-
Content Count
1691 -
Joined
-
Last visited
-
Days Won
32
Everything posted by Angus Robertson
-
VLCZip was commercial software sold with Delphi source, last release was about 15 years ago, but I still use it in my applications. It never became open source. So really need to replace it, but adding a DLL to my projects is a non-starter. ZipMaster should ideally build the C code into a DCU so that it can be linked directly, but this would be needed for all compilers. I still use Delphi 2007 for some of my historic projects, too much work to update them. Or built to OBJ files like ZLIB that can just be inserted into a PAS unit? Angus
-
Proxy does not work any more after updating from 8.57 to 8.68
Angus Robertson replied to M.e.l's topic in ICS - Internet Component Suite
Bottom line is testing multiple variants of authentication and proxy settings is a nightmare, takes a long time to setup all the testing environments locally, so if you want this investigated we will need access to the proxy and server to which ICS is failing to connect. But won't have time to look for at least a week. The change three years ago was done by a user accessing a Windows domain with single sign on, but I guess not via a proxy, which I can not test. Angus -
Did you work out the Device Installation Class under which your modems are installed, other than Modem or Ports? It should be a single line change to enumerate a new class. Angus
-
It's unclear to me from the readme and help whether ZipMaster is a linkable Delphi component or a DLL with a Delphi interface. The documentation seem to assume you are familiar with the component and not migrating from something like VCLZip. Angus
-
The Ansi warnings relate to my updated version of AsyncPro adport.pas unit that allows named COM ports to be opened, but this is for 4.06, not recent Unicode versions, you'd need to update whatever Async Pro you are using with my very minor changes. Strange the component did not find one of your modems, although it did find 18 other COM ports you've previously installed. Can only guess Samsung has installed it using keys, you'd need to check what they are and update the component. Angus
-
The Magenta Hardware Components download includes compiled demos for all the components. Angus
-
I released Magenta Serial Port Detection Component free earlier this year, part of Magenta Hardware Components at: https://www.magsys.co.uk/delphi/maghardware.asp It finds serial ports by several methods. Angus
-
New OpenSSL 3.0.2 and 1.1.1n releases
Angus Robertson posted a topic in ICS - Internet Component Suite
OpenSSL has released new versions of the two supported branches, 3.0.2 and 1.1.1n, Windows binaries are available from http://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp . OpenSSL 3.0.2 fixes a high security risk relating to specifically formed SSL/TLS certificates using elliptic curve public keys which can cause OpenSSL to enter an infinite loop and cause denial of service by freezing. The attack can be caused by clients processing bad server certificates, or by servers that request bad client certificates, and many other cases where these bad certificates are processed, The attack has not been seen in the wild, it was identified by Google. 3.0.2 also allows PCKS12 private keys without a password to be opened. OpenSSL 1.1.1n fixes the same bug. The bug is also in 1.0.2 and 1.1.0 but these are no longer supported and users should upgrade. Note the binaries are now digitally signed by 'Magenta Systems Ltd' instead of 'Open Source Developer, François PIETTE' due to the massive cost of renewing the open source certificate. Developers can always resign the DLLs with their own signing certificate to remove the Magenta name. Separately YuOpenSSL has released both these versions as commercial DCUs allowing applications to be used with OpenSSL without needing separate DLLs. Angus -
UTF-8 with dynamically prepared web page
Angus Robertson replied to Amberel's topic in ICS - Internet Component Suite
The ICS web server sends binary data from a stream. If you want to send UTF-8, you need to make sure that stream is loaded with 8-bit data as UTF-8. Can not be more specific since there are many ways to build the response page with several helpers. ICS 8.41 is ancient, it only supported OpenSSL that are no longer supported. You should be using ICS V8,.68 and OpenSSL 3, new version today. Angus -
How can I use icsproxy in multithreading?
Angus Robertson replied to yshejia's topic in ICS - Internet Component Suite
The ICS proxy component is not designed for use in threads, it listens in the main thread and all clients use the main thread. Testing has shown single threaded ICS servers can handle hundreds of simultaneous clients, although using SSL/TLS takes an appreciable time to setup a new connection and is a limiting factor in how many new connections can be accepted each second. Exactly how many clients are accessing the proxy simultaneously, using what protocols, and for how long. Does your proxy have a GUI? That will almost certainly be the reason for the slow down. Angus -
Microsoft makes it difficult to completely disable Windows Firewall on Windows 10, even if it's disabled you may find the task is still running. The Services GUI does not allow you to disable Windows Defender Firewall, it can only be done by changing the registry and rebooting. Also, doing so can upset applications that attempt to add firewall rules and assume it's always running. Not saying this is the reason for your problem, I'd check if you can connect to other servers first. Angus
-
Windows Firewall may be blocking access to a local server. Angus
-
TWSocket problem on Delphi Intraweb
Angus Robertson replied to Baxing's topic in ICS - Internet Component Suite
TICsIpStrmLog can be configured as a server or client, it is a much easier to use version of TWSocket/TWSocketServer, and supports SSL/TLS. The sample application I mentioned can run as both client and server at the same time, sending data to itself. Or you can run two instances on separate PCs sending data to each other. Once connected, there is one event to send a string of data, and another event that receives strings, very simple to use. Unfortunately, the sample looks complicates because it illustrates all the features of the component. Angus -
TWSocket problem on Delphi Intraweb
Angus Robertson replied to Baxing's topic in ICS - Internet Component Suite
Know nothing about IntraWeb, what IP addresses did you configure it to listen on? There are several ICS samples that illustrate simple TCP connect. For simple telnet, you would be better off using TIcsIpStrmLog than TWSocket, much faster and easier to use, see sample OverbyteIcsIpStmLogTst,dpr. Angus -
Indy https server - OAUTH2 implementation?
Angus Robertson replied to Lars Fosdal's topic in Network, Cloud and Web
sgcWebSockets does include an OAuth2 server, for 600 euros. Angus -
New OpenSSL 3.0.1 and 1.1.1m releases
Angus Robertson posted a topic in ICS - Internet Component Suite
OpenSSL has released quarterly updates for the two supported branches, 3.0.1 and 1.1.1m, Windows binaries are available from http://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp . OpenSSL 3.0.1 fixes a medium security risk relating to clients verifying X509 certificates from the server, a malicious server could potentially send a bad certificate that caused the client to hang or misbehave during verify. https://www.openssl.org/news/secadv/20211214.txt Now OpenSSL 3.0 has been available for three months, updated the main supported OpenSSL release to 3.0.1. The samples SslInternet directory now has both OpenSSL 1.1.1m and 3.0.1, ICS will try and load OpenSSL 3.0 first, then 1.1.1 if not found, unless the global variable GSSLEAY_DLL_IgnoreNew is set true before OpenSSL is loaded. Likewise GSSLEAY_DLL_IgnoreOld may be set true to ignore 1.1.1 and fail unless 3.0 is available. This is available from SVN and the overnight zip. Note the binaries are now digitally signed by 'Magenta Systems Ltd' instead of 'Open Source Developer, François PIETTE' due to the massive cost of renewing the open source certificate. Developers can always resign the DLLs with their own signing certificate to remove the Magenta name. Separately YuOpenSSL has released both these versions as commercial DCUs allowing applications to be used with OpenSSL without needing separate DLLs. Angus -
New OpenSSL 3.0.1 and 1.1.1m releases
Angus Robertson replied to Angus Robertson's topic in ICS - Internet Component Suite
OpenSSL 3.0 (and 3.0.1, 3.0.2 etc) has now been designated a Long Term Support release, with security and bug fixes until 7th September 2026. ICS users are recommended to update to V8.68 or later and OpenSSL 3.0 for long term support. The current LTS release 1.1.1 will continue to be supported until 11th September 2023. The older 1.0.2 release only receives security fixes if you have a paid support contract with OpenSSL. The next main release will be OpenSSL 3.1.0 with initial support for QUIC which is needed for HTTP/3, but it may take a couple of years for all the work to be completed, they plan to release updates every six months. Angus -
Requests to local api very slow with TRESTClient
Angus Robertson replied to Karbot's topic in Network, Cloud and Web
To clarify, this is down to DNS. If a DNS lookup returns both IPv4 and IPv6 addresses, the client will usually try IPv6 first. The Windows HOSTS file has both IPv4 and IPv6 lookups for localhost so servers need to listen on both addresses. Can be fixed by removing the IPv6 address from HOSTS. Angus -
Requests to local api very slow with TRESTClient
Angus Robertson replied to Karbot's topic in Network, Cloud and Web
Yes, I've seen that. If the client is allowed to use IPv6 and IPv4, it will try IPv6 first, timeout and try IPv4. All client software should have a setting to make it use IPv4 only, in ICS it's SocketFamily. Angus -
Indy https server - OAUTH2 implementation?
Angus Robertson replied to Lars Fosdal's topic in Network, Cloud and Web
That diagram suggests the cloud service is running both authentication and API services, really need a version where they are separate. It should not be that difficult to design an authentication REST server using ICS or Indy, clearly it would need a database behind it which takes it beyond the type of samples ICS offers, and into end user application territory. It would also need a protocol between the authentication and API servers, not sure if there is a standard for that, guess that is Okta's market. Angus -
Indy https server - OAUTH2 implementation?
Angus Robertson replied to Lars Fosdal's topic in Network, Cloud and Web
Not really look at the server OAuth2 implementations, but isn't it usually a separate REST server than handles authentication, returning a bearer token which is passed to the API server, which presumably then checks back locally with the authentication server to validate it? Often the authentication server is run by a separate company, like Okta. Started looking at Okta once, but the level of emails and calls I got put me off. Angus -
The ICS fork is at: https://svn.overbyte.be/svn/ics/trunk/Source/OverbyteIcsSuperObject.pas and https://svn.overbyte.be/svn/ics/trunk/Source/OverbyteIcsSuperXMLParser.pas There is a sample application OverbyteIcsJoseTst.dpr that illustrates parsing Json and XML into a grid at multiple levels. The OverbyteIcsHttpRestTst.dpr sample does the same thing for Json APIs over the internet. The OverbyteIcsSslX509Certs.pas unit makes extensive use of SuperObject to create and parse Json for SSL certificate orders. Angus
-
ICS includes forked version of SuperOject 1.2 so that ICS can offer the same JSON support on all platforms, It's not the latest version, since ICS already has time zone functionality that got added to SO. Also removed TSuperWriterSock since did not need it. I've added better TDateTime support, reporting JSON parse errors and other minor fixes. Fully compatible with D7 to D11.0. The unit's only dependency is an ICS utility unit, so it can be used without anything else. Angus
-
THttpAppSrv processing post despite failed basic auth
Angus Robertson replied to omnibrain's topic in ICS - Internet Component Suite
I set different levels when checking the password, that determine what data the execute events are allowed to access. I will check the sample works the same with GET and POST in a day or two. Angus -
Bug - Linux 64 Compiled
Angus Robertson replied to DelphiUdIT's topic in ICS - Internet Component Suite
Yes, ICS should build on Linux, but is awaiting a Linux expert to update the MacOS message handler code to proper Linux. Angus