Angus Robertson

Windows applications are dependent on dozens of DLLs. We don't change stuff that works unless new functionality is needed or newer versions of Windows make something obsolete, which is fortunately very, very rare. But we have to change OpenSSL every couple of years because it's evolving with new standards and older versions are no longer supported. Angus

Why do you ask, what is your actual problem? The low level stuff has not changed in many years, it just works. Angus

This all came from the Mustangpeak SVN at svn://www.soft-gems.net/mustangpeak eight years ago, but that is all gone now. Dual license: // The contents of this file are subject to the Mozilla Public License // Version 1.1 (the "License"); you maynot use this file except in compliance // with the License. You may obtain a copy of the License at http://www.mozilla.org/MPL/ // // Alternatively, you may redistribute this library, use and/or modify it under the terms of the // GNU Lesser General Public License as published by the Free Software Foundation; // either version 2.1 of the License, or (at your option) any later version. // You may obtain a copy of the LGPL at http://www.gnu.org/copyleft/. I don't really understand git, would be easier to upload all the Mustangpeak projects to my own public SVN server. Angus

Six new zips for Win32 and Win64 versions of OpenSSL 1.1.1c, 1.1.0k and 1.0.2s can now be downloadable from the Wiki at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp . The DLLs are also included in the ICS distribution SVN and overnight zip. These releases are the six monthly updates of minor bug fixes, with no major security improvements. ICS applications require V8.57 or later to support OpenSSL 1.1.1c. Changes in 1.1.1c may be found at https://www.openssl.org/news/openssl-1.1.1-notes.html , 1.1.0k may be found at https://www.openssl.org/news/openssl-1.1.0-notes.html and 1.0.2s at https://www.openssl.org/news/openssl-1.0.2-notes.html Angus

> Now I'm at the step to improve the speed for the data transfer. I have tried to increase the ESP32 buffer size The ESP32 microcontroller is a small, very cheap device not designed for speed (it's used in mains smart plugs controlled by Alexa). From an ICS perspective do not mess with MTU or TCP settings, just make sure you have a static receive buffer of 64K or something from which you write to a file in chunks of that size. Memory files are not always a good idea, since they may come from paged memory. > I'm now wondering how to work at the BinCliDemo to receive the two clients simultaneously. Most ICS servers derive from TWSocketServer, where you put all your code into a client class and can handle hundreds of clients on the same port. If you really want clients on different ports, generally you need one server per port, although TWSocketServer will also listen on multiple ports such as 80 and 443 for HTTP and HTTPS. Look at the OverbyteIcsTcpSrvIPv6 sample which is the multi-client binary file transfer version that will work with your client. Angus

Sorry the limit of our FMX support is ensuring the components build and install as FMX libraries, and even that takes a lot of my precious unpaid time. The FMX samples have not been updated for several years. I personally only use VCL so am unable to devote any more time to FMX support, The developer that did all the cross platform and FMX work passed some years ago, and no-one has replaced him. Angus

Sorry, TWSocketThrdServer has never been supported by FMX, nor has it really been updated for a decade or more. It is probably little effort to add FMX support, but it is not often used since most ICS servers work fine without threads, It's only when you need several hundred simultaneous clients that threads become necessary, and then perhaps not one per client. Angus

For public servers, the best SSL test is https://www.ssllabs.com/ssltest/ which gives a long report on which protocols and ciphers are supported and recommends changes. With the ICS V8.60 and later, ICS servers should get an A+ rating providing you also have certain HTTP headers to block exploits. For private servers, you can use the latest ICS HTTPS client samples that allow disabling certain protocols and you can then try and connect to your server. The quickest way is to download the pre-build Browser demo application from http://wiki.overbyte.eu/arch/FrameBrowserIcs.zip which is a simple browser (no scripting) with extensive HTTP, HTML and SSL logging that allows you to set SSL Security to one of: SSLv3 Only TLSv1 Only TLSv1.1 Only TLSv1.2 Only TLSv1.3 Only TLSv1 or Better TLSv1.1 or Better TLSv1.2 or Better Backward Ciphers Intermediate Ciphers High Ciphers, 2048 keys High Ciphers, 3072 keys High Ciphers, 7680 keys In fact all ICS clients now have the same options in SslContext. Servers are more complicated, but again with V8.60 and later, you can set: SSLv3 Only Backward Ciphers, TLS1 or Later Intermediate Ciphers, TLS1.1 or Later Intermediate Ciphers FS, TLS1.1 or Later High 112 bit Ciphers, TLS1.2 or Later High 128 bit Ciphers, TLS1.2 or Later High 192 bit Ciphers, TLS1.2 or Later TLSv1.2 or Earlier TLSv1.3 Only provided your server is using IcsHosts. If not, V8.27 (two years ago) added SslContext properties SslMinVersion and SslMaxVersion which is what you should be using, not the old options. Angus

I have all the old source code, more interested if anyone has been updating it in the last 10 years or is still using UltraExplorer. Angus

Does anyone else still use UltraExplorer, an excellent replacement for Windows File Explorer, written in Delphi by Mustangpeak using VirtualShellTools and numerous other Delphi components? It was last updated about 10 years ago and the source was on Google SVN, now closed down. On one of my Windows 10 installs, UltraExplorer stopped working after a Windows Update, so I'd like to try and rebuild it. Some of the Mistangpeak components are being maintained as Github projects, but can not find UltraExplorer. I still have the SVN source from 2010. Angus

The TMultipartFtpDownloader component does not support SSL, it uses TFtpClient instead of TSslFtpClient. Angus

You need to follow the C++ installation instructions in readme8. We only support C++ for 10.2 and 10.3. Angus

No other way to get the remote UDP address, since there is no connection. All UDP applications use ReceiveFrom, it has always worked. Suggest you upgrade to a modern supported version of ICS, but you will need to change your application, all the unit names changed 10 years ago. Angus

ICS V8.61 has been released at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo and 10.3 Rio, and C++Builder 2006 to XE3, 10.2 Tokyo and 10.3 Rio. ICS supports VCL and FMX, Win32, Win64 and MacOS targets. The distribution zip includes the latest OpenSSL 1.1.1 win32, with other versions of OpenSSL being available from the download page. Changes in ICS V8.61 include: 1 - Added two new components using the new HTTPS REST component, which are both useful and illustrate how simply they can created, TIcsSms and TDnsQueryHttps, both in the OverbyteIcsSslHttpRest.pas unit with demos in OverbyteIcsHttpRestTst. 2 - The new TIcsSms component sends SMS text messages via an HTTP bureau, you will need an account. Initially supporting https://www.kapow.co.uk/ from where you set-up an account for £6.50 (about $9) which gives 100 message credits. Other similar bureaus can be added, provided there is an account for testing. The component has three methods, SendSMS sends an SMS to a mobile number and returns an ID, CheckSMS checks if the SMS with a specific ID has been delivered, pending or failed and CheckCredit returns remaining credit for the account. Messages longer than 140 characters should be sent as multiple messages, if supported by the network. 3 - The new TDnsQueryHttps component makes DNS queries over HTTPS (DOH), to ensure integrity and privacy from interception by ISPs or proxies. It includes a list of public DOH servers from Cloudfare, Google, Quad9 and others, and will make all common DNS queries, including all which does the seven most common queries together. The original TDnsQuery component has also been updated to support all the common queries and return them in using a single AnswerRecord array, rather than an array per query type, but remains backward compatible for existing queries. It now also returns alternate responses. Supports IPv6. The OverbyteIcsNsLookup sample uses TDnsQuery while the OverbyteIcsHttpRestTst sample uses TDnsQueryHttps. The latter sample also illustrates DNS over HTTPS using Json as a REST demo. 4 - Improved HTTP client and server NTLM authentication by adding Single Sign On with NTLM Session on Windows Domain to get credentials without needing them specified in code. 5 - Improvements in the HTTPS REST component to prevent TSslHttpCli events being overwritten by TSslHttpRest events. ResponseXX properties are now available in both OnRequestDone and OnRestRequestDone event handler. IcsHtmlToStr returns javascript content as well as XML and Json and does not ignore very short content. 6 - Improvements in the HTTP client, added more header response properties: RespDateDT, RespLastModDT, RespExpires and RespCacheControl. NoCache now sends Cache-Control: no-cache for HTTP/1.1. 7 - Fixed SSL certificate ValidateCertChain to check certificate start and expiry dates in UTC time instead of local time. Previously certificates issued in North America with UTC/GMT time stamps may have been seen as not yet valid. 8 - The FTP client now accepts badly formatted FEAT PROT responses. 9 - The Browser Demo sample using HtmlViewer now correctly supports authentication methods where a site requires a login, and has an improved log window that no longer slows down display of complex pages. Angus

Unread content only seems to show the last message in any particular topic, rather than all the unread messages in the topic. So if that last message is irrelevant, you can miss important earlier messages. Angus