Angus Robertson

Add recent: to the start of the account user name, no spaces.

Angus

Quote

But not all servers reply to ping request...

www.msftncsi.com and ipv6.msftncsi.com both respond to ping. 

Angus

Rather than accessing Google, you should check http://www.msftncsi.com/ncsi.txt and http://ipv6.msftncsi.com/ncsi.txt  which are the Microsoft Network Connectivity Status Indicator web pages used by almost all Windows installations every few seconds for many years to detect network connectivity for IPv4 and IPv6 (one or other may not work). They are designed for heavy use, and return a two word text page.

While you can use TCP to open a web page, there is a long timeout trying to connect, 30 seconds or more, so it's faster to use ICMP ping, to www.msftncsi.com, look at the OverbyteIcsPingTst.dpr sample, with ping you can set a five second (or less) timeout to get a quick response.

Angus

The original example was a short POST URL with parameters sent as Json, which can easily be encypted in numerous ways for privavy, base64 does not protect anything.  Advantage of using JOSE is the use of standard libraries.  Not sure why one would want to prorect a simple login page URL. 

Angus

Quote

It is impossible for a server to detect middle man when the secure connection is TLS/HTTPS with only server side certificate authentication

Which is why many servers insist on using JOSE technologies such as Json Web Signing which means the headers are signed with a password or private key before being sent, so can not be changed without the server knowing, this is how Let's Emcrypt and OAuth1/2 work.  Or Json Web Encryption if you don't want the headers read. 

Angus

Sorry, my fault, seems the latest version never made it to master or SVN,  Will be fixed real soon, once I get SVN installed on my new development PC, such a pain building new systems. 

Angus

Quote

I did have to add `TIcsRestEmail` to the parameter list of the RegisterComponents() procedure call in `OverbyteIcsReg.pas`

The comments at the top should say: Sep 2020  V8.65  - Added TIcsTwitter and TIcsRestEmail, unless you have an older version?

Angus

That particular demo is obsolete and no longer works, since it does not support SSL, and that is needed for Google and almost everyone else nowadays.  I really should remove many of the old files from the ICS distribution, if there were more hours in the day...

ICS has a new SSL REST and Json demo, OverbyteIcsHttpRestTst.dpr, you should be able to use the GUI to make the same search as the old demo.

Angus

Displaying a replacement password character could be done by editing the form in the program resources, but would mean changing each TEdit component separately.  I guess developers should really set the replacement character before display to stop editing, to overcome that would mean a lot of debugging. 

Of course all executables should be code signed against tampering, and the hash should be checked by the program itself before it runs, ideally the certificate as well.  I have a little unit that does that. 

Angus

Your port access might be blocked by Windows Firewall, which can only be turned off completely on Windows 10 by disabling the service in the registry.  But that should not give an exception, just fail to work. 

My comment about AnsiStrings was for unicode compilers, not Delphi 7.  You can write Windows services  in Delphi 7, very few Delphi applications benefit from the extra memory supported by 64-bit. 

If it was my project, I'd simply replace those old TCP components with ICS, if you are using only UDP there is nothing complicated.  But the problem may be unrelated to UDP, hard to tell from your description.

Angus

The main issue updating from Delphi 7 to Delphi 2009 or later is unicode, strings are now two bytes per character, all all TPC/UDP communication is a stream of bytes.  

Changing all Striing definitions to AnsiString may work, although that will depend on how TServerSocket was implemented in unicode compilers, never used it myself since I've been using ICS for over 20 years instead.  For project maintenance, I'd just stick to Delphi 7 under Windows 10, it still works today, no benefit in changing compiler unless you plan a lot of new development with new components. 

Angus

In ICS, there is a function that includes code attempting to open an IPv6 UDP socket, which fails if there are IPv6 addresses, you'd need something similar, if Indy does not have a similar function. 

            s := Ics_socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
            Result := s <> INVALID_SOCKET;
            if Result then begin
                Ics_closesocket(s);
                GIPv6Available := 1;
            end
            else
                GIPv6Available := 0;

Angus

If this application is for wider use, you need to make sure IPv6 is enabled on the PC, otherwise the binding will fail.  Many people disable IPv6 to quickly solve problems rather than fixing them properly.

Angus

If your PC supports IPv6, using localhost will try both IPv6 and IPv4, so best to have your server listening on both 127.0.0.1 and ::1.  I recently changed the ICS TSimpleWebServer to do exactly this, for this reason.

You may think you can ignore IPv6, but life is not that simple for developers. 

Angus

Thanks, will fix my local copy but won't be in SVN for at least a week. 

Angus

GSSL_DLL_DIR is used when you want to access OpenSSL DLLs in non-standard locations.  It is normally left blank if the DLLs are in the same directory as the EXE or in the system path (not recommended due to multiple versions).

Angus

HTTP/1.1 keeps the connection open to handle repeated requests, so one request may work, then seconds later the connection is closed and you get an error without another request starting.  How this is reported is down to the developer.

Angus

Which ICS version were you using previously?  

The only real change in FTP client recently was ensuring TCP buffers are a decent size, overriding old tiny buffer sizes saved on forms years ago, so make sure you don't set DataSocketSndBufSize or DataSocketRcvBufSize on the form.  This should be transparent, but maybe C++ is different, I never test it.

Angus

Why are writing your own code to read  P12 files, this was added years ago?   The PemTool sample opens and saves lots of formats. LoadFromP12File or just LoadFromFile will work.

Angus

ICS V8.65 is now also available from GetIt on 10.3 and 10.4.

Angus

I have already given you all the information you need to write such an application.  I'm not aware of free source code that you can copy.

Angus

APR only shows the IP addresses your PC has attempted to connect to, you also need to ping them or connect with UDP/TCP, then the ARP table will fill up.  

IP Helper does not have reverse DNS lookup, that is part of all standard internet packages, ICS, Indy, etc, as is ping and open a connection.  But you wanted MAC addresses for some reason, and that is what ARP gives you. 

Angus

If you are only looking for your own application running on a phone, an easier solution than ARP or scanning with ping  is to use UDP broadcasts in some way, that is how most devices discover each other on a LAN.  One device listens on a unique port, and responds with it's IP address and details when it hears a broadcast. 

Angus

So you are trying to find the dynamic IP address of a specific device on your LAN? 

The easiest solution is to avoid dynamic addresses and arrange the DHCP server to allocate a reserved IP address to the phone, that is what I do, although that only works for IPv4. 

Otherwise you can use the ARP table I mentioned previously to find the LAN IPs and MACs your PC has connected to, but you may need to also ping the IP you expect before anything shows in ARP. the  Internet Protocol Helper Component does ARP, ping is available from many places, including ICS. 

Angus

Sorry, still not clear.  What has a phone got to do with a Windows Delphi application.  And what does 'press an IP' mean,  What is your business requirement?

Angus