Environment
Extra! 6530 Client Option version 9.3 SP1
Situation
This technical note describes the features, fixes, and release notes for EXTRA! 9.3 Service Pack 1 (SP1).
Note: This service pack is superseded by 9.3 Service Pack 1 Update 1 which released in August 2015. See KB 7021714.
Resolution
Obtaining the Service Pack
Maintained customers are eligible to download the latest product releases from the Attachmate Downloads website at https://download.attachmate.com/Upgrades/. For more information about logging into and using the download site, see KB 7021965.
Upgrading to EXTRA! 9.3 SP1
For information on applying this service pack to your 9.3 installation, see KB 7021364.
Note: EXTRA! 9.3 must be installed before you can install this Service Pack. If you're upgrading from version 9.2 or earlier, you’ll need to upgrade in two steps: first upgrade to EXTRA! 9.3, and then install Service Pack 1. For information on upgrading to version 9.3, see KB 7021375.
Upgrading HP NonStop/Tandem/6530 Emulation
If you are licensed for EXTRA! 6530 Client Option (CAIL add-on for HP NonStop/Tandem emulation support), an additional service pack must be separately applied. Note: EXTRA! 6530 Client Option version 9.3 must already be installed before applying its service pack.
To apply EXTRA! 6530 Client Option 9.3 Service Pack 1 to your existing installation of EXTRA! X-treme and EXTRA! 6530 Client Option 9.3:
- Download and run extra6530-9.3.1-sp-w32.exe.
- Extract the installation image (default location C:\Attachmate\EXTRA!-6530-Option-9.3.1).
- Click the install option to run the patching utility from the installation image (EXTRA!6530\rpatch.exe). Alternatively, you can apply the .msp file from the command line. See also Technical Notes 2263 and 1885.
EXTRA! 9.3 SP1 New Features and Fixes
EXTRA! 9.3 Service Pack 1 includes the following new features and resolved issues.
New Features
Windows 8.1 Update 1 Compatibility
Earned Windows 8 Compatible certification via Windows 8 and Windows 8.1 test platforms. For more information about supported platforms, see KB 7021280.
Microsoft Office 2013 Integration (32-bit and 64-bit)
Office integration features tested and supported with Microsoft Office 2013, 32- and 64-bit. For more information about productivity features, see KB 7021886.
Novell ZenWorks Application Virtualization (ZAV) Integration
A template is now available in Novell ZAV for faster packaging and deploying of the application.
Transport Layer Security (TLS) 1.2
Added support for TLS 1.2 encryption. TLS 1.2 provides better security of data in motion with more secure confidentiality and integrity using AES GCM mode, SHA256 hashing and additional protocol protections.
Support for IBM Express Logon Feature with Reflection Security Gateway
Implemented Reflection Security Proxy End-to-End encryption for 3270 sessions. This feature enables TN3270 connections to use a TLS-secured link with FIPS 140-2 validated encryption through the Attachmate Reflection Security proxy with token-passing, ultimately allowing Express Logon Feature (ELF) on the IBM host while enforcing access control with Reflection Security Gateway.
End-to-end encryption adds access control to your host systems and encrypts data all the way to host. Normally, the second half of the connection from Reflection Security Gateway to the host is in clear text. Two-factor authentication (2FA) with certificates and double encryption protects the data in motion better than ever before.
Reflection Certificate Manager
The Reflection Certificate Manager is now included with EXTRA! to manage digital certificates for 3270 sessions and to configure aspects of Reflection PKI support. The Reflection certificate store can be used for authentication during SSH and/or SSL/TLS sessions. EXTRA! can authenticate using digital certificates located in either the Windows certificate store or the Reflection certificate store (or both). For more information about Reflection Certificate Manager, see https://docs.attachmate.com/extra/x-treme/9.3sp1/help-update/en/24315.htm.
Reflection FTP Client Updated
This release includes Reflection FTP Client 14.1 SP3 (version 14.1.429). For more information about security vulnerability fixes, see Security Alerts - Extra!.
Support for SHA-256 Secure Sockets Layer (SSL) Certificates
Added support for SHA-256/RSA-2048 digital signatures to provide more secure authentication and meet both U.S. DoD and NIST 800-131A recommendations.
CRL and OCSP options now available to TN3270 sessions
For instructions on configuring these certificate revocation options, see https://docs.attachmate.com/extra/x-treme/9.3sp1/help-update/en/24231.htm.
Updates available to CAIL HP NonStop/Tandem/6530 terminal emulation
- Support added for a padlock icon in the 6530 status line to indicate that a host connection is secure.
- The OpenSSL version used for encrypting data between desktops and Tandem NonStop hosts for SSL connection has been updated to address security concerns and is now based on the OpenSSL 1.0.1 branch which is not vulnerable to the “Heartbleed” vulnerability. See also Technical Notes 2501 and 2724.
Resolved Issues
The following issues have been resolved in EXTRA! 9.3 SP1:
Macro Issues
- The error "Could not open file mapping for EBMNGR," which could appear when running macros, has been resolved.
- The EXTRA! Basic Macro property .SSHUserPassword, which stores and sends a password in an SSH session, now works properly.
CAIL HP NonStop/Tandem/6530 Terminal Emulation Issues
- EXTRA! 6530 emulation sessions can now send an escape character using the Esc and Shift+Esc keys.
API Issues
- Resolved an issue where only an asterisk (*) would appear in the title bar of a host session instead of the session name when a session is opened using the VBScript GetObject method.
- An exception error no longer occurs on Windows 7 if the EXTRA! System.Name property is queried when a macro was running.
Encrypted Passwords for IBM’s Auto-Signon Feature
- When you use the auto-signon feature in EXTRA!. if the iSeries is configured to require encrypted password exchange, EXTRA! encrypts the password before it is sent to the IBM iSeries. During the Telnet negotiation, the iSeries host provides a seed value (USERVAR “IBMRSEED”). The emulation software uses this seed value as a key to encrypt the auto-signon password before sending it back to the host.
Other Issues
- Improved the performance of TN3270, TN5250, and Unix and OpenVMS sessions by optimizing the EXTRA! TCP/IP connection, especially when running on Windows 7.
- EXTRA! now correctly displays a toolbar when the full path to the toolbar is set in the .EDP file.
- Resolved a Microsoft Visual C++ Runtime Library error that can occur during the launch of an EXTRA! session when using long folder names with Microsoft App-V 5.0 on Windows 7.
Deprecated Features
- Effective this release, Attachmate no longer supports:
- IPX/SPX related connections to an Attachmate SNA Gateway
- IPX/SPX and TCP/IP connections to the Netware for SAA Server
Note: These connections are still available for configuration, except when installing from an Administrative installation of EXTRA!
- Effective this release, High Performance Routing (HPR) is no longer supported. This option is still available for configuration from the EXTRA! Connections Pack.
Additional Information
For more information about EXTRA!, see the Technical Resources page at https://support.microfocus.com/product/?prod=XTREME.