× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. July 2001

Re: QNTC userid/password change?

  • Subject: Re: QNTC userid/password change?
  • From: "Ed Fishel" <edfishel@xxxxxxxxxx>
  • Date: Thu, 26 Jul 2001 11:46:22 -0500
 

Tom,

>>I'm generally aware of profile handles and tokens, though probably _FAR_
from your level. However, symptoms are as I described -- when it happens.
Almost exactly a year ago was the last time I heard of it happening, on a
V4R4 system after checking my notes. The systems programmer at that site
reported the same issue I described. Neither CPF4AAA nor CPF22E6 are
generated; instead, CPF22E7 is returned when QWTSETP is called with the
non-functional handle.<<

Perhaps this information can help explain the symptoms you saw a year ago.

The CPF22E7 message is sent by QWTSETP when it receives an invalid profile
handle. Here are some common ways that the profile handle could be invalid.
1. It has been released by the Release Profile Handle (QSYRLSPH) API or by
QWTSETP.
2. It was somehow corrupted, possibly by the application writing over it.
3. Someone is trying to guess a profile handle.

For V4R4 and earlier releases when QWTSETP sent the CPF22E7 message it also
automatically released all the valid profile handles for the job. This was
done as a security mechanism to prevent someone from being able to guess a
profile handle. Basically they got one guess and if it is wrong then there
was no reason to make a second guess. One problem with this design was that
in a job with multiple threads, any use of an invalid profile handle in one
thread caused all the threads of the job to lose all their profile handles.
This means if one of those threads did not have authority to get a new
handle to its original user profile, or the application was not designed to
get a new handle in this situation, then a devious user could prevent a
thread from swapping back to it original user profile.

We changed this design in V4R5. Now, before QWTSETP sends the CPF22E7
message it will delay the thread for 30 seconds times the total number of
invalid profile handles it has seen in the job. So the first delay will be
30 seconds, the second will be 60 seconds and so on. After the delays start
occurring any use of a valid profile handle will not be delayed.

Ed Fishel,
edfishel@US.IBM.COM


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.