Jump to content
Bruno13

TLS1.2, some Win10Pro reply "Connection aborted on request"

Recommended Posts

Hi All,

 

Delphi 7, TSslHttpCli, TSslContext, TLS1.2

 

On some Win10Pro operating systems, I get the error "Connection aborted by request" when I try to get information from a Webservice.

This Webservice uses a TLS1.2 encryption.

 

I copy these 2 dll under my program directory libeay32.dll and ssleay32.dll

 

Actually I haven't more information, because only some users have this issue, and I can't get quickly debug information from them.

I can't find also a Win10Pro where it not works.

It happens only on Win10Pro.

 

I don't know what I must ask to the users. 

Why it's only on Win10Pro and also why on not all Win10Pro ?

All others Windows works fine.

 

In my code I added a token.log file result but I haven't receive from users a sample.

as soon I have this file I will be back on this post to show its content.

 

Any help will be great, thanks a lot !

 

function TOPSKey.GetOPSToken : String;
var
  Data    : AnsiString;
  RcvStrm : TMemoryStream;
  SndStrm : TMemoryStream;
  c       : PChar;
  Cle     : String;
  F       : TFileStream;
begin
  Result                := '';
  SndStrm               := TMemoryStream.Create;
  RcvStrm               := TMemoryStream.Create;
  Data                  := 'grant_type=client_credentials';

  SSL2.Proxy            := Trim(Main.ProxyHostName);
  SSL2.ProxyPort        := Trim(Main.ProxyPort);
  SSL2.ProxyUsername    := Trim(Main.ProxyUserName);
  SSL2.ProxyPassword    := Trim(Main.ProxyPassword);

  SSL2.SendStream       := SndStrm;
  SSL2.SendStream.Write(Data[1], Length(Data));
  SSL2.SendStream.Seek(0,0);
  SSL2.RcvdStream       := RcvStrm;
  SSL2.URL              := 'https:/xxxx/3.2/auth/accesstoken';
  try
    SSL2.Post;
  finally

    RcvStrm.Seek(0, 0);
    SetLength(Data, RcvStrm.Size);
    RcvStrm.Read(Data[1], Length(Data));

    c := PChar(Data);
    If Scan('"access_token": "', '",', c, Cle) then
      result  := Cle;

    F:=TFileStream.Create(Main.WorkingPath+'token.log', fmCreate);
    Try
      WriteLn(F, 'Token');
      WriteLn(F, Data);
    Finally
      F.Free;
    End;

    RcvStrm.Free;
    SndStrm.Free;
  end;
end;

procedure TOPSKey.ssl2BeforeHeaderSend(Sender: TObject;
  const Method: String; Headers: TStrings);
begin
  Headers.Add('Authorization: '+ Main_F.KEY);
end;

 

Share this post


Link to post

What version of ICS is this? 

 

libeay32.dll is long obsolete and support is discontinuied later this year.  You should be using  OpenSSL 1.1.1 which has been supported for about a year. 

 

Angus

Share this post


Link to post

Hi Angus,

 

I use ICS v853, so I just download OpenSSL-1.1.0k-win32.

 

Question 1: If I just take libcrypto-1_1.dll and libssl-1_1.dll will it be enough ?

Question 2: Must I delete libeay32.dll from my program directory ?

 

Thanks for your help,

Share this post


Link to post
3 hours ago, Bruno13 said:

Hi Angus,

 

I use ICS v853, so I just download OpenSSL-1.1.0k-win32.

 

Question 1: If I just take libcrypto-1_1.dll and libssl-1_1.dll will it be enough ?

Question 2: Must I delete libeay32.dll from my program directory ?

 

Thanks for your help,

I'd say Yes and Yes 🙂

Share this post


Link to post

Hi Kyle,

 

Thanks, I sent these information to the users. I hope it will be enough...

 

Thanks

Share this post


Link to post

Yes, those two DLLs are all you need, ICS uses them it it find them, then falls back to the older versions.  Up to you whether you delete the old ones, doing so will relieve long term support problems if the new ones are missing, better to have an error that use something unsupported.

 

Angus

 

Share this post


Link to post

Interesting, not seen a Delphi application use raw SChannel before. 

 

The main downside is Microsoft is very slow keeping up with new standards, there is still no support for TLSv1.3 in Windows almost a  year after it was approved and they took several years to add TLSv1.2 to Windows 2008 despite it still being supported and only with minimal ciphers.

 

Angus. 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×