PK00175: CORRUPTION OF LIBPATH ENVIRONMENT VARIABLE BY MOD_IBM_SSL PREVENTS SITEMINDER FROM STARTING EXTERNAL LLAWP PROCESS.

 Fixes are available

IBM HTTP Server V6.0 Fix Pack 2
PK65782; 2.0.47.1: IBM HTTP Server V2.0.47 Cumulative Interim Fix



APAR status
Closed as fixed if next.

Error description
Corruption of LIBPATH environment variable by mod_ibm_ssl
prevents SiteMinder from starting external LLAWP process.
Other modules for IHS could have similar problems starting
external processes which need LIBPATH to resolve dependent
libraries.  A memory allocation defect in mod_ibm_ssl will
be fixed so that LIBPATH is not corrupted.
Notes:
Analogous environment variables on other platforms, such as
LD_LIBRARY_PATH, are also affected.  This potentially
affects IHS 2.x on all platforms.

The occurrence of the problem symptom depends on other
accidental aspects of the configuration.  Many customers
are not experiencing this issue, but with IHS configuration
changes unrelated to mod_ibm_ssl or SiteMinder, the problem
symptom can occur.

Permanent fix: Any cumulative e-fix for IHS 2.0.x after

PQ94389.  Any future PTF for IHS 2.0.42.x after IHS 2.0.42.2.
Any future PTF for IHS 2.0.47.x after IHS 2.0.47.1.
Local fix
Temporary fix: Customers should request a temporary fix
for this problem from support.
--------end of APAR description----------

Temporary fix for this customer using IHS 2.0.47.1 on AIX:
mod_ibm_ssl_20471_fix.so

# cksum mod_ibm_ssl_20471_fix.so
1872457640 182461 mod_ibm_ssl_20471_fix.so

Activate this version of mod_ibm_ssl by editing the
LoadModule directive for mod_ibm_ssl to reference the
path to mod_ibm_ssl_20471_fix.so as the last parameter
instead of "modules/mod_ibm_ssl.so".

Important: If you upgrade to any later cumulative e-fix,
prior to the point when this APAR fix is included, you
need to obtain a matching temporary fix from IHS support.
Problem summary
mod_ibm_ssl used temporary buffer for the
string LIBPATH=xxx (or LD_LIBRARY_PATH=xxx).  After it was
added to the environment variable table, the storage could
be used for other purposes, such that the LIBPATH variable
had an invalid value or was not found in the table at all.
Problem conclusion Temporary fix Comments
This APAR is being closed as Fixed If Next.  There
is a deficiency that we currently plan to fix if there is
another release, fix pack, or cumulative e-fix.
APAR information
APAR number PK00175
Reported component name WAS HTTP SERVER
Reported component ID 5630A3603
Reported release 10A
Status CLOSED FIN
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2005-01-28
Closed date 2005-02-01
Last modified date 2005-02-01

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
IBM_SSL          

Publications Referenced

Fix information

Applicable component levels
R00A PSN    UP
R00H PSN    UP
R003 PSN    UP
R00I PSN    UP
R00S PSN    UP
R00P PSN    UP
R10A PSN    UP
R10H PSN    UP
R103 PSN    UP
R10I PSN    UP
R10S PSN    UP
R10P PSN    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > IBM HTTP Server > Runtime
Operating system(s):
Software version: 10A
Software edition:
Reference #: PK00175
IBM Group: Software Group
Modified date: Feb 1, 2005