Angus Robertson

If this application is for wider use, you need to make sure IPv6 is enabled on the PC, otherwise the binding will fail.  Many people disable IPv6 to quickly solve problems rather than fixing them properly.

Angus

If your PC supports IPv6, using localhost will try both IPv6 and IPv4, so best to have your server listening on both 127.0.0.1 and ::1.  I recently changed the ICS TSimpleWebServer to do exactly this, for this reason.

You may think you can ignore IPv6, but life is not that simple for developers. 

Angus

Thanks, will fix my local copy but won't be in SVN for at least a week. 

Angus

GSSL_DLL_DIR is used when you want to access OpenSSL DLLs in non-standard locations.  It is normally left blank if the DLLs are in the same directory as the EXE or in the system path (not recommended due to multiple versions).

Angus

HTTP/1.1 keeps the connection open to handle repeated requests, so one request may work, then seconds later the connection is closed and you get an error without another request starting.  How this is reported is down to the developer.

Angus

Which ICS version were you using previously?  

The only real change in FTP client recently was ensuring TCP buffers are a decent size, overriding old tiny buffer sizes saved on forms years ago, so make sure you don't set DataSocketSndBufSize or DataSocketRcvBufSize on the form.  This should be transparent, but maybe C++ is different, I never test it.

Angus

Why are writing your own code to read  P12 files, this was added years ago?   The PemTool sample opens and saves lots of formats. LoadFromP12File or just LoadFromFile will work.

Angus

ICS V8.65 is now also available from GetIt on 10.3 and 10.4.

Angus

I have already given you all the information you need to write such an application.  I'm not aware of free source code that you can copy.

Angus

APR only shows the IP addresses your PC has attempted to connect to, you also need to ping them or connect with UDP/TCP, then the ARP table will fill up.  

IP Helper does not have reverse DNS lookup, that is part of all standard internet packages, ICS, Indy, etc, as is ping and open a connection.  But you wanted MAC addresses for some reason, and that is what ARP gives you. 

Angus

If you are only looking for your own application running on a phone, an easier solution than ARP or scanning with ping  is to use UDP broadcasts in some way, that is how most devices discover each other on a LAN.  One device listens on a unique port, and responds with it's IP address and details when it hears a broadcast. 

Angus

So you are trying to find the dynamic IP address of a specific device on your LAN? 

The easiest solution is to avoid dynamic addresses and arrange the DHCP server to allocate a reserved IP address to the phone, that is what I do, although that only works for IPv4. 

Otherwise you can use the ARP table I mentioned previously to find the LAN IPs and MACs your PC has connected to, but you may need to also ping the IP you expect before anything shows in ARP. the  Internet Protocol Helper Component does ARP, ping is available from many places, including ICS. 

Angus

Sorry, still not clear.  What has a phone got to do with a Windows Delphi application.  And what does 'press an IP' mean,  What is your business requirement?

Angus

Why not just use the Nirsoft Wireless Network Watcher tool, it's not really wireless related, just lists details of all LAN IP addresses if finds similarly to your earlier screen shot.  It runs 24/7 on my network, it keeps a database of last contact times and names, for phones and NEST devices that only connect periodically. 

It continually pings all addresses on the LAN, then does reverse DNS lookups, and gets MAC addresses from the Windows ARP table. (probably). 

Angus

Sorry, seems the default target platform for IcsCommonD104Run is OSX64 instead of Win32, I never noticed because I always build ICS from the Build Groups pane which builds all packages for Win32 and Win64 with a single click.  And no-one else reported the issue.  Just change the target to Windows 32-bit and it will build OK.  I never build for MACOS. either. 

Angus

ICS V8.65 has been released at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download

ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo, 10.3 Rio and 10.4 Sydney, and C++ Builder 2006 to XE3, 10.2 Tokyo, 10.3 Rio and 10.4 Sydney. ICS supports VCL and FMX, Win32, Win64 and MacOS 32-bit targets.

The distribution zip includes the latest OpenSSL 1.1.1i win32, with other versions of OpenSSL being available from the download page.

Major Changes in ICS V8.65 include:

1 - The ReadMe8.txt file has a new 'Getting Started with ICS' section listing the types of projects ICS may be used for, and suggesting the correct components to use, and their related sample applications for  testing.  This is recommended reading for anyone doing new ICS development since it discusses all the new high level components like TSslHttpRest added in the last few years which can reduce development effort considerably.  It may also be viewed at: http://wiki.overbyte.eu/wiki/index.php/ICS_Getting_Started

2 - Added new TIcsRestEmail component that provides basic support for Google and Microsoft Outlook email REST APIs including OAuth2 login and refresh to get an access token for SMTP and POP3 XOAuth2 and 0AuthBearer authentication. TIcsRestEmail has methods to send and read email, to list IDs in a mailbox, read headers and message bodies by ID, send emails and delete emails.

3 - The SMPT, POP3 and MailQueue samples all now support XOAuth2 and 0AuthBearer authentication using the TIcsRestEmail component. The low level component call an event to get the authentication access token, which is provided by IcsRestEmail, together with a refresh token which is saved  instead of a password.

4 - To access email using REST APIs or OAuth2/SMTP/POP3 an 'application account' needs to be created though the Google or Microsoft provider console.

5 - Added a new TIcsTwitter component and sample, requires a developer account from Twitter. Includes login to Twitter, send tweet, search tweets and get specific tweets, all responses are Json which the application needs to untangle.

6 - Improved TRestParams allowing them to save more Delphi types correctly without conversion to strings, and to save parameters in new formats.

7 - There are various OAuth2 improvements to make it easier to implement. Added several TOAuthUri records designed to set-up common OAuth2 account  settings for providers like Google, Twitter, Microsoft  and Sipgate, by using the LoadAuthUri method.

8 - TSimpleWebSrv continues to get less simple, it has aWebSrvIP2 property for a second address so it can listen on IPv4 and IPv6 at the same time, with and without SSL if necessary.  Setting WebSrvIP to localhost sets both 127.0.0.1 and [::1] so the browser OAuth2 redirect can choose IPv4 or IPv6.

9 - Made some improvements to SuperObject, used for Json creation and parsing.  When parsing Json there are new functions that return a sensible error message about parse errors and the location.  There is a new object type DateTime or DT which reads or writes TDateTime to avoid the application needing to do the ISO string conversion. Json can now be parsed to a depth of 64 levels.

10 - Rewrote and improved the way ICS reads SSL/TLS certificates and bundles, simplifying code that has got partly duplicated over the years as new methods were added, and improving error handling so the infamous stack error should no longer appear, instead more useful messages.  All certificate files are now written with the UTF8 character set for the added comments that may include non-ASCII characters.

11 - All the ICS root bundles are now created cleanly by an application, rather than mostly manually by copy and editing, to reduce errors. This fixed four corrupted root certificates in the older bundles, see http://wiki.overbyte.eu/wiki/index.php/FAQ_SSL/TLS_Certificate_Authority_Root_Stores

12 - Previously the Jose unit offered functions primarily for client JWS/JWT REST applications, it now includes extra functions for REST servers to check and verify the JWS/JWT sent by clients.  The Jose sample application has new tests for JWS/JWT, and to parse and display Json.

13 - Added a new Multi Host FTP Server sample using IcsHosts. Really designed to be a Windows service application. It supports multiple SSL hosts with multiple listeners, can order it's own SSL certificates and will create self signed certificates for any missing,  and will email status information and errors to an administrator.

14 - Fixed a long term external SSL session cache issue in some components and samples that meant if an SSL handshake fails due to a bad certificate or chain, it is necessary to remove the SSL session from cache so an immediate retry does not succeed by skipping the certificate checks. This is only a short term issue, because the cache is usually cleared after a few minutes. This will effect any client applications using the external SSL session cache including HTTPS.

15 - Increased the TCP send and receive buffer size to 64K in all components and samples, and generally don't allow it to be set lower.  Unfortunately the default buffer size never kept up with faster internet speeds which meant some components transferred data slowly.

16 - Made some improvements ordering SSL/TLS certificates. Made Windows Server DNS updating using WMI more robust so wild card Acme orders work reliably.

17 - Made some internal changes loading OpenSSL, to avoid the two DLLs being loaded from different directories and to give better exceptions if they are missing.

More detailed release notes are at: http://wiki.overbyte.eu/wiki/index.php/ICS_V8.65

All your changes, and some other USE_SSL issues, were in SVN last night. The final release is today once I complete the documentation.

Angus

Quote

I'm not reporting, I provided patch instead

I don't use patches that have no explanation of their purpose or from unknown versions of ICS.  But I will check my next build finds the same fixes.

Angus

BTW, the USE_SSL conditional is a historical curiosity from 15 years when SSL support was optional. Today it's only purpose is to make programs that don't need SSL a little smaller, but makes the source code bloated and hard to maintain, all new ICS components only build with USE_SSL.  So future support of USE_SSL is unlikely, it wastes too much of my time.

Angus

Very few ICS applications work without SSL, so testing without SSL and without many of the other obscure settings is very low priority, done only before major releases or when people actually report specific problems, which I don't recall you doing previously.   I will test without USE_SSL before the next release and fix any issues.

Angus

The last V8.5x release was two years ago, and I have indeed compiled one or two programs using ICS in that time. 

Angus

There are more authentication methods in newer ICS versions, not sure which method you are using, but you can still add your own header the same as your old application, and do use the logging event, makes debugging so much easier.

Angus

With the TSslHttpRest component, you don't need an SslContext, you just set HttpRest.SslCliSecurity to one of the 14 TSslCliSecurity types, like sslCliSecTls12 for TLS/1.2 or better, and all the context options are set.  other options force TLS/1.0 is you want to check is old stuff is supported, etc. 

BTW, recommend you use TSslHttpRest from V8.65 in the overnight zip, it has a large number of improvements over V8.64, and will be finally released next week.

Angus

You don't say what errors or exceptions are reported, so no idea whether the problem is the client or server.

Your code is the old way of doing this, recent versions of ICS have a new TSslHttpRest component derived from TSslHttpCli that handles all send and receive streams internally (and SSL context),, and has logging built in. 

There is a new OverbyteIcsHttpRestTst sample that should allow you test your request and see the result, also the OverbyteIcsSslHttpRest unit itself has several example of using TSslHttpRest to access Google, Twitter, Microsoft and other REST APIs, the code for sending a Json email is as simple as::

HttpRest.RestParams.Clear;
HttpRest.RestParams.AddItem('raw', IcsBase64UrlEncode(Content));
HttpRest.RestParams.PContent := PContBodyJson;
HttpRest.ServerAuth := httpAuthBearer;
HttpRest.AuthBearerToken := FAccToken;
HttpRest.DebugLevel := FDebugLevel;
StatCode := HttpRest.RestRequest(httpPOST, EmailURL, False, '');
FResponseRaw := HttpRest.ResponseRaw;
FResponseJson := HttpRest.ResponseJson;
 

This is a sync request, so does not return until the request is done, but the third boolean argument makes it async.  No events are needed, you write ResponseRaw to a file if you really need it saved.

Angus

Updated OpenSSL to 1.1.1i, fixes a high severity problem reading specially crafted malformed SSL certificates that could cause OpenSSL to crash, also minor bug fixes.

The same high severity problem happens in 1.0.2 and 1.1.0, but these are out of support so users should update to 1.1.1.

Angus