Angus Robertson

Yes, inserting a line at the top works, but is it efficient to push 100,000 lines lower? Particularly when adding 100 lines. There must be a better way. Angus

So the camera does the hard work and gives you a plate number? RcvdStream is optional, set it to Nil and it is not written, and you just store what appears in the OnDocData event. Angus

You empty a stream with the clear method, that resets the position to the start as well. Seek to start is when you have read or written to the stream. Beware cameras can produce a lot of data and you have to keep up with it or frames are lost. This may be one rare example where it's better to capture data in a thread particularly if you need to display it real time which can also be a struggle, or at least was 15 years ago on the hardware I was using, guess everything is a lot faster now. One streaming technique is an endless HTML page, it says page length zero in the header, then sends one MIME block per frame, up to 25 per second. You don't want to save that to a stream...or at least clear it after each frame. You may be better using the OnDocData event to receive small amounts of data rather than a stream, but also be careful about copying it between buffers, that slows everything down as well. Angus

Does anyone else still use UltraExplorer, an excellent replacement for Windows File Explorer, written in Delphi by Mustangpeak using VirtualShellTools and numerous other Delphi components? It was last updated about 10 years ago and the source was on Google SVN, now closed down. On one of my Windows 10 installs, UltraExplorer stopped working after a Windows Update, so I'd like to try and rebuild it. Some of the Mistangpeak components are being maintained as Github projects, but can not find UltraExplorer. I still have the SVN source from 2010. Angus

SVN is now updated with the missing library source files, so long since I setup a new repository forgotten how authentication was set-up. Angus

I built UltraExplorer with Delphi 2007, had to tweak the DPR, Mustangpeak used Delphi 7. Angus

I had to delete a lot of .svn files to add the libraries to a new SVN repository, which is probably how the source directory got lost as well, Not sure about the zlib obj files, the unit compiled OK so Delphi must have found them in my path somewhere from other libraries like ICS, although ICS uses a later version. Deleting DCUs from dozens of directories might have saved some space, but this application will not compile with later versions of Delphi, not with older versions without some editing, so no real harm. Tried to update SVN with the missing source files but it's moaning at me, will try again later. Angus

The Delphi source code for UltraExplorer is now available in SVN at http://svn.magsys.co.uk:8443/svn/mustangpeak/ username = ics and password = ics for read access. The installable version may be downloaded from https://www.magsys.co.uk/delphi/ultraexplorer.asp Angus

You only get that error if you are misusing the component. It means an async operation is still in progress and you are attempting to start another operation. With async use, you need to wait for the onRequestDone event to fire before starting something new. You can also check the State property for httpReady. Angus

Years ago I had TWSocketServers running and accepting thousands of short connections a day for a few months at a tine, had to workaround the 49 day GetTickCount wrap around. Now my servers never run for more than 35 days, due to Microsoft being more aggressive with Windows Update and forcing reboots. Angus

Look at the new OverbyteIcsSslMultiWebServ sample project, which uses TSslHttpAppSrv, From the main unit: SSL web application server sample, no real GUI, really designed to be a Windows service application. It supports multiple SSL hosts with multiple listeners, each with it's own logging file, can order it's own SSL certificates, includes hacking protection, and will email status information and errors to an administrator. If turned into a Windows service, this sample is really a commercial web server. ICS units includes functions to read all parameters from INI files, and one is included OverbyteIcsSslMultiWebServ.ini. Much of the code for this sample comes from my own public web application server that uses SQL server, and has been running for 10 years always using the latest ICS versions, the link is to the monitoring page that shows what it's doing. Angus

As François says, you should be using TWSocketServer which handles aspects of accepting and closing connections, you just plug in your existing onDataAvailable code. Also makes it easier to move to SSL in the future. If you are using the HTTP protocol, there is a new component TSimpleWebSrv in OverbyteIcsSslHttpRest,pas which uses TWSocketServer and adds a simple HTTP protocol, just a few lines of code, ICS uses it for lightweight HTTP servers for OAuth2 and Lets Encrypt. Angus

OpenSSL connection errors simply mean some aspect of protocol negotiation has failed, they almost never tell you why or how to fix it. I would make sure you set-up the SslContext similarly to InitSsl in OverbyteIcsSslHttpRest;.pas which is current best practice. Note SslCliSecurity in particular, which does all the hard for you in setting protocols, security and ciphers. Angus

Don't know, you'll have to check the code. The wiki has no documentation on proxy use. My applications do not allow a use to do that. Angus

Ideally the component would complain if you specified authentication without credentials, but no idea if that happens. Given the 20 year age of this stuff and the number of applications written around undocumented behaviour, we try and leave things alone as much as possible, and often get caught when making what are initially thought as simple changes. Having looked briefly at the code, I think NTLM got selected due to the 407 response, but you were wasting a request round trip by not specifying authentication to start with so you got that response. Angus

The main issue here is that if you don't specify a proxy authentication type but do specify credentials, ICS attempts to specify the type for you based on response types, 401, 407, etc, but this is not well documented and may change by accident when other changes are made. So really it's pot luck, safer to specify the authentication type you require so it's sent with the initial request, rather than after a 40x response. Also, just because you specify authentication does not mean the proxy or server needs it, which cab confuse testing. Angus

Interesting, not seen a Delphi application use raw SChannel before. The main downside is Microsoft is very slow keeping up with new standards, there is still no support for TLSv1.3 in Windows almost a year after it was approved and they took several years to add TLSv1.2 to Windows 2008 despite it still being supported and only with minimal ciphers. Angus.

My ICS web server has a long list of IP addresses it does not like, essentially anyone that tries to access a php, pl, sql (or various other) page on my sites, it holds the connection for one minute and then aborts it, to try and stop them making dozens of attempts a second. Of course hackers know all the tricks. Angus

10053 is aborted, can mean SSL negotiation failed or server does not like you. Angus

So to sum up, if you tell ICS to connect to a proxy it works OK, if you don't tell it to do so, it does not. So works as designed. There is no automatic proxy detection. Angus

I think that says the client can not access their Websocket API, only the server is allowed to do so. A common security measure. Maybe you need an account with whoever offers that Websocket API? Angus

Before I comment any further here, I need you to actually explain what your application is trying to do, you have not done so despite me asking. I was the first to mention NTLM. So two stages here, exactly what proxy configuration, all the actual settings and authentication, xxx where necessary, then what request and authentication. Please bear in mind that NTLM is messy and very hard to test, it's generally only used by private Windows servers that are rarely available for testing. Microsoft probably also messes with it in new server versions. So we only look at if we test it, or rely on contributors to test and fix it. Angus

Why would I roll that back, it's nothing to do the proxy support. And you said you are not using NTLM. Angus

ProxyURL is not designed to work with httpAuthNtlm, don't use it and there is no problem. httpAuthNtlm uses Windows credentials, that is the whole point of it. Mind another ICS user made changes that might be the cause of your problems: Apr 09, 2019 V8.61 OAS : Improved NTLM authentication by adding Single Sign On with NTLM Session on Windows Domain to get credentials without needing them specified here. Angus

Yes, those two DLLs are all you need, ICS uses them it it find them, then falls back to the older versions. Up to you whether you delete the old ones, doing so will relieve long term support problems if the new ones are missing, better to have an error that use something unsupported. Angus