shineworld 73 Posted January 22 (edited) After finishing and testing the configuration to have TLS 1.2 on TIdFTPServer I was asked to add OpenSSL and TLS 1.2 also on the API server (based on TIdTCPServer TCP/IP communication). Unfortunately when I set Active to True, and IdSSLOpenSSL.InitContext is called, in the CiperList settings step it always returns error = 1 and I don't understand what I am doing wrong: if StatusInfoOn then begin SSL_CTX_set_info_callback(fContext, InfoCallback); end; //if_SSL_CTX_set_tmp_rsa_callback(hSSLContext, @RSACallback); if fCipherList <> '' then begin {Do not Localize} error := SSL_CTX_set_cipher_list(fContext, {$IFDEF USE_MARSHALLED_PTRS} M.AsAnsi(fCipherList).ToPointer {$ELSE} PAnsiChar( {$IFDEF STRING_IS_ANSI} fCipherList {$ELSE} AnsiString(fCipherList) // explicit cast to Ansi {$ENDIF} ) {$ENDIF} ); end else begin // RLebeau: don't override OpenSSL's default. As OpenSSL evolves, the // SSL_DEFAULT_CIPHER_LIST constant defined in the C/C++ SDK may change, // while Indy's define of it might take some time to catch up. We don't // want users using an older default with newer DLLs... (* error := SSL_CTX_set_cipher_list(fContext, {$IFDEF USE_MARSHALLED_PTRS} M.AsAnsi(SSL_DEFAULT_CIPHER_LIST).ToPointer {$ELSE} SSL_DEFAULT_CIPHER_LIST {$ENDIF} ); *) error := 1; end; Server code: https://pastebin.com/z82zhGyQ I am using the latest Indy sources from the git repository. I thank you in advance for any suggestions Best Regards Silverio Edited January 22 by shineworld Share this post Link to post
shineworld 73 Posted January 22 (edited) I've missed to set PassTrough 🙂 error = 1 stay for OK, another my misunderstanding. https://pastebin.com/f9sEw2eY Edited January 22 by shineworld Share this post Link to post
Lars Fosdal 1793 Posted January 22 Things like GitHub gists or PasteBin entries, are great ways of sharing walls of code. Share this post Link to post
shineworld 73 Posted January 22 5 minutes ago, Lars Fosdal said: Things like GitHub gists or PasteBin entries, are great ways of sharing walls of code. OK! Some forums do not permit, by forum rules, to attach external code links. Next will use Pastebin. Share this post Link to post
Lars Fosdal 1793 Posted January 22 External code = good. External binaries = not so much... I am not saying it is a must, but it makes conversations easier to follow if they have dialog instead of many screenfuls of code. I am really fond of gists, since you can see the changes, fork them, etc. - and you don't need to log into GitHub to be able to see them. Share this post Link to post
Lars Fosdal 1793 Posted January 22 Just to exemplify - I made a gist of your two versions of code. https://gist.github.com/LarsFosdal/76bf712c46b3b17d185984d5c0c74494/revisions Just say the word and I'll remove the gist again. Share this post Link to post
shineworld 73 Posted January 22 Appreciated exemplify. I need to start using Gist too. Share this post Link to post
Remy Lebeau 1436 Posted January 22 6 hours ago, Lars Fosdal said: Things like GitHub gists or PasteBin entries, are great ways of sharing walls of code. In the short term, yes. But on the other hand, external links tend to break over time, which makes discussions harder to follow for future readers who may be looking for solutions to similar problems, if they can't see the code that is being discussed. Share this post Link to post
Lars Fosdal 1793 Posted January 22 AFAIK, there is no automatic deletion of these two services, unless someone intentionally delete their account. Share this post Link to post