Jump to content

Angus Robertson

Members
 View Profile  See their activity

  • Content Count

    2071

  • Joined

  • Last visited

  • Days Won

    38

Posts posted by Angus Robertson

  1. Posted

    The release notes and DelphiPraxis announcements covered that:

     

    Also note when building the ICS packages for the first time with 3.4, there may be a dialog 'entry point could not be located', because the new DLLs are only extracted from the resource files when the first application is run, but the packages have built OK.

     

    Angus

     

  5. Posted

    I tested D9.4 building OK in D2007, but I no longer have a license for D2010. 

     

    Line 3825 is beyond the end of the unit.  It could be the compiler does not like the if/ends You could try adding a new {$ENDIF} before initialization and {$IF MSWINDOWS} after. 

     

    Angus

     

     

  6. Posted

    The  OverbyteICSNetMon sample builds fine for Win64, built it two days ago.  

     

    But there is a comment in the sample 'Pending - NPCap does not seem to work on Win64, needs more testing', and I've never had time to look into it. 

     

    This code was written 20 years for Pcap and quickly updated for NPcap, perhaps I missed some stuff.  In particular, it uses Windows magic to assume that a Win64 version of packet.dll is found., 

     

    Angus

     

     

  7. Posted

    ICS V9.4 has been released at: https://wiki.overbyte.eu/wiki/index.php/ICS_Download

     

    ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10, 10.1, 10.2, 10.3, 10.4, 11 and 12 and C++ Builder 10.4, 11 and 12. ICS supports VCL and FMX, Win32 and Win64 targets.

    The distribution zip includes the latest OpenSSL 3.0.16, 3.2.4, 3.3.3 and 3.4.1 for Win32 and Win64.

     

    Changes in ICS V9.4 include:

     

    1 - Completed the ICS Application Monitoring system added in V9.3, designed to locally and remotely monitor ICS servers and applications, and to locally restart applications on demand or if they crash. It comprises a small TIcsAppMonCli client monitoring component that is added to ICS applications, usually Windows Servers, but also client applications. This client component communicates with a TIcsAppMonSrv server component, usually running as a Windows Service on the same server so it is able to restart applications, but can also support clients on a LAN. The monitoring server has web and Websocket servers, allowing remote browsers to view the state of all applications being monitored by the server with a continually updated web page. There is also ICS Application Monitor - Remote Manager application that provides remote monitoring of multiple ICS Application Monitor servers using Json web and Websocket requests on a single screen.

     

    2 - The SMTP client component fixes a bug introduced in V9.3 which could corrupt the Content-Transfer-Encoding header line.

     

    3 - In TWSocket, fixed a potential problem using multiple threads where a new connection opened very quickly (ie localhost) and then stalled due to an unexpected connection state. Made DataToString Unicode compatible, only used for diagnostic dump logs.

     

    4 - In the HTTP client, fixed a check for an overflowing buffer when receiving very long headers that could cause failure detecting headers end.  Made several URL validation functions public: GetProtocolPort, IsSSLProtocol, IsKnownProtocol and IsKnownProtocolURL.

     

    5 - When creating PKCS12/PFX certificates, change the 3DES cipher to AES256 if the legacy provider is not loaded.

     

    6 - In the TIcsFtpMulti component, skip download of zero length file by creating an empty file, previously this got SSL handshake error.  Don't report directories as being downloadable, they are not.  If extended passive mode allowed, send EPSV ALL at start so firewalls and NAT routers can handle sessions more efficiently. Added CheckBadUnicode property defaults to false, so that checks for bad Unicode to Ansi conversions with ? are skipped, allowing more complex paths without errors.

     

    7 - The FTP server FEAT request now returns EPRT and EPSV which have been supported for IPv6 for years, but were not advertised for IPv4.

     

    8 - The OverbyteIcsSnippets sample adds two new simple REST snippets to Get/Post Parameters that send them to an ICS server, and the server echoes back those params so you can check what was actually sent.

     

    9 - When loading the OpenSSL DLLs, no longer check they are digitally signed for Windows XP, 2003, Vista and 2008, they don't recognise SHA-256 code signing, never tested since no longer have those old versions available.

     

    10 - The TRestParams method AddItemSO to add a SuperObject now has an Escape parameter defaulting to True, so non-ASCII characters are escaped by default.

     

    11 - The Proxy component TProxyTarget now has a SocketFamily property so target connections can be restricted to TSocketFamily values. Added property SrvTotSess count of server session connections for logging.

     

    12 - In the HTTP Application Web Server, fixed a memory leak with multiple virtual PUT and POST documents.

     

    13 - The OverbyteIcsJoseTst sample 'Sign/Verify Data' tests now support hashes other than SHA-256, selected from the Key and Signing Hash Algorithm drop down list. Also, a private key matching that selection is created automatically, including X25519.

     

    14 - There is a new unit OverbyteIcsWinUtils that contains Windows API functions,  built from selected Magenta Systems libraries, with functions needed to build and control Windows Service applications, accessing the Windows registry, Windows firewall, Windows tasks, hardware, and with simple encryption for passwords. Most of these functions are used by the TIcsAppMonSrv server component and IcsAppMon sample, but should have much wider use for Windows Service server applications in particular, like allowing firewall access.  It's planned to move most other Windows specific function here for ICS V10.

     

    15 - In the ICMP component, fixed a problem setting property PingMsg to the text to ping.

     

    16 - In the TIcsIpStrmLog component, added method ListenStates which for logprotUdpServer and logprotTcpServer returns a multiline string listing the IP, port, SSL and state of all socket listeners. The CurSockets property now reflects actual TCP Server clients.

     

    17 - In the TIcsMailQueue component, don't keep retrying email that is too short to send with no body or with no sender headers. Added more error handling if the SMTP component fails to build the EML spool file.

     

    18 - In OverbyteIcsUtils, finished the cleanup of old Base64 functions by adding new IcsBase64 functions using TBytes internally to replace old Base64 functions that used AnsiChars, with no overloaded versions for simplicity. Old Base64 versions retained as deprecated for user applications, please update to the IcsBase versions.  Added IcsTBytesCompare to compare two TBytes. Added IcsOutputDebugStr for Posix and Windows. Added IcsDateToAStr and IcsDateTimeToAStr with alpha month (Jan/Feb).

     

    19 - The ICS C++ packages for C++ 10.4 and later have been updated with the correct paths for the three supported platforms, and all build and install correctly for Win32.  Win64 should also build, but not Win64x Modern which needs fixes in a future release of C++ 12.

     

    The release notes for V9.4 are at https://wiki.overbyte.eu/wiki/index.php/ICS_V9.4

     

    All ICS active samples are available as prebuilt executables, to allow ease of testing without needing to install ICS and build them all. There are four separate zip files split into clients, servers, tools and miscellaneous samples which can be downloaded from https://wiki.overbyte.eu/wiki/index.php/ICS_Samples

     

    Angus

     

    • Thanks 6

  8. Posted

    OpenSSL has released maintenance versions of the four currently supported versions, 3.0.16, 3.2.4, 3.3.3 and 3.4.1.

     

    There is one high security fix for 3.2 and later relating to Raw Public Keys (RPKs), but these are disabled by default and not yet used in ICS, and a low level timing side-channel in ECDSA signature computation fix that needs hardware access to exploit.

     

    These OpenSSL versions are included with the final ICS V9.4 release.

     

    Windows binary zips are available from https://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp

     

    In addition to the three DLL files, the zips include compiled RES resource files that contain the same DLLs, text files and version information, see the RC file. The RES file may be linked into application EXE files and code then used to extract the DLLs from the resource to a temporary directory to avoid distributing them separately.

     

    ICS V9.1 and later optionally support loading the resource file.

     

    Beware OpenSSL 3.4 exposed a minor ICS bug creating X509 certificate requests and creating CA signed certificates, which is fixed in V9.4. or a one line change for earlier versions.   Also note when building the ICS packages for the first time with 3.4, there may be a dialog 'entry point could not be located', because the new DLLs are only extracted from the resource files when the first application is run, but the packages have built OK.

     

    ICS V9.4 defaults to using OpenSSL 3.4.1, provided the new OverbyteIcsDefs.inc files is installed, with an earlier version optional by changing the Defs file.

     

    Angus

    • Like 2
    • Thanks 1

  9. Posted

    I use this function to disable and reanable all controls in a container:

     

    procedure EnableOrDisableChildren (Container: TWinControl; Enabled: Boolean) ;
    var
        index: integer;
        aControl: TControl;
        isContainer: boolean;
    begin
        for index := 0 to -1 + Container.ControlCount do begin
            aControl := Container.Controls [index] ;
            isContainer := (csAcceptsControls in aControl.ControlStyle) ;
            if NOT isContainer then
                aControl.Enabled := Enabled;

         //recursive for child controls
           if (isContainer) AND (aControl is TWinControl) then   begin
                EnableOrDisableChildren (TWinControl (aControl), Enabled) ;
           end;
        end;
    end;

     

    Angus

  12. Posted

    You would be better to avoid using LineMode if the lines are 'unusual', always read all received data, buffer it, and check for end of line/row/packet yourself, which can be multiple methods. 

     

    That is what the TIcsIpStrmLog  component does, but you may need to copy the code to add more flexibility.

     

    Angus

     

    • Like 1

  13. Posted

    Of course TWSocket can be used for HL7, but using TIcsIpStrmLog requires a lot less code.  OverbyteIcsAppMonSrv.pas even parses the | delimited fields.  

     

    Angus

     

  14. Posted

    Never heard of HL7, but it looks like a simple ASCII protocol, one line at a time. 

     

    I'd suggest you use the TIcsIpStrmLog component in TCP Server mode which has an onRecvEvent that returns a simple line at a time, you can define the line end in various ways. 

     

    The main sample is  OverbyteIcsIpStmLogTst,dpr that sends and receives lines of data, including to itself.  ICS V9,4 adds a new component OverbyteIcsAppMonSrv.pas that handles a text protocol very similar to your example with | as field separators, communicating between different ICS applications, with a new sample IcsAppMon.dpr use the server component to collect information from multiple clients and return information those clients. 

     

    Angus

     

  16. Posted

    The reference in the error to BoringSSL is interesting, this is a Google fork of OpenSSL that is now incompatible with OpenSSL due to the many changes Google has made, but OpenSSL is currently adding BoringSSL Quantum ciphers to the next release of OpenSSL, so it goes around in circles.

     

    No-one can advise you on new ciphers without knowing which specific version of OpenSSL (or BoringSSL) you are using.  For instance, the CHARH20/POLY1305 ciphers were not in older versions of OpenSSL.  I did a quick search of my Embarcadero directories and can not find any OpenSSL DLLs. 

     

    Angus

     

  17. Posted

    Adding:  HttpRest.RestParams.AddItem('filename', 'anyname.jpg'); would be normal, with the real name of the file, not the path.   Most servers expect the name of the file in the parameters, not the request headers. 

     

    And telling the server you are sending JSON content when are you not, is just wrong.  But at least it works.  

     

    Angus

     

  19. Posted

    Due to planned OpenSSL security releases 11th February, I'm postponing the next release until those versions are bundled and tested with ICS V9.4, hopefully later that week. 

     

    Meanwhile. I'd really appreciate feedback on V9.4 in the overnight zip, just saying you are using it is good, might avoid fixes needed due to bugs I've accidentally introduced. 

     

    And specifically C++ users, as mention In the last message, so it can be installed by GetIt.

     

    Angus

     

  20. Posted

    The fact you can use Curl or Postman is not relevant to whether ICS works, it will with the correct parameters. 

     

    I've looked at the Wordpress document, and tried some of the examples against a WordPress site I manage, and just get 404 errors, but it is WP 5.2.21 and I'm not the admin, so maybe the APIs are different or I'm not allowed to use them.   The documentation example for 'create a media item'  is ' POST /wp/v2/media' so absolutely useless. 

     

    I don't know Curl either so no idea what  --data-binary does. 

     

    If you can post the actual http headers, body and response made by Curl or Postman, that should explain what is actually happening.

     

    Angus

     

  24. Posted

    You have not explained how you are attempting to upload the file, what parameters the server is expecting, nor the URL, nor the result of logging from the progress event which would make some of your errors obvious. 

     

    The OverbyteIcsSnippets sample has two upload examples, doHttpSimpleUploadClick builds Json command line parameters, HttpUploadFile = file, and HttpUploadStrat := HttpUploadSimple; to POST a binary file, while doHttpFormUploadClick builds a form with a file as a parameter.

     

    Your code is similar to the second snippet, but is missing several lines such as RestParams.PContent := PContFormData and has all those ExtraHeaders that duplicate the headers addiws by the component, and which might be the reason for the 500 error.  

     

    Angus

     

  25. Posted

    Are you using an old version of ICS? 

     

    ICS added full Websocket server and client support two years ago, and handles the upgrade negotiation process automatically. 

     

    The main unit is OverbyteIcsWebSocketSrv.pas which contains a derived connection class THttpWSSrvConn that handles the Websocket protocol. 

     

    There are two samples OverbyteIcsSslMultiWebServ.dpr and IcsAppMon.dpr that show how it all works.

     

    Angus

     

     

     

×