-
Content Count
1881 -
Joined
-
Last visited
-
Days Won
33
Everything posted by Angus Robertson
-
OverbyteIcsLIBEAY.hpp Line 58 typedef void __cdecl (*TCryptoThreadIDCallback)(Overbyteicsssleay::PCRYPTO_THREADID ID);
Angus Robertson replied to ICS_NEW's topic in General Help
The oldest version of OpenSSL that ICS supports is 1.0.2, it will not load older versions, nor even that old out of support version shortly. If you want to use ancient versions of OpenSSL, you'll need to use an anciient version of ICS, if you can find one. Angus -
"Simulating" a com port with data arriving
Angus Robertson replied to Dave Nottage's topic in Windows API
Com0Com works fine on Windows 10, you need the 64-bit version with code signed driver. By default it uses alphabetic port names CNCA0 and CNCB0 which some async components don't support (only numeric), but I fixed Async Pro 15 years ago to accept them. Angus -
OverbyteIcsLIBEAY.hpp Line 58 typedef void __cdecl (*TCryptoThreadIDCallback)(Overbyteicsssleay::PCRYPTO_THREADID ID);
Angus Robertson replied to ICS_NEW's topic in General Help
No idea where you found Win32OpenSSL-1_0_0a.exe must be 10 years old, we certainly don't support it. You will find the latest OpenSSL included in the ICS zip. Sorry, we don't support C++ XE7, there are no packages for it. Other users have helped us support C++ for 10.2 and later, but you will need to update the XE3 package and make it work with XE7. Angus -
ICS v8.64 can't compile on Delphi 7
Angus Robertson replied to Kyle_Katarn's topic in ICS - Internet Component Suite
V8.65 is not released yet, but I did build it Delphi 7 successfully several weeks ago, so use the overnight zip. Angus -
TWClientSocket OnConnect & OnDisconnect handlers?
Angus Robertson replied to aehimself's topic in ICS - Internet Component Suite
If you use TIcsIpStrmLog. you won't need to be concerned about the low level receiving function, that is tried and tested in the component which provides you with packets or lines. Angus -
TWClientSocket OnConnect & OnDisconnect handlers?
Angus Robertson replied to aehimself's topic in ICS - Internet Component Suite
For a new application, you should look at the OverbyteIcsIpStmLogTst.dpr sample that uses TIcsIpStrmLog. This is effectively a high level version of TWSocket that may be configured as a client or a server and hides most of the low level events and error handling from you, supports SSL/TLS and allows you to send lines or files, and receive from a single event, only needs a few lines of code for either. Try the sample which will send data to itself. Angus -
TWClientSocket OnConnect & OnDisconnect handlers?
Angus Robertson replied to aehimself's topic in ICS - Internet Component Suite
The OnSessionConnected event and state wsConnected really mean async connection attempt finished, either successfully or failed according to the error code, it may not be triggered for 30 seconds or more with TCP timeouts. Connecting to a local port not listening fails quickly. Every ICS async method results in a state change and one or more events being called when done, so you can decide what to do next, depending on what happened. That is the major difference from using blocking TCP implementations that don't return until completed. You can not use state alone to know when a connections succeeds. Angus -
You don't normally configure IcsHosts or the server through the object inspector, but from an INI file. The component has two functions IcsLoadFtpServerFromIni and IcsLoadIcsHostsFromIni which load all the required settings from an INI file set-up similarly to the following, this is the second of two servers, behind a NAT firewall, but could be using public IP addresses. It orders the SSL/TLS certificate automatically without any other settings. Once the settings are loaded, you call ValidateHosts to check everything then Start, BTW, these IcsHosts settings prevent FTP being accessed without SSL. [FtpServer:2:Host1] Hosts=sip.magsys.co.uk HostTag=SIP.MAGSYS BindIpAddr=192.168.1.123 BindIpAddr2=2a00:1940:1:2::123 BindNonPort=21 BindSslPort=990 AuthSslCmd=True AuthForceSsl=True Desc= HostEnabled=True SslCert=C:\certificates\local\sip_magsys_co_uk.pfx SslPassword=password SslSecLevel=sslSrvSecTls12Less CertSupplierProto=SuppProtoAcmeV2 CertDirWork=d:\weblogs\acme-certs\ CertChallenge=ChallFileSrv CertPKeyType=PrivKeyRsa2048 [FtpServer:2] DefaultHost=sip.magsys.co.uk ServerDesc=sip.magsys.co.uk on 192.168.1.123: 21/990 HostEnabled=True BannerConnect=220-\h\n220-\v\n220-ICS\s\n220 Server: \p at \o MaxClients=100 MaxAttempts=5 PasvIpAddr=217.146.115.85 PasvPortRangeStart=21001 PasvPortRangeSize=997 MD5UseThreadFileSize=100000 TimeoutSecsLogin=60 TimeoutSecsIdle=300 TimeoutSecsXfer=60 ZlibMinLevel=1 ZlibMaxLevel=9 ZlibNoCompExt=.zip;.rar;.7z;.cab;.lzh;.gz;.avi;.wmv;.mpg;.mp3;.jpg;.png; AlloExtraSpace=1000000 ZlibMinSpace=50000000 ZlibMaxSize=500000000 ListenBackLog=5 SrvOptions=[ftpsCwdCheck,ftpsCdupHome,ftpsNoPasvIpAddrSameSubnet,ftpsHidePhysicalPath,ftpsModeZCompress,ftpsSiteXmlsd,ftpsThreadRecurDirs,ftpsThreadAllDirs,ftpsEnableUtf8,ftpsAutoDetectCodePage] SslRenegotiationInterval=0 BandwidthLimitKB=0 SslCertAutoOrder=True CertExpireDays=30 RootCA=C:\certificates\TrustedCABundle-magdev.pem Angus
-
Sorry the lack of an FTP sample using IcsHosts, it's been on my list all year but other projects keep putting it back. It is however properly documented, follow the links from http://wiki.overbyte.eu/wiki/index.php/FAQ_Using_IcsHosts and all the properties are separately explained, including HostNames which are the DNS names for the SSL certificates. The latest version of IcsHosts does not even need SSL/TLS certificates, it will automatically create self signed certificates so the server can start, and then order proper certificates from Let's Encrypt, if required. The sample to look at is really OverbyteIcsSslMultiWebServ.dpr since the set-up and use of IcsHosts is almost identical in all servcers. Angus
-
TSslHttpCli 404 Connection aborted on request
Angus Robertson replied to Estefanie's topic in Delphi IDE and APIs
TSslHttpRest is descened from TSslHttpCli so is similar to use, but much easier, try the sample application. and http://wiki.overbyte.eu/wiki/index.php/FAQ_Using_TSslHttpRest. Angus -
TSslHttpCli 404 Connection aborted on request
Angus Robertson replied to Estefanie's topic in Delphi IDE and APIs
All ICS samples are tested with Delphi 2007 and later, and should still work with Delphi 7. Angus -
OpenSSL 1.1.1e Windows binaries available
Angus Robertson replied to Angus Robertson's topic in ICS - Internet Component Suite
Updated OpenSSL Windows binaries to 1.1.1h, regular minor release only, no security fixes. Angus -
TSslHttpCli 404 Connection aborted on request
Angus Robertson replied to Estefanie's topic in Delphi IDE and APIs
I suggest you build the OverbyteIcsHttpRestTst.dpr sample first and test your URL using that, then change your code to use TSslHttpRest instead of TSslHttpCli. it is much easier to use and the sample has several examples of how easy. Angus -
tsslhttpcli TSslHttpCli Access violation at address or 404 error
Angus Robertson replied to Estefanie's topic in ICS - Internet Component Suite
The old class is not deprecated, the new component descends from the old one so is 100% compatible, but includes many optional addons such as SSL to make it easier to use. Angus -
tsslhttpcli TSslHttpCli Access violation at address or 404 error
Angus Robertson replied to Estefanie's topic in ICS - Internet Component Suite
He is using an old component, the latest TSslHttpRest does all this automatically. But long experience in this forum shows people that start using the wrong component would rather continue trying to use it, than change to something better and easier, this comes up again and again and is really down to not enough ICS documentation, which costs money to write, which no-one wants to spend. Angus -
Many years ago Embarcadero/Codegear started restricting tech partner licenses to one year with no guarantee of renewal after that period. No vendor will develop commercial software using such a license when they may be stopped from supporting it after a few months, and the same applies to freeware that needs to be continually updated. There are now some older XE versions that are unusable because Embarcadero can no longer generate one year licences for them. Angus
-
tsslhttpcli TSslHttpCli Access violation at address or 404 error
Angus Robertson replied to Estefanie's topic in ICS - Internet Component Suite
You are trying to use SSL/TLS without using the proper components, you need to assign a TSslContext component to the SslContext property of HttpClient and initialise it correctly, see the PrepareConnection function in the OverbyteIcsHttpsTst1.pas HTTPS sample, although that uses lots of options you don;t actually need. Angus -
how to Properly check if Twsocket Tcp client is still connected ?
Angus Robertson replied to Skullcode's topic in VCL
The only reliable way to know if a TCP socket is still connected is to send something to the other end and receive a response. If there is no regular traffic, you really don't know the route still exists, so many technical things can cause a connection to fail without any socket close down being received. If you send something and there is no TCP ACK within several seconds, the data should be resent automatically until finally the socket is closed with an error. If you are designing a protocol that leave sockets open for long periods, best to send something regularly. Angus -
OverbyteIcsPemTool: Import a Windows Ceritificate Store to…
Angus Robertson replied to milan's topic in ICS - Internet Component Suite
To complicate dongles even more, Windows shows my Trusted Platform Module as a Security Device, but my USB dongle with a signing certificate and key as a Smart Card Reader (ACR101 SIMicro), so it;s quite probably the OpenSSL TPM engine might not recognise the latter. It comes with it's own windows drivers which work with Microsoft code signing. Angus -
OverbyteIcsPemTool: Import a Windows Ceritificate Store to…
Angus Robertson replied to milan's topic in ICS - Internet Component Suite
Yes, the ICS comments about engines say you have to extract the certificate from the Trusted Platform Module and turn it into PEM for OpenSSL, and there are TPM tools to do that. You can send commands to the TPM to query what it has. My desktop has a TPM and the ICS code signing certificate is on a USB dongle. Windows does have APIs to access the TPM, but I've never had a commercial need to look at them, TPMs have become more important this year with so many people needing remote access to secure corporate networks. Angus -
OverbyteIcsPemTool: Import a Windows Ceritificate Store to…
Angus Robertson replied to milan's topic in ICS - Internet Component Suite
Sorry, currently ICS does not support using certificates other than those loaded from files using OpenSSL functions. ICS does have support for OpenSSL engines which are essentially DLLs designed to access secure hardware such as tokens, but I've never seen such a DLL and OpenSSL has changed a lot in the 10 years since engine support was added. You can read the comments in WSocket on Apr 24, 2009 for more information. You would need to build the Trusted Platform Module project in github but it might need ICS changes to maker it work. Engines are obsolete with the next release of OpenSSL 3.0 due soon and there is a new way to access secure hardware so we may revisit this if someone provides a TPM provider which is the new way. I don't believe there is any possibility of OpenSSL accessing certificates and private keys in the Windows store. Not sure if Indy has current engine support. Angus -
OverbyteIcsPemTool: Import a Windows Ceritificate Store to…
Angus Robertson replied to milan's topic in ICS - Internet Component Suite
I never mentioned USB tokens, nor did you, no idea how they relate to a discussion about the windows store. Private keys are often stored on hardware security devices precisely to stop them being copied. Angus -
Invalid Compiler Directive: 'MESSAGES'
Angus Robertson replied to Incus J's topic in ICS - Internet Component Suite
These MacOS changes are now in SVN and will be zipped overnight. Angus -
Invalid Compiler Directive: 'MESSAGES'
Angus Robertson replied to Incus J's topic in ICS - Internet Component Suite
Thanks for joining this thread and helping to get ICS working on MacOs64. I've updated Ics.Posix.KEventTypes,pas with your fixes, but am wondering whether I should also be changing WSocket to use EV_SET64 and TKEvent64 instead of EV_SET in TIcsEventQueue? Or does MacOS64 support both. Not in SVN yet. I don't believe there is much point in trying to retain MacOS32 compatibility going since 10.4 no longer supports it. Regarding your off-list comment about TMultiReadExclusiveWriteSynchronizer and ThreadID, I did change this to ThreadID: TThreadID; last week to match all other instances. Please be aware I can now build for Linux64 but not for MacOS since don't have any Apple hardware, so I can catch general Posix compiler issues, but not Mac only issues. And the Linux message handler is not done yet. Angus -
Problem downloading GetIt package from GitHub
Angus Robertson replied to Jud's topic in Delphi IDE and APIs
If GetIt says it's trying to open a file on your local PC, that will be fixed by changing to online mode. It should be intelligent enough to recognise that error on it's and use online mode. Angus