Jump to content

Angus Robertson

Members
  • Content Count

    2069
  • Joined

  • Last visited

  • Days Won

    38

Posts posted by Angus Robertson


  1. Rather than accessing Google, you should check http://www.msftncsi.com/ncsi.txt and http://ipv6.msftncsi.com/ncsi.txt  which are the Microsoft Network Connectivity Status Indicator web pages used by almost all Windows installations every few seconds for many years to detect network connectivity for IPv4 and IPv6 (one or other may not work). They are designed for heavy use, and return a two word text page.

     

    While you can use TCP to open a web page, there is a long timeout trying to connect, 30 seconds or more, so it's faster to use ICMP ping, to www.msftncsi.com, look at the OverbyteIcsPingTst.dpr sample, with ping you can set a five second (or less) timeout to get a quick response.

     

    Angus

     


  2. Quote

    It is impossible for a server to detect middle man when the secure connection is TLS/HTTPS with only server side certificate authentication

    Which is why many servers insist on using JOSE technologies such as Json Web Signing which means the headers are signed with a password or private key before being sent, so can not be changed without the server knowing, this is how Let's Emcrypt and OAuth1/2 work.  Or Json Web Encryption if you don't want the headers read. 

     

    Angus

     

    • Like 1

  3. That particular demo is obsolete and no longer works, since it does not support SSL, and that is needed for Google and almost everyone else nowadays.  I really should remove many of the old files from the ICS distribution, if there were more hours in the day...

     

    ICS has a new SSL REST and Json demo, OverbyteIcsHttpRestTst.dpr, you should be able to use the GUI to make the same search as the old demo.

     

    Angus

     


  4. Displaying a replacement password character could be done by editing the form in the program resources, but would mean changing each TEdit component separately.  I guess developers should really set the replacement character before display to stop editing, to overcome that would mean a lot of debugging. 

     

    Of course all executables should be code signed against tampering, and the hash should be checked by the program itself before it runs, ideally the certificate as well.  I have a little unit that does that. 

     

    Angus

     


  5. Your port access might be blocked by Windows Firewall, which can only be turned off completely on Windows 10 by disabling the service in the registry.  But that should not give an exception, just fail to work. 

     

    My comment about AnsiStrings was for unicode compilers, not Delphi 7.  You can write Windows services  in Delphi 7, very few Delphi applications benefit from the extra memory supported by 64-bit. 

     

    If it was my project, I'd simply replace those old TCP components with ICS, if you are using only UDP there is nothing complicated.  But the problem may be unrelated to UDP, hard to tell from your description.

     

    Angus


  6. The main issue updating from Delphi 7 to Delphi 2009 or later is unicode, strings are now two bytes per character, all all TPC/UDP communication is a stream of bytes.  

     

    Changing all Striing definitions to AnsiString may work, although that will depend on how TServerSocket was implemented in unicode compilers, never used it myself since I've been using ICS for over 20 years instead.  For project maintenance, I'd just stick to Delphi 7 under Windows 10, it still works today, no benefit in changing compiler unless you plan a lot of new development with new components. 

     

    Angus

     


  7. In ICS, there is a function that includes code attempting to open an IPv6 UDP socket, which fails if there are IPv6 addresses, you'd need something similar, if Indy does not have a similar function. 

     

                s := Ics_socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
                Result := s <> INVALID_SOCKET;
                if Result then begin
                    Ics_closesocket(s);
                    GIPv6Available := 1;
                end
                else
                    GIPv6Available := 0;

     

    Angus

     


  8. If your PC supports IPv6, using localhost will try both IPv6 and IPv4, so best to have your server listening on both 127.0.0.1 and ::1.  I recently changed the ICS TSimpleWebServer to do exactly this, for this reason.

     

    You may think you can ignore IPv6, but life is not that simple for developers. 

     

    Angus

     

    • Like 4
    • Thanks 1

  9. GSSL_DLL_DIR is used when you want to access OpenSSL DLLs in non-standard locations.  It is normally left blank if the DLLs are in the same directory as the EXE or in the system path (not recommended due to multiple versions).

     

    Angus

     


  10. APR only shows the IP addresses your PC has attempted to connect to, you also need to ping them or connect with UDP/TCP, then the ARP table will fill up.  

     

    IP Helper does not have reverse DNS lookup, that is part of all standard internet packages, ICS, Indy, etc, as is ping and open a connection.  But you wanted MAC addresses for some reason, and that is what ARP gives you. 

     

    Angus

     


  11. If you are only looking for your own application running on a phone, an easier solution than ARP or scanning with ping  is to use UDP broadcasts in some way, that is how most devices discover each other on a LAN.  One device listens on a unique port, and responds with it's IP address and details when it hears a broadcast. 

     

    Angus

     

    • Like 1

  12. So you are trying to find the dynamic IP address of a specific device on your LAN? 

     

    The easiest solution is to avoid dynamic addresses and arrange the DHCP server to allocate a reserved IP address to the phone, that is what I do, although that only works for IPv4. 

     

    Otherwise you can use the ARP table I mentioned previously to find the LAN IPs and MACs your PC has connected to, but you may need to also ping the IP you expect before anything shows in ARP. the  Internet Protocol Helper Component does ARP, ping is available from many places, including ICS. 

     

    Angus

     

     

×