Patch Name: PHSS_16550 Patch Description: s700_800 10.24 VirtualVault/SAFE 3.01 TGA patch Creation Date: 98/09/30 Post Date: 98/10/27 Warning: 98/11/20 - This Non-Critical Warning has been issued by HP. - Patch PHSS_16550 contains a program file that is installed in the wrong location. As a result, the patch does not fix the problem for which is was created. It also fails to correct the standalone TGA problem (rarely observed in production systems). - The patch does not introduce any new defects, but to avoid having an extra copy of the file on your system HP recommends removing PHSS_16550 from all systems on which it has been installed. - A new patch will be released as soon as possible to address the problems described in PHSS_16550. Hardware Platforms - OS Releases: s700: 10.24 s800: 10.24 Products: VirtualVault/SAFE A.03.01 US/Canada Release; VirtualVault/SAFE A.03.01 International Release Filesets: VaultTS.VAULT-CORE-CMN VaultNES.NES-VAULT Automatic Reboot?: No Status: General Superseded With Warnings Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHSS_16550 Symptoms: PHSS_16550: TGA waits an extended period of time, or cannot establish its master endpoint. Connections to an outside web server result in a "server error" message. The stand alone version of TGA does not execute. The creation of the SERVER_SOFTWARE environment variable returns an invalid value Defect Description: PHSS_16550: If an outside web server is running when the TGA daemon is restarted, it can take a number of retries before the TGA daemon can re-establish its persistent TCP master listening endpoint. This is because the TGA NSAPI has the connection bound, and unless an HTTP request comes to the web server in the interim, the NSAPI does not release the connection to the master. This situation is worse with multiple outside web servers, and can result in the TGA daemon giving up on the bind to its master port. The stand alone version of TGA has been relinked so that it will execute. The creation of the SERVER_SOFTWARE environment variable is now set correctly. SR: 4701402420 Patch Files: /tcb/bin/tga /var/opt/vaultTS/outside/app/cgibin/tga /tcb/lib/tgad /opt/nes/3.5/bin/https/libvvtga.so what(1) Output: /tcb/bin/tga: $Source: tga.c, vaultTS, vaultTS_3.1 $Date: 98/10/02 13:29:46 $ $Revision: 1.9 PATCH_10.24 (PHSS _16550) $ $Source: io.c, vaultTS, vaultTS_3.1 $Date: 98/09/30 09:11:36 $ $Revision: 1.14 PATCH_10.24 (PHSS _16550) $ /var/opt/vaultTS/outside/app/cgibin/tga: $Source: tga.c, vaultTS, vaultTS_3.1 $Date: 98/10/02 13:29:46 $ $Revision: 1.9 PATCH_10.24 (PHSS _16550) $ $Source: io.c, vaultTS, vaultTS_3.1 $Date: 98/09/30 09:11:36 $ $Revision: 1.14 PATCH_10.24 (PHSS _16550) $ /tcb/lib/tgad: lib/libc/core/gen/mktemp.c, hpuxlibc, vvos_davis, da vis22 $Date: 97/07/18 11:58:12 $ $Revision: 1.2 PATCH_10.24 (PHCO_11183) $ $Source: communications.c, vaultTS, vaultTS_3.1 $Dat e: 98/09/30 08:53:29 $ $Revision: 1.14 PATCH _10.24 (PHSS_16550) $ $Source: execute.c, vaultTS, vaultTS_3.1 $Date: 98/0 9/30 08:53:53 $ $Revision: 1.18 PATCH_10.24 (PHSS_16550) $ HP VirtualVault, tgad, revision A.03.00 src/lib/swp/setlocale.c, vaultTS, vaultTS_3.1, A.03. 01.A 1.1 09/29/97 lib/libsecurity/accept_pw.c, libsecurity_ia, vvos_da vis, davis26 $Date: 97/10/01 15:16:10 $ $Rev ision: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis26 $Date: 97/10/01 15:16:15 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis26 $Date: 97/10/01 15:16:16 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis26 $Date: 97/10/01 15:16:17 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis26 $Date: 97/10/01 15:16:11 $ $ Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_errlst.c, libsecurity_util, vvos _davis, davis26 $Date: 97/10/01 15:16:18 $ $ Revision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis26 $Date: 97/10/01 15:16:10 $ $Revis ion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis26 $Date: 97/10/01 15:17:50 $ $Re vision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis26 $Date: 97/10/01 15:16:12 $ $Revis ion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis26 $Date: 97/10/01 15:16:13 $ $Revisi on: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis26 $Date: 97/10/01 15:18:19 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis26 $Date: 97/10/01 15:19:47 $ $Revi sion: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis60 $Date: 97/10/01 16:00:20 $ $Revision : 1.1.1.4 PATCH_10.24 (PHCO_12734) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis26 $Date: 97/10/01 15:16:13 $ $Re vision: 1.14 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Jul 18 1997 15:26:17 /opt/nes/3.5/bin/https/libvvtga.so: $Source: tgansapi.c, vaultNES, vaultNES_3.1 $Date: 9 8/09/30 09:06:29 $ $Revision: 1.29 PATCH_10. 24 (PHSS_16550) $ $Source: env.c, vaultNES, vaultNES_3.1 $Date: 98/10/ 02 13:25:24 $ $Revision: 1.15 PATCH_10.24 (P HSS_16550) $ 95 1.13 src/gateway/cgi2/nsapi/argv.c, vaultNES, v aultNES_3.1, A.03.01.B 06/30/98 18:02:06 65 1.2 src/gateway/cgi2/nsapi/log.c, vaultNES, vau ltNES_3.1, A.03.01.B 07/10/98 18:00:58 $Source: io.c, vaultTS, vaultTS_3.1 $Date: 98/09/30 09:11:36 $ $Revision: 1.14 PATCH_10.24 (PHSS _16550) $ cksum(1) Output: 3924788318 28741 /tcb/bin/tga 3924788318 28741 /var/opt/vaultTS/outside/app/cgibin/tga 3572193509 673776 /tcb/lib/tgad 3733073382 41065 /opt/nes/3.5/bin/https/libvvtga.so Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: None Patch Package Size: 820 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHSS_16550 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHSS_16550.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHSS_16550.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHSS_16550. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHSS_16550.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHSS_16550.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: The patch installation replaces the Trusted Gateway Agent Daemon (tgad). The VirtualVault Inside and Outside Web servers, as well as the Outside Administration Server and tgad processes may be stopped during patch installation. The system will be rebooted upon patch installation completion.