Angus Robertson

ICS V8.65 has been released at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo, 10.3 Rio and 10.4 Sydney, and C++ Builder 2006 to XE3, 10.2 Tokyo, 10.3 Rio and 10.4 Sydney. ICS supports VCL and FMX, Win32, Win64 and MacOS 32-bit targets. The distribution zip includes the latest OpenSSL 1.1.1i win32, with other versions of OpenSSL being available from the download page. Major Changes in ICS V8.65 include: 1 - The ReadMe8.txt file has a new 'Getting Started with ICS' section listing the types of projects ICS may be used for, and suggesting the correct components to use, and their related sample applications for testing. This is recommended reading for anyone doing new ICS development since it discusses all the new high level components like TSslHttpRest added in the last few years which can reduce development effort considerably. It may also be viewed at: http://wiki.overbyte.eu/wiki/index.php/ICS_Getting_Started 2 - Added new TIcsRestEmail component that provides basic support for Google and Microsoft Outlook email REST APIs including OAuth2 login and refresh to get an access token for SMTP and POP3 XOAuth2 and 0AuthBearer authentication. TIcsRestEmail has methods to send and read email, to list IDs in a mailbox, read headers and message bodies by ID, send emails and delete emails. 3 - The SMPT, POP3 and MailQueue samples all now support XOAuth2 and 0AuthBearer authentication using the TIcsRestEmail component. The low level component call an event to get the authentication access token, which is provided by IcsRestEmail, together with a refresh token which is saved instead of a password. 4 - To access email using REST APIs or OAuth2/SMTP/POP3 an 'application account' needs to be created though the Google or Microsoft provider console. 5 - Added a new TIcsTwitter component and sample, requires a developer account from Twitter. Includes login to Twitter, send tweet, search tweets and get specific tweets, all responses are Json which the application needs to untangle. 6 - Improved TRestParams allowing them to save more Delphi types correctly without conversion to strings, and to save parameters in new formats. 7 - There are various OAuth2 improvements to make it easier to implement. Added several TOAuthUri records designed to set-up common OAuth2 account settings for providers like Google, Twitter, Microsoft and Sipgate, by using the LoadAuthUri method. 8 - TSimpleWebSrv continues to get less simple, it has aWebSrvIP2 property for a second address so it can listen on IPv4 and IPv6 at the same time, with and without SSL if necessary. Setting WebSrvIP to localhost sets both 127.0.0.1 and [::1] so the browser OAuth2 redirect can choose IPv4 or IPv6. 9 - Made some improvements to SuperObject, used for Json creation and parsing. When parsing Json there are new functions that return a sensible error message about parse errors and the location. There is a new object type DateTime or DT which reads or writes TDateTime to avoid the application needing to do the ISO string conversion. Json can now be parsed to a depth of 64 levels. 10 - Rewrote and improved the way ICS reads SSL/TLS certificates and bundles, simplifying code that has got partly duplicated over the years as new methods were added, and improving error handling so the infamous stack error should no longer appear, instead more useful messages. All certificate files are now written with the UTF8 character set for the added comments that may include non-ASCII characters. 11 - All the ICS root bundles are now created cleanly by an application, rather than mostly manually by copy and editing, to reduce errors. This fixed four corrupted root certificates in the older bundles, see http://wiki.overbyte.eu/wiki/index.php/FAQ_SSL/TLS_Certificate_Authority_Root_Stores 12 - Previously the Jose unit offered functions primarily for client JWS/JWT REST applications, it now includes extra functions for REST servers to check and verify the JWS/JWT sent by clients. The Jose sample application has new tests for JWS/JWT, and to parse and display Json. 13 - Added a new Multi Host FTP Server sample using IcsHosts. Really designed to be a Windows service application. It supports multiple SSL hosts with multiple listeners, can order it's own SSL certificates and will create self signed certificates for any missing, and will email status information and errors to an administrator. 14 - Fixed a long term external SSL session cache issue in some components and samples that meant if an SSL handshake fails due to a bad certificate or chain, it is necessary to remove the SSL session from cache so an immediate retry does not succeed by skipping the certificate checks. This is only a short term issue, because the cache is usually cleared after a few minutes. This will effect any client applications using the external SSL session cache including HTTPS. 15 - Increased the TCP send and receive buffer size to 64K in all components and samples, and generally don't allow it to be set lower. Unfortunately the default buffer size never kept up with faster internet speeds which meant some components transferred data slowly. 16 - Made some improvements ordering SSL/TLS certificates. Made Windows Server DNS updating using WMI more robust so wild card Acme orders work reliably. 17 - Made some internal changes loading OpenSSL, to avoid the two DLLs being loaded from different directories and to give better exceptions if they are missing. More detailed release notes are at: http://wiki.overbyte.eu/wiki/index.php/ICS_V8.65

ICS V8.65 is now also available from GetIt on 10.3 and 10.4. Angus

I have already given you all the information you need to write such an application. I'm not aware of free source code that you can copy. Angus

APR only shows the IP addresses your PC has attempted to connect to, you also need to ping them or connect with UDP/TCP, then the ARP table will fill up. IP Helper does not have reverse DNS lookup, that is part of all standard internet packages, ICS, Indy, etc, as is ping and open a connection. But you wanted MAC addresses for some reason, and that is what ARP gives you. Angus

If you are only looking for your own application running on a phone, an easier solution than ARP or scanning with ping is to use UDP broadcasts in some way, that is how most devices discover each other on a LAN. One device listens on a unique port, and responds with it's IP address and details when it hears a broadcast. Angus

So you are trying to find the dynamic IP address of a specific device on your LAN? The easiest solution is to avoid dynamic addresses and arrange the DHCP server to allocate a reserved IP address to the phone, that is what I do, although that only works for IPv4. Otherwise you can use the ARP table I mentioned previously to find the LAN IPs and MACs your PC has connected to, but you may need to also ping the IP you expect before anything shows in ARP. the Internet Protocol Helper Component does ARP, ping is available from many places, including ICS. Angus

Sorry, still not clear. What has a phone got to do with a Windows Delphi application. And what does 'press an IP' mean, What is your business requirement? Angus

Why not just use the Nirsoft Wireless Network Watcher tool, it's not really wireless related, just lists details of all LAN IP addresses if finds similarly to your earlier screen shot. It runs 24/7 on my network, it keeps a database of last contact times and names, for phones and NEST devices that only connect periodically. It continually pings all addresses on the LAN, then does reverse DNS lookups, and gets MAC addresses from the Windows ARP table. (probably). Angus

Sorry, seems the default target platform for IcsCommonD104Run is OSX64 instead of Win32, I never noticed because I always build ICS from the Build Groups pane which builds all packages for Win32 and Win64 with a single click. And no-one else reported the issue. Just change the target to Windows 32-bit and it will build OK. I never build for MACOS. either. Angus

All your changes, and some other USE_SSL issues, were in SVN last night. The final release is today once I complete the documentation. Angus

I don't use patches that have no explanation of their purpose or from unknown versions of ICS. But I will check my next build finds the same fixes. Angus

BTW, the USE_SSL conditional is a historical curiosity from 15 years when SSL support was optional. Today it's only purpose is to make programs that don't need SSL a little smaller, but makes the source code bloated and hard to maintain, all new ICS components only build with USE_SSL. So future support of USE_SSL is unlikely, it wastes too much of my time. Angus

Very few ICS applications work without SSL, so testing without SSL and without many of the other obscure settings is very low priority, done only before major releases or when people actually report specific problems, which I don't recall you doing previously. I will test without USE_SSL before the next release and fix any issues. Angus

The last V8.5x release was two years ago, and I have indeed compiled one or two programs using ICS in that time. Angus

There are more authentication methods in newer ICS versions, not sure which method you are using, but you can still add your own header the same as your old application, and do use the logging event, makes debugging so much easier. Angus

With the TSslHttpRest component, you don't need an SslContext, you just set HttpRest.SslCliSecurity to one of the 14 TSslCliSecurity types, like sslCliSecTls12 for TLS/1.2 or better, and all the context options are set. other options force TLS/1.0 is you want to check is old stuff is supported, etc. BTW, recommend you use TSslHttpRest from V8.65 in the overnight zip, it has a large number of improvements over V8.64, and will be finally released next week. Angus

You don't say what errors or exceptions are reported, so no idea whether the problem is the client or server. Your code is the old way of doing this, recent versions of ICS have a new TSslHttpRest component derived from TSslHttpCli that handles all send and receive streams internally (and SSL context),, and has logging built in. There is a new OverbyteIcsHttpRestTst sample that should allow you test your request and see the result, also the OverbyteIcsSslHttpRest unit itself has several example of using TSslHttpRest to access Google, Twitter, Microsoft and other REST APIs, the code for sending a Json email is as simple as:: HttpRest.RestParams.Clear; HttpRest.RestParams.AddItem('raw', IcsBase64UrlEncode(Content)); HttpRest.RestParams.PContent := PContBodyJson; HttpRest.ServerAuth := httpAuthBearer; HttpRest.AuthBearerToken := FAccToken; HttpRest.DebugLevel := FDebugLevel; StatCode := HttpRest.RestRequest(httpPOST, EmailURL, False, ''); FResponseRaw := HttpRest.ResponseRaw; FResponseJson := HttpRest.ResponseJson; This is a sync request, so does not return until the request is done, but the third boolean argument makes it async. No events are needed, you write ResponseRaw to a file if you really need it saved. Angus

Two new zips for Win32 and Win64 versions of OpenSSL 1.1.1e can now be downloadable from the Wiki at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp . The latest 1.1.1 DLLs are also included in the ICS distribution SVN and overnight zip. This release includes one low priority security improvements and bug fixes, including one that allows IcsJoseJWKPubKey support RSA-PSS keys. ICS applications require V8.57 or later to support OpenSSL 1.1.1e. Changes in 1.1.1e may be found at https://www.openssl.org/news/openssl-1.1.1-notes.html Angus

Updated OpenSSL to 1.1.1i, fixes a high severity problem reading specially crafted malformed SSL certificates that could cause OpenSSL to crash, also minor bug fixes. The same high severity problem happens in 1.0.2 and 1.1.0, but these are out of support so users should update to 1.1.1. Angus

These memory leaks are now fixed in SVN, will be zipped overnight, thanks again. Angus

In TWSocket, most errors are reported to event handlers, where 0 means no error. OnSocksError should only relate to proxies, so you don't need that. onBgException is for errors for which there no event handler involved, background message handling, etc. If OnError is assigned, it stops an exception being raised for some errors, like send data failing, so you need to check function return codes carefully. Angus

You can also check if a new client connection is from the same IP address as an existing client and use that to close the stale connection. TWSocketClient has a property CPeerAddr you can read. Angus

The best solution is for your clients to regularly send something to the server, easy if you write the client code, then you use the last data received tick on TWSocketClient to timeout the connection and close it. The HTTP server has such a timeout. Second best is for the server to send data to the client regularly and check there is no error after 45 seconds or something, then close. If sending data upsets the clients, you can try pinging them which is much faster, but only catches network failure rather then the TCP session being lost. Angus

Thanks, will do the changes next week. In future, can you please add a patch text attachment, I know from experience that trying to use HTML Unicode for patches in Delphi causes corruption. Angus

The onDataAvailable event has knowledge of the data being received, unless you set LineMode to true, you just read all data into a buffer and process it later. If binary data is not received, that is an application error. Angus