.o to incorporate the modified tcpcb
structure.
Modified Source:
usr/src/cmd/inetd/audit.c
usr/src/cmd/inetd/inetd.c
usr/src/uts/machine/netinet/tcp_input.c
usr/src/uts/machine/netinet/tcp_timer.c
usr/src/uts/machine/netinet/ip_output.c
usr/src/uts/machine/netinet/in_pcb.c
Object Modules:
usr/ucb/netstat
usr/etc/inetd
lib_netinet tcp_input.o
lib_netinet tcp_timer.o
lib_netinet ip_output.o
lib_netinet in_pcb.o
lib_netinet tcp_debug.o
lib_netinet tcp_output.o
lib_netinet tcp_subr.o
lib_netinet tcp_usrreq.o
Conditions for Installation:
This patch must be installed on either an NH4000 or NH5000 system
which has the CX/UX 6.2, TCP/IP 6.2, and network device driver products
installed and all applicable CX/UX 6.2, TCP/IP 6.2, and network device
driver product patches already installed. NOTE: The cx6.2-129 patch
must be installed prior to the installation of this patch.
Possible Side Effects: none.
return to index
================================================================================
� Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-028
Project: HCX
Product: tcp_ip
Date Issued: Thu Jan 11 17:59:45 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: TBD
Related Patches: none
Related Modification Numbers: none
Related SARs: none
Problem Description:
(1) The Trusted Computing Base (TCB) networking file, TCB.net, utilized
by the mkassure(1MS) assurance tape utility incorrectly referenced
the obsolete kernel library lib_hcxif.
(2) The named(1M) manual page incorrectly referenced CyberGuard-related
documentation.
(3) Networking ports were being incorrectly reused when booting a system
or during a port rollover.
(4) FTP daemon ftpd contains libmls.a library function which can cause
a potential memory leak.
(5) TCP fast retransmit algorithm can inadvertently modify the TCP
retransmit timer asynchronously.
Resolution Description:
(1) Remove lib_hcxif from the TCB.net file.
(2) Remove all references to the CyberGuard-related documentation.
(3) Update the kernel lport() function to correctly rollover the next
available port.
(4) Rebuild the ftpd daemon to incorporate the fixed libmls.a function
makecf() to prevent the potential memory leak.
(5) Add spin lock protection around the fast retransmit algorithm code
where the TCP retransmit timer is modified.
Modified Source:
usr/src/cmd/assure/TCB/TCB.net
usr/man/a_man/man1/named.1m
usr/src/uts/machine/netinet/in_pcb.c
Object Modules:
usr/etc/ftpd
mls/assure/TCB/TCB.net
usr/man/a_man/man1/named.1m
usr/catman/a_man/man1/named.1m.z
lib_netinet in_pcb.o
lib_netinet tcp_input.o
Conditions for Installation:
Patch must be installed on a NH4000 or NH5000 system running CX/UX 6.2
with all applicable TCP/IP product patches installed.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-029
Project: HCX
Product: tcp_ip
Date Issued: Wed Feb 14 13:14:50 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: firewall2.1-001, cx6.2-132
Related Modification Numbers: None.
Related SARs: None.
Problem Description:
(1) Incorrect multithreading logic in the slow timer function caused
connections in the FIN_WAIT_2 state to take a much greater amount of
time to time out, causing a large number of connections to remain in a
semiclosed state in the system.
(2) The TCP stack's kernel input routine did not have any slow timeout
support for sweeping IP filter rule buckets for timed out entries.
(3) The ftpd(1M) daemon would send the FTP server's PASV reply message
"Listening on data connection (X.X.X.X.X.X)" where X.X.X.X.X.X reveals
the FTP server's IP address and listening port to the FTP client.
(4) etc/inetd.conf and etc/services needed to be updated to support the
new Gopher and X11 proxies of firewall 2.1.1.
Resolution Description:
(1) Fix the TCP slow timeout (500ms) timer logic to permit TCP
connections in the TCP FIN_WAIT_2 state to time out after 11 minutes as
per standard Berkeley-derived TCP network stack behavior.
(2) Add new logic to the TCP stack's kernel input routine to permit slow
timeout support for sweeping IP filter rule buckets for timed out
entries. This improves IP packet filtering performance and use of
system resources.
(3) The ftpd(1M) daemon has been modified in support of the security
enhancement for FTP PASV mode. This enhancement includes the
removal of the FTP server's PASV reply message.
(4) Add updates to existing etc/inetd.conf and etc/services.
Modified Source:
usr/src/cmd/etc/inetd.conf
usr/src/cmd/etc/services
usr/src/cmd/ftp/ftpd.c
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/tcp_timer.c
Object Modules:
etc/inetd.conf
etc/services
usr/etc/ftpd
usr/src/uts/machine/M88K/lib_netinet ip_input.o
usr/src/uts/machine/M88K/lib_netinet tcp_timer.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_input.o
usr/src/uts/machine/M88K-RT/lib_netinet tcp_timer.o
usr/src/uts/machine/NH5000/lib_netinet ip_input.o
usr/src/uts/machine/NH5000/lib_netinet tcp_timer.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet tcp_timer.o
Conditions for Installation: None.
Possible Side Effects: None.
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-030
Project: HCX
Product: tcp_ip
Date Issued: Mon Mar 25 18:50:30 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: N/A
Related SARs: N/A
Problem Description:
(See Resolution Description below)
Resolution Description:
Changed TCPT_KEEP(alive) 500ms slow timer logic in tcp_timers()
to timeout connections in the active and passive close states
rather than those less than the CLOSE_WAIT state. This will
permit the removal of HTTP-based connections in the LAST_ACK
state which previously would never be timed out.
Added support for a proxy communicating with a server running on
the firewall.
Added support for PASV data connection mode for ftp(1) .
The tcp_input fix prevents TCP from getting into a mode where
the send window is presumed to be zero.
When this was the case, one byte probe packets were sent
every retransmission.
The use of the high-water mark to determine
the window size was removed.
This fix corrected a problem with the WebTrack
software where large (100KB+) files would never completely transfer.
Modified Source:
usr/src/cmd/etc/inetd.conf
usr/src/cmd/etc/services
usr/src/cmd/ftp/ftp.c
usr/src/cmd/ftp/ftp.mk
usr/src/cmd/ftp/ftp_var.h
usr/src/cmd/ftp/main.c
usr/src/cmd/named/README
usr/src/cmd/named/Version.c
usr/src/cmd/named/conf/options.h
usr/src/cmd/named/conf/portability.h
usr/src/cmd/named/db_defs.h
usr/src/cmd/named/db_dump.c
usr/src/cmd/named/db_func.h
usr/src/cmd/named/db_glob.h
usr/src/cmd/named/db_glue.c
usr/src/cmd/named/db_load.c
usr/src/cmd/named/db_lookup.c
usr/src/cmd/named/db_reload.c
usr/src/cmd/named/db_save.c
usr/src/cmd/named/db_secure.c
usr/src/cmd/named/db_update.c
usr/src/cmd/named/dmalloc.c
usr/src/cmd/named/dmalloc.h
usr/src/cmd/named/include/arpa/inet.h
usr/src/cmd/named/include/arpa/nameser.h
usr/src/cmd/named/include/netdb.h
usr/src/cmd/named/include/resolv.h
usr/src/cmd/named/include/sys/bitypes.h
usr/src/cmd/named/include/sys/cdefs.h
usr/src/cmd/named/named-xfer.c
usr/src/cmd/named/named.h
usr/src/cmd/named/named.mk
usr/src/cmd/named/named.reload.sh
usr/src/cmd/named/named.restart.sh
usr/src/cmd/named/ndc.sh
usr/src/cmd/named/ns_defs.h
usr/src/cmd/named/ns_forw.c
usr/src/cmd/named/ns_func.h
usr/src/cmd/named/ns_glob.h
usr/src/cmd/named/ns_init.c
usr/src/cmd/named/ns_main.c
usr/src/cmd/named/ns_maint.c
usr/src/cmd/named/ns_ncache.c
usr/src/cmd/named/ns_req.c
usr/src/cmd/named/ns_resp.c
usr/src/cmd/named/ns_sort.c
usr/src/cmd/named/ns_stats.c
usr/src/cmd/named/ns_validate.c
usr/src/cmd/named/pathnames.h
usr/src/cmd/named/resolve/gethnamaddr.c
usr/src/cmd/named/resolve/getnetbyaddr.c
usr/src/cmd/named/resolve/getnetbyname.c
usr/src/cmd/named/resolve/getnetent.c
usr/src/cmd/named/resolve/getnetnamadr.c
usr/src/cmd/named/resolve/herror.c
usr/src/cmd/named/resolve/hostnamelen.c
usr/src/cmd/named/resolve/inet_addr.c
usr/src/cmd/named/resolve/libresolv.mk
usr/src/cmd/named/resolve/nsap_addr.c
usr/src/cmd/named/resolve/res_comp.c
usr/src/cmd/named/resolve/res_data.c
usr/src/cmd/named/resolve/res_debug.c
usr/src/cmd/named/resolve/res_init.c
usr/src/cmd/named/resolve/res_mkquery.c
usr/src/cmd/named/resolve/res_query.c
usr/src/cmd/named/resolve/res_send.c
usr/src/cmd/named/resolve/sethostent.c
usr/src/cmd/named/storage.c
usr/src/cmd/named/syslog_alt.c
usr/src/cmd/named/tree.c
usr/src/cmd/named/tree.h
usr/src/cmd/netstat/if_cyber.c
usr/src/cmd/nslookup/commands.l
usr/src/cmd/nslookup/debug.c
usr/src/cmd/nslookup/getinfo.c
usr/src/cmd/nslookup/list.c
usr/src/cmd/nslookup/main.c
usr/src/cmd/nslookup/nslookup.help
usr/src/cmd/nslookup/nslookup.mk
usr/src/cmd/nslookup/pathnames.h
usr/src/cmd/nslookup/res.h
usr/src/cmd/nslookup/send.c
usr/src/cmd/nslookup/skip.c
usr/src/cmd/nslookup/subr.c
usr/src/uts/machine/netinet/in.c
usr/src/uts/machine/netinet/ip_input.c
usr/src/uts/machine/netinet/ip_output.c
usr/src/uts/machine/netinet/tcp_input.c
usr/src/uts/machine/netinet/tcp_timer.c
usr/src/uts/machine/netinet/udp_usrreq.c
Object Modules:
etc/inetd.conf
etc/services
usr/etc/ftpd
usr/etc/named
usr/etc/named-xfer
usr/etc/named.restart
usr/etc/named.reload
usr/etc/ndc
usr/lib/nslookup.help
usr/sbin/nslookup
usr/ucb/ftp
usr/src/uts/machine/M88K/lib_netinet in.o
usr/src/uts/machine/M88K-RT/lib_netinet in.o
usr/src/uts/machine/NH5000/lib_netinet in.o
usr/src/uts/machine/NH5000-RT/lib_netinet in.o
usr/src/uts/machine/M88K/lib_netinet ip_input.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_input.o
usr/src/uts/machine/NH5000/lib_netinet ip_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_input.o
usr/src/uts/machine/M88K/lib_netinet ip_output.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_output.o
usr/src/uts/machine/NH5000/lib_netinet ip_output.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_output.o
usr/src/uts/machine/M88K/lib_netinet tcp_input.o
usr/src/uts/machine/M88K-RT/lib_netinet tcp_input.o
usr/src/uts/machine/NH5000/lib_netinet tcp_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet tcp_input.o
usr/src/uts/machine/M88K/lib_netinet tcp_timer.o
usr/src/uts/machine/M88K-RT/lib_netinet tcp_timer.o
usr/src/uts/machine/NH5000/lib_netinet tcp_timer.o
usr/src/uts/machine/NH5000-RT/lib_netinet tcp_timer.o
usr/src/uts/machine/M88K/lib_netinet udp_usrreq.o
usr/src/uts/machine/M88K-RT/lib_netinet udp_usrreq.o
usr/src/uts/machine/NH5000/lib_netinet udp_usrreq.o
usr/src/uts/machine/NH5000-RT/lib_netinet udp_usrreq.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-031
Project: HCX
Product: tcp_ip
Date Issued: Tue May 7 10:10:26 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: cx6.2-137
Related Modification Numbers: None
Related SARs: None
Description: Minor updates to named and ftp for CyberGuard.
Modified Source:
usr/src/cmd/etc/hosts
usr/src/cmd/etc/inetd.conf
usr/src/cmd/etc/networks
usr/src/cmd/etc/services
usr/src/cmd/ftp/audit.c
usr/src/cmd/ftp/ftp.mk
usr/src/cmd/ftp/ftpcmd.y
usr/src/cmd/ftp/ftpd.c
usr/src/cmd/inetd/audit.c
usr/src/cmd/named/ns_defs.h
usr/src/cmd/named/ns_forw.c
usr/src/cmd/named/ns_glob.h
usr/src/cmd/named/ns_main.c
usr/src/cmd/named/ns_req.c
usr/src/cmd/named/syslog_alt.c
usr/src/cmd/netstat/inet.c
usr/src/uts/machine/netinet/in_pcb.c
usr/src/uts/machine/netinet/if_ether.c
usr/src/uts/machine/netinet/tcp_input.c
Object Modules:
etc/hosts
etc/inetd.conf
etc/networks
etc/services
usr/catman/a_man/man1/named.1m.z
usr/etc/inetd
usr/etc/ftpd
usr/etc/named
usr/etc/named-xfer
usr/man/a_man/man1/named.1m
usr/src/uts/machine/M88K-RT/lib_netinet in_pcb.o
usr/src/uts/machine/M88K-RT/lib_netinet if_ether.o
usr/src/uts/machine/M88K-RT/lib_netinet tcp_input.o
usr/src/uts/machine/M88K/lib_netinet in_pcb.o
usr/src/uts/machine/M88K/lib_netinet if_ether.o
usr/src/uts/machine/M88K/lib_netinet tcp_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet in_pcb.o
usr/src/uts/machine/NH5000-RT/lib_netinet if_ether.o
usr/src/uts/machine/NH5000-RT/lib_netinet tcp_input.o
usr/src/uts/machine/NH5000/lib_netinet in_pcb.o
usr/src/uts/machine/NH5000/lib_netinet if_ether.o
usr/src/uts/machine/NH5000/lib_netinet tcp_input.o
usr/ucb/ftp
usr/ucb/netstat
Conditions for Installation: This patch should be installed only at the
same time as cx6.2-136, cx6.2-137, and cx_sx6.2-019.
This is a CyberGuard 2.2 support patch.
Possible Side Effects: None
return to index
================================================================================
Harris CSD Software Development
Software Patch Report
Patch Name: tcp_ip6.2-032
Project: HCX
Product: tcp_ip
Date Issued: Fri Jun 14 14:46:31 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: None
Related Modification Numbers: None
Related SARs: None
Problem Description:
1) /etc/ftpd would not allow root logins.
2) Minor display updates to netstat.
3) Modified ip_nat.h kernel header file.
Resolution Description:
1) Modified ftpd.c to check whether it is running on CX/UX or CX/SX and
allow or deny root logins accordingly.
2) Modified inet.c to update netstat display.
3) Rebuilt ip_input, ip_output, and in_pcb.
Modified Source:
usr/src/cmd/ftp/ftpd.c
usr/src/cmd/netstat/inet.c
usr/src/uts/machine/netinet/in_pcb.c
usr/src/uts/machine/netinet/ip_input.c
Object Modules:
usr/etc/ftpd
usr/ucb/netstat
usr/src/uts/machine/M88K/lib_netinet in_pcb.o
usr/src/uts/machine/M88K/lib_netinet ip_input.o
usr/src/uts/machine/M88K/lib_netinet ip_output.o
usr/src/uts/machine/M88K-RT/lib_netinet in_pcb.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_input.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_output.o
usr/src/uts/machine/NH5000/lib_netinet in_pcb.o
usr/src/uts/machine/NH5000/lib_netinet ip_input.o
usr/src/uts/machine/NH5000/lib_netinet ip_output.o
usr/src/uts/machine/NH5000-RT/lib_netinet in_pcb.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_output.o
Conditions for Installation: None
Possible Side Effects: None
return to index
================================================================================
Concurrent Computer Corporation
Software Patch Report
Patch Name: tcp_ip6.2-033
Project: HCX
Product: tcp_ip
Date Issued: Sat Aug 31 12:11:12 1996
Release on Which Patch May Be Installed: 6.2
Release Which Corrects Problem: N/A
Related Patches: cx6.2-143
Related Modification Numbers: N/A
Related SARs: N/A
Problem Description:
1) The modifications to the ftpd-proxy (firewall) required a change to
the tftp daemon to work correctly.
2) There was no ordering to the routing table; routes were being
selected by whichever route matched first.
3) Ports 137-139 (Netbios) and 5500 (SecurID) had no English translation
when viewing the netguard rules.
4) There were miscellaneous errors in the man pages.
Resolution Description:
1) Updated the tftp daemon to work with the new ftp proxy.
2) Added subnet routing to gated and routed.
Modified the output of netstat to display the subnet routing buckets
(netstat -R).
3) Added netbios and securid to the /etc/services file.
4) Fixed the miscellaneous errors in the man pages.
Modified Source:
usr/src/cmd/etc/services
usr/src/cmd/gated/if.c
usr/src/cmd/gated/krt.c
usr/src/cmd/netstat/inet.c
usr/src/cmd/netstat/main.c
usr/src/cmd/netstat/route.c
usr/src/cmd/route.c
usr/src/cmd/routed/startup.c
usr/src/cmd/routed/table.h
usr/src/cmd/routed/tables.c
usr/src/cmd/tftp/tftp.mk
usr/src/cmd/tftp/tftpd.c
usr/src/uts/machine/netinet/in.c
usr/src/uts/machine/netinet/in.h
usr/src/uts/machine/netinet/ip_icmp.h
usr/src/uts/machine/netinet/ip_input.h
Object Modules:
etc/services
usr/catman/a_man/man1/ftpd.1m.z
usr/catman/a_man/man1/gated.1m.z
usr/catman/a_man/man1/rlogind.1m.z
usr/catman/a_man/man1/route.1m.z
usr/catman/a_man/man1/routed.1m.z
usr/catman/a_man/man1/rwhod.1m.z
usr/catman/p_man/man3/gethostbyname.3n.z
usr/catman/p_man/man3/libip.3n.z
usr/catman/p_man/man3/rcmd.3n.z
usr/catman/p_man/man3/xti.3n.z
usr/catman/p_man/man4/gated.conf.4.z
usr/catman/p_man/man4/icmp.4p.z
usr/catman/p_man/man4/intro.4n.z
usr/catman/p_man/man4/ip.4p.z
usr/catman/p_man/man4/tcp.4p.z
usr/catman/u_man/man1/ftp.1c.z
usr/catman/u_man/man1/nslookup.1c.z
usr/catman/u_man/man1/talk.1c.z
usr/catman/u_man/man1/tftp.1c.z
usr/etc/ftpd
usr/etc/gated
usr/etc/route
usr/etc/routed
usr/etc/tftpd
usr/man/a_man/man1/ftpd.1m
usr/man/a_man/man1/gated.1m
usr/man/a_man/man1/rlogind.1m
usr/man/a_man/man1/route.1m
usr/man/a_man/man1/routed.1m
usr/man/a_man/man1/rwhod.1m
usr/man/p_man/man3/gethostbyname.3n
usr/man/p_man/man3/libip.3n
usr/man/p_man/man3/rcmd.3n
usr/man/p_man/man3/xti.3n
usr/man/p_man/man4/gated.conf.4
usr/man/p_man/man4/icmp.4p
usr/man/p_man/man4/intro.4n
usr/man/p_man/man4/ip.4p
usr/man/p_man/man4/tcp.4p
usr/man/u_man/man1/ftp.1c
usr/man/u_man/man1/nslookup.1c
usr/man/u_man/man1/talk.1c
usr/man/u_man/man1/tftp.1c
usr/src/uts/machine/M88K-RT/lib_netinet in.o
usr/src/uts/machine/M88K-RT/lib_netinet ip_input.o
usr/src/uts/machine/M88K/lib_netinet in.o
usr/src/uts/machine/M88K/lib_netinet ip_input.o
usr/src/uts/machine/NH5000-RT/lib_netinet in.o
usr/src/uts/machine/NH5000-RT/lib_netinet ip_input.o
usr/src/uts/machine/NH5000/lib_netinet in.o
usr/src/uts/machine/NH5000/lib_netinet ip_input.o
usr/ucb/netstat
Conditions for Installation:
Patch cx6.2-143 must be installed at the same time as tcp_ip6.2-033.
Possible Side Effects: None
return to index
================================================================================