WinInet coding for Windows XP

[ertank 27]

Hello,

 

I am using Delphi 10.3.3. For certain reasons I need to use WinInet directly. It has to run on Windows XP and higher versions. I have found below code (slightly changed to compile under my Delphi version) on Stackoverflow by @Remy Lebeau which works good on Windows 7 and higher.

procedure WebPostData(const UserAgent: string; const Server: string; const Resource: string; const Data: Pointer; DataSize: UInt32; const ContentType: string; Response: TStream);
var
  hInet: HINTERNET;
  hHTTP: HINTERNET;
  hReq: HINTERNET;
  Heade: string;
  Buffer: array[0..1023] of Byte;
  BytesRead: DWORD;
const
  accept: packed array[0..1] of PChar = (PChar('*/*'), nil);
begin
  hInet := InternetOpen(PChar(UserAgent), INTERNET_OPEN_TYPE_PRECONFIG, nil, nil, 0);
  if not Assigned(hInet) then RaiseLastOSError;
  try
    hHTTP := InternetConnect(hInet, PChar(Server), INTERNET_DEFAULT_HTTPS_PORT, nil, nil, INTERNET_SERVICE_HTTP, 0, 1);
    if not Assigned(hHTTP) then RaiseLastOSError;
    try
      hReq := HttpOpenRequest(hHTTP, PChar('POST'), PChar(Resource), nil, nil, @accept, INTERNET_FLAG_SECURE or INTERNET_FLAG_KEEP_CONNECTION, 1);
      if not Assigned(hReq) then RaiseLastOSError;
      try
        Heade := 'User-Agent: ' + UserAgent + #13#10 +
                 'Accept-Language: en-us,en;q=0.5'#13#10 +
                 'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7'#13#10 +
                 'Content-Type: ' + ContentType + #13#10 +
                 'Keep-Alive: 300'#13#10;

        if not HttpAddRequestHeaders(hReq, PChar(Heade), Length(Heade), HTTP_ADDREQ_FLAG_ADD) then RaiseLastOSError;

        if not HTTPSendRequest(hReq, nil, 0, Data, DataSize) then RaiseLastOSError;

        repeat
          if not InternetReadFile(hReq, @Buffer, SizeOf(Buffer), BytesRead) then RaiseLastOSError;
          if (BytesRead = 0) then Break;
          if Response <> nil then
            Response.WriteBuffer(Buffer, BytesRead);
        until False;
      finally
        InternetCloseHandle(hReq);
      end;
    finally
      InternetCloseHandle(hHTTP);
    end;
  finally
    InternetCloseHandle(hInet);
  end;
end;

 

When I try that code on Windows XP I get below error.

System Error. Code: 12157.

 

I do not know if that is possible what I would like to do, but I appreciate any help.

 

Thanks & regards,

Ertan

[Sherlock 663]

According to the msdn, this is the meaning of the error number:

Quote

ERROR_INTERNET_SECURITY_CHANNEL_ERROR

12157

The application experienced an internal error loading the SSL libraries.

This of course could mean, that your XP can't communicate with the https server you are trying to contact...or anything else that might go wrong with a severely outdated system trying to communicate within a network.

[stijnsanders 35]

I've stopped using WinInet and use XMLHTTP or ServerXMLHTTP classes from an imported MSXML2_TLB (without wrappers), mainly because MSXML2 has gotten a lot of security updates and involves less code to do the exact same as your code snippet.

Older Windows versions don't support TLS 1.3, so chances are those computers may really be unable to contact certain websites over https. If you really have to make the web-call, I would advice to look into curl. Either vind a libcurl DLL that works, or package curl.exe and call it yourself using CreateProcess.

[HolgerX 7]

Hmm..

 

Or if you only need TLS 1.2  INDY should an option.

With the OpenSSL Libs Up to TLS 1.2 could be used insteed of the libs from the OS.

 

This should than run with WinXP.

[Angus Robertson 574]

On 12/27/2019 at 7:54 PM, stijnsanders said:

Older Windows versions don't support TLS 1.3,

No versions of Windows support TLS/1,3 yet using SChannel, not even Windows Server 2019.   Only applications using OpenSSL 1.1.1 or browsers with their own SSL libraries like Firefox and Chrome support TLS/1,3.

 

Even TLS/1,2 was not supported by Windows Vista and 7 until a patch a couple of years ago when Microsoft realised people did not want to use Windows 10.  And it's now increasingly common for protocols earlier than TLS/1,2 to be disabled on web servers for security reasons.  

 

Angus

[Angus Robertson 574]

I was wrong about TLS/1,3, it has been experimentally added to Windows 10 1909 but only for use in Microsoft Edge (old version) not Internet Explorer, enabled in Internet Options,  Advanced, Security.  Can not test it because Edge stopped working months ago and just puts errors in the Windows Logs instead.

 

Angus