Jump to content

Angus Robertson

Members
  • Content Count

    1886
  • Joined

  • Last visited

  • Days Won

    33

Everything posted by Angus Robertson

  1. Angus Robertson

    Meta-Delphi question about web hosting..

    You need a data centre hosted server, either a physical machine you rent or own, or a virtual private server running on data centre hardware, you then have complete control over what applications are installed, not sure why you want FMX unless for Linux. I have a hosted Dell rack server in one data centre, and a secondary VPS in another, running all my Delphi servers. But many companies just order virtual servers from Azure, AWS and others, which have the benefit of scaling, but can be horribly expensive. Azure seems easy to buy, I've been getting spam emails from 50 or more Azure VPSs in India, USA, Netherlands and the UK, Microsoft seems to sell VPS to anyone. Angus
  2. Angus Robertson

    Buying a mini pc to install Delphi

    But that low end testing may also be done in a virtual machine with minimal resources, at least for applications that don't need specific hardware resources. I still have my ancient Windows 7 development PC that I mainly use for burning DVD off-site backups. But also for some backward testing, don't power it up very often. Angus
  3. Angus Robertson

    Errors in Http-session termination

    There are several ways to use the HttpRest component, it is possible events may sometimes be called more than once. Is it a problem? Angus
  4. Angus Robertson

    SSl witout any DLL

    I integrated YuOpenSSL into ICS three years ago and alternate using it and OpenSSL for testing. ICS also allows the OpenSSLs to be compiled into applications as resources to ease distribution and DLL hell, all three variants work identically. But applications are larger with YuOpenSSL or resource files. Using SChannel may seem simpler, but your cryptography and updates are then locked to the OS, Microsoft only reluctantly support TLS/1,2 With Windows 2008 but did not support EC certificates, and TLS/1.3 took a long time to arrive. In ICS, I've worked with many of the Windows crypto APIs, and they are horrible. Angus Angus
  5. Angus Robertson

    email issues

    This was a bug I introduced in V9.3 attempting to reduce the amount of string casting by avoiding AnsiStrings which normally give compiler warnings, but not in the case of bad pointer casting, and the SMTP unit is unique in building strings using pointers. The AnsiString cast mentioned earlier fixes the problem, not in SVN yet. Angus
  6. Angus Robertson

    email issues

    Historically there were several Base64 implementations in different units, which I've been slowly consolidating. I did look at the email MIME stuff briefly, but it was too convoluted to update to TBytes, and also lacks means to test stuff easily without building emails. But I will look at AnsChar casting, that code is probably unchanged for 20 years. I never write code using null terminated strings, unless needed for APIs. Angus
  7. Angus Robertson

    ICS SSL under Linux x64

    Sorry, that message is far too long for me to read and digest. I have other priorities. ICS contains a lot of historic code written over 25 years, sometimes it's worth the effort to clean it up, sometimes too dangerous if it can be easily tested, sometimes not worth the effort. Angus
  8. Angus Robertson

    email issues

    I asked for the date in the unit, not for you to waste space here copying text from the unit. If you can reproduce the problem using the OverbyteIcsMimeDemo sample, I will put it on the list to investigate. Angus
  9. Angus Robertson

    email issues

    There were massive changes to Base64 to use TBytes due to your complaints about it not working with AnsiChars, although no problems were ever found. What is the last history date in the Utils unit? Angus
  10. OpenSSL has released a new feature version 3.4.0 (no security fixes). It includes support for integrity-only cipher suites, a random seed source JITTER, and other new crypto functions. Also support for X509 attribute or authorization certificates, that may be used to control installation of software on devices from software stores, ICS does not support AC yet. The QUIC server implementation planned for this release has been postponed to 3.5 in April 2025. Windows binaries are available in SVN and the overnight zip file and separately from https://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp In addition to the three DLL files, the zips include compiled RES resource files that contain the same DLLs, text files and version information, see the RC file. The RES file may be linked into application EXE files and code then used to extract the DLLs from the resource to a temporary directory to avoid distributing them separately. ICS V9.1 and later optionally support loading the resource file. These OpenSSL versions are included with ICS V9.4 beta available from SVN and the overnight zip. Beware OpenSSL 3.4.0 has exposed a minor ICS bug creating X509 certificate requests and creating CA signed certificates, which is fixed in SVN for V9.4. or a one line change for earlier versions. Also note when building the ICS packages for the first time with 3.4.0, there may be a dialog 'entry point could not be located', because the new DLLs are only extracted from the resource files when the first application is run, but the packages have built OK. ICS V9.4 beta now defaults to using OpenSSL 3.4.0, provided the new OverbyteIcsDefs.inc files is installed. Angus
  11. Angus Robertson

    ICS V9.3 announced

    ICS V9.3 has been released at: https://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10, 10.1, 10.2, 10.3, 10.4, 11 and 12 and C++ Builder 10.4, 11 and 12. ICS supports VCL and FMX, Win32 and Win64 targets. Beware C++ have not been tested recently due to lack of support from such users. The distribution zip includes the latest OpenSSL 3.0.15, 3.2.3 and 3.3.2, for Win32 and Win64. Changes in ICS V9.3 include: 1 - V9.3 continues the simplification of use of ICS components by consolidating many types and constants into the OverbyteIcsTypes unit, avoiding projects needing to find and add specific units before they will build. For XE2 and later, OverbyteIcsTypes and OverbyteIcsSslBase will be added automatically when components needing them are dropped on a form, or that form accessed for existing projects. One benefit of this change is removing dependence on several units for many components and applications, it should be possible to remove OverbyteIcsWinsock, OverbyteIcsLIBEAY, OverbyteIcsSSLEAY and OverbyteIcsLogger from most applications, and also other units. See https://wiki.overbyte.eu/wiki/index.php?title=Updating_projects_to_V9.3 for more information. 2 - Previously, the Windows Certificate Store was supported on Windows for all components and samples, despite it not always being required. There are three new defines {$DEFINE MSCRYPT_Clients}, {$DEFINE MSCRYPT_Servers} and {$DEFINE MSCRYPT_Tools) that determine which components can use the store, at least one must be set or applications that need the store will fail. Although these new defines all default to enabled in the OverbyteIcsDefs.inc supplied with V9.3 and later, unless this file is installed, Windows Certificate Store will be unavailable. These defines are disabled for non-Windows platforms and for C++ Builder which has bugs. 3 - Added new application independent monitoring, comprising a client component and server sample. The ICS Application Monitor TIcsAppMonCli client component is designed to report to an ICS Application Monitor server, which will ensure the main application remains running. The ICS Application Monitor server IcsAppMon.exe is designed to monitor ICS applications using the TIcsAppMonCli client component, and ensure they remain running, restarting the application if it stops or becomes non-responsive, or on demand. Primarily to keep ICS server Windows services running non-stop, but may also be used for network wide monitoring of ICS applications. Client and server both use the TIcsIpStrmLog component with a simple TCP protocol. More information at https://wiki.overbyte.eu/wiki/index.php?title=FAQ_ICS_Application_Monitoring 4 - The HTTP client components TSslHttpCli and TSslHttpRest have new RespMimeType and RespCharset response properties parsed from the Content-Type header to avoid applications needing to parse this headers. Fixed a problem in V9.2 where a missing / was added to the start of the request path, but was not needed for absolute paths used for proxies. 5 - The TIcsIpStrmLog streaming log component has improvements for TCP Server mode when multiple remote clients connect. Previously the same data was sent to all remote clients (the original concept being remote logging), but now applications can send data to specific remote clients, and more easily check which remote client is receiving data. This change means TIcsIpStrmLog can be used as the core of many TCP servers with different protocols, such as the new IcsAppMon sample, see above. 6 - The TSslHttpRest and component has a new way for applications to check SSL certificate chains themselves, ignoring OpenSSL bundle checks, usually for self signed private certificates, maybe checking certificate serials, names or public key. If LogSslVerMethod = logSslVerOwnEvent, a new event OnSslCertVerifyEvent is called so the application can check the chain and change the verify result appropriately. 7 - Improved the ability to customise SSL ciphers if the ICS defaults need to be changed. TSslContext and TIcsHosts have three properties, SslCipherList for TLSv12 ciphers, SslCipherList13 for TLSv13 ciphers, and SslCryptoGroups sets the cipher curve groups allowed (like P-256 or X25519). Beware old SslContexts may include group P-512 which must be corrected to T-521. SSL handshake responses now show the curve group used for OpenSSL 3.2 and later. The OverbyteIcsHttpsTst client sample may be used to test the new cipher options, and they will be read from IcsHosts INI files for servers. 8 - Added a new web server sample OverbyteIcsBasicWebServer1.dpr which is a simplified version of OverbyteIcsSslMultiWebServ ignoring configuration INI files, security features, session data, most demo pages and most logging, and settings for localhost set in code, search for IcsHosts to change IP addresses, etc. This sample should be easier to use as a basis for new web server applications. The existing samples OverbyteIcsSslMultiWebServ and OverbyteIcsDDWebService have a new index.html template page, and default to localhost 127.0.0.1 with an internal localhost SSL certificate, so should always response to https://localhost/ without any INI file changes. 9 - Fixed an HTTP web server problem in V9.2 to avoid repeated redirection for virtual default page /, was adding /// etc. 10 - Updated OpenSSL binary and resource files to releases 3.3.2, 3.2.3 and 3.0.15, only one of which will be linked according to defines. 11 - Restored the sample OverbyteIcsConHttp.dpr which is a console example, now supports SSL by replacing THttpCli with TSslHttpRest, no longer needs any events or a message loop for a single sync request, so a less code than without SSL. Now contacts https://wiki.overbyte.eu/wiki. 12 - A lot of changes have been made preparing ICS for Linux. Corrected loading OpenSSL on Posix, now loads the system supplied OpenSSL 3 DLLs on Ubuntu 22.04. The Linux package now builds correctly, but beware WSocket is not yet supported on Linux so no protocols will work. There is a new IcsPemTest FMX sample that works on Ubuntu 22.04 and which will create ICS signed SSL certificates. Note, MacOS support is disabled pending the new Posix implementation. The release notes for V9.3 are at https://wiki.overbyte.eu/wiki/index.php/ICS_V9.3 All ICS active samples are available as prebuilt executables, to allow ease of testing without needing to install ICS and build them all. There are four separate zip files split into clients, servers, tools and miscellaneous samples which can be downloaded from https://wiki.overbyte.eu/wiki/index.php/ICS_Samples
  12. Angus Robertson

    ICS v9.3 Android?

    Another ICS user attempted to add Android support to ICS last year, but it never worked, and the code has now been removed, Currently, ICS has limited support for Linux for tools and utilities only, particularly SSL/TLS certificates, but not TCP/UDP sockets. Those functions would probably also work today on Android with minor changes to look for the OpenSSL in the correct path, you should be able to debug the code yourself, but I'm not testing Android until Linux is fully working. I'm now working on the full Linux implementation, replacing the existing MacOS only support with new multiplatform support, it will be several weeks work. Angus
  13. I just use the OnTriggerAvail event to receive all data available, add it to a buffer, locate my packet, remove from buffer, repeat. More code that, but more reliable, particularly if the packet can contain random binary data, like your triggers. Angus
  14. Sorry, only tested creating RSASSA-PSS private keys, never signing. Angus
  15. Angus Robertson

    How to use libssh2 with ICS V9

    I don't see why another DLL or application should not load different DLLs to those ICS uses, but never tried it. Beware OpenSSL 1.1 is now out of support, so whoever supports the SSH DLL should have updated to OpenSSL 3 at least two years ago. There is little demand for SSH which is why ICS does not support it. All Linux systems using SSH should be able to use better SSL/TLS protocols as well. Angus
  16. Angus Robertson

    ICS V9.3 announced

    The GetIt script used to install ICS has been improved today to be closer to the Build Group sequence, which should hopefully fix the two GetIt errors I've reproduced myself. If you see further errors from today from GetIt, please report here so they can be investigated. Angus
  17. I've been using Async Pro for over 20 years, well documented, the original version was sold in a box with a book. Now I install it from GetIt. But I updated the TApdCustomComPort.InitializePort method so it can open COM ports by name instead of simple numbers, since many physical and virtual COM ports have more complex name than COM1 and COM2, like CNCA0. I have a free component that locates and lists COM ports, https://www.magsys.co.uk/delphi/maghardware.asp Angus
  18. Angus Robertson

    SSLWebSocketCli as DLL

    All the old samples archived from V9 are still available from a different SVN repository https://svn.overbyte.be/svn/icsdev/arch-samples/ I update them minimally to build for each new release. Angus
  19. Angus Robertson

    ICS control list on the palette

    I have never used ICS components in a Data Module. I always create components in code for non-GUI applications., Angus
  20. Angus Robertson

    SSLWebSocketCli as DLL

    I'll restore and update the OverbyteIcsDll1.dpr sample for V9. Angus
  21. Angus Robertson

    SSLWebSocketCli as DLL

    Your loop is crazy, you connect, immediately test for a connection, then wait two seconds and connect again, without testing for a connection. It would be a little better if you connect before the loop. But you are using the wrong method anyway, for WebSockets it should be WSConnect and it's a blocking method, so no loop needed. Look at the doWebSocketClick function in OverbyteIcsSnippets1.pas Angus
  22. Angus Robertson

    Delphi 12.2 Patch 1

    It would be good if GetIt kept a 'previously installed' list when it uninstalls stuff, which is not cleared during a new install, and that list had a re-install button. It would also be good if GetIt properly uninstalled Parnassus and FmxLinux so the new install does not just fail with a load of DLL errors. Angus
  23. Angus Robertson

    ICS control list on the palette

    Sorry, no idea what are doing here, you will need to clarify your problem. I'm not aware of any 'list' of ICS components that is different for Win32/64, they are all Win32 on the palette, and all build for Win64. Angus
  24. Angus Robertson

    ICS V9.3 announced

    I installed D12.2 into a new W11 24H2 VM today, and installed ICS VCL/FMX from GetIt. It failed with 'Never build RTL must be built'. I then opened the usual IcsIinstallVclFmx group, and got the same build error, but the package seemed to default to Win64, changed back to Win32, and used the Build Group that does all versions in a known order, and all packages built without error. So maybe Delphi needs Win32 packages before Win64. Unfortunately, none of this is relevant to installs over old versions, and certain not the missing constant error. Angus
  25. Angus Robertson

    ICS V9.3 announced

    Not sure the Get helper is relevant to the current problem, but it should be seen in the Getit script log: Downloading Library xx Extracting Library xx Launching 'c:\users\..\install\iceremoldpacks.exe -D12' The source is install\icsremoldpacks.dpr. It searches and removes packages with version numbers for 10.4 and later, since they now use common 'new' names. I've seen it in logs for VCL only installs, but neither of the two screen shots for VCL/FMX install show it running, will need to check that. But this is a one-off, updating from V9.0 or V8. The constant DefMaxIpLogLine was added to OverbyteIcsIpStreamLog.pas for V9.3, so if missing there may be an old OverbyteIcsIpStream.dcu somewhere in the path the compiler is finding rather than building the new version. DCUs sometimes appear in the library or application source directories, depending on the Options paths, and can cause problems debugging and compiling unless removed and the paths corrected. The ICS sample paths were only all corrected for V9.1 so before that DCUs would appear in the sample directories. All this cleaning up of 25 year old ICS is taking time, and causing some problems along the way, but ICS today is easier to maintain and install than two or three years ago. Angus
×