Angus Robertson

ICS V9.4 has been released at: https://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10, 10.1, 10.2, 10.3, 10.4, 11 and 12 and C++ Builder 10.4, 11 and 12. ICS supports VCL and FMX, Win32 and Win64 targets. The distribution zip includes the latest OpenSSL 3.0.16, 3.2.4, 3.3.3 and 3.4.1 for Win32 and Win64. Changes in ICS V9.4 include: 1 - Completed the ICS Application Monitoring system added in V9.3, designed to locally and remotely monitor ICS servers and applications, and to locally restart applications on demand or if they crash. It comprises a small TIcsAppMonCli client monitoring component that is added to ICS applications, usually Windows Servers, but also client applications. This client component communicates with a TIcsAppMonSrv server component, usually running as a Windows Service on the same server so it is able to restart applications, but can also support clients on a LAN. The monitoring server has web and Websocket servers, allowing remote browsers to view the state of all applications being monitored by the server with a continually updated web page. There is also ICS Application Monitor - Remote Manager application that provides remote monitoring of multiple ICS Application Monitor servers using Json web and Websocket requests on a single screen. 2 - The SMTP client component fixes a bug introduced in V9.3 which could corrupt the Content-Transfer-Encoding header line. 3 - In TWSocket, fixed a potential problem using multiple threads where a new connection opened very quickly (ie localhost) and then stalled due to an unexpected connection state. Made DataToString Unicode compatible, only used for diagnostic dump logs. 4 - In the HTTP client, fixed a check for an overflowing buffer when receiving very long headers that could cause failure detecting headers end. Made several URL validation functions public: GetProtocolPort, IsSSLProtocol, IsKnownProtocol and IsKnownProtocolURL. 5 - When creating PKCS12/PFX certificates, change the 3DES cipher to AES256 if the legacy provider is not loaded. 6 - In the TIcsFtpMulti component, skip download of zero length file by creating an empty file, previously this got SSL handshake error. Don't report directories as being downloadable, they are not. If extended passive mode allowed, send EPSV ALL at start so firewalls and NAT routers can handle sessions more efficiently. Added CheckBadUnicode property defaults to false, so that checks for bad Unicode to Ansi conversions with ? are skipped, allowing more complex paths without errors. 7 - The FTP server FEAT request now returns EPRT and EPSV which have been supported for IPv6 for years, but were not advertised for IPv4. 8 - The OverbyteIcsSnippets sample adds two new simple REST snippets to Get/Post Parameters that send them to an ICS server, and the server echoes back those params so you can check what was actually sent. 9 - When loading the OpenSSL DLLs, no longer check they are digitally signed for Windows XP, 2003, Vista and 2008, they don't recognise SHA-256 code signing, never tested since no longer have those old versions available. 10 - The TRestParams method AddItemSO to add a SuperObject now has an Escape parameter defaulting to True, so non-ASCII characters are escaped by default. 11 - The Proxy component TProxyTarget now has a SocketFamily property so target connections can be restricted to TSocketFamily values. Added property SrvTotSess count of server session connections for logging. 12 - In the HTTP Application Web Server, fixed a memory leak with multiple virtual PUT and POST documents. 13 - The OverbyteIcsJoseTst sample 'Sign/Verify Data' tests now support hashes other than SHA-256, selected from the Key and Signing Hash Algorithm drop down list. Also, a private key matching that selection is created automatically, including X25519. 14 - There is a new unit OverbyteIcsWinUtils that contains Windows API functions, built from selected Magenta Systems libraries, with functions needed to build and control Windows Service applications, accessing the Windows registry, Windows firewall, Windows tasks, hardware, and with simple encryption for passwords. Most of these functions are used by the TIcsAppMonSrv server component and IcsAppMon sample, but should have much wider use for Windows Service server applications in particular, like allowing firewall access. It's planned to move most other Windows specific function here for ICS V10. 15 - In the ICMP component, fixed a problem setting property PingMsg to the text to ping. 16 - In the TIcsIpStrmLog component, added method ListenStates which for logprotUdpServer and logprotTcpServer returns a multiline string listing the IP, port, SSL and state of all socket listeners. The CurSockets property now reflects actual TCP Server clients. 17 - In the TIcsMailQueue component, don't keep retrying email that is too short to send with no body or with no sender headers. Added more error handling if the SMTP component fails to build the EML spool file. 18 - In OverbyteIcsUtils, finished the cleanup of old Base64 functions by adding new IcsBase64 functions using TBytes internally to replace old Base64 functions that used AnsiChars, with no overloaded versions for simplicity. Old Base64 versions retained as deprecated for user applications, please update to the IcsBase versions. Added IcsTBytesCompare to compare two TBytes. Added IcsOutputDebugStr for Posix and Windows. Added IcsDateToAStr and IcsDateTimeToAStr with alpha month (Jan/Feb). 19 - The ICS C++ packages for C++ 10.4 and later have been updated with the correct paths for the three supported platforms, and all build and install correctly for Win32. Win64 should also build, but not Win64x Modern which needs fixes in a future release of C++ 12. The release notes for V9.4 are at https://wiki.overbyte.eu/wiki/index.php/ICS_V9.4 All ICS active samples are available as prebuilt executables, to allow ease of testing without needing to install ICS and build them all. There are four separate zip files split into clients, servers, tools and miscellaneous samples which can be downloaded from https://wiki.overbyte.eu/wiki/index.php/ICS_Samples Angus

There is also the risk when using non-standard protocol extensions that firewalls, proxies, load balances, etc, may reject or corrupt the requests. If an API needs to delete a massive number of files, it should use an HTTP POST request with the Json including a delete command, not the HTTP DELETE request with content. But I will look at adding this to the ICS client and server, so we can at least test what happens when content is sent with GET and DELETE. Angus

Please make sure you are using MQTT from SVN or the overnight zip, I did a major rewrite a couple of months ago that is not yet released. Coming back to your original problem, the best solution will be a new wrapper component around the ICS MQTT client, that handles reconnection if the connection drops, including using a list of IP addresses for multiple servers. This will avoid applications needing to handle all the reconnection stuff, which is tedious. I'll put it on my list, but it may not make the next release, which is already overdue. The TIcsIpStrmLog client component already does reconnections, just need to take those properties and methods. Angus

I said that TRestParams can not currently create an array of Json objects, at least without nesting multiple components, but it may in the future, Angus

Not sure how quickly your network will recognize that an IP address has moved between devices, that is something that does not happen very often. Each client will need to refresh its ARP cache table to find the MAC of the new PC. WMI can be used to change IP addresses, ICS has a free WMI component and sample that sets IP addresses and gateway. A better solution would be for the clients to know about each server, and use the secondary if the primary fails to respond. Angus

You just build a Json string with your parameters, you can use some helpers from TRestParams.GetParamStream like IcsEscapeJson if your content needs such processing. Then pass the string as RawParams in RestRequest(), the component then builds a stream for you. But this will fail for DELETE as discussed above. Can you please check the API server really is expecting content, do you get a 204 error, does the API documentation actually say content is needed for DELETE? I'm not going to update the component unless I can test it and know the change is really needed. Angus

Anything that crashes the ICS web server is something that should be fixed, if you are sure GET with body is fatal, I'll put it on my list to test and try and fix. I get thousands of hacking attempts on my public server daily, even have a dynamic blacklist to block repeats accesses, currently 4,600 IPs blocked for the last thee days. Angus

I'm not aware that the DELETE request is allowed to submit data as a body, this is not mentioned at: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Methods/DELETE Which is why PContBodyJson is ignored. If a body is allowed for DELETE, ICS will need to be updated TRestParams does have an array method, RPTypeArray, used by AddItemAR(const aName: String; aValue: TStrings), but there is currently no way to create an array of objects in the manner you require, sorry I simply never anticipated it when designing the component, there are simply too many ways to build Json. I'll put it on my list, but it may take a while. Meanwhile, you could build the Json with SuperObject or manually. Angus

I've removed the unwanted DCR and -k, did not show up because Build Groups stops on the first error, so never got to build all the different versions. I fixed the MQTT warning yesterday and have just done the AnsiString warnings, so C++ Win32 now builds without any warnings or errors. Win64 fails completely because dcc64.exe seems to have disappeared with D12.3, think they want us to use Win64 Modern only now, but I get the same error with Win64 Modern. Sorry, no time to mess any more now. Can not upload anything to SVN until I've finished some testing, early next week. Angus

I've just built V9.5 for Win32 using C++12.3 without any errors, just a couple of deprecated warnings. As I did before the V9.4 release. I have removed the -r argument. So maybe you had old versions of these files somewhere, I'll be updating SVN in the next few days, and I'll make sure my work C++ library files are in the SVN directory. Angus

Before I comment any further, can you please confirm you are using ICS from the overnight zip or icsv94.zip or SVN? ICSCommonCBNewDesign.cbproj should be dated February or March 2025, and contains the XML line: <BCC_UserSuppliedOptions> -r</BCC_UserSuppliedOptions> I don't see any -k. So it would appear you are working with some other version of ICS. Angus

The old OverbyteIcsHttpPost sample is for use with THttpCli. If you are using TSslHttpRest, the OverbyteIcsHttpRestTst sample includes several ways of uploading data. POST is simply a command, servers accept uploads in many different ways, since they usually need to know the file name and other information. Angus

Thanks, I'll remove the -k flag. I was able to build V9,4 for D12.3 OK, but Embarcadero was not, which is why it's not in GetIt. For C++ Win64 old, I get four unresolved external errors I don't understand, and Win64 Modern fails completely because the compiler does not export the correct symbol files, reported last year but not fixed in D12.3, yet. Angus

So you are saying that: Smtp.FromName := HdrEncodeInLineEx((MyStr, SpecialsRFC822, 'Q', CP_UTF8, 72, false); does not encode the name? It does seem the email samples don't actually use inline encoding, and perhaps it should be handled by the SMPT component, since we all use unicode compilers nowadays and expect strings to be converted properly. If I can make that work in a backward compatible way, I'll look at adding it to ICS. Angus

LineMode/LineEnd is normally only used for ASCII protocols with limited line lengths, ie HTTP/SMTP etc, The DataAvailable event should only be triggered by LineEnd, but might also be if the connection is closed, or maybe not. That was why I suggested the TIcsIpStrmLog componemt which has more options to avoid data being lost, but unfortunately not long LineEnds. But I'd still use it for your clients, unless the server also sends long LineEnds. Angus

You did not add LineEnd, so it never finds the end of your records. Angus

The TIcsIpStrmLog component can be configured for TCP or UDP. It can do file transfers, but has SendLogLine (const Line: TBytes) which is exactly what you requested. For clients, the component handles connection retries if/when the connection drops. Reading your message again, the record end of eight bytes is not handled, only a single symbol or CRLF, but you could easily adapt the component receive loop to check for a longer end of record. OverbyteIcsThrdSrv is a very old server sample and has not been tested for many years. Try OverbyteIcsSimpleSslServer, inSslWSocketServer1ClientConnect set a long LimieLimit and LineEnd to your six bytes. Ignore the SSL stuff. Angus

ICS sends binary data at the lowest level, it has methods to send strings and TBytes to make life easier for the developer. You need to be more cautious receive, in case of disconnection when your packet end is lost. I'd recommended building the OverbyteIcsIpStmLogTst sample, it uses the TIcsIpStrmLog component that is designed for simple data transfer like yours, it can be configured as a client or server to send and receive packets, the sample should interwork with your existing applications. TIcsIpStrmLog saves a lot of code over using the lower level components, should be working in a day. Angus

Email headers are inline MIME encoded, using HdrEncodeInLine in the OverbyteIcsMimeUtils unit, there are a lot of options for character sets, Q or B encoding, and how to wrap or fold long lines. Look at the OverbyteIcsMimeDemo sample, this illustrates how to use HdrEncodeInLine and other similar MIME encoding and decoding functions. Angus

The onClientMsg event is only triggered for published messages, Sorry, don't know off hand which event is triggered to acknowledge subscribe, you'll need to check the source code. Angus

My Mosquitto log shows exactly that. 2025-03-21T12:51:02: Received SUBSCRIBE from CID64860 2025-03-21T12:51:02: update/memo (QoS 2) 2025-03-21T12:51:02: Sending SUBACK to CID64860 Angus

First place to look would be the Mosquitto log file, maybe subscribe failed for some reason. I did test the latest version against local and remote Mosquitto servers, but my knowledge of the MQTT protocol is almost nil so I don't know what to expect when I click the various test buttons. Angus

ICS is simply reporting a REST API error that says your XML contains an error. So you need to correct your XML. Or maybe you are using the wrong API? Angus

https://www.iana.org/assignments/jose/jose.xhtml and https://www.iana.org/assignments/jwt/jwt.xhtml are a good start to JOSE and JWT and the RFCs that explain the standards for the numerous possible names. Angus

https://www.theregister.com/2025/04/14/ssl_tls_certificates/ https://www.feistyduck.com/newsletter/issue_124_certificate_lifetimes_to_shrink_to_just_forty_seven_days and numerous other sites that reported the same April vote, although https://cabforum.org/ has not yet been updated with the minutes of the meeting, or at least I can not find them. If you are interested in SSL/TLS, subscribe to the Feisty Duck monthly newsletter, it collects all the news. Angus