Angus Robertson

Testing your own client against your own server makes debugging harder. 

You should test your client against the ICS multi web server sample, specifically post to https://localhost/postinfo.html which logs all URL or POST parameters passed to it, and returns them as a web page, so you know exactly what the client is sending.  The server code is in OverbyteIcsSslMultiWebUploads.pas and illustrates how to untangle parameters. 

For the client, you should be using the TSslHttpRest component which requires less code, look at the doHttpSimpleUploadClick function in the snippets sample, you build your parameters and then simply POST them.

SslHttpRest.RestParams.PContent := PContUrlEncoded;
SslHttpRest.RestParams.AddItem('FileTitle', mytitle);

StatCode := SslHttpRest.RestRequest(httpPOST, myurl, False, '');

You can test all this against your server using the OverbyteIcsHttpRestTst sample. 

Angus

You need a data centre hosted server, either a physical machine you rent or own, or a virtual private server running on data centre hardware, you then have complete control over what applications are installed, not sure why you want FMX unless for Linux. 

I have a hosted Dell rack server in one data centre, and a secondary VPS in another, running all my Delphi servers.  But many companies just order virtual servers from Azure, AWS and others, which have the benefit of scaling, but can be horribly expensive.  

Azure seems easy to buy, I've been getting spam emails from 50 or more Azure VPSs in India, USA, Netherlands and the UK, Microsoft seems to sell VPS to anyone. 

Angus

But that low end testing may also be done in a virtual machine with minimal resources, at least for applications that don't need specific hardware resources.

I still have my ancient Windows 7 development PC that I mainly use for burning DVD off-site backups.  But also for some backward testing, don't power it up very often.

Angus

There are several ways to use the HttpRest component, it is possible events may sometimes be called more than once.  Is it a problem?

Angus

I integrated YuOpenSSL into ICS three years ago and alternate using it and OpenSSL for testing. ICS also allows the OpenSSLs to be compiled into applications as resources to ease distribution and DLL hell, all three variants work identically.  But applications are larger with YuOpenSSL or resource files. 

Using SChannel may seem simpler, but your cryptography and updates are then locked to the OS, Microsoft only reluctantly support TLS/1,2 With Windows 2008 but did not support EC certificates, and TLS/1.3 took a long time to arrive. In ICS, I've worked with many of the Windows crypto APIs, and they are horrible.  

Angus

Angus

This was a bug I introduced in V9.3 attempting to reduce the amount of string casting by avoiding AnsiStrings which normally give compiler warnings, but not in the case of bad pointer casting, and the SMTP unit is unique in building strings using pointers. 

The AnsiString cast mentioned earlier fixes the problem, not in SVN yet.

Angus

Historically there were several Base64 implementations in different units, which I've been slowly consolidating.  

I did look at the email MIME stuff briefly, but it was too convoluted to update to TBytes, and also lacks means to test stuff easily without building emails.   

But I will look at AnsChar casting, that code is probably unchanged for 20 years.  I never write code using null terminated strings, unless needed for APIs.

Angus

Sorry, that message is far too long for me to read and digest.   I have other priorities. 

ICS contains a lot of historic code written over 25 years, sometimes it's worth the effort to clean it up, sometimes too dangerous if it can be easily tested, sometimes not worth the effort. 

Angus

I asked for the date in the unit, not for you to waste space here copying text from the unit.

If you can reproduce the problem using the OverbyteIcsMimeDemo sample, I will put it on the list to investigate. 

Angus

There were massive changes to Base64 to use TBytes due to your complaints about it not working with AnsiChars, although no problems were ever found.  What is the last history date in the Utils unit? 

Angus

OpenSSL has released a new feature version 3.4.0 (no security fixes). It includes support for integrity-only cipher suites, a random seed source JITTER, and other new crypto functions.  Also support for X509 attribute or authorization certificates, that may be used to control installation of software on devices from software stores, ICS does not support AC yet.  The QUIC server implementation planned for this release has been postponed to 3.5 in April 2025.

Windows binaries are available in SVN and the overnight zip file and separately from https://wiki.overbyte.eu/wiki/index.php/ICS_Download or https://www.magsys.co.uk/delphi/magics.asp

In addition to the three DLL files, the zips include compiled RES resource files that contain the same DLLs, text files and version information, see the RC file. The RES file may be linked into application EXE files and code then used to extract the DLLs from the resource to a temporary directory to avoid distributing them separately.

ICS V9.1 and later optionally support loading the resource file.

These OpenSSL versions are included with ICS V9.4 beta available from SVN and the overnight zip.

Beware OpenSSL 3.4.0 has exposed a minor ICS bug creating X509 certificate requests and creating CA signed certificates, which is fixed in SVN for V9.4. or a one line change for earlier versions.

Also note when building the ICS packages for the first time with 3.4.0, there may be a dialog 'entry point could not be located', because the new DLLs are only extracted from the resource files when the first application is run, but the packages have built OK.

ICS V9.4 beta now defaults to using OpenSSL 3.4.0, provided the new OverbyteIcsDefs.inc files is installed.

Angus

Another ICS user attempted to add Android support to ICS last year, but it never worked, and the code has now been removed,

Currently, ICS has limited support for Linux for tools and utilities only, particularly SSL/TLS certificates, but not TCP/UDP sockets.  Those functions would probably also work today on Android with minor changes to look for the OpenSSL in the correct path, you should be able to debug the code yourself, but I'm not testing Android until Linux is fully working. 

I'm now working on the full Linux implementation, replacing the existing MacOS only support with new multiplatform support, it will be several weeks work. 

Angus

I just use the OnTriggerAvail event to receive all data available, add it to a buffer, locate my packet, remove from buffer, repeat.  More code that, but more reliable, particularly if the packet can contain random binary data, like your triggers. 

Angus

Sorry, only tested creating RSASSA-PSS private keys, never signing. 

Angus

I don't see why another DLL or application should not load different DLLs to those ICS uses, but never tried it. 

Beware OpenSSL 1.1 is now out of support, so whoever supports the SSH DLL should have updated to OpenSSL 3 at least two years ago. 

There is little demand for SSH which is why ICS does not support it.  All Linux systems using SSH should be able to use better SSL/TLS protocols as well.

Angus

The GetIt script used to install ICS has been improved today to be closer to the Build Group sequence, which should hopefully fix the two GetIt errors I've reproduced myself.

If you see further errors from today from GetIt, please report here so they can be investigated.

Angus

I've been using Async Pro for over 20 years, well documented, the original version was sold in a box with a book.  Now I install it from GetIt.

But I updated the TApdCustomComPort.InitializePort method so it can open COM ports by name instead of simple numbers, since many physical and virtual COM ports have more complex name than COM1 and COM2, like CNCA0.

I have a free component that locates and lists COM ports, https://www.magsys.co.uk/delphi/maghardware.asp

Angus

SVN now has much improved C++ packages for Delphi 10.4 and later, although they should work with earlier versions by manually adding a specific compiler suffix.  

All C++ Win32 packages build and install for release, bugs need fixing for debug and Win64.  Will be in the overnight zip tomorrow, if any C++ users wants to try to install them.  

I tried to build some C++ samples, but they are looking for .h files we now have .hpp, and that is beyond my zero C++ skills. 

Angus

All the old samples archived from V9 are still available from a different SVN repository https://svn.overbyte.be/svn/icsdev/arch-samples/

I update them minimally to build for each new release. 

Angus

I have never used ICS components in a Data Module.  I always create components in code for non-GUI applications.,

Angus

I'll restore and update the OverbyteIcsDll1.dpr sample for V9.

Angus

Your loop is crazy, you connect, immediately test for a connection, then wait two seconds and connect again, without testing for a connection.  It would be a little better if you connect before the loop. 

But you are using the wrong method anyway, for WebSockets it should be WSConnect and it's a blocking method, so no loop needed.  

Look at the doWebSocketClick function in OverbyteIcsSnippets1.pas

Angus

It would be good if GetIt kept a 'previously installed' list when it uninstalls stuff, which is not cleared during a new install, and that list had a re-install button.

It would also be good if GetIt properly uninstalled Parnassus and FmxLinux so the new install does not just fail with a load of DLL errors. 

Angus

Sorry, no idea what are doing here, you will need to clarify your problem. 

I'm not aware of any 'list' of ICS components that is different for Win32/64, they are all Win32 on the palette, and all build for Win64.

Angus

I installed D12.2 into a new W11 24H2 VM today, and installed ICS VCL/FMX from GetIt.  It failed with 'Never build RTL must be built'.

I then opened the usual IcsIinstallVclFmx group, and got the same build error, but the package seemed to default to Win64, changed back to Win32, and used the Build Group that does all versions in a known order, and all packages built without error.  So maybe Delphi needs Win32 packages before Win64. 

Unfortunately, none of this is relevant to installs over old versions, and certain not the missing constant error. 

Angus