Hi fellow managers,
Those of you who have DCE might have experienced the same problems as me. Just
after one o'clock last night DCE failed, complaining about clock skew. The
problem is not not fixed by the regular clock patch, but by a special DCE-patch
available at
ftp://gatekeeper.dec.com/private/DCE/UNIX/libdce.so.Z
I include the info I got from my CSC below:
For DIGITAL UNIX ONLY:
We think we have a fix.
Stop all DCE daemons that may be running, copy the new libdce.so into
/opt/dce/usr/shlib, and restart DCE.
-------------------------------------------------------------------------------
Note fix in -.1 is for V1.3.* of DCE for Digital UNIX.
It is not appropriate for customers running with the
privacy-enhancement kit. We're building a libdce.so
for that too. Let me know if you have a customers
who need it.
-------------------------------------------------------------------------------
PROBLEM: DCE_LOGINs and authenticated RPCs fail with "clock skew" errors
after 29-Feb-1996.
It was discovered that the above DCE versions do not run properly on and
after February 29, 1996 (Leap Day) and complain about clock skews in
security. Our analysis reveals that there is a bug in the ASN1
translation code of the OSF R1.0.3 code release that incorrectly
translates the given binary time to its ASCII string representation
for leap years on and after February 29 of that year. This is used
in the DCE security protocol.
Simon Tardell, voice +46 8 162688 fax +46 8 347817
Fysikum, Stockholms universitet simon_at_physto.se, tardell_at_particle.kth.se
Received on Fri Mar 01 1996 - 14:11:01 NZDT