Jump to content
JustinCase

Could not load OpenSSL library.

By JustinCase, in Network, Cloud and Web

Recommended Posts

rvk    44

rvk
Posted
20 minutes ago, Remy Lebeau said:

OK, well... :classic_tongue: The fulgan mirror has been decommissioned for some time now, the GitHub repo is the official spot now.

Why is the date of the files on Fulgan updated each night?

 

Also, there seem to be trickling new versions in there occasionally.

 

Maybe a readme file there pointing to the new official spot (or at least stating it is decommissioned) would make that more clear.

 

Share this post

Link to post

Remy Lebeau    1472

Remy Lebeau
Posted (edited)
23 minutes ago, rvk said:

Why is the date of the files on Fulgan updated each night?

I don't know, I thought they were done maintaining a copy, but I guess not.

23 minutes ago, rvk said:

Maybe a readme file there pointing to the new official spot (or at least stating it is decommissioned) would make that more clear.

The readme on that mirror says:

Quote

As of January 2020, the Indz source code is not available from this mirror anymore:

 

The indy source control system has been migrated to github. There is therefore no need for extra tools in order to download the latest snapshot.

 

All source code can be accessed from https://github.com/IndySockets

 

The Indy SSL libraries will remain here for the time being.

 

Edited by Remy Lebeau

Share this post

Link to post

rvk    44

rvk
Posted
10 minutes ago, Remy Lebeau said:

The readme on that mirror says:

Wait... did I really overlook that file...

Aaaargh. Yes, it's in the root.

:classic_blush:

Share this post

Link to post

Stompie    2

Stompie
Posted (edited)

So it turns out that the 64 bit 1.0.2u binaries from downloaded from https://github.com/IndySockets/OpenSSL-Binaries/ also do not work on a blank Windows Server 2016 installation.

As soon as the latest version of "Microsoft Visual C++ Redistributable" (for Visual Studio 2015, 2017, 2019, and 2022) is installed on the server, they work again.

 

Edit:

It seems to look for "vcruntime140.dll"
Of which a 32bit version is availble in "C:\Windows\SysWOW64\vcruntime140.dll"
But a 64bit versions is not found.

Edited by Stompie

Share this post

Link to post

DelphiUdIT    205

DelphiUdIT
Posted (edited)

I (can) have the OpenSSL binary for Windows 64 bit and Linux 64 bit, version "1.0.2zi" of 20/09/2023.

 

Only two CVE is missing ad this time ( CVE-2024-0727 and CVE-2023-6237 refer to: https://www.openssl.org/news/vulnerabilities.html ) and they are classified low severity.

 

With this release everyone use Indy are updated with security, waiting for the Indy 11.

 

OpenSSL 1.0.2zi remediates the following CVE's:

CVE-2023-3817
CVE-2023-3446
CVE-2023-0465
CVE-2023-0466
CVE-2023-0464
CVE-2023-0286
CVE-2023-0215
CVE-2022-4304
CVE-2022-2068
CVE-2022-1292
CVE-2022-0778
CVE-2021-4160
CVE-2021-3712
CVE-2021-23841
CVE-2021-23840
CVE-2021-23839
CVE-2020-1971
CVE-2020-1968
CVE-2019-1551
CVE-2019-1563
CVE-2019-1547
CVE-2019-1552
CVE-2019-1559

 

I don't know if I can share those library, since OpenSSL nothing say about binary license ... may be @Remy Lebeau  can suggest if i can post them here. Remy can post also the libraries in the Indy official repo.

Edited by DelphiUdIT

Share this post

Link to post

Angus Robertson    591

Angus Robertson
Posted

OpenSSL "1.0.2zi" is not a free public release, it is only available to organisations that pay OpenSSL for premium level support, which costs $50,000 per year. 

 

I'd guess there is a support contract involved that prevents such software being distributed outside those organisations. So it should not be published.  

 

Angus

 

  • Like 1
  • Thanks 1

Share this post

Link to post

DelphiUdIT    205

DelphiUdIT
Posted
2 minutes ago, Angus Robertson said:

OpenSSL "1.0.2zi" is not a free public release, it is only available to organisations that pay OpenSSL for premium level support, which costs $50,000 per year. 

 

I'd guess there is a support contract involved that prevents such software being distributed outside those organisations. So it should not be published.  

 

Angus

 

Thanks very much. I knew that the source is not public available, but I was hoping the DLLs could be distributed.

Share this post

Link to post

MikeMon    12

MikeMon
Posted

Hi

 

Installing the latest Indy following the instructions above (including the patch) messed up my Datasnap REST setup. I'm getting the following error:

 

[dcc32 Fatal Error] APIWebModuleUnit.pas(13): F2051 Unit IPPeerCommon was compiled with a different version of IdCoderMIME.TIdEncoderMIME.

 

Any ideas?

Share this post

Link to post

DelphiUdIT    205

DelphiUdIT
Posted
2 hours ago, MikeMon said:

Hi

 

Installing the latest Indy following the instructions above (including the patch) messed up my Datasnap REST setup. I'm getting the following error:

 

[dcc32 Fatal Error] APIWebModuleUnit.pas(13): F2051 Unit IPPeerCommon was compiled with a different version of IdCoderMIME.TIdEncoderMIME.

 

Any ideas?

I think was better to create a new topic under "Indy" section. Your issue has nothng to do with this topic.

But, if you install new Indy from official repo, you have to build it with all the modifications about the packages and you must rebuild also the optional components, wich sources are distribuited with Rad Studio and not present in Indy REPO.

 

Read this for more information:

 

Take care that replace the Indy bundle with Indy REPO can invalidate some components (from Embarcadero and from third parties). If you have third parties sources you can recompile and rebuild them.

 

EMS components and Datasnap use Indy under the hood ans so is possible that they don't work with new version of Indy.

 

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing Network, Cloud and Web
×