Angus Robertson

I only use 125% scaling on my 4K monitor, but it is 49 inches, my old Toshiba TV (got a larger one). But my second side monitor is 32in at 100% scaling, so I can move applications sideways to easily check the form positioning is correct. Having started my development life in 1980 with 80x24 terminals, then 14in PC monitors, having large screens with so many open windows side by side really does make life so much easier. Angus

On reflection, I will add your new prototypes to ICS. I was going to suggest you created your own import table with the RSA functions, similarly to the OpenSSL engine table that requires a define conditional to import. But ICS has a problem with the OpenSSL import tables getting larger as new functions are added, but old ones rarely disappear when they cease being used. So I'll create a new import table that will have most of the RSA_, ECDA_, DH_., EC_KEY_, EC_GROUP_ and DSA_ exports, with a new define around all those functions and the table, to ensure that none are currently being used by ICS. I already had to remove some EC_GROUP_ exports that have disappeared from some Linux distributions. Should be in SVN in a couple of days. Angus

You should be able to use the IcsAsymVerifyDigestTB function to replace your old code, passing it the RSA key as EVP_PKEY. Angus

RSA_verify is a deprecated low-level signing function, you should be using the EVP_VerifyFinal and related EVP functions. Not sure that we want to add deprecated functions, ICS has already been updated to stop using most of them. Angus

The release announcement for 3.4.0 last October said 'Also note when building the ICS packages for the first time with 3.4.0, there may be a dialog 'entry point could not be located', because the new DLLs are only extracted from the resource files when the first application is run, but the packages have built OK'. Your original error was a mismatch of the two DLLs, an old export had gone from one which the other expected, once both DLLs matched the problem went away. Don't recall the second error, but probably related. The problem might relate to your other component package using different versions of OpenSSL in a different location. Angus

I saw this once a few months ago, when updating to a new release of OpenSSL, but it goes away when you run an application built with the latest ICS that has the latest OpenSSL, which updates the OpenSSL DLLs the first time it runs. If you have not copied the latest DLLs from the distribution into C:\ProgramData\ICS_OpenSSL Angus

If you are using ICS created Let's Encrypt certificates in Windows IIS web server, you may find web sites no longer work correctly, giving a certificate error. This is because Let's Encrypt had discontinued it's OCSP service as a means of determining if certificates have been revoked. In each IIS site bindings, for each listener, you need to tick 'Disable OCSP Stapling', and the certificates should work again. Happened here after a reboot for patch Tuesday. I did not see any OCSP errors or warning in the IIS or Windows event logs, but knew about OCSP being abandoned. I've already added conditionals to the next ICS release to remove our OCSP code. Angus

There is also the risk when using non-standard protocol extensions that firewalls, proxies, load balances, etc, may reject or corrupt the requests. If an API needs to delete a massive number of files, it should use an HTTP POST request with the Json including a delete command, not the HTTP DELETE request with content. But I will look at adding this to the ICS client and server, so we can at least test what happens when content is sent with GET and DELETE. Angus

Please make sure you are using MQTT from SVN or the overnight zip, I did a major rewrite a couple of months ago that is not yet released. Coming back to your original problem, the best solution will be a new wrapper component around the ICS MQTT client, that handles reconnection if the connection drops, including using a list of IP addresses for multiple servers. This will avoid applications needing to handle all the reconnection stuff, which is tedious. I'll put it on my list, but it may not make the next release, which is already overdue. The TIcsIpStrmLog client component already does reconnections, just need to take those properties and methods. Angus

I said that TRestParams can not currently create an array of Json objects, at least without nesting multiple components, but it may in the future, Angus

Not sure how quickly your network will recognize that an IP address has moved between devices, that is something that does not happen very often. Each client will need to refresh its ARP cache table to find the MAC of the new PC. WMI can be used to change IP addresses, ICS has a free WMI component and sample that sets IP addresses and gateway. A better solution would be for the clients to know about each server, and use the secondary if the primary fails to respond. Angus

You just build a Json string with your parameters, you can use some helpers from TRestParams.GetParamStream like IcsEscapeJson if your content needs such processing. Then pass the string as RawParams in RestRequest(), the component then builds a stream for you. But this will fail for DELETE as discussed above. Can you please check the API server really is expecting content, do you get a 204 error, does the API documentation actually say content is needed for DELETE? I'm not going to update the component unless I can test it and know the change is really needed. Angus

Anything that crashes the ICS web server is something that should be fixed, if you are sure GET with body is fatal, I'll put it on my list to test and try and fix. I get thousands of hacking attempts on my public server daily, even have a dynamic blacklist to block repeats accesses, currently 4,600 IPs blocked for the last thee days. Angus

I'm not aware that the DELETE request is allowed to submit data as a body, this is not mentioned at: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Methods/DELETE Which is why PContBodyJson is ignored. If a body is allowed for DELETE, ICS will need to be updated TRestParams does have an array method, RPTypeArray, used by AddItemAR(const aName: String; aValue: TStrings), but there is currently no way to create an array of objects in the manner you require, sorry I simply never anticipated it when designing the component, there are simply too many ways to build Json. I'll put it on my list, but it may take a while. Meanwhile, you could build the Json with SuperObject or manually. Angus

I've removed the unwanted DCR and -k, did not show up because Build Groups stops on the first error, so never got to build all the different versions. I fixed the MQTT warning yesterday and have just done the AnsiString warnings, so C++ Win32 now builds without any warnings or errors. Win64 fails completely because dcc64.exe seems to have disappeared with D12.3, think they want us to use Win64 Modern only now, but I get the same error with Win64 Modern. Sorry, no time to mess any more now. Can not upload anything to SVN until I've finished some testing, early next week. Angus