Jump to content

AllanF

Members
  • Content Count

    26
  • Joined

  • Last visited

Everything posted by AllanF

  1. Hi, I am using ICS Components with Delphi Seattle to send text between Server to Client and vice versa. But when using higher values like Chr(65470) the transfer does not happen correctly. Server Side: TSslWSocketServer Client : TClientConnection; Client.SendText('Hi '+Chr(65445)+Chr(65470)+#13#10); Client Side: TSSLWSocket procedure Tform_ClientSocket.SockClient_SsrvClientDataAvailable(Sender: TObject; ErrCode: Word); var FRcvdLine:WideString ; // AnsiString does not work either begin FRcvdLine := TSSLWSocket(Sender).ReceiveStrA ; Hi ?? Regards Allan
  2. Since my application is already in use at few customer's installations and is running smoothly, I did not have the courage to make major changes. It is actually the user passwords that I is saved in my databases with some basic encryption that were giving this problem. Putting both your valuable advice together I did make a routine that goes thru the String prior to the Send operation, character by character and recognizes Ord(...) > 65375. I am now converting that Password into Simple text and upon reaching destination reversing it again. Since my String's are made of a Tagged parts it is simple to extract the problem areas. Thank You for the support.
  3. In this way I can't seem to capture from the Client side using below method. Will the Client side code be different too ? FRcvdLine := TSSLWSocket(Sender).ReceiveStr ;
  4. Hi, I am using TSslWSocket (TSslContext) to connect to TSslWSocketServer (using IcsHosts) Is it possible to avoid TSslContext on Client Side too ? I am asking because the Client side loses out some data initially upon just connecting. Without SSL same code work fine. I tried to prepare a small sample but that works fine with SSL too. I am using Delphi Seattle on Windows 10, Single machine, Two Exe's (Server and Client) for testing Regards Allan
  5. My mistake was that I was sending first message to the Client from within the TSslWSocketServer.DataAvailable event. Took that off and it is now working perfectly.
  6. Hi I am currently using TSslFtpServer and TSslWSocketServer in combination with SslContext but there are connection issues coming up recently with Failed SSL Handshake before negotiation. Instead of chasing that I want to update to the current technique of using ICSHosts. Here I am stuck when trying to connect with FileZilla Client my Server comes into ClientConnect Event and then in ClientCommand Keyword is empty and then control goes to ClientDisconnect. Does not go into Validation etc. The problem is that there is no example using ICSHosts, so I used the OverbyteIcsSslFtpServ example removing the SslContext and adding a Item in IcsHosts Kindly note that mine is an application wherein I have a Server module running on one machine and I have several machines connecting to the Server There is no Website I can validate 'HostNames.Strings' with, so hope machine name will do ? DFM section of TSslFtpServer IcsHosts = < item HostNames.Strings = ('VMAF') HostEnabled = True HostTag = 'MyTag' SslCert = '01cert.pem' SslKey = '01key.pem' SslInter = 'cacert.pem' end> since 01cert.pem etc. are not working here I made fresh Certificates which I tested and are working with the SslContext. Regards Allan
  7. In my Service I want to to receive notification when the system is suspended or resumed (Hibernate/Sleep) so that I can Close Active Sockets connections. Similar questions have got the answer 'the service must use a HandlerEx() callback via RegisterServiceCtrlHandlerEx()' but I have not been able to use it in Delphi. Need more assistance please.
  8. >> I'll email my unit that does all this. I looked at all the options suggested by Angus and Remy. Then I implemented the emailed Pas files and tested it with all possible options I could manage. Was most simple to include in my program and works perfectly fine. Very grateful to both for pulling me out of this one too.
  9. I have already tried the WM_POWERBROADCAST for GUID_MONITOR_POWER_ON with this I get notified even if display is begin turned off.
  10. I am using ICS TSslFTPServer (FtpSslType=ftpAuthTls,ftpAuthSsl) and TSslWSocketServer (SslEnable=True) on my Server side application along with TSslContext wherein I am pointing to SslPrivKeyFile and SslCertFile to your sample 01key.pem and 01cert.pem respectively. My Client Application connects and all is well. problem-1) If I try to change the certificates to another of your provided examples or If I build with OpenSSL it gives error 'Can't read certificate file ... error:0909006C:PEM routines:get_name:no start line' problem-2) Using SSL I lose compatibility with WinXP and probably with Vista too. Is there a workaround ? (Angus has suggested me to use the IcsHosts property instead of SslContext but I will need to do more work to get it working for me, hope I am using above mentioned components properly to begin with SSL) (How I generated my own PEM files openssl genpkey -aes256 -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out 01key.pem openssl pkey -in 01key.pem -out 01cert.pem -pubout)
  11. AllanF

    Only default ICS sample SSL certificate is working

    With OverbyteIcsPemTool.exe Menu item Create a self-signed certificate.
  12. AllanF

    Only default ICS sample SSL certificate is working

    I did create the PEM files and they are working fine but comments says they will expire by 20/01/2020 even if I put days 365 or 3650 I changed went into debug mode and changed days run time but same comment
  13. I am using TSslFtpServer , TSslWSocketServer along with TSSLContext component successfully when using the SslCAFile , SslCertFile and SslPrivateKeyFile properties to point to files on the Hard Disk. I noticed there are matching SslCALines , SslCertLines and SslPrivateKeyLines . I filled these properties with text from the corresponding files but it did not work. I am asking this because I would prefer not to expose the Certificate files.
  14. AllanF

    Some assistance on SSL required

    Hi, I am using ICS TFTPServer and TWSocketServer on my Server side application (Delphi Seattle). I want to use SSL to secure the connections. This question is more related to SSL rather than ICS. I have read on SSL and checked the Demo programs too. I yet need some clarity. Mine is a backup application and will be sending critical data over the WAN. If I generate my own certificates via OpenSSL where do I keep the PEM files for the ICS Server components to access ? Should I generate a different PEM file per customer upon installation or can I supply a common one ? I files are large can I have only password exchanged secretly and data without encryption (My data is already compressed with AES ) ? Regards Allan (Thanks for all the new features in ICS)
  15. AllanF

    Some assistance on SSL required

    A huge thanks for all the help you'll have provided. Truly appreciate.
  16. AllanF

    Some assistance on SSL required

    Considering all the advice I prefer to use the P12 files and stick to SSL as it will work for both Sockets and FTP. Just wanted some more clarity. Is the Username and password used in the connect statement of the FTP Client and Authenticated at the FTP Server have to do anything with preparation of the SSL Certificates ? I am trying to create Self Signed Certificates using IcsSslBuildCerts.bat and I get several files. I don't know which to use , whatever combination is not working. RootKey.pem, RootReq.pem, RootCert.pem, Root.pem ServerCAkey.pem, ServerCAreq.pem, ServerCAcert.pem, ServerCA.pem, ServerKey.pem, ServerReq.pem, Server.pem, ServerCert.pem ClientKey.pem, ClientReq.pem, ClientCert.pem, Client.pem Using ICS demo 01cert.pem, 01key.pem and cacert.pem works fine.
  17. AllanF

    Some assistance on SSL required

    True that customers will love to hear TLS ☺️ Angus has given loads of demos / Self signed certificates etc. Just wanted to know I am doing the right thing. Will update my Servers to use SSL. I suppose the PEM files will have to reside in my application folder itself ? Will give each customer a new certificate (unless he has his own).
  18. AllanF

    Some assistance on SSL required

    Thanks for the valuable info you have provided. Seems like I may not require any more security measures apart from what I already have. Please allow me to explain my current scenario and kindly let me know if I have a vulnerability. As mentioned earlier I have TFTPServer and TWSocketServer on Server. Client machine's TWSocket is always connected to the Server's TWSocketServer. Only simple info is passed via the sockets. All files are passed via FTP (encrypted if critical). When Client Socket connects to the Server Socket I validate if first OnClientData is as per my expected format else I abort that Client connection. For FTP connection I send a new username and password at each connect FTP Server understands it is correct by doing a matching system between Username and Password. When files are exchanged between client and server they are AES256 encrypted and the server just stores it on his machine, Server does not need to decrypt it. So there is no password exchanged for File Decryption purpose.
  19. AllanF

    OverbyteIcsSslFtpTst not connecting

    Hi , I am not able to connect to a SSL site with OverbyteIcsSslFtpTst.exe whereas with FileZilla it connects. 'Test.Rebex.Net' allows us to test SSL FTP site. OverbyteIcsSslFtpTst.exe connects to the non-SSL site and gives me directory list, whereas with SSL it does not connect. I have copied libcrypto-1_1 and libssl-1_1 in Exe folder too. I have compiled with Delphi Seattle. With SSL port 990 Executing Requested Command ! Init SSL failed Access violation at address 0062E467 in module 'OverbyteIcsSslFtpTst.exe'. Read of address 00000040 Session Closed, error = 0 Request 12 Done. StatusCode = 550 LastResponse was : '550 Access violation at address 0062E467 in module 'OverbyteIcsSslFtpTst.exe'. Read of address 00000040' Error = 550 (550 Access violation at address 0062E467 in module 'OverbyteIcsSslFtpTst.exe'. Read of address 00000040) Command Failure Without SSL port 21 Executing Requested Command < 220 Microsoft FTP Service Session Connected, error = 0 > USER demo < 331 Password required for demo. > PASS password < 230 User logged in. > CWD / < 250 CWD command successful. > PASV < 227 Entering Passive Mode (195,144,107,198,4,9). ! Passive connection requested to: 195.144.107.198:1033, control channel: 195.144.107.198 > NLST *.* < 150 Opening ASCII mode data connection. < 226 Transfer complete. ! 12bytes received/sent in 203 milliseconds > QUIT < 221 Goodbye. Session Closed, error = 0 Request 12 Done. StatusCode = 226 LastResponse was : '226 Transfer complete.' No error Command Success
  20. AllanF

    OverbyteIcsSslFtpTst not connecting

    DLLs are in the same directory as the application. OverbyteIcsXferTst works fine !! Will check and get back if necessary.
  21. AllanF

    OverbyteIcsSslFtpTst not connecting

    I copied the latest dlls then too same issue. Do I have to have any of these PEM files ,certificates etc ? The other SSL (Explicit) too fails
  22. Hi, I am running TFTPServer (Delphi Seattle) on a machine that is visible to FtpClients across the WAN (port forwarding). I have used the OnPasvIpAddr event to set APasvIpAddr to the public IP. This works fine for one send from my FtpClient (one send from FtpClient involves few other operations like GetFileSize , PUT & RenameFile). During the second Send the Clients gets error at the Rename. Kindly note that I connect from client only once for both the Sends. Using FileZilla FTP Server (with setting external IP) client works fine. TFTPServer works fine too on LAN and on a machine with Public IP machine (VPS). Please advice the correct way to use PasvIpAddr. procedure Tform_FtpServer.FtpServer1PasvIpAddr(Sender: TObject;Client: TFtpCtrlSocket; var APasvIpAddr: TFtpString;var SetPasvIpAddr: Boolean); begin if (sysPasvAddress='') then exit ; // sysPasvAddress = my variable suggesting that external address is required SetPasvIpAddr:=True ; APasvIpAddr:=sysPasvAddress ; end; Regards Allan
  23. Thanks Angus for the support you have given. Though this is not the most appropriate solution it should suffice for me.
  24. The IP of the server is constant over past few days. The IP is set in a database and I supply the same to the client each time. I observed that the sending works for multiple files if they are small (15 files of 21mb each) , it gives problem when file takes a few minutes to copy (150MB). Could it be that the FTP control port is being closed by the firewall as it is not being used ? Can the Server keep the Control port alive ? I am trying to do it from the Client side too.
  25. Hi, Of the Below four files three got copied properly. The fourth gave a problem. When copying a file I copy it as Filename~$~ and then check if copied size is correct and Rename it back to FileName. DB10008104_001700001FCr.DSC~$~ DB10008104_001700001FCr.DSB~$~ DB10008104_001800001FCr.DSC~$~ DB10008104_001800001FCr.DSB~$~ Below error comes while Renaming the file after copy is completed on Client side. <Connect_Ftp2> <DllDate>Dec 13 2012</DllDate> <UnlockPrefix>xxxxxx</UnlockPrefix> <Username>AF:SYSTEM</Username> <Architecture>Little Endian; 32-bit</Architecture> <Language>C++ Builder XE2</Language> <VerboseLogging>1</VerboseLogging> <error>Asynchronous FTP operation already in progress.</error> </Connect_Ftp2> </ChilkatLog> Below are the corresponding TFTPServer logs InfoMemo ! Server started OneTimePw (c) 1997-2012 F. Piette V8.00 Using: TWSocket (c) 1996-2017 Francois Piette V8.43 TFtpServer (c) 1998-2016 F. Piette V8.37 Winsock: Version 2.2 WinSock 2.0 Running ! Server started OneTimePw (c) 1997-2012 F. Piette V8.00 Using: TWSocket (c) 1996-2017 Francois Piette V8.43 TFtpServer (c) 1998-2016 F. Piette V8.37 Winsock: Version 2.2 WinSock 2.0 Running ! 223.182.185.15 [1] connected < 223.182.185.15=(Not yet Logged On) USER XYZ > 223.182.185.15;AF [0ms] 331 Password required for XYZ. < 223.182.185.15;AF PASS ABC ! 223.182.185.15;AF User 'XYZ' is authenticated and logged on locally to Windows ! 223.182.185.15;AF Home Directory: C:\Program Files\DB5\ > 223.182.185.15;AF [0ms] 230 User XYZ logged in. < 223.182.185.15;AF TYPE I > 223.182.185.15;AF [0ms] 200 Type set to I. < 223.182.185.15;AF SYST > 223.182.185.15;AF [0ms] 215 UNIX Type: L8 Internet Component Suite < 223.182.185.15;AF FEAT > 223.182.185.15;AF [0ms] 211-Extensions supported: HOST SIZE REST STREAM MDTM MDTM YYYYMMDDHHMMSS[+-TZ] filename MLST size*;type*;perm*;create*;modify*; MFMT MD5 XCRC "filename" start end XMD5 "filename" start end CLNT SITE INDEX;ZONE;MSG;EXEC;PSWD;CMLSD;DMLSD XCMLSD XDMLSD 211 END < 223.182.185.15;AF FEAT > 223.182.185.15;AF [0ms] 211-Extensions supported: HOST SIZE REST STREAM MDTM MDTM YYYYMMDDHHMMSS[+-TZ] filename MLST size*;type*;perm*;create*;modify*; MFMT MD5 XCRC "filename" start end XMD5 "filename" start end CLNT SITE INDEX;ZONE;MSG;EXEC;PSWD;CMLSD;DMLSD XCMLSD XDMLSD 211 END < 223.182.185.15;AF CWD / > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/" is current directory. < 223.182.185.15;AF CWD C:\Backup > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup" is current directory. < 223.182.185.15;AF CWD system > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system" is current directory. < 223.182.185.15;AF CWD ExtWrk > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system/ExtWrk" is current directory. < 223.182.185.15;AF PASV > 223.182.185.15;AF [0ms] 227 Entering Passive Mode (27,111,15,222,191,205). < 223.182.185.15;AF STOR DB10008104_001700001FCr.DSC~$~ > 223.182.185.15;AF [0ms] 150 Opening data connection for DB10008104_001700001FCr.DSC~$~. ! 223.182.185.15;AF C:\Backup\system\ExtWrk\DB10008104_001700001FCr.DSC~$~ 4.15Kbytes received in 47 milliseconds > 223.182.185.15;AF [94ms] 226 File received ok < 223.182.185.15;AF SIZE DB10008104_001700001FCr.DSC~$~ > 223.182.185.15;AF [15ms] 213 4248 < 223.182.185.15;AF SIZE DB10008104_001700001FCr.DSC > 223.182.185.15;AF [0ms] 550 Command failed: File not found. < 223.182.185.15;AF RNFR DB10008104_001700001FCr.DSC~$~ > 223.182.185.15;AF [0ms] 350 File exists, ready for destination name. < 223.182.185.15;AF RNTO DB10008104_001700001FCr.DSC > 223.182.185.15;AF [16ms] 250 File '/C:/Backup/system/ExtWrk/DB10008104_001700001FCr.DSC~$~' renamed to '/C:/Backup/system/ExtWrk/DB10008104_001700001FCr.DSC'. < 223.182.185.15;AF CWD / > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/" is current directory. < 223.182.185.15;AF CWD C:\Backup > 223.182.185.15;AF [16ms] 250 CWD command successful. "/C:/Backup" is current directory. < 223.182.185.15;AF CWD system > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system" is current directory. < 223.182.185.15;AF CWD ExtWrk > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system/ExtWrk" is current directory. < 223.182.185.15;AF PASV > 223.182.185.15;AF [0ms] 227 Entering Passive Mode (27,111,15,222,191,206). < 223.182.185.15;AF STOR DB10008104_001700001FCr.DSB~$~ > 223.182.185.15;AF [0ms] 150 Opening data connection for DB10008104_001700001FCr.DSB~$~. ! 223.182.185.15;AF C:\Backup\system\ExtWrk\DB10008104_001700001FCr.DSB~$~ 106Mbytes received in 218 seconds (497Kbytes/sec) > 223.182.185.15;AF [218375ms] 226 File received ok < 223.182.185.15;AF SIZE DB10008104_001700001FCr.DSB~$~ > 223.182.185.15;AF [0ms] 213 111340889 < 223.182.185.15;AF SIZE DB10008104_001700001FCr.DSB > 223.182.185.15;AF [0ms] 550 Command failed: File not found. < 223.182.185.15;AF RNFR DB10008104_001700001FCr.DSB~$~ > 223.182.185.15;AF [0ms] 350 File exists, ready for destination name. < 223.182.185.15;AF RNTO DB10008104_001700001FCr.DSB > 223.182.185.15;AF [0ms] 250 File '/C:/Backup/system/ExtWrk/DB10008104_001700001FCr.DSB~$~' renamed to '/C:/Backup/system/ExtWrk/DB10008104_001700001FCr.DSB'. < 223.182.185.15;AF QUIT > 223.182.185.15;AF [0ms] 221 Goodbye. ! 223.182.185.15;AF disconnected after 222 secs, total recv 106M, total xmit 2.18K ! 223.182.185.15 [2] connected < 223.182.185.15=(Not yet Logged On) USER XYZ > 223.182.185.15;AF [0ms] 331 Password required for XYZ. < 223.182.185.15;AF PASS ABC ! 223.182.185.15;AF User 'XYZ' is authenticated and logged on locally to Windows ! 223.182.185.15;AF Home Directory: C:\Program Files\DB5\ > 223.182.185.15;AF [0ms] 230 User XYZ logged in. < 223.182.185.15;AF TYPE I > 223.182.185.15;AF [0ms] 200 Type set to I. < 223.182.185.15;AF SYST > 223.182.185.15;AF [0ms] 215 UNIX Type: L8 Internet Component Suite < 223.182.185.15;AF FEAT > 223.182.185.15;AF [0ms] 211-Extensions supported: HOST SIZE REST STREAM MDTM MDTM YYYYMMDDHHMMSS[+-TZ] filename MLST size*;type*;perm*;create*;modify*; MFMT MD5 XCRC "filename" start end XMD5 "filename" start end CLNT SITE INDEX;ZONE;MSG;EXEC;PSWD;CMLSD;DMLSD XCMLSD XDMLSD 211 END < 223.182.185.15;AF FEAT > 223.182.185.15;AF [0ms] 211-Extensions supported: HOST SIZE REST STREAM MDTM MDTM YYYYMMDDHHMMSS[+-TZ] filename MLST size*;type*;perm*;create*;modify*; MFMT MD5 XCRC "filename" start end XMD5 "filename" start end CLNT SITE INDEX;ZONE;MSG;EXEC;PSWD;CMLSD;DMLSD XCMLSD XDMLSD 211 END < 223.182.185.15;AF CWD / > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/" is current directory. < 223.182.185.15;AF CWD C:\Backup > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup" is current directory. < 223.182.185.15;AF CWD system > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system" is current directory. < 223.182.185.15;AF CWD ExtWrk > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system/ExtWrk" is current directory. < 223.182.185.15;AF PASV > 223.182.185.15;AF [0ms] 227 Entering Passive Mode (27,111,15,222,191,207). < 223.182.185.15;AF STOR DB10008104_001800001FCr.DSC~$~ > 223.182.185.15;AF [0ms] 150 Opening data connection for DB10008104_001800001FCr.DSC~$~. ! 223.182.185.15;AF C:\Backup\system\ExtWrk\DB10008104_001800001FCr.DSC~$~ 4.16Kbytes received in 94 milliseconds > 223.182.185.15;AF [94ms] 226 File received ok < 223.182.185.15;AF SIZE DB10008104_001800001FCr.DSC~$~ > 223.182.185.15;AF [0ms] 213 4255 < 223.182.185.15;AF SIZE DB10008104_001800001FCr.DSC > 223.182.185.15;AF [0ms] 550 Command failed: File not found. < 223.182.185.15;AF RNFR DB10008104_001800001FCr.DSC~$~ > 223.182.185.15;AF [0ms] 350 File exists, ready for destination name. < 223.182.185.15;AF RNTO DB10008104_001800001FCr.DSC > 223.182.185.15;AF [0ms] 250 File '/C:/Backup/system/ExtWrk/DB10008104_001800001FCr.DSC~$~' renamed to '/C:/Backup/system/ExtWrk/DB10008104_001800001FCr.DSC'. < 223.182.185.15;AF CWD / > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/" is current directory. < 223.182.185.15;AF CWD C:\Backup > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup" is current directory. < 223.182.185.15;AF CWD system > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system" is current directory. < 223.182.185.15;AF CWD ExtWrk > 223.182.185.15;AF [0ms] 250 CWD command successful. "/C:/Backup/system/ExtWrk" is current directory. < 223.182.185.15;AF PASV > 223.182.185.15;AF [0ms] 227 Entering Passive Mode (27,111,15,222,191,208). < 223.182.185.15;AF STOR DB10008104_001800001FCr.DSB~$~ > 223.182.185.15;AF [0ms] 150 Opening data connection for DB10008104_001800001FCr.DSB~$~. ! 223.182.185.15;AF C:\Backup\system\ExtWrk\DB10008104_001800001FCr.DSB~$~ 106Mbytes received in 311 seconds (348Kbytes/sec) > 223.182.185.15;AF [311906ms] 226 File received ok ! 223.182.185.15;AF disconnected after 338 secs, total recv 106M, total xmit 1.93K
×