Jump to content

Angus Robertson

Members
 View Profile  See their activity

  • Content Count

    2074

  • Joined

  • Last visited

  • Days Won

    38

Posts posted by Angus Robertson

  1. Posted

    Quote

    "A Previous Version of RAD Studio 12 was found on your system"

    I had that recently when reinstalling D12 in a test VM, the Windows uninstaller system thinks the old version is still installed, and the installer does not check if unins000.exe actually exists, look for this registry entry and remove all the keys:  This key is for Delphi 12, other versions will have different keys but searching for Embarcadero will find them.

     

    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall{3CDF0089-74E4-454C-8A6C-BEE7ADFEF600}_is1

     

    Angus

     

  5. Posted

    I've not seen this problem in snippets, but don't often test the samples with Win64. 

     

    I have seen it on a Win64 web server running on Windows Server 2018, discussed in this forum a few months ago, but the same Win64 web server runs fine on two others Windows Server 2022 and Windows 11.  

     

    So there is a lurking Win64 problem somewhere, not convinced it's in ICS, could be OpenSSL or Delphi.  Not easy to debug when it only fails on a heavily used live server, That particular web server is now built as Win32 due to the crashes, but a very similar API web server is still Win64 and never fails. Not had a web server crash for over two months.  

     

    But if the error is reproducible in snippets, that will be easier to test.  But not this week...

     

    Angus

     

  10. Posted

    Technically, https://test.com?test is an invalid URL, since there is no path included in the URL,

     

    Without the query parameter, ICS would add path / automatically, so probably should do so for the query parameter as well, that is what my Firefox browser seems to do.

     

    Will fix it next week. 

     

    If you want to do it yourself, in THttpCli.DoRequestAsync change:

     

    if FPath = '' then FPath := '/';    to 

    if Pos('/', FPath) <> 1 then FPath := '/' + FPath;

     

    Angus

     

  11. Posted

    As François says, you need to open that port using TWSocket, but it might take a long is you have to try 65,000 IP addresses. 

     

    Build the OverbyteIcsNetTools sample, click the LAN Devices tab, then Start, That uses the IcsNeighbDevices component to build a historic LAN neighbourhood MAC device and IP address table includes ARP and IP range scanning, and reverse host lookup, shows MAC vendor name to help identify devices.  Runs in a thread continually checking for new devices.

     

    The OverbyteIcsPemTools sample has a Test Host Certificates function that uses the TIcsIpStrmLog to connect to a long list of hosts, that could be adapted to ignore the SSL stuff and just open a port for your IP address list.

     

    Angus

     

    • Thanks 1

  12. Posted

    Async components are certainly better for servers and applications making parallel requests, but sync are easier to write not needing to keep track of state, and where only one request is made at a time.  

     

    The main issue here is knowing when RequestDone is called, what published component properties need to be checked and for what, and what other requests need to be made, a sync request hides all that from you so is easier to use.  

     

    Your original use of the async component was actually sync since you had a wait loop afterwards, which is exactly how the sync component works,

     

    Angus

     

  13. Posted

    The OpenSSL_ProgramData define is ignored if OpenSSL resource files are linked, it's an alternative option.

     

    You can not use OpenSSL_AutoLoad_CA_Bundle if you want to change where OpenSSL is loaded, it's too late to change anything in code. 

     

    You can set GSSL_PUBLIC_DIR to your own directory before OpenSSL is loaded (instead of c:\programdata) but sub-directorties will still be created in your new directory, each OpenSSL release needs a unique directory.  Note I've not tested this! 

     

    Use of the existing GSSL_SignTest_Check public variable is unchanged, if set true before loading OpenSSL, ICS checks the DLLs are digitally signed, which includes corruption checks.  It does not check the signing certificate at the moment, too much extra code.  This does not work yet for OpenSSL_AutoLoad_CA_Bundle, too late, need to think about that.

     

    Angus

     

     

     

    • Like 1

  14. Posted

    Although the snippets sample was added after your release, you should be able to built it with V8.70 after removing some new units added with later releases.  Or you download a compiled version of snippets and httpresttst from https://wiki.overbyte.eu/arch/icsdemos-clients.zip to test them.

     

    As I said, for sync mode you don't RequestDone event, just check the status code returned by the RestRequest method, the error code in the event is irrelevant. 

     

    The one event you should use is OnHttpRestProg and set DebugLevel := DebugHdr, that is the logging event that shows exactly what the component is doing with commands, hesders and error messages, you will see that running either of the samples I mentioned.

     

    Angus

     

     

     

  15. Posted

    Because you no longer need to distribute the DLLs separately, the increase EXE size should mostly cancel out.  Or change the defs file and leave the DLLs alone, this change was really intended for new applications. I have tried to explain all this.  You also don't need to distribute a root bundle file, but many people probably ignored that. 

     

    https://wiki.overbyte.eu/wiki/index.php/Updating_projects_to_V9.1

     

    Angus

  18. Posted · Edited by Angus Robertson

    To get started with the ICS REST component, I suggest you build and run the OverbyteIcsSnippets sample, click the 'HTTP REST Json Request' button and see what it does.  You can then copy the doHttpRestReqClick function which is heavily documented for all the hard coded properties.

     

    In your code, you say you are using the TSslHttpRest component, but you are not using the RestRequest method which is how all requests are started, you've not looked at our REST samples.

     

    BTW, one of the arguments in RestRequest specifies if the component makes sync or async requests, so make a sync request and your processmessages loop is no longer required, nor the RequestDone method.

     

    Angus

     

  19. Posted

    Quote

    What is the main difference between OpenSSL 3.0.x / 3.1.x / 3.2.x / 3.3.x

    Short answer, no difference as far as ICS is concerned.  ICS does not use any of the new features in 3.1, 3.2 or 3.3, yet.

     

    Long answer, OpenSSL is adding new features for each release, 3,1 was minor stuff, 3.2 was QUIC for HTTP/3 clients, 3.3 has just entered alpha testing and adds QUIC for HTTP/3 servers.   

     

    Not sure if ICS needs to support QUIC and HTTP/3 (or HTTP/2), the only benefit is performance primarily when displaying complex web pages with hundreds of elements, and ICS is primarily used for APIs, not creating web browsers. 

     

    HTTP/2 is half way to HTTP/3 (compressed headers) and there is an Indy implementation using a DLL, but hear very little about it, not sure if Delphi users need it?

     

    I've vaguely thought about a proper Delphi HTTP/2 implementation, but it's a lot of work for no visible benefit, just small performance improvement.

     

    There is are some OpenSSL 3.2 features I may look at, but no rush. 

     

    My own servers are still using 3.0. 

     

    But ICS offers all the currently supported versions.  3.1 and 3.2 will disappear before 3.0, once the next long term support release comes out.

     

    Angus

     

     

     

  20. Posted

    I don't do C++ so it is totally untested for V9.1, I removed hundreds of old files and some of those might have been needed for C++.  Once you get it working, please email any changes for the next release.   We can then restore it for GetIt.

     

    Due to OpenSSL being more integrated now, there will probably be quarterly releases to match OpenSSL.

     

    Angus

     

  21. Posted

    Back to my reply yesterday, you are still not requesting a secure connection, just from a different demo. 

     

    Beware SSL connections to IP addresses will always give certificate errors, and won't connect unless you ignore those errors, as will happen since you've left the default Verify Certificate Mode. 

     

    Your server should have a domain host name, that name should be set in DNS and the IcsHosts.Hosts setting and the SSL certificate should be for that host name, and the client connects to that host name, that is what SSL/TLS is all about.  ICS V9.1 will create that certificate locally if it does not exist, although for the public internet it will order a certificate from Let's Encrypt.

     

    Can not tell if the server is running correctly, the client is connecting to non-SSL port 21, you have not shown the logging for the SSL certificates chain.  You get that error message because you've left the IcsHosts setting AuthForceSsl=True so it refuses to connect without SSL, FTP is very insecure without SSL sending plain text passwords.  

     

    Angus

     

  24. Posted

    There is a clever improvement in the GetIt ICS installation process, thanks Embarcadero.

     

    After the packages have been built and installed, the ICS demos-delphi-vcl project group opens in the IDE, allowing all the samples to be viewed and built, recommend saving the group as a favourite so it can be easily found.

     

    The group opens with the OverbyteIcsSnippets project, that provides one button examples of HTTP and FTP multiple file downloading and uploading, HTTP REST requests, Websocket client, TCP socket traffic, and sending email using Mail Queue. 

     

    Angus

     

×