Angus Robertson

CertVerifyMethod := CertVerNone is how you bypass internal chain verification. TSslWebSocketCli is derived from TSslHttpRest which has an internal TSslContext, and it's that component that does all the SSL stuff. You can use an external SslContext, see the notes in the rest component, for instance if you are using a hundred rest component instances to download lots of stuff in parallel. If you are using the real WebSocket protocol, it exchanges frames between client and server, and vice versa, and there are several methods WSSendText, WSSendBinary, WSSendFrame, etc, with the OnWSFrameRcvd event being received frames, which you need to check the data type and then process. IsWSConnected does as it says. If you want to send raw data without using WS frames, you are using the wrong component. Angus ,

As I said before, the option 'no temp file for xfers' magftpNoTmpFile will avoid the rename issue. you tried that and it did not fix the missing file name issue. The component will zip files before upload, old versions used VclZip, new versions on new versions of Delphi use Delphi native zip. Angus

That non-SSL sample is no longer part of the main distribution, the SSL version was last updated two weeks ago in SVN. But the FTP commands have not changed in many years. Angus

I've tested the FtpUpOneFile function against my FTP server, and it works are expected. The only explanation for the missing file name in the logs is the parameter RemTarFile not being passed to the function, but unfortunately it is not logged other than when being used for FTP commands which all show blank in your log. So the only way to further diagnose the problem would be to add logging with RemTarFile at the top of FtpUpOneFile and FtpCheckFile. No point in my doing it in the current version since you are using an older version. Angus

The purpose of the Websocket is to exchange data with a server, so it opens a connection and does a GET to the path you specify, just as HTTP does, if you don't want that it's not Websockets. I suggest you try using the OverbyteIcsHttpRestTst sample I mentioned, if that does not work you would appear to be using a custom protocol. In a console application, you need to call the message pump after every line that accesses IP functions, ICS is fully event driven. The sample I mentioned makes a single HTTP command, waitis for it to finish and exits. If you are making a series of commands, the console applications gets more complicated. Angus

V8.01 is 14 years old, unsupported. Angus

Thanks for the comments, not all features get fully tested provided they don't break anything, I'll see what I can do improve matters, but it may be a couple of weeks. Angus

Don't believe it's a server issue, nor was there a timeout issue, it failed due to the client sending too many bad commands without the file name as an argument. You can always try uploading to my public FTP servers which are ICS based, the Snippets sample does FTP uploads and downloads, but you'll need a login for uploads which I'll email. If you do upload something, let me know the time so that I can check the server log, there is a lot of traffic each day. But I expect it to show the same issue. To try the latest ICS version, you can download the compiled Xfer sample, https://wiki.overbyte.eu/arch/icsdemos-clients.zip Angus

If you are using IcsHosts, you can not set any SslContext options, they are set by the component according to the SslSrvSecurity level you set, which uses internal cipher lists with Mozilla recommended cipher suites according to how much backward compatibility you want with older clients on ancient versions of Windows of Android. For TLS/1.3, it always adds the sslCipherTLS13 constant ciphers, which include CHACHA20. So perhaps the answer to your problem is one or more SslSrvSecurity levels that only have AES ciphers? Meanwhile, you could edit that constant to remove the first cipher in the list to fix your problem. Beware the TLS/1.2 ciphers also include CHACHA20. I probably have to revisit ciphers again since newer OpenSSL versions are adding newer ciphers, which we currently ignore. Angus

I've looked briefly at your log, and it seems a lot of early commands are failing trying to check if the file being uploaded already exists on the server (MLST, MDTM) due to the same missing file name as after upload. But the logging is not enough to show where the name is lost, it's a balance between debug bloat and being user friendly. The FtpUpOneFile function is not one I use in any of my current applications, only FtpUpload, although both use the same internal functions for all FTP commands. But it might be worth trying FTP Multi with source file name as your single file, and see if that works OK. I'll do some more testing of the single file transfer functions, but not today. The only thing to try would be a different file name, not an EXE, no idea how, but perhaps some AV software is corrupting these commands to stop you uploading EXE files, it's the kind of thing the end point protection gangs do in the name of protecting you from yourself. This is a very long shot, I hope! BTW, it not the FTP server, the commands don't reach it. Angus

There is an old console HTTP sample OverbyteIcsConHttp which is now in the archived samples download https://wiki.overbyte.eu/arch/arch-samples-V9.1.zip Essentially, it just has a message loop after the request, FHttpCli.MessageLoop; and the RequestDone event has FHttpCli.PostQuitMessage; which causes the loop to break and the application to die. Alternatively, you can call ProcessMessages in your own loop checking stuff until you are ready to break. I'll make sure the next release has at least one console SSL sample. BTW, you don't need an TSslContext with the new high level components, it's created internally. Angus

Can you please confirm your query only relates to the ICS SSL server, and not clients? From your comments, I assume you are not using IcsHosts to specify certificates and SSL parameters? Angus

There is a terminology issue here, Websocket is a specific protocol based on HTTP. TWSocket is the name of the base ICS component for all low level socket operations, and does not handle high level protocols like Websocket. ICS has a TSslWebSocketCli component, there is a simple function doWebSocketClick in the OverbyteIcsSnippets sample you can build and run which accesses one of my servers, or a full example in the OverbyteIcsHttpRestTst sample that should allow you to access your site. ICS has several console samples, but they are no longer in the main distribution not being needed very often, I'll have to look one out. Angus

Somehow, you are not passing a file name for the upload, or it being lost. But the component should stop you doing that... The reason may be in the log which should have the file name a few times already. Angus

As I requested earlier, please email the complete log for the transfer, selected excerpts are meaningless. But please disable low level diagnostics. The problem is clear from the log, renaming is failing due to no new file name, the log might show something earlier. You could set the option 'no temp file for xfers' which is a quick fix, that feature goes back to the days of dial-up modems where dropped internet connections were common. Angus

All newer high level ICS components have a logging event for display, progress and file logging, slightly different names in different components, the FTP one is CopyEvent as used in the Xfer sample. The FTP close problem I fixed was time related, a network appliance may close the FTP control channel during a long data transfer due to inactivity, so nothing happens after the data connection closes, The solution was to send periodic commands on the control channel, if the server accepts them. I had the problem after two hours. Angus

Sorry, that logging level was only ever designed to debug SSL operations, and does not show any FTP commands, so I've no idea what your application is doing or what error messages are being reported, not even whether you are using SSL/TLS. Can you please email me the normal log of the complete session, showing all commands and files. Also, your component is four years old, there was a fix for aborted uploads in V8.71 that related to those taking over 30 minutes, a 50GB file in my case. Angus

Has anyone tried this service for signing applications, free until June 2024, then $9.99: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/trusted-signing-is-in-public-preview/ba-p/4103457 Angus

I have Delphi 2007 installed on Windows 11, use it weekly without any real problems, although it does crash more often than modern compilers on the same PC, which also crash. Angus

ICS V9.2 has been released at: https://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10, 10.1, 10.2, 10.3, 10.4, 11 and 12 and C++ Builder 10.4, 11 and 12. ICS supports VCL and FMX, Win32, Win64 and MacOS 32-bit targets. Beware Mac OS-X and C++ have not been tested recently due to lack of support from such users. The distribution zip includes the latest OpenSSL 3.0.14. 3.2.2 and 3.3.1, for Win32 and Win64. Changes in ICS V9.2 include: 1 - V9.2 is a minor release, fixing a few issues introduced in the last major release, and other bugs located since. There are no breaking or installation changes from V9.1, but if updating from earlier releases please read https://wiki.overbyte.eu/wiki/index.php/Updating_projects_to_V9.1 2 - TIcsMailQueue can now queue a prepared EML file created by another application, or perhaps received by the SMTP Server. Added optional SkipEmpty argument to StartMailQu method so queue is not started unless there are pending emails waiting to be sent. The sample has 'Send Prepared EML File' to queue an existing EML file rather then preparing email with properties. 3 - Improved email MIME decoding by supporting embedded boundaries, usually for multipart/alternative parts, within a multipart/mixed message, using code written 20 years ago but suppressed for some reason. Previously these parts were sometimes left encoded within a part. There is a new property LooseRFC to allow decoding if the boundaries in the body are missing the two required hyphens, usually because the boundary also begins with hyphens. TMimeDecodeEx should now always return the body if no MIME parts are found, and TPartInfo has PLevel which is Part Level, and PInfo which is displayable part information for logs. The MimeDDemo sample has various improvements to test these features. 4 - Fixed a nasty Win64 problem reading EC certificates from the Windows Store, which may have caused server crashes, also reproducible in the PemTool listing the Windows Store. This was due to Win64 bad initialisation of a buffer used for a Crypto API call that failed. 5 - The HTTP client now checks the URL always has / at start of the path, ie add it for test.com?query. In the REST client, added a sanity check for RawParameters to encode any spaces, which can break the HTTP request. After a file download completed, check actual file size against response size. The multipart/form-data MimeBoundary no longer includes extra -- at start that are required preceding boundaries within parts, some web servers may have been unable to decode our MIME encoding. 6 - The HTTP server has a new method AnswerRedirect for various redirection responses to a new URL. When accessing the default document in a path without a trailing path delimited /, redirect using 301 to the correct path with delimiter instead of adding it locally and displaying the document which will then incorrectly link to pages in a higher level directory. Using the THttpOption hoAddMissPath redirects if the default document is missing perhaps a template or virtual document. Fixed a bug where authenticated POST/PUT requests always returned a 404 error. Added AnswerBodyTB client response with TBytes binary, similar to AnswerString, tested in the sample by supporting favicon.ico request. Check if the request HTTP version gets corrupted due to spaces in the URL, which are not allowed. The SslMultiWebServ sample has new web pages to test POST/PUT and template authentication. 7 - TSslX509Certs has a new function CertResetDomain to reset a certificate order state to None, if the order process stalls or gets confused due to errors. If AcmeV2StartChallgs fails because there are no pending challenges, reset to order to None so it starts again next time and does not loop. 8 - ICS not longer tries to load OpenSSL RAND_screen function that may be missing from recent DLLs. 9 - TIcsHttpMulti fixes a bug introduced in V8.66 that stopped the application setting authentication, rather than adding it to the URL, and a Win64 free stream bug. 10 - TIcsIpStrmLog correctly counts failed client connection attempts if ping is not used first to check the remote IP address. The sample has a new client Retry Attempts box to test this. 11 - Updated the Snippets sample to use authentication to access some the hardcoded URLs, which started failing after authentication was added to test web server bugs (see above). 12 - Added OverbyteIcsHttpThrd sample to show how to use TSslHttpRest component in a multi-threaded program. 13 - Improved Posix support for Linux and Android, not tested or supported yet. Beware SSL does not correctly load for Posix at the moment. 14 - Added support for a new feature release of OpenSSL 3.3 with {$DEFINE OpenSSL_33} in the Defs.inc file, ICS includes new versions of the active versions, 3.3.1, 3.2.2 and 3.0.14, but no longer includes 3.1 since there are two newer feature versions. 15 - Updated the 'ICS Intermediate Short' SSL certificates, used by ICS to generate temporary server certificates to allow SSL servers to run until a Let's Encrypt or commercial certificate is installed. It now expires after 200 days, 21st December 2024, after which self signed certificates will be used instead, unless a newer 'short' is installed. 16 - Only Delphi 10.41 and 10.42 (10.4 with updates 1 or 2) will install correctly with the new install packages, the original RTM version does not support the package LIB suffix: $(Auto) so you must change it manually for each package to 21.0. The release notes for V9.2 are at https://wiki.overbyte.eu/wiki/index.php/ICS_V9.2 All ICS active samples are available as prebuilt executables, to allow ease of testing without needing to install ICS and build them all. There are four separate zip files split into clients, servers, tools and miscellaneous samples which can be downloaded from https://wiki.overbyte.eu/wiki/index.php/ICS_Samples Angus

Just check all the C++ package options are sensible, and match those of the latest Delphi packages, I may have missed something since I've never managed to build a C++ package. Angus

ICS is a free component library used to build software applications, there are no export approvals for ICS, country of origin is the world, it contains code from multiple countries. Angus

When you drop a component on a form, the IDE automatically adds the unit to the uses clause. Is there a way for that component to get the IDE to also add a second unit on which it is dependent? Angus

Added a few lines to the ICS design package registration unit, and two extra units are now being added automatically when components are dropped on forms, or those forms are accessed in the IDE. Would not have been possible without a Stack Overflow answer by Remy Lebeau, Aug 19, 2020: Have your design-time package implement a class that inherits from TSelectionEditor and overrides its virtual RequiresUnits() method, and then register that class for your component using RegisterSelectionEditor(). This way, whenever you place your component onto a Form/Frame/DataModule Designer at design-time, any additional units you report from RequiresUnits() will be added automatically to that unit's uses clause when the unit is saved. uses ..., DesignIntf; type TWebBrowserWrapperSelectionEditor = class(TSelectionEditor) public procedure RequiresUnits(Proc: TGetStrProc); override; end; procedure TWebBrowserWrapperSelectionEditor.RequiresUnits(Proc: TGetStrProc); begin inherited RequiresUnits(Proc); // call Proc() for each additional unit you want added... Proc('MyWrapperUnit'); Proc('MyUtilityUnit'); end; procedure Register; begin RegisterComponents('My Wrappers', [TWebBrowserWrapper]); RegisterSelectionEditor(TWebBrowserWrapper, TWebBrowserWrapperSelectionEditor); end; Angus

ICS now only needs to add two units to meet almost all event handler type needs. Users of old compilers can not always get the same features as newer compilers, so may have to add uses manually, as everyone has for 25 years. There is an argument for only supporting new compilers, but I still have a commercial application using Delphi 2007, so support for that will not be dropped any time soon Angus