Environment
Reflection for UNIX and OpenVMS version 14.x
Reflection for IBM version 14.x
Reflection X version 14.x
Reflection X for x64 version 14.x
Reflection Suite for X version 14.x
Reflection for the Multi-Host Enterprise Professional Edition version 14.x
Reflection for the Multi-Host Enterprise Standard Edition version 14.x
Situation
The Reflection Windows-based products version 14.0 Service Pack 7 (SP7) is available to maintained users who already have 14.0 installed. This technical note provides a link to Reflection 14.0 SP7 and a list of fixes included in the service pack as well as those originally included in SP1 - SP6 (including SP2.1).
For a list of features originally included Reflection 14.0, see KB 7021760.
Resolution
Before you apply the service pack, note the following:
- This document references a Reflection service pack. Service packs are available to licensed Attachmate customers with current maintenance plans for these products. For information about logins and accessing the Download Library, see KB 7021965.
- If you have installed (or plan to install) Reflection Administrator's Toolkit, you must upgrade to the latest version of the Toolkit whenever you upgrade Reflection. The Reflection Administrator's Toolkit features may not work correctly if you are running a version of Reflection that is newer than your Toolkit version. The latest version of Reflection Administrator's Toolkit, ratkit-14.0.7-prod-w32.exe, is available for download from the Download Library.
- Removing Reflection software packages (version 9.0 or higher) will result in end-users losing settings information for those components that store this information in the registry. This affects Reflection X, Reflection Windows-based products, and the FTP client. To save these settings, refer to KB 7021647, Saving Customized Settings Before Uninstalling Reflection.
- For important information regarding security updates and Reflection, see https://support.microfocus.com/security/.
Obtaining the Service Pack
The Reflection 14.0 Service Pack 7, reflect-14.0.7-sp-w32.exe, is available from the Download Library and applies to version 14.0 of the following products:
Reflection for UNIX and OpenVMS (includes Reflection for ReGIS Graphics)
Reflection for IBM
Reflection for the Multi-Host Enterprise, Professional Edition
Reflection for the Multi-Host Enterprise, Standard Edition
Reflection X
Reflection Suite for X
If you have Reflection X for x64 version 14.0, you must apply a different service pack: rx-14.0.7-sp-wx64.exe.
Note: If you have more than one Reflection product installed on a workstation, applying this service pack will update all products at the same time. (It is not possible to run multiple versions of Reflection Windows-based products on the same workstation.)
For information about applying or uninstalling a service pack, see the following technical notes:
How to apply a service pack to a workstation installation of Reflection |
1615 |
How to apply a service pack to an administrative installation of Reflection |
1616 |
Operating System and Virtualization Support
The following operating systems and virtualization products are supported by Reflection 14.0 SP7:
Microsoft Windows Vista, SP1*
Microsoft Windows XP, SP2 or higher*
Microsoft Windows 2000, SP4
Microsoft Windows Server 2008* (with Terminal Services)
Microsoft Windows Server 2003* (with Terminal Services)
Citrix XenApp/Presentation Server
VMware
Microsoft Virtual PC
* includes 32- and 64-bit support
New Features and What's Fixed in 14.0 SP7?
The following new features and fixes are included in the Reflection 14.0 Service Pack 7. To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Note: This service pack is cumulative, and includes all of the fixes originally contained in 14.0 SP1 – SP6 (including SP2.1).
Reflection for IBM 14.0 SP7
New features in Reflection for IBM 14.0 SP7:
- Configure Reflection Certificate Manager to store trusted certificates in a shared location
A new option, Store trusted certificates in the common application data folder, is now available in the Reflection Certificate Manager on the Trusted Certificate Authorities tab. By default trusted roots are added to a user-specific location. When this option is selected, trusted roots are saved to the following location, which makes them available to all users of the computer:
common_application_data_folder\Attachmate\Reflection\.pki\trust_store.p12.
Note the following:
If a shared store exists, trusted roots are read exclusively from the shared store. Trusted roots you have configured for individual user accounts no longer have any effect.·
To revert to user-specific trusted root stores after creating a shared store, you must delete or rename the shared trust_store.p12 file. If you simply clear this setting, subsequent changes will modify your personal store, but the personal store continues to have no effect on Reflection's behavior as long as trust_store.p12 is still present in the common application data folder.·
If the operating system has been configured by the administrator to deny users write access to common_application_data_folder\Attachmate\Reflection, this setting is not available to those users and they will not be able to modify items in the shared trusted root store.
Issues resolved in Reflection for IBM 14.0 SP7:
- Security fix for vulnerabilities in Microsoft Active Template Library (ATL).
This service packs addresses vulnerabilities described in Microsoft Security Bulletin MS09-035 and Microsoft Security Advisory 973882: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution.
- IBM host sessions now connect if an SNA BIND Image is split across multiple Telnet packets.
This resolves a problem seen when data is split and transmitted as two packets to the workstation client.
- The Level button, which is available in the Transfer dialog box for TSO sessions, now works as expected.
This service pack resolves problems seen when browsing files using the Level button. The Level command now correctly handles strings that include a period and commands in which the filter supplied is a subset of the current view.
- Cursor placement in 3270 ISPF session.
When set to use Japanese locale, Reflection now places the cursor correctly when it receives an Insert Cursor order.
- Reflection Certificate Manager correctly handles removing and reinserting a token.
The PKCS #11 tab of the Reflection Certificate Manager includes a setting called Disconnect automatically when token is removed. Prior to this service pack, removing the token correctly triggered a disconnect, but reinserting it caused the client to close unexpectedly. This service pack fixes this issue; you can now reinsert your token and connect again.
- Support for TLS connections to hosts that request a client certificate, but don't require one.
If Reflection is configured for a TLS connection and has no suitable certificates, it now sends a certificate message containing no certificates as specified in RFC 2246. Previously Reflection terminated the connection. This change enables Reflection to connect to a server that requests a client certificate but doesn't require one.
- Fixes previously released in Reflection for IBM 14.0 SP6.
Reflection for HP, UNIX and OpenVMS 14.0 SP7
Resolved issues in Reflection for HP, UNIX and OpenVMS 14.0 SP7:
- Security fix for vulnerabilities in Microsoft Active Template Library (ATL).
This service packs addresses vulnerabilities described in Microsoft Security Bulletin MS09-035 and Microsoft Security Advisory 973882: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution.
- Fixed trace problems.
This service pack resolves some issues seen when processing traces or using the StartTrace method.
- Correct display of Korean characters.
This service pack resolves several issues reported when connecting to a server configured to use the Korean UFT8 locale.
- Support for TLS connections to hosts that request a client certificate, but don't require one.
If Reflection is configured for a TLS connection and has no suitable certificates, it now sends a certificate message containing no certificates as specified in RFC 2246. Previously Reflection terminated the connection. This change enables Reflection to connect to a server that requests a client certificate but doesn't require one.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP6.
Reflection X 14.0 SP7
Issues resolved in Reflection X 14.0 SP7:
- Reflection X Profiler correctly supports configuring "Font server fonts storage settings"
The Reflection X profiler no longer closes unexpectedly when you click the Font server fonts storage settings button.
- Corrected display of X Screen panel on Japanese systems
This service pack corrects a Japanese display problem in the X Screen panel that was introduced in SP6.
- Restore GLX pixmap functionality
Reflection X uses the following approach to support GLX functionality. It attempts to offer 8bit GLX pixmaps of both the RGBA render type and the COLORINDEX render type. If the GLX pixmap was created with pre-GLX 1.3 protocol, Reflection uses the visual in the render context to determine which kind to use.
- Fix for unexpected display of the HTTP proxy dialog box
The HTTP proxy dialog box no longer appears unexpectedly when making a client Telnet connection.
- Fix for flipped GLX pixmaps
All drawing into a pixmap now has the same orientation as drawing into a GLXPixmap that was made from the X pixmap.
- Host name drop-down list now updates immediately
Reflection now updates the host drop-down list in the Reflection X Manager immediately when a client command is run on a host for the first time.
- Fix for window decoration display problems seen in some pop-up windows
Top-level windows now show correct window decoration (display of the title bar, close button, window border, etc.) if the window's Motif hints ask for a title bar. This fixes problems that were reported against Reflection version 14 SP 6 by customers using ILOG and CADENCE a-SX applications.
- Copy and Paste support between Windows applications and X applications
Copy and paste now works correctly between Windows applications and X applications running in an X terminal window. This fixes a problem reported in version 14 SP6.
- Correct display of Japanese characters in Windows taskbar
This service pack provides additional fixes for Japanese character display problems seen in the Windows taskbar display.
- Unknown host error message is now displayed for Secure Shell connections
Reflection X sessions configured to connect using SECURE SHELL now display the following error message when a host is unknown or the host name can't be resolved: "No such host is known".
- X Client Wizard support on newer versions of Linux
The X Client Wizard is now supported on platforms that use the path /usr/bin for common X clients.
- The XI Driver Client dialog box is now minimized by default
When the setting Auto start XI Driver Client is selected, the XI Driver Client dialog box is now minimized when you start the Reflection X Manager, and the dialog box title bar now includes buttons to support minimizing and restoring the dialog box display.
- PolyPoints drawing support on systems with nVidia video drivers
Reflection X no longer closes unexpectedly when drawing many thousands of PolyPoints multiple times on an x86 system with a current nVidia video driver.
- Fixes previously released in Reflection X 14.0 SP6.
Reflection FTP 14.0 SP7
New features in Reflection FTP 14.0 SP7:
- Preserve timestamps and file attributes during SFTP transfers
A new site-specific setting, Preserve timestamps and file attributes, is available for SFTP transfers. When this option is selected, file attributes and timestamps are not modified when files are transferred to and from the server. To configure this setting, select your site, click Security, then click the Secure Shell tab. Note: Selecting this setting sets the PreserveTimestamps in the Secure Shell configuration file.
- Configure default file attributes for uploads and downloads
You can now configure global default attributes for file transfers to and from any server using Tools > Options > Attributes. (Note: To be able to specify non-default attributes during a file transfer, go to the Site Properties dialog box. On the Transfer tab, enable Show upload options before transfer and/or Show download options before transfer.)
- Server view filter is now supported for SFTP connections
File view filters (configured using either View > Filter, or Site Properties > Directories > File view filter) are now supported for SFTP connections.
Resolved issues in Reflection FTP 14.0 SP7:
- Intermittent "File or directory not found" errors no longer interrupt transfers made using the FTP Client API
This service pack resolves a problem that caused intermittent errors in transfers made using the FTP Client API. The error interrupted program execution and reported "File or directory not found" even though the required files were present on the server and the program was able to execute successfully on many other attempts.
- Fixes previously released in Reflection FTP 14.0 SP6.
Secure Shell 14.0 SP7
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New feature in Reflection Secure Shell 14.0 SP7:
- Configure Reflection Certificate Manager to store trusted certificates in a shared location
A new option, Store trusted certificates in the common application data folder, is now available in the Reflection Certificate Manager on the Trusted Certificate Authorities tab. By default trusted roots are added to a user-specific location. When this option is selected, trusted roots are saved to the following location, which makes them available to all users of the computer:
common_application_data_folder\Attachmate\Reflection\.pki\trust_store.p12.
Notes the following:
If a shared store exists, trusted roots are read exclusively from the shared store. Trusted roots you have configured for individual user accounts no longer have any effect.·
To revert to user-specific trusted root stores after creating a shared store, you must delete or rename the shared trust_store.p12 file. If you simply clear this setting, subsequent changes will modify your personal store, but the personal store continues to have no effect on Reflection's behavior as long as trust_store.p12 is still present in the common application data folder.·
If the operating system has been configured by the administrator to deny users write access to common_application_data_folder\Attachmate\Reflection, this setting is not available to those users and they will not be able to modify items in the shared trusted root store.
Resolved issues in Reflection Secure Shell 14.0 SP7:
- CPU management for Secure Shell sessions running in Citrix environments.
Improvements have been made to how CPU is managed in Citrix ennviroments.
- Rekeying when host key is not present no longer disconnects the session.
The client now presents the unknown host key prompt if a reky occures and the host key is not present.
- Reflection Certificate Manager correctly handles removing and reinserting a token.
The PKCS #11 tab of the Reflection Certificate Manager includes a setting called Disconnect automatically when token is removed. Prior to this service pack, removing the token correctly triggered a disconnect, but reinserting it caused the client to close unexpectedly. This service pack fixes this issue; you can now reinsert your token and connect again.
- Banner text wraps correctly.
The client now correctly handles new line requests in banners displayed in Secure Shell connections. This fixes a problem that was reported with SP 6.
- scp transfer now returns non-zero return codes when an error occurs.
Prior to this service pack some failing scp transfers returned a zero error code. This was reported for transfers in which the error was "Access is denied" and "The system cannot find the path specified". These errors now return the appropriate non-zero error codes.
- Host logout is now successfully displayed during Secure Shell sessions.
This service pack resolves a problem reported with Secure Shell connections that sometimes resulted in no host logout message being displayed in the Reflection terminal window.
- Window-change requests no longer cause the Secure Shell connection to fail.
Reflection no longe sends incorrect pixel values with the client's Window-change request. This resolves a problem caused the Secure Shell connection to be terminated when using the BalaBit Shell Control Box.
- Smart card authentication no longer fails with a provider exception error for some manufacturers.
Prior to this service pack, some smartcard hardware and software configurations led to authentication failures with the error "ProviderException (11) when attempting to sign data." This problem has been resolved.
- Recursive scp copies now include the top level directory.
After execution of the command scp -r user@host:Demo, the directory "Demo" is now created on the server. Previously only files and subdirectories contained within "Demo" were copied to the server
- Password error messages from the server are now displayed.
During Secure Shell password authentication, error messages from the server are now displayed in the Reflection window.
- Authentication with a certificate stored in the Key Agent.
Authentication now succeeds when you authenticate using a valid certificate stored in the Reflection Key Agent.
- Kerberos "Use Window Logon" option is now dimmed on systems that don't support it.
The "Use Window Logon" option is not available on some 64-bit operating systems, which don't support this option. Previously, attempts to use this option on these systems caused an unexpected shutdown. The control is no longer available to set on systems that don't support it.
- Default values can now be saved to the user's configuration file.
The default value of a setting configured using the Reflection Secure Shell Settings dialog box is now written to the user-specific config file if and only if a non-default value for that setting is configured in a system-wide ssh_config file. Also, if a user adds a default value by manually editing the user-specific configuration file, the default value is honored and not removed from the user's file.
- Values from the global configuration file are no longer written to the user-specific file.
Prior to this service pack, if a global configuration file was present, any non-default values in the global file were written to the user-specific file when the user made any changes using the Secure Shell Settings dialog box. Settings configured in the system-wide ssh_config file no longer have any effect on user-specific config files.
- Remote commands that include spaces now execute correctly.
If you specify a remote command that includes spaces as part of an ssh command line, the remote command is now executed as expected.
- Fixes previously released in Secure Shell 14.0 SP6.
New Features and What's Fixed in 14.0 SP6?
The following new features and fixes are included in the Reflection 14.0 Service Pack 6. To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Note: This service pack is cumulative, and includes all of the fixes originally contained in 14.0 SP1 – SP5 (including SP2.1).
Reflection for IBM 14.0 SP6
Issues resolved in Reflection for IBM 14.0 SP6:
- Upload single-record files to AS400 using LIPI.
Single -record files can now be successfully uploaded to an AS400 host using LIPI.
- Fix for r8transferdialog.dll error when opening an .mto file from a mapped drive.
Reflection no longer closes unexpectedly when you open an .mto file from a mapped drive or an invalid .mto file.
- IND$FILE CICS file transfer with filenames that include * or ?.
The transfer buttons are now available when you configure IND$FILE CICS file transfer and select filenames containing and asterisk (*) or a question mark (?).
- FTP file transfer in sessions connecting using SSL/TLS.
FTP file transfer now works as expected in sessions configured to connect using SSL/TLS.
- Fixes previously released in Reflection for IBM 14.0 SP5.
Reflection for HP, UNIX and OpenVMS 14.0 SP6
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP6:
- HTTP proxy server support.
You can now configure connections through an HTTP proxy server. From the Connection Setup dialog box, select TELNET. Click Security, then configure use of an HTTP server using the Proxy tab. (To configure Secure Shell connections, through an HTTP or SOCKS proxy, open the Reflection Secure Shell Settings and use the Proxy tab in that dialog box.)
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP6:
- Send Break command in Secure Shell Sessions
Pressing Ctrl+Break or using the Connection > Send Break menu command now successfully sends a break signal to the host.
- Copy and paste multi-byte Unicode characters
You can now copy and paste multi-byte Unicode characters from the Reflection window into Microsoft applications without using the Paste Special option.
- Improved performance with Cache terminal
A problem with slow speed of writing data to the screen has been resolved.
- Double byte character display
Problems with double-byte character display have been resolved. Reflection now handles a dangling DBCS lead byte in last column correctly.
- Printing line drawing characters
Line drawing characters in VT sessions now print correctly.
- Unhandled Exception error no longer occurs when running VBA login macro
Reflection no longer closes unexpectedly when a shared macros file is saved using the same name in a different location.
- Smart Card reader slot ID values
Reflection now supports up to 5 numeric characters for configuring a PKCS#11 slot ID.
- Printing to Dymo LabelWriter.
Reflection now prints correctly to a Dymo LabelWriter 400 (USB) printer.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP5.
Reflection X 14.0 SP6
New features in Reflection X 14.0 SP6:
- Support for sharing XInput access with other devices (such as a SpaceBall or SpaceMouse).
A new setting called Use exclusive grab is available in the XInput Extension Advanced Settings dialog box (Settings > Server > Extensions > XInput). Clear this setting and select Ignore extension devices to allow other applications that use the XInput extension (such as Catia V5 or Google Earth) to have access to the extension when those applications have window focus.
Issues resolved in Reflection X 14.0 SP6:
- Cut, copy, and paste in Citrix environment.
You can now copy and paste between most X Windows applications and Windows applications when running in a Citrix environment. Note: With some X clients, this support is not available. In this case, click on the Citrix window desktop to cause Reflection X to lose focus, then click in the local desktop window and paste.
- Running multiple xterm windows using Secure Shell.
When Secure Shell connection reuse is enabled and multiple xterm windows are started, you can now successfully launch X clients from the first window. This resolves a problem that generated an error messages saying "connection broken" , and "explicit kill or server shutdown."
- Reflection window restores correctly from the taskbar on Vista.
The Reflection X root window now restores with a single click on the taskbar icon.
- X Screen Settings panel is now fully compatible with Window-Eyes.
All controls in the screen settings panel are now spoken by the Window-Eyes application.
- X Client Wizard closes correctly when running on 64-bit Vista and Windows Server 2008.
Closing the X Client Wizard no longer generates an unhandled exception in rxwizard.exe.
- All single-row Microsoft fonts are now correctly aligned.
Reflection X now exports correct character metrics for all single row MS fonts, not just iso8859-1 and iso8859-15 fonts.
- Fix for redraw behavior with the "Open Access" version of Cadence Virtuoso.
Large stippled rectangles drawn to 1-bit deep pixmaps no longer reverse black and white.
- Command line options can be specified in any order.
Reflection X successfully processes command-line options regardless of the order in which commands are specified.
- Enter double-byte characters using the Local IME option.
Reflection X no longer closes intermittently when using the Local IME option in a Japanese locale.
- Correct display of taskbar titles.
This service pack fixes a number of problems seen in the display of taskbar titles when the window title involves a mix of double-byte and ASCII characters.
- Support for Japanese character display in Unicode-enabled xterm sessions.
This service pack adds the Japanese iso10646 Unicode font to the \fonts\utfmisc folder located in the Reflection X program files folder. This provides support for display of Japanese characters in uxterm sessions.
- Rxstart.exe no longer consumes a high percentage of the CPU during password dialog box display.
When Reflection X is configured to connect using Secure Shell, rxstart.exe no longer consumes a high percentage of the CPU load while a dialog box requesting user input is displayed.
- Instances of rxstart.exe now terminate when a Secure Shell session is closed.
When Reflection X is configured to connect using Secure Shell, additional instances of rxstart.exe no longer continue to run after the session is terminated.
- Fix for slow screen redraw at high levels of zoom.
This service pack improves rendering performance when switching between images that use large, complicated pixmap clips.
- IPID host support.
When Use IPID host is selected in the Network Settings panel, Reflection X now uses the IPID client to obtain an IP address. If the IPID client is unable to obtain an address, then Use IPID host is cleared, and Autodetect network interface is selected.
- Exit from CDE sessions created using Xsession.
Reflection X now shuts down or resets at the end of a CDE sessions that has been manually initiated (not started from the dtsession daemon but from running the Xsession shell).
- Error RX278 is no longer displayed when you attempt to launch using an .rxc file.
Double-clicking an .rxc file or clicking a shortcut to an .rxc file no longer results in the following error when Reflection X is not running: "The Registry key specified (path\filename.rxc) is invalid. Using the 'config' Registry key. (RX278)."
- Correct reporting for error RX281.
When error RX281 occurs, Reflection X no longer shows information for error RX279.
- Additional font aliases.
This service pack integrates additional aliases for Windows ANSI fonts.
- Fix for window focus problems seen with some java applications.
Windows created by some java applications compiled with 1.6 now receive focus properly. This fixes a problem seen when Reflection X is running in multiple-window mode and there is no remote window manager.
- Fixes previously released in Reflection X 14.0 SP5.
Reflection FTP 14.0 SP6
New features in Reflection FTP 14.0 SP6:
- HTTP proxy server support.
You can now configure FTP connections through an HTTP proxy server. From the Connect to FTP Site dialog box, click Security, then configure use of an HTTP or SOCKS server using the Proxy tab. (To configure Secure Shell SFTP connections, through an HTTP or SOCKS proxy, open the Reflection Secure Shell Settings and use the Proxy tab in that dialog box.)
- New settings for configuring download and upload options before each transfer.
Two new settings are available on the site properties Transfer tab: Show download options before transfer and Show upload options before transfer. Enable these settings to be queried for the transfer method (for example, ASCII or binary) and and file properties (UNIX attributes or Windows read-only or hidden properties, depending on the server) before each transfer. Note: The FTP server must support the SITE UMASK command for the attributes settings to succeed on uploads.
- Configure default permissions for uploaded files.
You can now specify an initial umask value to send to the server upon connection. The FTP server must support the SITE UMASK command for this setting to succeed. This value modifies the default permissions attributes set on subsequently created files. From the Connect to FTP Site dialog box, go to Properties > Connection > Initial umask. Note: This setting is not available for SFTP connections.
- IPv6 support.
You can now specify host names using IPv6 addresses.
Issues resolved in Reflection FTP 14.0 SP6:
- Changing "Use structured listing data" no longer causes unexpected shutdown.
Changing the Use structured listing data setting (Security > Secure Shell) no longer cause the client to shut down unexpectedly. This fixes a problem that was reported when configuring settings to some SSH servers.
- Error message is no longer displayed after canceling an SFTP put command.
The FTP Client now does not display a Secure Shell error message when you cancel a file upload.
- HTTP proxy connections work when in PASV Mode.
Configuring connections using PASV mode with an HTTP proxy no longer leads to a timeout and error message.
- Fixes previously released in Reflection FTP 14.0 SP5.
Secure Shell 14.0 SP6
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New features in Reflection Secure Shell 14.0 SP6:
- Support for arcfour128, arcfour256, aes128-ctr, aes192-ctr, and aes256-ctr ciphers.
To provide greater security, the client now supports additional encryption ciphers. By default, the client now proposes the following ciphers in this order: "aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour".
- Support for hmac-sha256 and hmac-sha512 Message Authentication Code (MAC) algorithms.
The client now supports the hmac-sha25 and hmac-sha512 MACs. The client now proposes the following MACS by default (in this order):"hmac-sha1,hmac-sha256,hmac-sha512, hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96".
- HTTP proxy server support.
You can now configure Secure Shell connections through an HTTP proxy server. From the Reflection Secure Shell Settings, configure use of an HTTP server using the new Proxy tab.
Note: SOCKS proxy support is now configured using the new Proxy tab. (In previous releases it was configured on the General tab.)
- Support for Environment variables in configuration file settings.
You can now include Windows environment variables when you specify values for the following configuration file keywords: UserConfigDirectory, IdentityFile, PasswordFile, UserKnownHostsFile, GlobalKnownHostsFile, User, and AuthCookie. Use "%" before and after the environment variable name. For example:
IdentityFile %EnvironmentVariableFolder%\key
- IPv6 support in command line utilities.
You can now specify IPv6 host names when using the Secure Shell command line utilities. Note: IPv6 formatted IP addresses must be enclosed in square brackets. For example:
ssh user@[fec0::14:a00:20ff:feb8:1234]
- New option to add a new host key when a change to an existing host key is detected.
When the client detects a change in the host key file, you are now given the option of adding a new key to the known hosts file (using the same host name but a different IP address, port, or key) in addition to the option of overwriting the existing key.
- New CheckHostPort keyword.
Use the new CheckHostPort keyword to configure the client to check the host port in the known hosts file in addition to checking the host public key. When this keyword is set to "yes", the connection is allowed only if the host port in the known hosts list matches the port you are using for the connection. The default is "no". Note: This setting has no effect if StrictHostKeyChecking = no.
- Fixes previously released in Secure Shell 14.0 SP5.
New Features and What's Fixed in 14.0 SP5?
The following new features and fixes are included in the Reflection 14.0 Service Pack 5. To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Note: This service pack is cumulative, and includes all of the fixes originally contained in 14.0 SP1, SP2, SP2.1, SP3, and SP4.
Reflection for IBM 14.0 SP5
Note: Starting with Reflection 14.0 SP5, HiT drivers are no longer included with Reflection software media. For addition information, see KB 7021477.
New features in Reflection for IBM 14.0 SP5:
- New Setting for enabling and disabling the reference to a shared macros file.
You can now configure whether or not Reflection includes a reference to a shared macros settings file using the new setting "Automatically add a reference to Shared Macros settings file." The default value of this setting is Yes. To configure this, go to Setup > View Settings.
- New setting for enabling or disabling LISTDS command for IND$FILE transfer.
You can now configure whether or not Reflection sends a LISTDS command during IND$FILE transfer using the new setting TSO Require Member Name. Use this setting if the LISTDS command causes information to be sent to the terminal screen, which causes an application error. When set to No (the default) a "LISTDS <dataset>" is issued to determine if the dataset is a PDS. If it is, and no member name has been supplied, a new member name is created automatically based on the source file name. When set to Yes, this feature is disabled, and the user must supply a member name (for example, dataset(member)) or the transfer attempt fail with the following error: TRANS17 Missing or incorrect TSO data set name: file transfer cancelled.
Issues resolved in Reflection for IBM 14.0 SP5:
- Section 508 updates.
Updates have been made to ensure compliance with Section 508 accessibility standards.
- Alt+F6 support in Reflection ActiveX control.
Reflection now handles the Alt+F6 keystroke combination correctly when it is running as an ActiveX control.
- SaveSettings method.
This service pack resolves problems seen when running macros and saving settings files that use the SaveSettings method.
- DBCS printing.
This service pack resolves a printing issue that was seen when Reflection is configured for 5553 DBCS printer emulation and the print job contains wide columns. Reflection now acknowledges a single FormFeed character from the host.
- Opening multiple sessions in quick succession using third-party software.
Reflection can now handle multiple synchronous calls issued by HLLAPI clients. This resolves a problem that was reported when opening several sessions in quick succession using the eSSO single signon solution.
- JOIN BY statement in LIPI File Transfer.
LIPI file transfers that use the JOIN BY statement no longer generate the error "Spaces not allowed in library, file, or member names."
- Show Host Files with Visara controller.
The file transfer Show Host Files feature now works correctly when you are connected through a Visara controller and logged onto TSO.
- Support for mapping additional valid DBCS characters.
You can now map DBCS characters that were previously not supported in the Reflection DBCS Translation Table Editor.
- Fixes previously released in Reflection for IBM 14.0 SP4.
Reflection for HP, UNIX and OpenVMS 14.0 SP5
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP5:
- New Setting for enabling and disabling the reference to a shared macros file.
You can now configure whether or not Reflection includes a reference to a shared macros settings file using the new setting "Automatically add a reference to Shared Macros settings file." The default value of this setting is Yes. To configure this, go to Setup > View Settings.
- Configure ambiguous-width Unicode characters to be displayed as wide characters.
Use the new setting Ambiguous Width Unicode Chars Are Always Displayed as Wide. To configure this, go to Setup > View Settings.
- Configure Reflection to clear the user name from memory immediately after a connection closes.
This feature is available for Secure Shell connections. Use the new setting Cache Secure Shell User Name. To configure this, go to Setup > View Settings. When this setting is Yes (the default), the user name remains in memory after the client disconnects and users can reconnect without re-entering their user name. The user name remains in memory until Reflection closes and can be seen using the read-only setting Connection Setting UserName. When this setting is No, the user name is cleared from memory when the client disconnects, and users must re-enter their user name for each connection.
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP5:
- Section 508 updates.
Updates have been made to ensure compliance with Section 508 accessibility standards.
- Configure serial port connection on 64-bit Windows.
Reflection running on a 64-bit version of Windows now supports connections using a serial port.
- Copy and paste problems introduced in SP4 are resolved.
This service pack resolves some copy and paste problems that were introduced in Service Pack 4.
- Save settings to a file that includes a locked VBA project.
You can now update and save settings in a settings file that includes a locked VBA project.
- Host logout is now successfully displayed.
This service pack resolves a problem reported with Telnet connections that sometimes resulted in no host logout message being displayed in the Reflection terminal window.
- Terminal type negotiation during Telnet negotiations.
Reflection now sends a "WILL TERMINAL TYPE" to the server with the initial Telnet negotiation packet.
- Reflection for the Web metering server support.
Reflection now runs correctly when it is installed on a computer configured for metering by the Reflection for the Web metering server.
- Connection directory allows configurations with no user name.
If you are configuring Rlogin or Secure Shell connections using the Connection directory (a prior version feature), you can now specify just the host name with no user name. You will be prompted for the user name when you connect.
- Launch Reflection on Vista in some scenarios when other software is running.
You can now launch Reflection on a computer running on Windows Vista when certain other software programs (including Dell Support Center) are running.
- SOCKS sessions no longer disconnect with unknown packet error.
This service pack resolves problems that caused SOCKS connections to become disconnected with an unknown packet error in some environments with a slow server response time.
- Saving changes to fonts.
Saved changes to terminal window fonts are now preserved correctly for all terminal types.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP4.
Reflection X 14.0 SP5
New features in Reflection X 14.0 SP5:
- New startup parameter: Set timeout option for XDMCP.
The new -xdmcptimeout parameter can be used in conjunction with the -b, -d, and -i options to set an XDMCP timeout when initiating XDMCP from the command line. If not specified, the timeout defaults to 15 seconds.
Syntax: -xdmcptimeout <number> (where number is number of seconds)
Example with timeout set to 30 seconds: "C:\Program Files\Attachmate\Reflection\Rx.exe" -xdmcptimeout 30 -d <host>
- Upgrade enhancement: Upgrade installed x32 Reflection X to a newer x64 version.
You can now use the Reflection X x64 Installer package to upgrade an older x32 Reflection X product that is running on an x64 platform. The upgrade converts Reflection X x32 to the new x64 version of Reflection X 14.0.5.
- New check box: Use retained fonts.
The new Use retained fonts check box allows users to control whether Reflection X will use cached font server fonts. By default Reflection X looks for cached fonts and uses them. Previously, Reflection X always implicitly looked for the fonts and used them if found.
- New startup parameter: Assign template status to an *.rxs settings file that is not stored in the default templates directory.
The new -template startup option can be used in conjunction with the -s option to specify that Reflection X should treat the settings file used to start the X server as a template, and that all settings previously associated with that server should be deleted.
Example: "C:\Program Files\Attachmate\Reflection\Rx.exe" -template -s "C:\Documents and Settings\larry\<file>.rxs"
Using this option guarantees that when the X server is started, a predictable set of X server settings are used. Settings in the -template server settings file are honored every time the file is launched with this switch. Server settings that are not in the file will inherit application default values.
- New templates available to display X clients from VMS hosts.
Four new templates can be used to obtain X application displays from X clients running on VMS hosts over Telnet or SSH. To obtain the templates see KB 7021798.
Issues resolved in Reflection X 14.0 SP5:
- Microsoft fonts now correctly aligned in programs.
When a Windows scalable font is opened, Reflection X now creates font property atoms filled in with default or computed values when those values were not explicitly set by the client when it specified the XLFD name. For example, when the client specifies 0 for point size, pixel size, and width, Reflection X will compute values and report those in the font property atoms. This behavior now matches what Reflection X does for scalable X bitmap fonts.
- Taskbar icon and popup menu character corruption fixed.
Reflection X now shows window titles in icons correctly in X desktop mode in both Japanese and Chinese locales.
- Local IME now enters Japanese characters in GNOME text editor (gEdit).
When pasting Japanese characters in the GNOME text editor (gEdit), Reflection X now uses the current Windows cursor location as the insertion point. There is no reliable way to determine the insertion point for gEdit based on X protocol received.
- Zooming/Unzooming in Synopsys CATS application now works correctly.
Rapid zooming and unzooming in Synopsys CATS application no longer causes Reflection X to crash.
- Section 508 updates.
Updates have been made to ensure compliance with Section 508 accessibility standards.
- Dimensions of Xscreens in a multi-monitor PC environment are now calculated correctly on secondary monitors.
Screen mm width and height now account for virtual screen sizes and screens that span multiple monitors.
- When using a multiple monitor system, it is now possible to drag the X terminal desktop to a second monitor.
Panning no longer forces an X terminal desktop root window back to a specific monitor even though it was configured to be placed initially on a specific monitor.
- A single button click from Vista taskbar now restores a minimized X root window.
On Vista systems, a minimized Reflection X root window is now restored with a single click on the taskbar button.
- Font logging now identifies font file name when font is found on a font server.
Reflection X now logs the font file name when font logging is on and the font was retrieved from a font server.
- Restored ability to launch Reflection X from the command line without GLX enabled.
The -noglx command line option now functions correctly, launching Reflection X without GLX enabled.
- "Create a shortcut when saving X client files" check box can now be cleared to disable this functionality.
When you clear the "Create a shortcut when saving X client files" check box and click OK, Reflection X now saves the changed state.
- Use of %#% macro no longer causes VMS connections to fail.
On all hosts, the display macro now sends the IP address and display number to the host. The macro no longer includes the screen number in information sent.
- Resolved problem waiting for unresponsive font server.
Reflection X no longer waits indefinitely on an unresponsive font server. When a font server stops responding, Reflection X will put the client to sleep and intermittently check to see if the font server is available. When it becomes available Reflection X will wake the client and allow it to continue where it left off.
- Fixes previously released in Reflection X 14.0 SP4.
Reflection FTP 14.0 SP5
Issues resolved in Reflection FTP 14.0 SP5:
- Section 508 updates.
Updates have been made to ensure compliance with Section 508 accessibility standards.
- Transfer of compressed zip files in SFTP connections.
Users without local administrative rights can now successfully transfer folders containing compressed zip files when the FTP Client is configured to use SFTP transfer.
- Wildcard support for the OpenDirectoryListing method.
Using the OpenDirectoryListing method with an asterisk (.OpenDirectoryListing "*" ) now works as expected.
- Fixes previously released in Reflection FTP 14.0 SP4.
Secure Shell 14.0 SP5
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New features in Reflection Secure Shell 14.0 SP5:
- Set environment variables on the remote host.
From the Reflection Secure Shell Settings dialog box, click the new Host Data tab. Under Environment variables, click Add to specify a new variable and value. (This change is saved to the Secure Shell configuration file using the SendEnv keyword.)
- Specify one or more commands to execute on the remote server.
From the Reflection Secure Shell Settings dialog box, click the new Host Data tab. Use the Command text box to specify one or more remote commands. Use a semi-colon (;) to separate multiple commands. (This change is saved to the Secure Shell configuration file using the RemoteCommand keyword.)
Issues resolved in Reflection Secure Shell 14.0 SP5:
- scp -r transfers continue after permission denied error.
The client now continues to transfer the remaining files and folders after a "permission denied" error occurs during an scp -r transfer.
- Client searches for global known host keys during a rekey exchange.
During a rekey exchange, the client now searches for the host key in the global known hosts file in addition to the user-specific known hosts file.
- Source file is not deleted after a scp -u transfer fails.
When an scp -u transfer fails, the source file is no longer removed from the remote host.
- Enforce Fips Mode from the command line.
You can now enforce FIPS-approved ciphers and MACs from the ssh command line using ssh -o FipsMode.
- Batch transfers with scp and sftp no longer fail with packet too long error.
Batch transfers made using the scp and sftp command line utilities no longer fail with a packet too long error when a packet exceeds the expected length.
- rsshe.exe processes no longer remain after multiple scp and sftp commands.
Executing multiple, simultaneous scp and sftp batch files no longer results in several rssh.exe processes left running after the scp.exe and sftp.exe processes have completed.
- The expected error is now returned when scp -r transfer fails.
When an scp -r transfer fails because the folder doesn't exist, the client now returns an error.
- Support for using scp with a folder name.
The scp command now correctly handles commands that specify a folder name rather than a file name on the command line.
- Import trusted root certificates that contain UTF-8 strings.
The client can now import trusted root certificates that contain UTF-8 strings. If a parsing error occurs when loading a certificate, the client logs the error and continues running.
- Support for -k and -o UserKnownHostsFile.
The -k and -o UserKnownHostsFile options now work as expected with the ssh2, sftp2, and scp2 command line utilities.
- Warning message for sftp rename of an existing file.
The sftp command line utility now warns users when you attempt to rename a file using an existing filename.
- Preservation of timestamp on read-only files.
The timestamp is now preserved when you download read-only files from the remote server using scp -p.
- Warning messages from the command line no longer display in a pop-up window.
When the ssh command line utility is used with StrictHostKeyChecking set to yes, warning messages for failed connections are now displayed in the command window rather than in a pop-up. This change enables scripts to run without requiring user intervention.
- Japanese character support for scp transfer.
Transfers made using scp no longer fail when certain Japanese characters are used in the file or folder name.
- The "user@" syntax is no longer required for scp2.
The scp2 command line utility no longer requires you to include user@ with the host name.
- Fixes previously released in Secure Shell 14.0 SP4.
New Features and What's Fixed in 14.0 SP4?
The following new features and fixes are included in the Reflection 14.0 Service Pack 4. To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Note: This service pack is cumulative, and includes all of the fixes originally contained in 14.0 SP1, SP2, SP2.1, and SP3.
Reflection for IBM 14.0 SP4
New feature in Reflection for IBM 14.0 SP4:
- New Setting: "Allow unpaired SI"
This setting is off by default. When set to 'Yes', unpaired SIs do not result in a XPROG 750, but are also not marked as being part of a SO/SI subfield.
Known issue in Reflection for IBM 14.0 SP4:
- If you are using VBA projects, refer to Technical Note 2364.
Issues resolved in Reflection for IBM 14.0 SP4:
- Cannot open a transfer request file on a mapped drive.
This service pack fixes a problem that caused Reflection running on VISTA to crash when you opened a transfer request file (mto) with the local folder pointing to a mapped drive.
- File transfer to the Mainframe via IND$FILE fails with TRANS13 error.
This service pack fixes a problem reported for transfers using IND$FILE structured field file transfer. Transfers presented a Transfer in Progress dialog box and the message, "Transfer failed: TRANS13 Error writing file to host: file transfer canceled"
- Closing the Configure PKI dialog box enables "Use OCSP".
Closing the Configure PKI dialog box using the OK button enabled the Use OCSP setting and caused connections to fail. This service pack fixes this problem.
- Unable to perform a 5250 File Transfer over a secure connection when host name does not match certificate.
When attempting a 5250 file transfer over a secure connection, the connection failed if the Host name did not match the Host name in the certificate even when "Certificate host name must match host being contacted" was not selected. This service pack fixes this problem.
- Reflection crashes with SQL transfer of variable length fields.
This service pack fixes a problem that caused Reflection to crash in module r8xfrpcs.dll when transferring variable length fields.
- 5250 File Transfer download with physical file containing varchar fields creates an inaccurate .FDF file.
This service pack fixes this problem.
- Fixes previously released in Reflection for IBM 14.0 SP3.
Reflection for HP, UNIX and OpenVMS 14.0 SP4
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP4:
- New event type: "Before a connection is made"
You can now configure Reflection to execute actions before a connection is made. To do this, go to Setup > Events > New. Under Event Type, select "Before a connection is made."
- New setting: "Copy Unicode to Clipboard in Addition To Text"
When this setting is True (the default) Reflection copies both unicode and text to the clipboard. When it is False, Reflection copies only the text of the display memory to the clipboard. Setting this to False can speed up the copy command. To change this setting, use Setup > View Settings.
Known issue in Reflection for HP, UNIX and Open VMS 14.0 SP4:
- If you are using VBA projects, refer to Technical Note 2364.
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP4:
- Reflection running on VISTA hangs during selection of text.
This service pack fixes this problem.
- Reflection crashes when closed by Windows Task Scheduler.
Reflection no longer crashes with an application error when closed by the Windows Task Scheduler. Note: Even with this fix in place, the best practice is to use Reflection commands to close the application exit rather than using the Task Scheduler.
- Canceling the phone number prompt causes an error in rcom.dll.
This service pack fixes this problem.
- R2win.exe crashes when closing session connected to HP-Tru64 using VT420 mode.
This problems was caused by an off-by-one error in VT UDK escape sequence processing. This service pack fixes this problem.
- Host application problems during Secure Shell sessions due to extra window change messages.
This service pack fixes a problem that caused some host application problems when running Secure Shell sessions in the Reflection terminal window. In one reported case the host prompt was displayed before the user pressed the Enter key, which resulted in an error message from the server. The Reflection GUI client was sending an extra Secure Shell window change message after connecting. With this fix, extra window change messages are not sent.
- Edit > CopyTable command does not work properly.
This service pack fixes this problem.
- GetMacroList causes Reflection session to crash.
In settings files with a large number of subroutines, executing GetMacroList could cause the Reflection session to crash. This service pack fixes this problem.
- Possible Reflection crash in module GDI32.DLL on some German Operating Systems.
This service pack fixes this problem.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP3.
Reflection X 14.0 SP4
New features in Reflection X 14.0 SP4:
- New Display setting: Ignore Windows taskbar.
This Service Pack contains a new setting called Ignore Windows taskbar (Settings menu > Display). When this setting is disabled (the default), Reflection X creates a root window that does not intersect the Windows taskbar. When this setting is enabled, Reflection X creates a root window that uses the entire area of the primary monitor (as long as no virtual size is specified that would cause different dimensions to be used). The size, location, and state of the Windows taskbar are ignored.
- Warning dialog box enhancements.
Additional information has been added to the warning dialog box that displays when certain types of system changes occur, such as a change in the size of the desktop work area or a change in color depth. In addition, when there's a change to desktop work area, the warning dialog box that appears has a check box that enables the decision to be remembered until Reflection X is shut down.
- GLX version 1.4 now supported.
This Service Pack adds support for GLX, version 1.4.
- Support added for 3D texture in the OpenGL extension.
Starting with this Service Pack, when you enable the GLX extension (Settings menu > Server > Extensions), Reflection X advertises GL_EXT_texture3d.
Issues resolved in Reflection X 14.0 SP4:
- Issue fixed with multiple, identically named .rxs files.
In previous versions of Reflection X, when two .rxs files with the same base name in different locations were used with Reflection X shortcuts, it was not clear to the user which .rxs file settings were in effect. Both .rxs files were associated with the same Reflection X server instance. A change provided with this Service Pack fixes this issue. Now, there is a one-to-one mapping between .rxs files and server instance names. In the case where there's an existing mapping and a second .rxs file is introduced, the second .rxs file becomes associated with the server instance and the association with the first .rxs file is removed.
- Window name correctly displayed.
In earlier versions, Reflection failed to correctly show some window names for CDE sessions whose locale was set to ja_SP.SJIS. This issue has been fixed.
- Interactions with unresponsive font server refined.
When a font server becomes unresponsive, Reflection X will no longer wait indefinitely for a reply from the font server. Now, Reflection X will sleep the client that is causing it to communicate with the font server and intermittently check to see if it has become available. When the font server becomes available, Reflection X will wake the client and allow it to continue where it left off.
- Diagonal lines now correctly drawn when Perfect pixelization enabled.
Reflection X now consistently draws correct solid, zero-width diagonal lines when Perfect pixelization (Settings menu > Speed) is enabled.
- Hide button added to Host Response dialog box for SSH connections.
In earlier versions, closing the Host Response dialog box for an SSH connection resulted in SSH connections being terminated. Now, for SSH connections, there is a Hide button in the Show Host Response dialog box. This allows users to remove the dialog box from view without affecting the connection.
- DBE protocol output added.
To enhance protocol traces, DBE protocol processing has been added.
- Problem connecting to Sun OpenWindows desktop in MS Windows desktop mode fixed.
Previously, Reflection X was unable to iconify an olwm-managed window while in Microsoft Desktop mode. This problem has been fixed.
- Issues with host-based security resolved.
In previous versions, Reflection X would disable Host-based security if no valid hosts were listed in the host security file. Now, when this situation occurs, Host-based security continues to be enabled.
- Font aliases added.
Font aliases have been added to enhance Reflection's compatibility with certain WindU/Bristol X-based applications.
- Support added for several OpenGL enumerants.
This Service Pack includes support for several OpenGL enumerants that were missing in earlier versions.
- Issue with disabled X Manager and multiple server instances resolved.
In previous versions, multiple server instances were not allowed to start if the Reflection X Manager was disabled via the Profiler or the "-nc" command line switch. Now, each subsequent server instance is allowed to start and is given a notification tray icon for server management functions.
- Problem related to shift key + number pad key fixed.
Starting with this Service Pack, when you use a shift key in combination with a number pad key, extraneous Microsoft Windows-generated key release and key press events are ignored.
- Fixes previously released in Reflection X 14.0 SP3.
Reflection FTP 14.0 SP4
New feature in Reflection FTP 14.0 SP4:
- Edit server files.
You can now edit server files directly from the server pane display. To do this, right-click on a server file and select Edit. The FTP Client downloads the file to your system and opens the associated editor. When you save and close the file, the FTP Client uploads it back to the server.
Issues resolved in Reflection FTP 14.0 SP4:
- Connection failure when using the Reflection for the Web security proxy.
The FTP Client can now connect correctly through the proxy server when client authorization is enabled on the proxy.
- FTP Client reports the security proxy thumbprint incorrectly.
The thumbprint of the Reflection for the Web security proxy server certificate is now correctly reported by the client.
- Double-clicking a server file overwrites an existing local copy of the same file.
When you double-click a server file to view it, the client downloads a copy of file. Prior to this fix, this action would always overwrite an existing local file with the same name regardless of the If File Exists setting. With this fix, the client honors your If File Exists setting. Note: Update and Unique are not used when downloading to view server files. If either of these preferences is set, users are asked if they want to download the server file if a file of the same name already exists.
- Unable to connect to an HP3000 server via socks server.
This service pack fixes this problem by allowing passive mode connections to HP3000 servers.
- Problems navigating using double-click in the local pane.
On Windows 2000 systems, double-clicking in the local pane opened a folder in a new Explorer window rather than navigating through the FTP client local pane. This service pack fixes this problem.
- Fixes previously released in Reflection FTP 14.0 SP3.
Secure Shell 14.0 SP4
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New feature in Reflection Secure Shell 14.0 SP4:
- Support for configuring key algorithms.
You can now specify which key exchange algorithms the client supports, and the order of preference. To configure this, open the Reflection Secure Shell Settings dialog box and use the Encryption tab. The keyword used to configure this setting is KexAlgorithms.
- Error messages provide more information.
Secure Shell error messages now include much more detailed information that can be used to facilitate troubleshooting.
- sftp command-line support for getext and setext.
You can now use getext and setext with the sftp command line utility to view and set file extensions that will use ascii transfer.
Issues resolved in Reflection Secure Shell 14.0 SP4:
- Command line utilities don't support input from a file.
You can now supply commands to command-line utilities using an input file as shown in this example:
C:\> ssh -T joe@myhost < c:\filepath\demo.bat
- Client crashes when the network connection is lost during an SFTP session.
This service pack improves the way the client handles loss of a network connection.
- sftp2 error: "Couldn't get handle: No such file or directory."
This service pack fixes a problem that led to the above error message when putting files to a chroot account on HP-UX 11.1 using the sftp2 command line utility.
- scp fails with some Japanese characters in file or folder name.
This service pack fixes this problem.
- scp transfers generate errors for every file when Windows server folder isn't found.
The client now displays only one error message when scp and scp2 transfers are directed to a folder that doesn't exist on the server.
- Reflection and F-Secure return codes are different.
The return codes displayed for the ssh2, scp2, and sftp2 command line utilities now match those returned by prior version F-Secure products.
- scp -u switch is now documented.
The scp -u switch can be used to remove a file after copying with the scp or scp2 command line utility. Previously this switch was supported but not documented. It is now included in the command line usage you see when you enter "scp -h" or "scp2 -h".
- Client (ssh.exe) is not accepting all data from COM server (rssh.exe).
When attempting to connect from a WinCvs client to a CVS repository via the client; the WinCvs client appeared to hang during the connection process. The client could be interrupted, but never displayed the archive. This problem has been resolved.
- Command line sessions display warning messages in popup windows.
In order to facilitate scripting, warning messages are now displayed in the cmd.exe window rather than in popup windows that require user interaction.
- ssh cannot correctly set the host character set.
The HostCharacterSet keyword now sets the specified host character set when code page support is available.
- Key upload feature does not recognize latest Tectia server.
Keys are now uploaded correctly to Tectia servers.
- Cannot pipe debug output to a file using the command line utilities.
The client now correctly handles redirection of debug output to a file on the command line, as shown here:
ssh -vvv user@host > logfile.txt 2>&1
- sftp and sftp2 don't return an exit code of 0 after successful transfer.
This service pack fixes a problem that caused the sftp quit command to set a non-zero return value.
- sftp batch file execution stops if one of the batch commands fails.
sftp batch file execution now continues even if one of the batch commands fails. The exit code is 0 for successful execution of the batch file, with no command failures. With command failures the exit code is 1.
- Fixes previously released in Secure Shell 14.0 SP3.
New Features and What's Fixed in 14.0 SP3?
The following new features and fixes are included in the Reflection 14.0 Service Pack 3. To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Reflection for IBM 14.0 SP3
New features in Reflection for IBM 14.0 SP3:
- Support for double-byte character input in an AS400 single-byte field.
A new setting is available to support double-byte character input in an AS400 single-byte field. To enable this setting, go to Setup > View Settings > 5250 Allow DBCS in SBCS field.
- Support for non-alpha leading character in the host file name for a CICS file transfer.
A new setting is available to support use of a non-alpha leading character in the host file name. To enable this setting, go to Setup > View Settings > Allow Leading Digit in CICS Host Filename.
- Support for IME mode changing depending on field attributes.
A new setting is available which enables the Reflection input method editor (IME) to behave identically to the Korean Extra Universal Client IME. When this setting is enabled, the IME changes mode depending on the current field attributes. In a DBCS field, the IME switches to DB Hangul; in a SBCS field, it switches to single byte English. To enable this setting, go to Setup > View Settings > Korean EUCC IME Behavior.
Issues resolved in Reflection for IBM 14.0 SP3:
- Adding a VBA reference to a settings file removes recorded macros.
Prior to this fix, adding a reference to a Reflection settings file caused macros recorded in the referenced file to be removed if they had the same name as macros saved in the local settings file.
- Reflection shuts down unexpectedly after you add a VBA reference.
This patch resolves a problem that caused Reflection to close down unexpectedly when references were added to another Reflection settings file.
- SSL connections fail with version 1 certificates.
Reflection now supports version 1 certificates.
- Problems with Level 2 password authentication in the file transfer dialog box.
With QPWDLVL=2 on the AS/400, a new, stronger algorithm for creating passwords is used, which supports longer and case-sensitive passwords. The Reflection Transfer utility now correctly handles these passwords.
- Fixes previously released in Reflection for IBM 14.0 SP2.
Reflection for HP, UNIX and OpenVMS 14.0 SP3
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP3:
- FTPUseSftpStructuredListing setting.
This setting is relevant when you have established a Secure Shell session and set the file transfer protocol to "FTP". (In this configuration Reflection uses SFTP file transfer.) This setting specifies which data list style Reflection uses to generate the directory display. Changing the value of this setting may help troubleshoot file transfer problems. When it is set to No (the default), Reflection uses the standard UNIX-style data list. When it is set to yes, Reflection uses the structured data list style. To change the value of this setting, go to Setup > View Settings > FTPUseSftpStructuredListing.
- SSHPassword property.
Use this new property to configure the password for Secure Shell connections. It does not affect other connection types. For example, in a Reflection session that is configured to connect to your host using Secure Shell, the following macro connects to the host and sends the specified password.
Sub ConnectWithPassword()
Session.SSHPassword = "mypassword"
Session.Connect
End Sub
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP3:
- Euro character not available in the ISO Greek host character set.
Reflection now supports the Euro character (€) when Host character set is set to ISO Greek (8858-7).
- Reflection crashes with very long command line.
Reflection no longer crashes when started from the command line with an extremely long parameter list.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP2.
Reflection X 14.0 SP3
New features in Reflection X 14.0 SP3:
- Exit behavior enhancement.
Reflection X will now fully exit from a CDE session that was manually launched from a dtsession process (instead of from a dtlogin process).
- X Screen Settings enhancement.
If you want Reflection X to handle the calculation of mmWidth and mmHeight values, enter 0 (zero) for Width and Height in the Dimensions (mm) area of the X Screen Settings dialog box (Settings menu > X Screen). If you enter a value other than 0, Reflection X will use that value when it responds to X clients. This affects the "resolution" field ( you can see this when you use a client like xdpyinfo).
Issues resolved in Reflection X 14.0 SP3:
- Duplicate mouse and keyboard events no longer sent.
Reflection X will no longer send mouse and keyboard events that are duplicates of the previous mouse or keyboard events
- Artifacts no longer left.
Reflection X will no longer leave artifacts in a window with a PseudoColor visual that has been occluded and has save unders enabled.
- GLX issues fixed.
Reflection X will now perform correctly when a GLX render context is made current with a GLX pixmap.
- Timing enhanced for VMS host connections.
To resolve timeout issues, there is now a small but arbitrary amount of time between when Reflection X sends a command to a VMS host and when it reads the host's response while connecting via REXEC and RSH.
- X windows now redrawn correctly.
When Reflection X is in X terminal desktop mode, X windows that are dragged off screen, then on screen, are now redrawn correctly.
- Reflection X 64-bit: problems related to XLFD look-ups resolved.
The 64-bit version of Reflection X will no longer crash when it attempts to supply default resolution values while looking up an XLFD.
- Remote Assistance issue fixed.
You no longer need to reset or restart Reflection X when Remote Assistant attempts to connect.
- Korean characters now correctly displayed.
Strings that contain Korean characters are now correctly displayed in window titles, the Windows taskbar icon, and on the Alt-Tab dialog.
- "Tunnel X11 connections" can now be disabled.
In earlier versions of Reflection X that used the Secure Shell connection method, Tunnel X11 connections was enabled by default, appeared to be editable, but in fact could not be changed. After this patch is applied, the user interface will show the actual state of the setting and the setting can be disabled. To change this setting: Secure Shell connection method > Advanced button > Tunneling tab. Note that clearing this setting means that Secure Shell is used for authentication only; X11 data is sent in the clear.
- Excessive CPU usage with Secure Shell connections addressed.
Client connections that used the Secure Shell connection method sometimes resulted in excessive CPU usage. This problem has been fixed.
- Enhancement for updating AIX "time_last_login" field.
On an IBM AIX X client host, if you need the "time_last_login" field in /etc/security/lastlog updated on a successful login using the SECURE_SHELL method, then you will need to set a Reflection X registry key.
To set the necessary registry key:
- On the Reflection X Settings menu, click View Settings.
- In the Search box, with Dialog format set to Registry keyname, type ssh and then click on SSHUsePty in the Reflection settings control.
- Click Yes and then OK.
If the value for SSHUsePty key is the default (No), then a successful login to IBM AIX hosts using the SECURE_SHELL method will not update the "time_last_login" field in /etc/security/lastlog.
- Fixes previously released in Reflection X 14.0 SP2.1 and Reflection X 14.0 SP2.
Reflection FTP 14.0 SP3
New features in Reflection FTP 14.0 SP3:
- "Use IPV6" setting.
A new setting, Use IPV6, has been added to the Connection tab in the Site Properties dialog box. Options are Always, Never, When Available. The default is When Available. Previously IPV6 support was configurable using the command window, and this technique is also still available.
- "Connect through NAT server" setting.
A new setting, Connect through NAT server, has been added to support SSL/TLS connections through a NAT proxy server. To configure this setting click the Security button, then click the SSL/TLS tab.
- New settings for forwarding FTP data through the SSH tunnel.
Three new settings are available for configuring Reflection to forward FTP data through the SSH tunnel. Use these settings when the FTP server is on a different host from the Secure Shell server. To configure these settings, go to the Connect to FTP Site dialog box, click Security, then click the Secure Shell tab. The new settings are:
- FTP host is different than the Secure Shell host
This setting is available when Use Reflection Secure Shell and Tunnel FTP using port forwarding are selected. When this setting is selected, Reflection forwards all FTP communications securely through the Secure Shell tunnel to the Secure Shell server, then forwards data in the clear from the Secure Shell server to the FTP server.
- SSH server address
This setting is available when FTP host is different than the Secure Shell host is enabled. Use it to specify the host running your Secure Shell server.
- SSH user name
This setting is available when FTP host is different than the Secure Shell host is enabled. If the user login name is different on the Secure Shell and FTP servers, use this to specify the user name on the Secure Shell server.
Configuring these settings is equivalent to using the following ssh command line:
ssh -L FTP/<local port>:<FTP address>:21 <SSH user name>@<SSH server address>
- The FTP Open method now supports Secure Shell passwords.
The FTP Open method now supports sending passwords for Secure Shell sessions. The following sample configures a Secure Shell connection, connects to the specified host, and sends the specified user name and password.
Sub SFTP_Password_Auth()
Dim FTP As New ReflectionFTP3
With FTP
.UseSSH = True
.UseSFTP = True
.Open "myhost", "myusername", "mypassword"
End With
Issues resolved in Reflection FTP 14.0 SP3:
- Unable to deselect Encrypt data stream setting with SSL/TLS.
The FTP Client now correctly remembers the state of the Encrypt data stream setting for SSL/TLS sessions.
- Intermittant connection problems in SSL/TLS connections.
This patch fixes a problem that caused intermittent connection problems because the client was not correctly sending the AUTH TLS message.
- Modifying "Cache directory listing" fails to enable the Apply button.
In the Directories tab of the FTP Client Site Properties dialog box, modifying the Cache directory listing setting now correctly enables the Apply button on this tab.
- "Failed to load resource file ... openssh.dll" when launching using Visual Basic.
This patch fixes a problem that led to a missing openssh.dll error message when launching the FTP Client from a Visual Basic project.
- Improved local directory display performance.
This patch reduces the time it takes to display directory listings in the local pane.
- Improved remote directory display performance.
This patch reduces the time it takes to display directory listings in the server pane.
- File date is not preserved when configured for SFTP transfers.
The Preserve server file date option (available on the Transfer tab of the site properties dialog box) now works as expected for SFTP transfers.
- Fixes previously released in Reflection FTP 14.0 SP2.
Secure Shell 14.0 SP3
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New feature in Reflection Secure Shell 14.0 SP3:
- New "NoShell" configuration keyword.
When NoShell is set to "Yes", the client creates a tunnel without opening a terminal session. This option can be used in combination with ConnectionReuse to create a tunnel that can be reused by other ssh connections. You can configure this option in the Secure Shell configuration file, or using the -o command-line option.
Issues resolved in Reflection Secure Shell 14.0 SP3:
- Improved file transfer performance.
This patch includes changes that support faster SFTP and SCP file transfers.
- Improved directory display performance.
This patch reduces the time it takes to display directory listing in SFTP sessions.
- Certificate validation fails due to an unknown extended key usage OID.
Prior to this patch, server certificate validation failed if the certificate contained unknown extended key usage OIDs. These extensions are now checked during intermediate certificate validation only if they are marked as "Critical" or if you are running Reflection in DOD mode.
- Command line error messages sent to stdout.
Error messages for the ssh command-line utility are now sent to stderr.
- Additional information in sftp and sftp2 command line usage.
The sftp and sftp2 command line usage help now displays the following additional syntax for uploading files to the server: sftp [options] sourcefile [user@]host[#port]:[destination file]. This information is displayed when you use the -h command-line option.
- Blank dialog box appears during keyboard interactive authentication.
Reflection no longer displays a blank "Reflection Secure Shell Client" dialog box when you are configured to use keyboard-interactive authentication. This dialog box was introduced by changes made to the SP2 patch.
- Data display stops during Secure Shell sessions.
This patch fixes a problem that caused a halt in data display when large chunks of data are being received. Prior to the fix it was sometimes necessary to use the Enter key to view the entire display.
- Duplicate entries appear for the same user key.
This patch fixes a problem that caused Reflection to show multiple entries for the same user key when both a user-specific config file and a global ssh_config file were present on the same computer.
- Fixes previously released in Secure Shell 14.0 SP2.
What's Fixed in 14.0 SP2.1?
The following fixes are included in the Reflection 14.0 Service Pack 2.1 (SP2.1, also known as version 14.0.3558).
Note: This service pack is cumulative, and includes all of the fixes originally contained in 14.0 SP1 and SP2.
Reflection X 14.0 SP2.1
Issues resolved in Reflection X 14.0 SP2.1:
- Fixed problems with excessive CPU usage when launching a client using SECURE SHELL.
- Fixed display and cursor issues with multiple monitors.
- RX no longer requires a reset or restart when remote assistant connects.
New Features and What's Fixed in 14.0 SP2
The following new features and fixes are included in the Reflection 14.0 Service Pack 2 (SP2, also known as version 14.0.2542). To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Works with Vista Logo
All of the Reflection applications listed above are now supported on the Windows Vista platform and meet the requirements of the “Works with Windows Vista" logo specification.
Note: The Reflection NFS client, which ships with some Reflection products, is not supported on the Windows Vista platform. If the NFS client is already installed on an older Windows system that you plan to upgrade to Vista, it is strongly recommended that you uninstall the NFS client before upgrading the operating system.
Reflection for IBM 14.0 SP2
New features in Reflection for IBM 14.0 SP2:
- New setting for specifying which version to use for SSL/TLS connections.
You can now specify which SSL or TLS version to use. The choices are TLS Version 1.0 (this is the newer protocol and is the default) and SSL version 3.0. To change this setting, go to Connection > Session Setup > Security > SSL/TLS > SSL/TLS version.
- New setting for copying text from one screen to another.
You can now easily copy text from one region of a host screen to the same region on another screen. To use this feature go to Setup > View Settings. Set Retain selection to Yes. Also, set Clear selection on screen when copied to No to ensure that the selection is not cleared after the copy/append action.
Issue resolved in Reflection for IBM 14.0 SP2:
- Mainframe TSO File Transfer fails from ISPF Option 6.
Reflection was incorrectly sending a PA2 when the Show Host Files button was used to upload a file with no host file name defined. This problem has been resolved.
- Fixes previously released in Reflection for IBM 14.0 SP1.
Reflection for HP, UNIX and OpenVMS 14.0 SP2
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP2:
- New setting for specifying which version to use for SSL/TLS connections.
You can now specify which SSL or TLS version to use. The choices are TLS Version 1.0 (this is the newer protocol and is the default) and SSL version 3.0. To change this setting, go to Connection > Connection Setup > Security > SSL/TLS > SSL/TLS version.
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP2:
- Reflection events don't work in .NET.
Reflection events now fire as expected when you add a reference to a Reflection session from a .NET environment.
- Reflection does not save partial screen clears to display memory.
Reflection can now save data to display memory that is cleared using partial screen clear commands. To enable this functionality, go to Setup > View Settings, and change the new setting Save On Partial Clear to Yes.
- Incorrect Chinese character display.
Under some conditions Reflection was not displaying Chinese characters correctly. This service pack corrects UTF8 display problems with wide characters.
- Calling the StopRecordingMacro built-in function closes Reflection if recording is not in progress.
SP2 fixes a problem that caused Reflection to close unexpectedly when the StopRecordingMacro built-in function was called when recording was not in progress.
- SharedMacros error message displays when you open many sessions simultaneously.
When multiple instances of Reflection were launched at the same time, or many settings files containing macros were opened simultaneously, a message was displayed indicating that the SharedMacros settings file could not be created. This problem has been resolved.
- Reflection for HP closes unexpectedly when you process a trace (.rev) file.
SP2 corrects a problem that caused Reflection for HP to close unexpectedly when processing a trace that contained VT escape sequences.
- Fixes previously released in Reflection for HP, UNIX and OpenVMS 14.0 SP1.
Reflection X 14.0 SP2
New features in Reflection X 14.0 SP2:
- Maximum number of clients increased to 256.
Reflection X now supports up to 256 client connections. Note that the number of client connections is limited to the number of sockets (also set to 256); each client connection requires a socket, and Reflection uses sockets for other things such as font servers. For example, if Reflection has two listen sockets configured for TCP and DECnet and it's connected to three font servers, it can support 251 client connections (256 - 2 - 3 = 251).
- SHAPE server extension enhanced.
Reflection's SHAPE X server extension now supports version 1.1 and has been enhanced to expose an Input region for windows. This newly exposed region is a subset of the Bounding region that restricts which portion of the window receives mouse events. With this enhancement, portions of the window not in the Input region pass mouse events through to underlying windows.
- XI Driver Client dialog box can now be minimized.
The XI Driver Client dialog box, which allows you to confirm your X server display and 3D CAD/CAM client application profile, now has a minimize control in its title bar.
- New registry keyword for disabling taskbar flashing.
Reflection X has a new registry keyname called EnableFlashNotification (default: Yes). If EnableFlashNotification is set to No and X terminal desktop is enabled, the root window's taskbar entry will not flash when it appears in the taskbar and there is some X Window activity. Note: Registry keynames can be changed by clicking Settings > View Settings from the top menu bar in Reflection X Manager (do not click the Setting button near the bottom on the dialog box).
- New registry keyword for Citrix/Remote Desktop sessions.
Reflection X has a new registry keyword called AutoIncrementStart (default value: 1; valid values: 0-1023). AutoIncrementStart is the starting value that Reflection X uses to compute the dynamic display number when Reflection X is running in a Citrix/Remote Desktop session. Note: Registry keynames can be changed by clicking Settings > View Settings from the top menu bar in Reflection X Manager (do not click the Setting button near the bottom on the dialog box).
- Client and server template files available for download.
In addition to the client and server template files that install by default, there are templates that you can download from Attachmate's web site. For more information, see KB 7021798.
Issues resolved in Reflection X 14.0 SP2:
- Font scaling issue resolved.
A problem was fixed that occurred when "Allow font scaling" was enabled and an X client sent the protocol request ListFontWithInfo to the X server, requesting iso10646-1 encoded fonts.
- Keycode display problem corrected.
After a DEL key was mapped to the RM key of a DEC keyboard, the resulting keycode for the unshifted key was sometimes not displayed correctly. This intermittent problem has been fixed.
- Entering a non-zero value for screen dimensions.
When 0 (zero) is entered in the Dimensions (mm) text boxes (Settings menu > X Server > Configure X screen), Reflection relies on its own internal screen size calculations, drawing from a variety of sources, when responding to X clients. If non-zero values are entered in the Dimensions (mm) text boxes, Reflection will use those values, among others.
- Resized window issue fixed.
In previous versions, a window created with the PseudoColor visual that was resized after being mapped sometimes resulted in the window not being drawn. This problem has been fixed.
- Copy to Editor action now working correctly.
Previously, if a selection was in COMPOUND_TEXT format, the Copy To Editor action in the Copy Selection dialog only copied the first character to your editor of choice. This behavior has been fixed.
- "Max char width" reporting now correct.
This Service Pack fixes a problem with how Reflection reported "max char width" for Windows fonts.
- Reported resolution values for wild-carded XLFD Windows fonts now correct.
Reflection will report server default values for point size and x and y resolutions for a font in a ListFontWithInfo request if those values are not specified in its XLFD. Reflection will no longer fail to report information on a ListFontWithInfo request if the font can be found.
- Client application taskbar icons now have unique text.
In earlier versions of Reflection, when Microsoft Windows desktop was enabled as the Windows mode, the taskbar icons for each client window displayed the same information. Now, each taskbar icon displays unique information for easier identification.
- Reflection X now re-optimizes.
Reflection X will re-optimize objects that it de-optimized because of resource limits that were exceeded as imposed by the resource control in the X server's speed settings panel.
- "Enable mouse wheel scroll" available for remote desktop sessions.
In earlier versions of Reflection X, the Enable mouse wheel scroll option was not available for remote desktop sessions; it is now enabled.
- CoordModePrevious lines now correctly drawn.
Reflection X now correctly draws CoordModePrevious lines to root in IncludeInferriors mode.
- Fixes previously released in Reflection X 14.0 SP1.
Reflection FTP 14.0 SP2
New features in Reflection FTP 14.0 SP2:
- New setting for specifying which version to use for SSL/TLS connections.
You can now specify which SSL/TLS version to use. The choices are TLS Version 1.0 (this is the newer protocol and is the default) and SSL version 3.0. To change this setting, select a site in the Connect to FTP dialog box, then go to > Security > SSL/TLS > SSL/TLS version.
Issues resolved in Reflection FTP 14.0 SP2:
- Kerberized FTP connection failure.
This service pack resolves a problem that caused some FTP servers to reject the connection when Reflection FTP was configured to use Kerberos.
- Faster server file display.
Reflection FTP Client server file display has been optimized to decrease the amount of time it takes to display and refresh the server display pane.
- Difficulty disconnecting and closing the client when connected using SSL/TLS.
You can now disconnect from the server (the preferred way to terminate network connections) or close the client when connected to a site that is configured to use SSL/TLS. When you close a connected session, the client now disconnects the SSL/TLS-secured FTP connection before shutting down.
- Fixes previously released in Reflection FTP 14.0 SP1.
Secure Shell 14.0 SP2
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New feature in Reflection Secure Shell 14.0 SP2:
- Specify the signature hash used during public key authentication.
You can now specify which hash algorithm the client uses in the process of proving possession of the private key during public key user authentication. To configure this, open the Reflection Secure Shell Settings dialog box. On the Encryption tab, under Signature types, select the hash you want to use for RSA and DSA keys.
Issues resolved in Reflection Secure Shell 14.0 SP2:
- Reflection Secure Shell sessions hang when transferring large amounts of data.
This service pack fixes a problem that would sometimes cause very large (gigabyte) data transfers to hang when Reflection was configured to use the Secure Shell protocol. This problem was seen with transfers using the Reflection user interface and also using Reflection command line utilities.
- Scp error message: "Cannot download non-regular file…"
This error message was displayed incorrectly when the Reflection scp command line utility was used with the -r switch. This problem has been resolved.
- Sftp transfer hangs when GET commands use wildcards.
Sftp file transfers that use wildcard GET commands now work as expected.
- Sftp and scp cannot simultaneously access the file.
In Reflection applications running with Service Pack 1 applied, the sftp and scp clients could not simultaneously access the same local file for uploading. This problem has been resolved.
- Error message: "Expected SSH2_EXP_DATA(103) packet, got 201".
This service pack corrects a problem in the Secure Shell protocol that could cause this error message to be displayed for slow or bad network connections.
- Fixes previously released in Secure Shell 14.0 SP1.
What's Fixed in 14.0 SP1?
The following features and fixes are included in the Reflection 14.0 Service Pack 1 (SP1). To view features and fixes relevant to the Reflection product you are using or evaluating, scroll to the appropriate product name below or use these quick reference links.
Reflection for IBM 14.0 SP1
Issues resolved in Reflection for IBM 14.0 SP1:
- Cursor skips valid input fields.
On some 3270 host screens with protected numeric fields, the cursor skips valid available input fields when the user enters data that spans multiple fields. This problem has been corrected.
- OpenSettings method fails to open partial settings files.
Macros that use the OpenSettings method to open partial settings files now work correctly. For example, the command Session.OpenSettings rcKeymap, "C:\temp\sample.map" now correctly opens the sample.map keymap file.
- Error message display after selecting multiple files for file transfer.
This patch fixes a problem that caused the following error message to display after selecting multiple files in the file transfer dialog box: "Length of Transfer Remote Filenames (IND$FILE) entry (nnn) is too long. Maximum length is 260."
Reflection for HP, UNIX and OpenVMS 14.0 SP1
New features in Reflection for HP, UNIX and OpenVMS 14.0 SP1:
- Executing Host-Initiated Reflection Basic Commands Through VBA.
Reflection now supports executing host-initiated Reflection Basic commands through the VBA command interpreter. This feature can be used to resolve problems in which host-initiated Reflection Basic commands fail to launch another application or do not return from the GetSaveAsFileName method after previous execution of a Reflection Basic script. See KB 7021486 for details.
Issues resolved in Reflection for HP, UNIX and OpenVMS 14.0 SP1:
- Custom Toolbars use the wrong button images after export to XML.
Settings exported to XML now contain the correct data for customized toolbars. Previously Reflection was not correctly storing data for bitmap images assigned to customized toolbar buttons.
- Buttons created with DefineToolbarButton are greyed out.
Buttons created using the Reflection DefineToolbarButton method now work correctly.
- Japanese and Chinese characters display incorrectly.
Wide characters (such as Japanese or Chinese) now display correctly when the Reflection host character set is set to UTF8.
- Errors when UserData property contains a string greater that 261 characters.
Data assigned to the Reflection UserData property is now correctly stored and recalled when it contains a string longer than 261 bytes.
- Password does not decrypt correctly with GetPassword and GetLogin methods.
This patch fixes a problem that was observed when the Transmit method was invoked from a different session and the password was retrieved with GetPassword or GetLogin using rcDecodePassword. Reflection now correctly decodes encrypted passwords saved from a different session. Note that this is not designed as a secure way to store passwords: it is simply to obfuscate a password instead of storing it in clear text.
Reflection X 14.0 SP1
Issues resolved in Reflection X 14.0 SP1:
- Slow rendering when in Coarse or Fine pixelization mode.
This Service Pack addresses a rendering problem. Now, when Reflection X is set to Coarse pixelization or Fine pixelization, Reflection X will render wide outline rectangles at least as fast as when it is set to Perfect pixelization.
- Black areas in Reflection X screen.
Reflection X no longer leaves unpainted areas when a complex graphics expose event is delivered to a PseudoColor emulation window.
- Starting or stopping Remote Assistance forces a reset or restart.
Starting and stopping Remote Assistance no longer results in the X Manager resetting or restarting.
- Windows Clipboard issues.
Some users experience problems pasting items from the Windows clipboard into a terminal window. One problem is characterized by Reflection X not pasting items correctly if the paste occurs after a previous client has exited (also known as a "last client exit reset"). Pasting an item after initial startup or after resetting Reflection X from the user interface is successful. This and other related problems have been fixed.
- Pixels drawn for 0 width, 0 length segments.
When Line, segment or arc drawing is set to Coarse or Fine pixelization and a user draws a line segment with a length and width of 0 (zero), instead of drawing nothing in response to the polysegment request, Reflection draws a pixel. This problem has been fixed.
- Problems with monitors in negative coordinates.
Several problems have been fixed in Reflection X when a second or third monitor is the left or above monitor number one (in negative coordinates). Reflection X does not support the display of X clients on negative coordinate monitors.
- Problem with -c startup command line switch.
A problem introduced in Reflection 14.0 using the -c startup command line switch has been fixed. Now, the client file name parameter that follows -c does not need to be fully qualified if the client file is located in the user's personal folder (typically, C:\Documents and Settings\\My Documents\Attachmate\Reflection).
- Problems launching client application in window without control decorations.
In situations where a mapped window has been created with no control decorations and Microsoft Windows is the Default local window manager, Reflection X will still send a ReparentNotify event when the window is mapped.
- Application controls suddenly inaccessible.
When Reflection X has Window mode set to X terminal desktop, the X screen configuration set to Full size (no title bar), and a user clicks near the border of the root window, the mouse pointer is repositioned. This results in some application controls becoming inaccessible. This problem has been fixed.
- Incorrect drawing behavior.
A problem involving drawing behavior was fixed. Now, when Coarse pixelization is enabled and the last segment in a list of segments is clipped out, Reflection X draws the segments that were not clipped out to a window with backing store or to a window that uses a PseudoColor emulation (PCE) visual.
- Problems with slow connections or connecting over VPNs.
If you are experiencing problems connecting over VPNs or if you have a high latency connection, you may need to increase the values of the Prompt timeout and Response timeout settings in your RXC file (Advanced Client Connection settings dialog box). These settings control the speed at which rsh/rexec connections send and receive data. Sometimes, extra delays are necessary over slow connections or connections that go through a VPN.
- Icons and buttons changing to incorrect color.
The icons and buttons in a customer's client application change to an incorrect color. This is because the client application changes the size of the terminal window to a negative value. While the fix provided in this service pack delays the color change, it cannot fix the problem. Only a change to the client application can fix the problem.
- Fonts not scaling correctly.
This service pack addresses a problem with font scaling.
- Unreachable monitor area.
This service pack fixes a problem that occurs when Reflection X is in Microsoft Windows desktop mode, with one monitor and the Windows taskbar on top or to the left of the screen. When Reflection is configured this way, the mouse cannot be moved into the region on the edge of the monitor opposite from the Windows taskbar (bottom or right).
- Keyboard event not sent.
When the Japanese 106/109 keyboard is used, Reflection X does not send a keyboard event if the key pressed has no symbol assigned to it. This problem has been fixed.
- Mouse wheel mappings using Alt not working.
In previous versions, mouse wheel mappings that used the Alt key modifier did not work as expected. This problem has been fixed.
- Reflection stops responding when a cursor is confined to a shaped window.
This service pack adds support to confine the cursor to a window with a non-rectangular shape.
- Problems with KDE and Windows screensaver.
A fix in this service pack addresses a problem in which KDE 3.3 desktop clients keep running after the Microsoft Windows screensaver is dismissed.
- Issues with three-button mouse emulation.
Three-button mouse emulation now functions correctly.
- Copy Rectangle to Windows Clipboard not working.
If text is selected in an xterm window, performing a Copy Rectangle to Windows Clipboard now overwrites the contents of Windows Clipboard with the rectangle you copied. Previously, the rectangle would be immediately overwritten by the string that was selected in the xterm window.
- Colors with NULL terminators handled incorrectly.
Reflection X now correctly handles colors with NULL terminators.
Reflection FTP 14.0 SP1
New features in Reflection FTP 14.0 SP1:
- New settings for handling uploads.
Two new settings have been added to the Transfer tab of the Site Properties dialog box:
- Compute space on MVS
By default, Reflection computes and pre-allocates the number of tracks on an MVS system based on the local file size. Clear this setting to disable this feature. This setting applies to uploads to MVS hosts only.
- Send SITE command
Use this setting to specify a SITE command to be executed before a file is uploaded. This is supported for uploads to any host.
Issues resolved in Reflection FTP 14.0 SP1:
- Problems with very large files.
This patch fixes a number of problems that were seen when handling files whose size is larger than 2 gigabytes. Problems included files that could not be displayed, files that failed to transfer, and file transfers that failed to resume properly. Note that some FTP or SFTP servers still may not be able to display or transfer files greater than 4 gigabytes, in which case the Reflection client may also experience problems.
- Error Message: Install a Reflection host access product to continue migrating profiles and keys.
The error message above displays if you attempt to install only the FTP client on a system on which F-Secure was installed. This patch fixes this problem; the Reflection F-Secure Migration wizard will not launch when an installation doesn't include Reflection for HP, Reflection for Unix and OpenVMS, or Reflection for ReGIS Graphics.
- FTP Client does not launch for some users with roaming profiles.
The FTP Client now launches successfully if your Desktop or My Documents folder is not in your roaming profile.
- Secure Shell configuration not exported correctly.
The SSH Config Scheme value is now written to properly when you export your settings from the FTP Client. Previously the SSH Config Scheme name was written out incorrectly in the exported XML and consequently the value was not set when the xml was reimported into the FTP Client.
- FTP Settings are not correctly imported when you deploy a settings.rfw file to a system that has no prior Reflection installation.
If the Reflection FTP client is installed and launched for the first time on a system that already contains a file called "settings.rfw", any existing settings in the registry are migrated to a file called "settings0.rfw" and Reflection FTP loads the existing "settings.rfw" file. Settings are now migrated only if a previous version of Reflection FTP was installed on the system.
- Custom Rule "Include Suffix."
When the Directory Definition Wizard is used to create custom rules for parsing directory listings, a manually added "Include Suffix" value is now honored.
Updated PKI Support
A Public Key Infrastructure (PKI) is a system that helps facilitate secure communications through the use of digital certificates. Reflection supports the use of a PKI for host and user authentication during Secure Shell and SSL/TLS sessions.
New PKI features in 14.0 SP1:
The following new features are available in all Reflection 14.0 SP1 applications. For additional information about these features, see "PKI" in the Reflection application Help index after you've installed this service pack.
- OCSP support for certificate revocation checking.
You can now configure Reflection Secure Shell and SSL/TLS connections to use one or more OCSP responders to check if certificates are still valid.
- Set Certificate Revocation to Use OCSP. (This setting is new with this service pack.) For SSH connections, use the PKI tab of the Secure Shell settings dialog box. For SSL/TLS connections, use the PKI Configuration dialog box.
- Open the Reflection Certificate Manager.
- Click the OCSP tab. (This tab is new with this service pack.)
- Click Add, then specify the server using the following URL format:
URL:portnumber
For example:
http://ocspmachine.host.com:20080
- DOD PKI mode to enforce DOD standards.
By default, Reflection applications allow some configurations that do not meet DOD PKI requirements. Administrators can now use Reflection Group Policies to configure all Reflection sessions to meet DOD PKI requirements. To do this, you must first install the latest version of the Reflection Administrator's Toolkit.
- Run the Group Policy Editor.
- Install the updated Reflection template (ReflectionPolicy.adm).
- Under Local Computer Policy > User Configuration > Administrative Templates > Reflection Settings, disable the setting "Allow non-DoDPKI mode."
For additional information, see "DOD PKI information" in the Reflection application Help index after you've installed this service pack.
- Easier deployment of PKI settings.
Administrators can now use the Reflection Customization Manager to create custom Reflection installations that include PKI settings. For additional information, see "PKI, deploying PKI settings in a customized install" in the Reflection application Help index after you've installed this service pack.
Secure Shell 14.0 SP1
The following Secure Shell updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
New feature in Reflection Secure Shell 14.0 SP1:
- New features for exporting keys.
You can now choose to export the private key of a public private key pair. To do this, open the User Keys tab of the Secure Shell Settings dialog box, click Export, then select Export Private Key.
The Reflection Windows client now uses the SECSH file format by default for exported keys. This matches the format used by other Reflection for Secure IT applications. To configure Reflection to export keys in OpenSSH format (the previous default), open the User Keys tab of the Secure Shell Settings dialog box, click Export, then select Save in OpenSSH format.
Issues resolved in Reflection Secure Shell 14.0 SP1:
- Fixed security vulnerability, US-Cert VU#845620.
Fixed security vulnerability, US-Cert VU#845620, http://www.kb.cert.org/vuls/id/845620 -- Multiple RSA implementations fail to properly handle signatures. For more details see the General Security Alerts and Advisories section of https://support.microfocus.com/security/.
- Copying host files to the local root directory using sftp and sftp2.
The sftp and sftp2 command line utilities now accept syntax to copy host files to the local root directory or to the root directory of another local drive. Commands such as the following are now supported:
sftp myname@myhost:myfile d:\
sftp myname@myhost:myfile \
- Changing to an empty directory disconnects the SFTP session.
The Reflection session now remains connected if you attempt to change to an empty directory. Previously either of the following commands disconnected the session:
On the FTP command line: cd (with no directory specified)
Using the Reflection FTP Client API: .SetCurrentDirectory " "
- Reflection SFTP shuts down when disconnected from the network.
Reflection no longer closes unexpectedly when the network connection goes down or the server terminates while the SFTP client is transferring a file.
- Invalid option error when using -i switch with scp and scp2 command line utilities.
The scp and scp2 command line utilities now correctly support the -i identity file switch. Commands like the following are now handled correctly. Previously this would result in an invalid error option.
scp2 -i keyfile <localfile> user@host:<destination file>
- Reflection shuts down when configuring PKI if My Documents has been redirected to a network server.
Reflection now correctly creates the .pki folder when a user's My Documents folder is specified using a UNC path.
- Using Go to or cd at the command line fails when you use a OpenVMS file path.
This patch provides improved SFTP support for traversing directories on OpenVMS systems.
- Host key fingerprint is now displayed in multiple formats that are compatible with other vendors.
The Host Key Authenticity dialog box now displays the host key fingerprint in both bubble-babble and hex format. The bubble-babble format uses a SHA-1 hash for the fingerprint and the hex format uses an MD5 hash.
- Intermittent failures in SSH1 connections.
A fix was made for SSH1 connections that were failing intermittently.
- Using sftp or sftp2 command line utility, ls -l does not display the day of the month.
The sftp and sftp2 command line utilities now display the day of the month. Previously this part of the date was not included in the date fields.
- Reflection display hangs during Secure Shell and SFTP connections.
A fix was added that prevents a Secure Shell or SFTP connection from hanging when downloading a large amount of data.
- Reflection unable to read SecSH format keys with longer passphrases.
Reflection now reads private keys created with F-Secure that have a passphrase with more than 23 characters.
SSL/TLS 14.0 SP1
The following SSL/TLS updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection for IBM
Reflection FTP Client
Issues resolved in SSL/TLS 14.0 SP1:
- Fixed security vulnerability, US-Cert VU#845620.
Fixed security vulnerability, US-Cert VU#845620, http://www.kb.cert.org/vuls/id/845620 -- Multiple RSA implementations fail to properly handle signatures. For more details, see the General Security Alerts and Advisories section of https://support.microfocus.com/security/.
- Reflection shuts down when configuring PKI if My Documents has been redirected to a network server.
Reflection now correctly creates the .pki folder when a user's My Documents folder is specified using a UNC path.
Kerberos 14.0 SP1
The following Kerberos updates apply to these Reflection applications:
Reflection for UNIX and OpenVMS
Reflection for ReGIS Graphics
Reflection X
Reflection FTP Client
Issue resolved in Kerberos 14.0 SP1:
- Authentication errors with "Use Windows logon value."
The last character of the default principal, default realm, and KDC host name is no longer dropped when you have selected Use Windows logon value in the Reflection Kerberos Initial Configuration dialog box.