Angus Robertson

What is in ResponseRaw?  Should be 236 bytes of data per the demo.  If not, your code is different to the demo.

Angus

The V8.60 zip and overnight zip are both now updated, and will again build on recent compilers.

Angus

Both requests seem to work, they both return 200 success and the same length content, so it would appear you are not correctly reading the JSON data returned by the server. 

The Authorization header is different in the two requests, despite both requests seemingly being successful.

Angus

Most of those values you will set according to the requirements of your application, they are self explanatory from the fields on the sample application, but you won't need username and password with OAuith2. 

As requested previously, if you expect help debugging your application, you need to post the request and response headers ICS sent and received, not just tell us it did not work.

Angus

53 minutes ago, jbWishmaster said:

[dcc32 Error] OverbyteIcsFileCopy.pas(1459): E2242 'SysUtils' is not the name of a unit

Sorry, made last minute change to make that unit OS-X compatible, but did not check it properly, will update it shortly.

Meanwhile, just change WinApi to System on the two lines with SysUtils errors.

Angus

ICS V8.60 has been released at:

http://wiki.overbyte.eu/wiki/index.php/ICS_Download

ICS is a free internet component library for Delphi 7, 2006 to 2010, XE  to XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo and 10.3 Rio, and C++Builder 2006 to XE3, 10.2 Tokyo and 10.3 Rio. ICS supports VCL and FMX, Win32, Win64 and MacOS targets.

The distribution zip includes the latest OpenSSL 1.1.1 win32, with other versions of OpenSSL being available from the download page.

Major changes in ICS V8.60 include:

1 - Added several new components and sample applications created by Magenta Systems Ltd over the past 17 years and previously distributed and installed separately to the ICS distribution.  Bundling them with ICS makes installation and updating easier, and allows existing ICS samples to make use of many the new components, such as UTF-8 file logging. All the components have new names so existing applications using the originally distributed versions will still work, but it's recommended updating existing applications for the new ICS versions. The added components include IP stream logging, SMTP Mail Queue, Time Server and Client,  Whois client, blacklisting of malicious IP addresses, file logging functions, file indexing, copying and deleting, FTP indexing, multiple file uploading and downloading, HTTP page parsing and URL downloading.

2 - In THttpCli, only follow relocation for 3xx response codes, not 201 Created, but keep Location property for 201 which is often response to a POST and may be needed by the application.

3 - When starting TWSocket Connect, the IP address chosen for DNS lookup is now saved in ASCII as AddrResolvedStr which is useful in connect OK or failed events to see whether an IPV4 or IPv6 address was chosen, and which was used if DNS offered multiple IPs. AddrResolvedStr is exposed as a property in TWSocket, THttpCli, TSslHttpRest and TFFtpClient and reports in failed connection events.  Other clients will be added soon.

4 - Various samples have been updated to ease testing of IPv6 and to save the diagnostic window activity to a disk log file, OverbyteIcsHttpsTst, OverbyteIcsHttpRestTst, OverbyteIcsTimeTst, OverbyteIcsX509CertsTst.

5 - Added round robin DNS lookup if DNSLookup returns multiple IP addresses, so they are used in turn after a failure when a component is called repeatedly without being freed.  This is implemented in THttpCli, TSslHttpRest TFFtpClient and TIcsTimeClient.  Other clients will be added soon.  There is a new OnSelectDns event to override round robin lookup and make your own choice.

By default, the DNS lookup in ICS components ignores IPv6 addresses and  always use the first IPv4 address offered, when there is more than one. This is usually implemented in the OnDnsLookupDone event in the application or high level component.  So if that first address does not respond, the application never tries any other addresses.

This has become more of a problem when enabling applications for IPv6, by changing SocketFamily from the default sfIPv4, to sfAny, sfAnyIPv4 (prefer IPv4), sfAnyIPv6 (prefer IPV6) or sfIPv6 (only IPv6), when IPv6 addresses may also be returned as well as IPv4.  Due to routing or firewall issues, IPv4 and IPv6 might not both be available and so connection will fail if that address is chosen first.  Previously it was necessary to restrict SocketFamily so only the working family is attempted.

The DNS round robin implementation relies on keeping the last successful connected IP address, so it can be re-used for subsequent connections, but looping through any alternative addresses if the last connection failed, for subsequent connection attempts. Most existing applications use the OnDnsDone event to select the connection IP address so the round robin code is added there.

Newer applications making use of TWSocket ComponentOptions wsoAsyncDnsLookup should added code in OnDNSLookupDone and update the DnsResult property which is then used by Connect.

6 - IcsHosts supports two new TSslSrvSecurity server security levels, sslSrvSecTls12Less and sslSrvSecTls13Only, the former disables TLS1.3 in ICS servers if TLSv1.3 fails (perhaps a bad client implementation) while the second only supports TLSv1.3.

7 - Up to date C++ packages are included for 10.2 Tokyo and 10.3 Rio. Information on installing ICS for C++ 2007 may be found at: https://en.delphipraxis.net/topic/844-use-ics-with-c-builder-2007/
Sorry, currently don't believe it's easy to update the ICS source code to avoid the changes needed for C++ 2007.
 

Full release notes are at: http://wiki.overbyte.eu/wiki/index.php/ICS_V8.60

Angus

1 hour ago, ZRomik said:

Where I can find log-file? And how I can wait response from server?

On the REST sample Settings tab, you select Debug Logging as 'HTTP Header' or 'HTML Body', and the headers appear in the log window.  The latest version in V8.60 adds a Log Directory field which also write the window to a disk log file, if specified. 

Angus

15 hours ago, ZRomik said:

I'm trying to run the OverbyteIcsHttpRestTst  demo app.  When I press "Start REST Request" button  I see in log that message: "HTTP Error 400. The request has an invalid header name."

The sample logs all the request and response headers, we need to see those to explain why you get a 400 error.

Angus

As Allen said, you spelled Authorization wrong, one reason to use the new property rather than write your own headers. 

Also you are using async methods but not waiting for a response, you should use sync methods if you want a simple application.

Exactly what header responses do you get with the correct spelling. 

Angus

I added a new component TSslHttpRest in V8.58 which makes several of your lines redundant, look at the new sample project OverbyteIcsHttpRestTst which also illustrates OAuth2.

Also,  TSslHttpCli has a new property THttpAuthType that adds httpAuthBearer and httpAuthToken, and AuthBearerToken for OAuth so you don't need to use ExtraHeaders.

Angus

I'm trying to update the new C++ packages for all the units added in V8.60, I thought successfully, except I'm unable to add DCR and PAS units with the same name to IcsVclBCB, I can add or the other, but get duplicate dialogs when added both together or one subsequently.  Yet the package already correctly contains PAS/DCRs for lots of other units.  Editing the XML manually is a pain due to the BuildOrder tag.

Amazingly, without the DCRs I have managed to build the C++ packages, after removing all Delphi packages. 

Angus

EmptyStr will not compile in Delphi 2007, needs a constant not a string in declarations.  Could be done with dozens of conditional lines since this effects several units.

Angus

Don't worry about the EmptyStr change, I'm doing it for several units at the moment. 

Angus

OK, I see that default, it is not important and can be changed. 

But numerous other functions and procedures in ICS have default parameters, they are very useful.  Surely C++ is not objecting to all of them?

Angus

Sorry, I can not find any lines in that unit that match your comments. the word unknown does exist in the unit. 

If you need to make changes to keep an old compiler happy,  please change the SVN version of the unit and email it to me.   And those changes must be backward compatible.

Angus

Sorry, as discussed elsewhere in this forum, we don't support those old C++ packages at the moment, due to lack of C++ knowledge.  I want to remove, them, but other users manage to get them to build.

Angus

Many thanks, uploaded to SVN, will be zipped overnight about 11pm.  The readme will be updated soon.

Angus

Sorry no idea, I don't do C++ and the C++ packages are unsupported.

Angus

6 hours ago, Sherlock said:

And spell checking should be a browser feature... at least my Firefox does it for me.

I'm using Firefox, but no spelling.  I have 'check your spelling as you type' checked. 

Later, installed a British dictionary and Spelling now appears on the right click menu. 

I thought better web applications used Ajax for spelling nowadays.

Angus

I added a new OnSelectDns event to THttpCli six months ago, to allow the application to handle alternate addresses.  The latest version has THttpCli handling this internally provided the event is not set. 

I'd prefer DNS round robin to be handled in WSocket to make it easier to use, but most components have handled the OnDnsLookupDone event themselves.  It only a year ago that WSocket got the ability to handle OnDnsLookupDone internally to simplify higher level components.

Angus

Ah, a white box on a white background with a light grey caption.  Thanks,

Angus

How do I spell check a post?

How do I search for old posts?

Angus

Increasingly, DNS look-ups are offering more than one IP address, sometimes for load sharing, sometimes both an IPv4 and IPv6 address., like Google and many major sites. 

By default, ICS components ignore IPv6 addresses, and always use the first IPv4 address offered, when there is more than one.  This is usually implemented in the OnDnsLookupDone event in the application or high level component.  So if that first address does not respond, the application never tries any other addresses. 

This has become more of a problem when enabling applications for IPv6, by setting SocketFamily to sfAny or sfAnyIPv6.  It is not uncommon for the IPv4 or IPv6 address to be unavailable, perhaps due to routing or firewall issues or simply IPv6 not being available.  Currently, it's necessary to restrict the SocketFamily so only the working family is attempted. 

So I'm adding round robin DNS look-ups to some of the high level protocols, this has been on my wish list for several years.  This is already done for the new TIcsTimeClient SNTP time client component in V8.60 which is particularly easy to test since pool.ntp.org returns four IPv4 and four IPv6 addresses, changing every few minutes, one of which is usually dead.  

The DNS round robin implementation relies on keeping the last successful connected IP address, so it can be re-used for subsequent connections, but looping through any alternative addresses if the last connection failed, for subsequent connection attempts. 

I've just added a similar implementation to the HTTP and FTP clients, not yet in SVN, which works fine, but only when you call the components multiple times, without destroying the component so the internal variables remain. Currently the application is unaware of how many different IP addresses are available. 

So I'm wondering if the DNS round robin implementation should be extended, either by letting the application know further attempts are worthwhile or perhaps by optionally making those attempts internally in the components?

Or does anyone have suggestions for a better DNS round robin implementation?

Angus

The X509 certificates are just files, in PEM, PCS12, or PCS7 single or bundle files, and can be copied to a UNC directory, where any server can pick them up.  They can be manually installed in the Windows store, but not automatically, yet.  The server is responsible for ordering new certificates, but the component includes a database with most of the information required.

Angus

ICS V8.58 added a new TSslX509Certs component allowing ICS servers to automatically order, download and install SSL/TLS certificates from various suppliers, including free certificates from Let's Encrypt, and commercial certificates for DigiCert, Comodo, Thawte and GeoTrust from CertCentre AG. It also acts as a private CA to issue local certificates.  

The TSslWSocketServer, TSslHttpServer, TSslHttpAppSrv, TIcsProxy and TIcsHttpProxy components can assign a TSslX509Certs component to support automatic certificate ordering of domain validated certificates with very little extra code. 

There is a new sample project OverbyteIcsX509CertsTst to demonstrate the TSslX509Certs component, which may be used as a standalone application to order X509 certificates from Let's Encrypt and CertCentre AG, and monitor the certificate orders database, and to issue own CA certificates.

http://wiki.overbyte.eu/wiki/index.php/FAQ_Order_SSL_Certificates

I'm about to revisit the TSslX509Certs component to support some Let's Encrypt changes like the new SSL challenge, so am interested in any feedback or suggestions from those that have used it,  Even just the sample application which can be used to order certificates for other web servers or applications.

Angus