Quarks

Hello, Can anyone give example codes in DELPHI when using unit BufferedFileStream & FastCopy for Copy paste a file? My current Delphi newbie code : { FastCopyFile implementation } function FastCopyFile(const ASourceFileName, ADestinationFileName: TFileName; CopyMode: TFastCopyFileMode; Callback: TFastCopyFileNormalCallback; Callback2: TFastCopyFileMethodCallback): Boolean; overload; const BUFFER_SIZE = 524288; // 512KB blocks, change this to tune your speed var Buffer: array of Byte; ASourceFile, ADestinationFile: THandle; FileSize, BytesRead, BytesWritten, BytesWritten2, TotalBytesWritten, CreationDisposition: Int64; CanContinue, CanContinueFlag: Boolean; BFS: TBaseCachedFileStream; begin FileSize := 0; TotalBytesWritten := 0; CanContinue := True; SetLength(Buffer, BUFFER_SIZE); // Manage the Creation Disposition flag CreationDisposition := CREATE_ALWAYS; if CopyMode = fcfmAppend then CreationDisposition := OPEN_ALWAYS; // Opening the source file in read mode ASourceFile := OpenLongFileName(ASourceFileName, GENERIC_READ, 0, OPEN_EXISTING); BFS := TBaseCachedFileStream.Create(ASourceFileName); if ASourceFile <> 0 then try FileSize := FileSeek(ASourceFile, 0, FILE_END); FileSeek(ASourceFile, 0, FILE_BEGIN); // Opening the destination file in write mode (in create/append state) ADestinationFile := OpenLongFileName(ADestinationFileName, GENERIC_WRITE, FILE_SHARE_READ, CreationDisposition); if ADestinationFile <> 0 then try // If append mode, jump to the file end if CopyMode = fcfmAppend then FileSeek(ADestinationFile, 0, FILE_END); // For each blocks in the source file while CanContinue and (LongWord(FileSeek(ASourceFile, 0, FILE_CURRENT)) < FileSize) do begin // Reading from source BFS.Read(Buffer[0],BUFFER_SIZE); if BytesRead <> 0 then begin // Writing to destination BFS.Write(Buffer[0],BUFFER_SIZE); //WriteFile(ADestinationFile, Buffer[0], BytesRead, BytesWritten, nil); // Read/Write secure code block (e.g. for WiFi connections) if BytesWritten < BytesRead then begin //WriteFile(ADestinationFile, Buffer[BytesWritten], BytesRead - BytesWritten, BytesWritten2, nil); BFS.Write(Buffer[BytesWritten],BUFFER_SIZE); Inc(BytesWritten, BytesWritten2); if BytesWritten < BytesRead then RaiseLastOSError; end; // Notifying the caller for the current state Inc(TotalBytesWritten, BytesWritten); CanContinueFlag := True; if Assigned(Callback) then Callback(ASourceFileName, TotalBytesWritten, FileSize, CanContinueFlag); CanContinue := CanContinue and CanContinueFlag; if Assigned(Callback2) then Callback2(ASourceFileName, TotalBytesWritten, FileSize, CanContinueFlag); CanContinue := CanContinue and CanContinueFlag; end; end; finally CloseHandle(ADestinationFile); end; finally CloseHandle(ASourceFile); end; // Check if cancelled or not if not CanContinue then if FileExists(ADestinationFileName) then DeleteFile(ADestinationFileName); // Results (checking CanContinue flag isn't needed) Result := (FileSize <> 0) and (FileSize = TotalBytesWritten); end I wanted to incorporate both of unit BufferedFileStream & FastCopy, any helps is appreciated. The problem with current unity FastCopy is, only able to copy and paste files below 4 GB in size. I wanted it to be able to copy practically unlimited filesize.

I did, it's pretty the same as FastCopy transfer performance. Except when I am using a TeraCopy alternative called "KillCopy". My test KillCopy able to exclusively able to use the available transfer bandwidth for local copy, so it's managed to saturated other Windows's apps bandwidth needs to local transfer. This is problematic for daily usage computer but will be useful when we only doing backup/copy/move files. From Detect It Easy, perhaps KillCopy is using Delphi as the language, hence I pursue the solution in here, because the KillCopy seems to be abandonment since 2006 ago. Attempt to locate the author has failed, something big must be happened to the author. But somehow it managed to working in Windows 10. The benchmark result (local copy, partition to partition, GPT, HDD USB 3.1 external enclosure, consist of pretty much big files(5GB++)) : Killcopy : 126 MBps TeraCopy : 90 MBps Ultracopier : 50 MBps When we need to transfer big files fast, few extra bytes/kilobytes is really make a differences. Local copy, haven't tried with network shares.

Hi David, really glad to see you in here, I just wanted to test it out myself for copying/moving large files (5GB+). I think using 'normal' windows's api has problems with sharing its transfer/bandwidth with other apps in windows. I wanted to get sort of 'exclusive' transfer/bandwidth speed in Windows. Could you please give me example code for using your BufferedFileStream unit?. Really appreciated for your helps.

Thanks, my needs is only for the fastest way to copy and paste in Windows without any filesize limits. The aforementioned units seems claimed to be the 'fastest' than other ways. Wanted to try to make a free & simple app like TeraCopy. So far only a TeraCopy alternative called "KillCopy" which is doing the fastest transfer.

Ok, thanks for clarification, From what I have understanding, unit BufferedFileStream is supporting file larger than 4GB by using SetFilePointerEx, what I need is copy and paste a file code example by using BufferedFileStream. Would you please help me?.

I know it's a weekend but still quite shocked a company like embarcadero/Idera doesn't do network/web app monitoring

Problematic for me, was able to logged in once but cannot anymore with error "Sorry, an error occurred trying to log you in - please try again".

Just today, i cannot logging in anymore with error "Sorry, an error occurred trying to log you in - please try again". Can anyone confirm the same thing?

I am currently confused about my secure FTP daemon in Delphi RIO and using ICS 8.6.4 from the SVN. I have tried to mimic exactly the OverbyteIcsSslFtpServ example project (copy & paste components or manually copying and verifying it). The problem is my project doesn't understand the AUTH TLS handshake. When using openssl client, the result is : Like you have see above, my secure FTPd somehow doesn't serving TLS handshake. Probably my code below is relevant to why it's doesn't work? : procedure TfrmMain.StartServer; var wsi : TWSADATA; SSLType : TFtpSslType; SSLVer : TSslVerMethod; SSLCache : TSslSessCacheMode; SSLCachemodes : TSslSessCacheModes; MinSSLMethod : TSslVerMethod; MaxSSLMethod : TSslVerMethod; SSLTypeModes : TFtpSslTypes; begin { Display version info for program and use components } wsi := WinsockInfo; Logit(Trim(CopyRight)); Logit('Using:'); Logit(' ' + OverbyteIcsWSocket.CopyRight); Logit(' ' + OverbyteIcsFtpSrv.CopyRight); Logit(' Winsock:'); Logit(' Version ' + Format('%d.%d', [WinsockInfo.wHighVersion shr 8, WinsockInfo.wHighVersion and 15])); Logit(' ' + String(StrPas(wsi.szDescription))); Logit(' ' + String(StrPas(wsi.szSystemStatus))); {$IFNDEF VER100} { A bug in Delphi 3 makes lpVendorInfo invalid } if wsi.lpVendorInfo <> nil then Logit(' ' + String(StrPas(wsi.lpVendorInfo))); {$ENDIF} { Set SSL properties, internal session caching enabled } // SslContext1.SslVersionMethod := sslV23_SERVER; //SslContext1.SslOptions := [sslOpt_NO_SSLv2]; //it's unsecure SslContext1.InitContext; //Pre-loads OpenSSL DLL's Logit(OpenSslVersion); Logit(OpenSslCompilerFlags); Logit(OpenSslBuiltOn); Logit(OpenSslPlatForm); Logit(OpenSslDir); frmMain.SslContext1.SslMinVersion := sslVerTLS1_2; { V8.37} frmMain.SslContext1.SslMaxVersion := sslVerMax; { V8.37} frmMain.SslContext1.SslCipherList := CipherListEdit.Text; frmMain.SslContext1.SslDHParamFile := DHParamEdit.Text; { Enables OpenSsl's internal session caching } frmMain.SslContext1.SslSessionCacheModes := [sslSESS_CACHE_SERVER]; frmMain.SslContext1.SslSessionTimeout := 300; //sec frmMain.SslContext1.SslDefaultSessionIDContext := 'AnyStringForSessionCaching'; frmMain.SslContext1.SslCertFile := CertFileEdit.Text; frmMain.SslContext1.SslPassPhrase := PassPhraseEdit.Text; frmMain.SslContext1.SslPrivKeyFile := PrivKeyFileEdit.Text; frmMain.SslContext1.SslCAFile := CAFileEdit.Text; frmMain.SslContext1.SslCAPath := CAPathEdit.Text; frmMain.SslContext1.SslVerifyPeer := VerifyPeerCheckBox.Checked; frmMain.SslFtpServer1.FtpSslTypes := [ftpAuthTls, ftpAuthSsl]; { Use a custom multiline banner } //frmMain.SslFtpServer1.Banner := ''; frmMain.SslFtpServer1.Banner := '220-Welcome to my Server' + #13#10 + '220-' + #13#10 + '220 ICS FTP Server ready.'; frmMain.SslFtpServer1.Addr := ServIpAddr.Text; { V8.37 } frmMain.SslFtpServer1.Port := FPortEdit.Text; frmMain.SslFtpServer1.Start; MinSSLMethod := frmMain.SslContext1.SslMinVersion; MaxSSLMethod := frmMain.SslContext1.SslMaxVersion; for SSLVer := sslVerSSL3 to sslVerMax do begin If SSLVer = MinSSLMethod then Logit('SSL Minimum Version : : ' + GetEnumName(TypeInfo(TSslVerMethod), Ord(MinSSLMethod))); end; for SSLVer := sslVerSSL3 to sslVerMax do begin If SSLVer = MaxSSLMethod then Logit('SSL Maximum Version : : ' + GetEnumName(TypeInfo(TSslVerMethod), Ord(MaxSSLMethod))); end; //Logit('SSL Minimum Version :' + String(frmMain.SslContext1.ToString) ); //Logit('SSL Maximum Version :' + ToString(frmMain.SslContext1.) ); SSLCacheModes := frmMain.SslContext1.SslSessionCacheModes; for SSLCache := sslSESS_CACHE_CLIENT to sslSESS_CACHE_NO_INTERNAL_STORE do begin If SSLCache in SSLCacheModes then Logit('SSL Session Cache Modes : ' + GetEnumName(TypeInfo(TSslSessCacheMode), Ord(SSLCache))); end; Logit('SSL Session Timeout :' + UIntToStr(frmMain.SslContext1.SslSessionTimeout) + 's' ); Logit('SSL Certificate File :' + frmMain.SslContext1.SslCertFile ); Logit('SSL Private List :' + frmMain.SslContext1.SslPrivKeyFile ); Logit('SSL CA File :' + frmMain.SslContext1.SslCAPath + '\' + frmMain.SslContext1.SslCAFile ); Logit('SSL Verify Peer :' + BoolToStr(frmMain.SslContext1.SslVerifyPeer) ); SSLTypeModes := frmMain.SslFtpServer1.FtpSslTypes; for SSLType := ftpAuthSsl to ftpImplicitSsl do begin If SSLType in SSLTypeModes then Logit('FTP SSL Types : ' + GetEnumName(TypeInfo(TFtpSslType), Ord(SSLType))); end; Logit('Successfully Started the FTP Server'); end; Full project files attached below, been spending more than 10 hours trying to debug it but no matter what i have tried, it doesn't serving TLS. Simple FTP Server_send.rar

Here is from OverbyteIcsXferTst : 23:38:18:401 03/04/2020 23:38:18:401 Connect/Logon to FTP Server: 127.0.0.1:5420 23:38:18:401 23:38:18:401 Control DNS Lookup Done - 127.0.0.1 23:38:18:402 23:38:18:402 02562470 Socket handle created handle=1780 23:38:18:402 23:38:18:402 TWSocket will connect to 127.0.0.1:5420 23:38:18:402 23:38:18:402 Control Socket Connect, error=0 to 127.0.0.1:5420 23:38:18:402 < 220-Welcome to my Server 23:38:18:402 < 220- 23:38:18:402 < 220 ICS FTP Server ready. 23:38:18:402 FTP Session Connected OK to: 127.0.0.1:5420 23:38:18:402 23:38:18:402 Start command, Req=HostAsync - HOST [127.0.0.1] 23:38:18:402 > HOST [127.0.0.1] 23:38:18:402 23:38:18:402 02562470 PutDataInSendBuffer handle=1780 [9] Data:$4F48 $5453 $5B20 $3231 $2E37 $2E30 $2E30 $5D31 $A0D $00 $00 $00 $10 $264 $4B0 $02 $01 $00 23:38:18:404 < 220 HOST Ok, FTP Server ready. 23:38:18:404 23:38:18:404 Start command, Req=AuthAsync - AUTH TLS 23:38:18:404 > AUTH TLS 23:38:18:404 23:38:18:404 02562470 PutDataInSendBuffer handle=1780 [10] Data:$5541 $4854 $5420 $534C $A0D $00 $00 $00 $6061 $271 23:38:18:405 < 234 Using authentication type TLS 23:38:18:405 23:38:18:405 02562470 StartSslHandshake handle=1780 23:38:18:405 23:38:18:405 02562470 InitSSLConnection handle=1780 23:38:18:405 Check for Old SSL Session 23:38:18:405 No Old SSL Session Cached 23:38:18:405 23:38:18:405 02562470 Start Ssl ReadBIO 23:38:18:405 23:38:18:405 02562470 ICB> SSL_handshake_start: where=00000010, state=before SSL initialization 23:38:18:405 23:38:18:405 02562470 ICB> SSL_connect: before SSL initialization 23:38:18:405 23:38:18:405 ProtoMsg: None, State: SSLv3/TLS write client hello, Send, DataLen: 5, Data= 160301019A 23:38:18:405 23:38:18:405 ProtoMsg: TLS 1.3 Handshake: Client Hello, State: SSLv3/TLS write client hello, Send, DataLen: 410, Data= 0100019603031EBEED0E108F8683EC69BDE3CDF6D17ABAD9C6D50CB5482E5C25CA61335517C420C515D9A0637BB8533DC1CF5BE2EBEB6460B36D1DF0F0BB4BD8E571FE517E2A7900B8130213031301C02CC03000A3009FCCA9CCA8CCAAC0AFC0ADC0A3C09FC05DC061C057C05300A7C02BC02F00A2009EC0AEC0ACC0A2C09EC05CC060C056C05200A6C024C028006B006AC073C07700C400C3006D00C5C023C02700670040C072C07600BE00BD006C00BFC00AC0140039003800880087C019003A0089C009C01300330032009A009900450044C0180034009B0046009DC0A1C09DC051009CC0A0C09CC050003D00C0003C00BA00350084002F00960041000700FF01000095000B000403000102000A000C000A001D0017001E00190018002300000016000000170000000D0030002E040305030603080708080809080A080B080408050806040105010601030302030301020103020202040205020602002B0009080304030303020301002D00020101003300260024001D0020C75A256AD644C155D13B89F87F19F3F5F46FD3170B381C087A0E546B9C9AE973 23:38:18:405 23:38:18:405 02562470 ICB> SSL_connect: SSLv3/TLS write client hello 23:38:18:405 23:38:18:405 02562470 BIO_read(nbio, 0x24F2FF8, 415) = 415 [11] Data:$316 $101 $19A $100 $396 $1E03 $EDBE $100E $868F $EC83 $BD69 $CDE3 $D1F6 $BA7A $C6D9 $CD5 $48B5 $5C2E $CA25 $3361 $1755 $20C4 $15C5 $A0D9 $7B63 $53B8 $C13D $5BCF $EBE2 $64EB $B360 $1D6D $F0F0 $4BBB $E5D8 $FE71 $7E51 $792A $B800 $213 $313 $113 $2CC0 $30C0 $A300 $9F00 $A9CC $A8CC $AACC $AFC0 $ADC0 $A3C0 $9FC0 $5DC0 $61C0 $57C0 $53C0 $A700 $2BC0 $2FC0 $A200 $9E00 $AEC0 $ACC0 $A2C0 $9EC0 $5CC0 $60C0 $56C0 $52C0 $A600 $24C0 $28C0 $6B00 $6A00 $73C0 $77C0 $C400 $C300 $6D00 $C500 $23C0 $27C0 $6700 $4000 $72C0 $76C0 $BE00 $BD00 $6C00 $BF00 $AC0 $14C0 $3900 $3800 $8800 $8700 $19C0 $3A00 $8900 $9C0 $13C0 $3300 $3200 $9A00 $9900 $4500 $4400 $18C0 $3400 $9B00 $4600 $9D00 $A1C0 $9DC0 $51C0 $9C00 $A0C0 $9CC0 $50C0 $3D00 $C000 $3C00 $BA00 $3500 $8400 $2F00 $9600 $4100 $700 $FF00 $01 $9500 $B00 $400 $03 $201 $A00 $C00 $A00 $1D00 $1700 $1E00 $1900 $1800 $2300 $00 $1600 $00 $1700 $00 $D00 $3000 $2E00 $304 $305 $306 $708 $808 $908 $A08 $B08 $408 $508 $608 $104 $105 $106 $303 $302 $103 $102 $203 $202 $204 $205 $206 $2B00 $900 $308 $304 $303 $302 $01 -$102 $01 3&$$1D $C720 $255A $D66A $C144 $D155 $893B $7FF8 $F319 $F4F5 $D36F $B17 $1C38 $7A08 $540E $9C6B $E99A s$00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 $00 23:38:18:405 23:38:18:405 02562470 BIO_read(nbio, 0x24F14C8, 0) = 0 [12] Data: 23:38:18:406 23:38:18:406 02562470 TCustomSslWSocket.Do_FD_CLOSE error #0 handle=1780 23:38:18:406 23:38:18:406 02562470 *CloseCalled handle=1780, State=SSLv3/TLS write client hello (TLS_ST_CW_Client_Hello), Err=error:00000000:lib(0):func(0):reason(0) 23:38:18:406 23:38:18:406 02562470 SslHandshakeDone(1) Handle=1780. error:00000000:lib(0):func(0):reason(0), State: SSLv3/TLS write client hello, connection closed unexpectedly, session reused=False 23:38:18:406 SSL Handshake Failed - error:00000000:lib(0):func(0):reason(0), State: SSLv3/TLS write client hello, connection closed unexpectedly 23:38:18:406 23:38:18:406 02562470 TCustomWSocket.Shutdown 1 handle=1780 23:38:18:406 23:38:18:406 02562470 FCloseInvoked=0 handle=1780, State=SSLv3/TLS write client hello 23:38:18:406 23:38:18:406 Control Socket Closed, error=0 23:38:18:406 FTP Session Closed 23:38:18:406 23:38:18:406 02562470 ResetSslSession handle=1780 From the server : 03/04/2020 23:38:18 - - Disconnected 03/04/2020 23:38:18 - > 127.0.0.1 234 Using authentication type TLS 03/04/2020 23:38:18 - - AUTH C:\TEMP\TLS 03/04/2020 23:38:18 - > 127.0.0.1 220 HOST Ok, FTP Server ready. 03/04/2020 23:38:18 - - HOST C:\TEMP\[127.0.0.1] 03/04/2020 23:38:18 - - Connected 03/04/2020 23:38:10 - Successfully Started the FTP Server The TfrmMain.SSLFtpServer1Host code : procedure TfrmMain.SSLFtpServer1Host(Sender: TObject; Client: TFtpCtrlSocket; Host: TFtpString; var Allowed: Boolean); begin { HOST might be ftp.domain.com or [123.123.123.123] } Allowed := true; end;

Here is from filezilla : 23:16:31 Status: Connecting to 127.0.0.1:5420... 23:16:31 Status: Connection established, waiting for welcome message... 23:16:31 Response: 220-Welcome to my Server 23:16:31 Response: 220- 23:16:31 Response: 220 ICS FTP Server ready. 23:16:31 Command: AUTH TLS 23:16:31 Response: 234 Using authentication type TLS 23:16:31 Status: Initializing TLS... 23:16:31 Error: GnuTLS error -110: The TLS connection was non-properly terminated. 23:16:31 Status: Server did not properly shut down TLS connection 23:16:31 Status: Connection attempt failed with "ECONNABORTED - Connection aborted". 23:16:31 Error: Could not connect to server 23:16:31 Status: Waiting to retry... From smartftp, the ftp server logged also the same like openssl s_client, filezilla, smartftp : 03/04/2020 23:19:41 - - Disconnected 03/04/2020 23:19:41 - > 127.0.0.1 234 Using authentication type TLS 03/04/2020 23:19:41 - - AUTH C:\TEMP\TLS 03/04/2020 23:19:41 - - Connected So confirmed it's from my ftp server. searching thorough ICS folder or my project file doesn't return a match for 'C:\TEMP' or 'TEMP'.

The reason i am not using more proper FTP Client is because it's faster to paste from windows command prompt. When using openssl s_client working then it will be guarantee to work in full pledges ftp client.

I don't have a clue without someone checking the project out. No, openssl s_client is understand the explicit starttls & ftp protocol, you can check the definition in here : -starttls protocol Send the protocol-specific message(s) to switch to TLS for communication. protocol is a keyword for the intended protocol. Currently, the only supported keywords are "smtp", "pop3", "imap", "ftp", "xmpp", "xmpp-server", "irc", "postgres", "mysql", "lmtp", "nntp", "sieve" and "ldap".

Thank you. New logging as follow : 03/04/2020 20:31:37 - - Disconnected 03/04/2020 20:31:37 - > 127.0.0.1 234 Using authentication type TLS 03/04/2020 20:31:37 - - AUTH C:\TEMP\TLS 03/04/2020 20:31:37 - - Connected 03/04/2020 20:30:58 - - Disconnected 03/04/2020 20:30:58 - > 127.0.0.1 234 Using authentication type TLS 03/04/2020 20:30:58 - - AUTH C:\TEMP\TLS 03/04/2020 20:30:58 - - Connected 03/04/2020 20:30:20 - Successfully Started the FTP Server The code is simple : procedure TfrmMain.SSLFtpServer1AnswerToClient(Sender: TObject; Client: TFtpCtrlSocket; var Answer: TFtpString); begin Logit('> ' + Client.GetPeerAddr + ' ' + Answer) end; I could not quite figuring out on why there is extra "C:\TEMP" on client? or server? replies. Waiting for IcsHosts for secure ftp server sample.

>> Improving your logging will help, you did not report the response or errors to commands received which is essential to error tracing with bad clients. I haven't know to logging the received command, perhaps you could give me the pointer or sample codes?. Logging in using filezilla or smartftp into ICS sample project is working fine. >>The latest ICS in SVN has FTP server improvements to simplify SSL configuration in the same way as the web and proxy servers two years ago using IcsHosts, but there is no sample to copy yet, you need to look at the multi-web server sample and see how that configures listeners and at http://wiki.overbyte.eu/wiki/index.php/FAQ_Using_IcsHosts. Thanks for the reminder, i am already using latest and greatest SVN commit, but i don't use any proxy as these tests is only from local range. Does that info also relevant with TSslFTPServer? About ICS 8.64 release, does sslTLS_V1_3_SERVER and sslTLS_V1_3_CLIENT will be finalized or completed before the final release?

>> I have no idea how the openssl client tool works or why you are using it to test FTP, but 'AUTH C:\TEMP\TLS' is not a valid command, it should be AUTH TLS'. You have not shown what smartftp sent. I couldn't figure it out why either in the server or client (filezilla) it's sent or received as 'AUTH C:\TEMP\TLS', in smartftp it just mentioned as cannot connect just if as the server is down. >> Since the ICS sample works, you have missed something in your implementation but I can not debug your code. The project was originally as normal plain non-secure FTP server, so i think also it may have missed something in the codes. Currently i cannot quite figure it out to pin point which is wrong. Other than 'barking' at the same tree, i think i will re-base my project with using the ICS sample project in which the project already 'guaranteed' & designed to work. Thanks a lot for all these times.

>> You don't log the IP address and port your server is using, although your client says port 5420 which is not an SSL FTP port, so the server does not attempt to negotiate SSL Using non standard ports for SSL requires extra code. V8.64 has a new Option ftpsAuthForceSsl that might do it simply. Using normal FTP port 21 also doing the same thing in openssl s_client and filezilla/smartftp. I have specified in filezilla/smartftp to do explicit AUTH TLS. Can you tell me on which event or parts for the extra code?, so i can make comparison with the ICS project. Already tried using 'ftpsAuthForceSsl' option but doesn't make any differences :-(. >> Not sure why you are testing an FTP servers with a non-FTP client that does not send the correct protocol. The following command below is sending the correct explicit TLS protocol, first connect with plain text FTP protocol until "AUTH TLS", you can search it on the internet about it. It being used normally for testing TLS server. The specified ftp part is for the FTP testing specification not a port. (using it on ICS sample project is working perfectly) openssl s_client -connect 127.0.0.1:5420 -starttls ftp The same thing from filezilla or smartftp 6:25:37 Status: Connecting to 127.0.0.1:5420... 16:25:37 Status: Connection established, waiting for welcome message... 16:25:37 Status: Initializing TLS... 16:25:37 Error: GnuTLS error -110: The TLS connection was non-properly terminated. 16:25:37 Status: Server did not properly shut down TLS connection 16:25:37 Status: Connection attempt failed with "ECONNABORTED - Connection aborted". 16:25:37 Error: Could not connect to server 16:25:37 Status: Waiting to retry...

What i am trying to achieve is only simple FTPd with only TLS v1.2 working. Original ICS sample is working fine with the same components parameters that i have copied from it, but on my project somehow it doesn't with the same certificates, key, CA. Just tried to generate my own self-signing certificate, key, and CA but the same thing happened. Used the ..\ICS\Samples\Delphi\SslInternet\SslCerts\IcsSslBuildCerts.bat file. Currently here is the log from logit : 02/04/2020 01:38:59 - - Disconnected 02/04/2020 01:38:59 - - AUTH C:\TEMP\TLS 02/04/2020 01:38:59 - - Connected 02/04/2020 01:38:58 - - Disconnected 02/04/2020 01:38:58 - - AUTH C:\TEMP\TLS 02/04/2020 01:38:58 - - Connected 02/04/2020 01:38:53 - Successfully Started the FTP Server 02/04/2020 01:38:53 - FTP SSL Types : ftpAuthTls 02/04/2020 01:38:53 - FTP SSL Types : ftpAuthSsl 02/04/2020 01:38:53 - SSL Verify Peer :0 02/04/2020 01:38:53 - SSL CA File 😕 02/04/2020 01:38:53 - SSL Private List :ServerKey.pem 02/04/2020 01:38:53 - SSL Certificate File :ServerCert.pem 02/04/2020 01:38:53 - SSL Session Timeout :300s 02/04/2020 01:38:53 - SSL Session Cache Modes : sslSESS_CACHE_SERVER 02/04/2020 01:38:53 - SSL Maximum Version : : sslVerMax 02/04/2020 01:38:53 - SSL Minimum Version : : sslVerTLS1_2 02/04/2020 01:38:53 - OPENSSLDIR: "C:\Program Files\Common Files\SSL" 02/04/2020 01:38:53 - platform: VC-WIN64A-rtt 02/04/2020 01:38:53 - built on: Tue Mar 17 20:12:47 2020 UTC 02/04/2020 01:38:53 - compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MT /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM 02/04/2020 01:38:53 - OpenSSL 1.1.1e 17 Mar 2020 02/04/2020 01:38:53 - Running 02/04/2020 01:38:53 - WinSock 2.0 02/04/2020 01:38:53 - Version 2.2 02/04/2020 01:38:53 - Winsock: 02/04/2020 01:38:53 - TFtpServer (c) 1998-2020 F. Piette V8.64 02/04/2020 01:38:53 - TWSocket (c) 1996-2020 Francois Piette V8.64 02/04/2020 01:38:53 - Using: 02/04/2020 01:38:53 - SslFtpServ (c) 1998-2020 F. Piette V8.64 From the openssl client : openssl s_client -connect 127.0.0.1:5420 -starttls ftp CONNECTED(00000164) write:errno=0 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 94 bytes and written 303 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---

@Angus Robertson Thanks you for taking a look at my thread, that's the problems, Ticslogger is doesn't work in my part, showing up as "Integer Overflow" when starting the x64 server. >>What SSL certificate are you using, and what intermediate, since you are setting SslCaFile. But servers don't use SslCAPath. The 01cert.pem, 01key.pem, cacert.pem are only default one from the ..\ICS\Samples\Delphi\SslInternet folder. What i have tried is also tinkering with the OpenSSL cipherlist and even accepting all cipher with "ALL" still couldn't make it working. Also countless time tinkering with SslMinVersion & SslMaxVersion still no dice, somehow it's like ICS ignoring my configurations/parameters :-(. If you have time, please take a look at my project, i am sure something simple or worse something in the code, upon comparing with beyond compare, i don't notice any big differences.