A fix is available
APAR status
Closed as program error.
Error description
Receiving an inbound request for an IPIC Session results in the following message. . DFHME0108 Message DFHXM0000 cannot be found in module DFHMET1E . We notice the following Trace Entries. . 0201 ISIS EXIT - FUNCTION(INITIALIZE_RECEIVER) RESPONSE(EXCEPTION) REASON(MESSAGE_MISMATCH_IDENTIFY) USER_TOKEN(00000000) SET_USER_TOKEN() . Note no USER_TOKEN. . 1204 XMER ENTRY - FUNCTION(SET_DEFERRED_MESSAGE) MESSAGE(SECURITY_PROTOCOL_ERROR) . 0681 ISXM EXIT - FUNCTION(INIT_XM_CLIENT) RESPONSE(OK) USER_TOKEN(0000F000) SESSION_USER_TOKEN(00000000) SET_USER_TOKEN(YES) SET_USER_MUTABLE(NO) SET_SESSION_USER_TOKEN(NO) . Now note the USER_TOKEN is 0000F000 which is invalid. . 0402 USXM EXIT - FUNCTION(INIT_TRANSACTION_USER) RESPONSE(EXCEPTION) REASON(INVALID_USER_TOKEN) USDOM_TRANSACTION_TOKEN(00000000 , 00000000) PRIORITY(0) . The problem is the following. . The DFHISIS INITIALIZE_RECEIVER call made by DFHISXM fails. The transaction will be terminated with a message, but DFHISXM still returns indicating a user token should be set. DFHISXM does not actually supply a token so a residual value gets set instead, resulting in the reported failure. . Additional Symptom(s) Search Keyword(s): KIXREVBDB DFHXM0000 DFHME0108 IPIC
Local fix
The IPCONN was defined with ATTACHSEC(IDENTIFY) but the inbound request did not contain a userid. This is what causes the DFHISIS call to fail. Passing a userid on the inbound request would prevent the problem from occurring.
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: When SEC=YES is specified in DFHSIT, * * and an IPCONN is defined with * * USERAUTH(IDENTIFY), no IPIC security * * header is received. This results in * * msgDFHME0108 and a system dump. * **************************************************************** CICS is connected with client side via IPIC connection with USERAUTH(IDENTIFY) configuration. A DPL request arrived in CICS but it doesn't contain any security related fields. This causes the DFHISIS INITIALIZE_RECEIVER call made by DFHISXM to fail during mirror task initialization. The task should be terminated with a message, but DFHISXM still returns indicating a user token should be set. DFHISXM does not actually supply a token so a residual value gets set instead. This causes DFHUSXM INIT_TRANSACTION_USER to fail and a nonsense message DFHXM0000 being issued in later process, resulting DFHME0108 with system dump.
Problem conclusion
DFHISXM has been changed to make sure a user token will not be set if DFHISIS INITIALIZE_RECEIVER fails with security violation.
Temporary fix
Comments
×**** PE20/03/24 FIX IN ERROR. SEE APAR PH23635 FOR DESCRIPTION
APAR Information
APAR number
PH12213
Reported component name
CICS TS Z/OS V5
Reported component ID
5655Y0400
Reported release
100
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-05-17
Closed date
2019-08-26
Last modified date
2020-04-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI64970 UI64971
Modules/Macros
DFHISXM
Fix information
Fixed component name
CICS TS Z/OS V5
Fixed component ID
5655Y0400
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
01 May 2020