Kyle_Katarn

For question 1, to be clear, my "Yes" meant no other dependancies. I only ship my exe with these 2 DLLs.

Hello, After upgrading to 8.59 + OpenSSL 1.1.1b, my users under Windows XP (and only XP) are now getting a message at startup "missing bcrypt.dll". This was not the case with earlier versions (of ICS and OpenSSL) Is this intentionnal ?

OK

I'd say Yes and Yes 🙂

OK. I've sent to my users 2 test apps : - One with 8.59 and Command/Headers logging. Will allow to see if it behaves differently than 8.62 - One with 8.62 forcing httpAuthBasic instead of httpAuthNone I'll share the results here.

OK, thanks, i'll test. Meanwhile, isn't my issue close to this "old" discussion ? https://www.mail-archive.com/search?l=twsocket@elists.org&q=subject:"Re%3A+[twsocket]+THttpCli+NTLM+OverbyteIcsBcb100Package"&o=newest&f=1 See message from 2011

Meanwhile, i'll try to get same logs with 8.59

Is NTLM something I can change on my side (client) or does this comes from server configuration ? I kept TSSLHttpsli default settings unchanged (eg : no specific code to "force" NTLM afaik)

I'm back with some logs ! Some context : - works correctly when built with 8.59 from all machines from the network - works correctly when built with 8.62 from some machine on the network but not all (but all using the same proxy and proxy settings). When fail, it faiuls systematically with the headers below. COMMANDS : Verbose [19-08-27 09:38:04] Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAAAAABAAAAAAAAAAEAAAAAIAAgAQAAAAAAAAAB4AAAABoIAADI3NTYxMVBDQdj/HtneDSpgYGj/Okmg/wONjK3AAZefwUBBHqQfc9vYh+Xzfyhfblng/l0ZcX9z Verbose [19-08-27 09:38:04] Host: www.kc-softwares.com Verbose [19-08-27 09:38:04] User-Agent: Mozilla/5.0 Verbose [19-08-27 09:38:04] Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Verbose [19-08-27 09:38:04] Connection: Keep-alive Verbose [19-08-27 09:38:04] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Verbose [19-08-27 09:38:04] GET http://www.kc-softwares.com/sumo/check.php HTTP/1.0 Received Headers : Verbose [19-08-27 09:38:03] Content-Length: 921 Verbose [19-08-27 09:38:03] Connection: close Verbose [19-08-27 09:38:03] Proxy-Connection: close Verbose [19-08-27 09:38:03] Content-Type: text/html; charset=utf-8 Verbose [19-08-27 09:38:03] Pragma: no-cache Verbose [19-08-27 09:38:03] Cache-Control: no-cache Verbose [19-08-27 09:38:03] Proxy-Authenticate: BASIC realm="Realm_IWA_BRKRZLCL" Verbose [19-08-27 09:38:03] Proxy-Authenticate: NTLM Verbose [19-08-27 09:38:03] Proxy-Authenticate: NEGOTIATE Verbose [19-08-27 09:38:03] HTTP/1.1 407 Proxy Authentication Required

Is it possible not to use BCryptGenRandom by a selection made at run time ? Does this mean that we'll loose XP compatibility with ICS & OpenSSL 1.1.1 and onward ? May I distribute bcrypt.dll ? (which licence ?)