Jump to content

cychia

Members
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral
  1. cychia

    SSL Pinning or HPKP

    Another question: If I want to avoid to bind the client app to the specific certificate, instead I just need to verify whether it is a trusted cert, how can I do that? Thanks.
  2. cychia

    SSL Pinning or HPKP

    I am following the example provided in Samples\Delphi\SSLInternet with this filename > OverbyteIcsHttpsTst1.pas I have a few confusing part on how to configure it properly. 1. I have done a checking in the onHandshakeDone event and check if the PeerCert.Sha1Hex is equal to a value hardcoded in my app, it will let go else set disconnect to True. I only manage to test if the cert is correct one, so not yet verify if I got a invalid cert. Before that just wanted to confirm if am doing the right way? 2. SslVerifyPeer must be turned on in order to get the PeerCert value right? 3. Is this method consider SSL Pinning? 4. What does ICS do internally when I set SslVerifyPeer to true? making any external call to get certificate? Thanks
  3. Hi, May I know how to enable SSL Pinning using ics TsslHTTPCli? Is there a demo to do so? I found an option in TsslContext, SSLVerifyPeer, is this for SSL pinnnig purpose? Thanks.
  4. cychia

    Invalid HTTP StatusCode 0

    The thing that I find it strange is, in httpprot, when response received from server, it will set the state to ready, then postmessage to it's wndproc, this will.make way for second request to kick in, and reset the statuscode, reasonphrase etc, before request done event triggered. This means that the state for checking socket readiness is not reliable. Why not change postmessage to send message, or set state to ready only request done event is triggered? Is it safe if I move the part that change state to ready after request done is triggered?
  5. cychia

    Invalid HTTP StatusCode 0

    i have attached the log from ICSLogger, the highlighted RequestDone for both were different. First one is normal which i get StatusCode 200, second one was the problem i have encountered, StatusCode 0. The second requestdone was found after dnslookup, but from my socket sniffer, server return StatusCode 200 OK
  6. I have a thttpcli which will be used for sending http postasync to my server, I found out that sometimes I will get the request done event with StatusCode as 0 and reasonphrase is empty and errocode is 0 Initially I was thinking it is my server problem, but then I found out that, in httpprot, it will perform a postmessage for triggering request done event, but before postmessage, the state already changed to httpready, which means the socket is ready for another eequest. In my code, the socket is reuse, with every request, I will be checking the state if it is not ready, i will be adding my request to queue. If it is ready, request will be sent, once new request started, StatusCode, reasonphrase value will be reinit to 0 and empty, then only I received the onrequestdone event which previously was postmessage to wind message queue, at this moment the statuscode is no longer 200 as it was reinit Is this known issue? Any workaround? Thanks.
×