[Info-vax] problem with COBOL installation

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Sat May 16 12:45:29 EDT 2015 

On 2015-05-16 15:21:08 +0000, John Reagan said:

> On Saturday, May 16, 2015 at 10:06:23 AM UTC-4, Phillip Helbig (undress 
> to reply) wrote:
>> Trying to install COBOL from the hobbyist distribution:
>> 
>> COBOL029_IGUIDE.TXT;1
>> DEC-AXPVMS-COBOL-V0209-1453-1.PCSI$COMPRESSED;1
>> DEC-AXPVMS-COBOL-V0209-1453-1.PCSI$COMPRESSED_ESW;1
>> 
>> I get
>> 
>> %PCSI-E-VALFAILED, validation of
>> DSA530:[HELBIG.DOWNLOADS.HOBBYIST.COBOL_COMPILER_29]DEC-AXPVMS-COBOL-V0209-1453-1.PCSI$COMPRESSED;1 
>> failed
>> -PCSI-E-CDSA_TEXT, CSSMERR_DL_DATASTORE_DOESNOT_EXIST: The specified
>> datastore does not exist
>> %PCSIUI-E-ABORT, operation terminated due to an unrecoverable error condition
>> 
>> Any ideas?

>From a web search:
<http://h30499.www3.hp.com/t5/General/VMS-8-3-Alpha-PCSI-Problem/td-p/4123044>
Also <http://h71000.www7.hp.com/doc/83final/ba554_90006/ch03s02.html>. 
which points to the workaround.
Related: <https://groups.google.com/d/msg/comp.os.vms/8Ej2dVrHtgk/g8pj6_AyMioJ>

> You can use /OPTIONS=NOVALIDATE if you just want to skip the 
> validation.  For the error itself, wasn't that part of some prior 
> update to PCSI itself?

Yes; there've been a number of changes and fixes to PCSI in this area, 
both to fix bugs and to update "secure delivery".

Secure Delivery and those pesky "manifest" files went into PCSI around 
V8.3, and via patches.  V8.4 had further changes here, with the HPC 
file 
<http://h71000.www7.hp.com/openvms/security.html#hp_code_sign_service>. 
  There've been several generations of PCSI patches for PCSI, too — 
VMS84A_PCSI V4.0 was current, last I checked.

>  (Yeah, I know, how does a hobbyist get access to patches?  Above my paygrade.)

The sort of PCSI bug that's lurking here isn't above your pay grade, 
though.  That CDSA-originated error message is awful, and this is 
something that never should have gotten past testing.

Not all that much can be done about this existing PCSI secure delivery 
mess now, short of opening up certain patches to more folks; declaring 
certain patches as mandatory updates or some such.

AFAIK, CDSA used SHA-1 here.  What the HP binary checker uses, I've not 
seen published.    It's now time to migrate from SHA-1 — before it 
falls — to something like SHA-2 or better, too.   When VSI eventually 
reworks and hopefully removes the long-deprecated Intel CDSA bits from 
OpenVMS, y'all will likely be presented with some cases similar to 
this, too.


-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list