Angus Robertson

That exception happens when ICS attempts to load all the OpenSSL exports, it would appear the OpenSSL version is missing certain EC_GROUP exports that are available in the standard 3.0 library. Unfortunately, the screen short truncates the error list, there may be lots more missing. They may be logged, can not recall if that sample has a log. Not sure if ICS uses EC_GROUPs, if not we can simply avoid loading them and the problem goes away. I've done that before. I guess I need to build a Hyper-V RedHat VM to test in my copious spare time, the issue is what other important stuff do I ignore to do that? Angus

I fixed all the Linux resource file build issues and wincrypt problems two months ago, and built the Linux test package yesterday with V9.3 without errors, so it sounds like your version is V9.2, try the final release. Provided your Linux project does not include TWSocket, it should work. Try building the new IcsPemTest FMX sample on Red Hat provided it has OpenSSL 3 libraries in the same path as Ubuntu. I will install Red Hat at some point, but only once most of ICS is working on Ubuntu. My testing showed putting TWSocket on a Linux format prevented that form appearing in Linux, some library function it brings in that just stops apps running, which is why I created the new IcsPemTest sample so at least something would run. Angus

I'm not clear which ICS version you are using, only V9.3 released yesterday builds for Linux with SSL, but only utility functions work, like creating and reading SSL/TLS certificates. I've only tested against Ubuntu 22.04, not Red Hat. ICS does not yet support TWSocket for Linux, so no protocols will work. A new cross platform message pump supporting Windows and Linus has been written, but has not yet been added to ICS V9, probably within the next six months. I'm planning to make this conditional, so Windows applications can use the existing or new message pumps. Previously ICS had a second message pump that was only supported MacOS, not Windows, which I've just removed ready for the new pump. Another ICS user tried to make the MacOS pump work under Linux, but I never managed to build ICS with the changes he submitted. Angus

I've just tested the OverbyteIcsSslMailSnd sample in V9,3 and it's sending content and attached files as expected with the correct encoding headings. But it is not attempting to send HTML emails. BTW, the component expects String content and will convert to whatever encoding is specified, no idea what will happen if you encode UTF8 and it then encodes it again. Angus Angus

SVN for ICS V9 is https://svn.overbyte.be/svn/icsv9/ Do we have the old URL for V8 somewhere? Angus

There is a new ICS sample OverbyteIcsBasicWebServer.dpr in SVN, will be zipped overnight, which is a simplified version of OverbyteIcsSslMultiWebServ ignoring configuration INI files, security features, session data, most demo pages and most logging, and settings for localhost set in code, search for IcsHosts to change IP addresses, etc. But this sample will be a much easier starting point for those developing web or Websocket servers with ICS. I'm going to copy most of the code into another new ICS sample that needs a Websocket server. Angus

WMI is about LAN computers with NetBIOS, you don't usually use IP addresses to connect to remote servers, but computer names. For the local computer, use a blank name and credentials, but you might need admin rights for some WMI classes. The ICS component library has a WMI unit that does all this for you, and an EXE sample, it displays the Win32_printer class, but I suspect getting the queue is complicated. Angus

Thanks, fixed the erroneous $ifend. I still have customer applications using D2007, so would have found it soon. The ICS distribution only includes OpenSSL DLLs in C:\ProgramData\ICS-OpenSSL\ which are always the latest version, when you build the packages a batch command file runs that copies them from the install directory to ProgramData, so I guess that failed in your case. The DLLs in version directories were extracted from the resource files, and need to be version specific since different ICS applications may be using different OpenSSL versions. No idea why Windows Security gave you a warning, no-one else has mentioned that in eight months since ICS has used OpenSSL resource files. Angus

If you really mean the websocket protocol and not HTTP, there are no header or bodies or protocol, once a websocket is open there is simply a two way TCP stream, and you can send what you like. That stream arrives at the server in the ClientWSFrameRcvdEvent as a string packet and TWebSocketReceivedFrame to tell what typer of data is arriving (text, binary, or closing), it's up to the developer to decide how to interpret that data. Angus

ICS V9.1 has been released at: https://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10, 10.1, 10.2, 10.3, 10.4, 11 and 12 and C++ Builder 10.4, 11 and 12. ICS supports VCL and FMX, Win32, Win64 and MacOS 32-bit targets. Beware Mac OS-X and C++ have not been tested recently due to lack of support from such users. The distribution zip includes the latest OpenSSL 3.0.13. 3.1.5 and 3.2.1, for Win32 and Win64. The highlights of V9.1 were posted in this topic two weeks ago, and are included in the download page. The full release notes for V9.1 are at https://wiki.overbyte.eu/wiki/index.php/ICS_V9.1 There is also a new page https://wiki.overbyte.eu/wiki/index.php/Updating_projects_to_V9.1 to help with migrating existing projects. The main ICS readme9.txt has the installation section rewritten to explain the new common groups and packages used for Delphi 10.4 and later, so you won't find any dedicated ICS packages for Delphi 11 or 12. The readme now also explains all defines in the .\Source\Include\OverbyteIcsDefs.inc file that control how OpenSSL is loaded. All ICS active samples are available as prebuilt executables, to allow ease of testing without needing to install ICS and build them all. There are four separate zip files split into clients, servers, tools and miscellaneous samples which can be downloaded from https://wiki.overbyte.eu/wiki/index.php/ICS_Samples Angus

The line: FEmailBody.Add('Content-Transfer-Encoding: quoted-printable') {AG} is unchanged in 15 years. But I will test the sample to make sure it works, in a few days time. Angus

There have been no changes to TSSLSmtpCli since V9.0, except to build with other units. I'd make sure whatever properties are used for attachments are cleared, sorry, don't know which off hand. Angus

Sorry, you'll need to explain what you are doing with which component. Angus

You still need {$IF Declared(RTLVersion122)} if you want the component to also work on 12.0 and 12.1. And $IF is not supported on earlier compilers, if that matters. Angus

There are several ways of fixing the TList change, your conditional check would not work for Delphi 7 or Delphi 12.1, as has been explained earlier in this topic, and I prefer not to have too many special types in libraries, makes them harder to understand. You also need to change the setters, Angus

I only updated two ICS components derived from TList, not TObjectList with NativeInt, by creating a new {$DEFINE TListNatInt} for 12.2 and later, and then using conditional code, tested in 1.2 and 11.3, TObjectList may need a different approach. Angus

The new certificate chain checking event is now in SVN, look at the OverbyteIcsHttpRestTst sample. Angus

Assuming the warning relates to TList,Items[Index] changing from Integer to NativeInt, I created alternative versions of the SetItem and GetItem functions with NativeInt. Our library needs to support older versions like 12.1 without warnings so DEFINES for 12.2 and later complicate it, you can probably just change a few Integers to NativeInt. Angus

I have the same problem with two units in ICS, so have added alternative NativeInt versions of the Items property for D12.2 and later. Angus

I'm getting the FmxLinux DLL missing error as well, can we not just install it manually, or was it only ever installed by GetIt? Angus

The OverbyteIcsSslMultiWebServ sample serves both web and websocket pages, since all websocket requests start with an HTTP request to port 80/443. But you can remove all the code relating to creating web pages from the sample, the OverbyteIcsSslMultiWebxx units, etc, leaving just the default page and websocket handlers ClientWSxx and WSxx which do the websocket events. I will look at a new simple web server sample, similar to the client snippet samples, but unlikely to be ready for the next release. Angus

I would expect the difference downloading a 100M file to a tiny percentage difference, likewise making 100 sequential short 1M requests, or 1,000 sequential API JSON requests. http/2/3 might be faster if you are doing 20 parallel API requests, if the application supports that. I added a Websocket API interface to one of my servers recently to allow thousands of requests on the open socket, I tested 50/sec, but my customers were using scripts that only managed two WS requests a second. What specific application do you need http/3 for? Angus

I looked at MSQuic when it came out with a view to supporting it for ICS. For Linux, MSQuic uses a forked OpenSSL version, but SChannel for Windows. So MSQuic requires the latest Windows OS. From a Delphi perspective, MSQuic does not include HTTP/2 or HTTP/3 protocol support, and I'm not aware of any Delphi native implementations of either, only the nghttp2 DLL solution, and external DLLs are less than ideal for Delphi applications. I'd like to write a Delphi HTTP/2 implementation for ICS, but it really needs to be sponsored. I can not justify the time myself, rather work on more useful projects. To my knowledge, there are no functional benefits to HTTP/2 except performance with complex web applications with hundreds of elements on a page, and Delphi is not usually used for complex pages. The OpenSSL committee declined to accept the complex QUIC fork and instead added QUIC in a different way, the client version is available now, the server version has just started alpha testing. But without HTTP/2 for client and server, there seems little point in adding QUIC to ICS. Angus

ICS includes an TIcsInetAlive component to check for IPv4 and/or IPv6 internet connectivity, using Ping and/or HTTP, to the same Microsoft servers that Windows uses to detect the internet, www.msftconnecttest.com and ipv6.msftconnecttest.com. Angus

Thanks, please try to get the IcsCommonCBNew and IcsVclCBNew packages in SVN to build in 10.4 or later, not concerned about fixing older packages now. Then please email them to me with any other units that need fixing, hopefully none. Angus