Angus Robertson 577 Posted May 27, 2022 ICS V8.69 has been released at: http://wiki.overbyte.eu/wiki/index.php/ICS_Download ICS is a free internet component library for Delphi 7, 2006 to 2010, XE to XE8, 10 Seattle, 10.1 Berlin, 10.2 Tokyo, 10.3 Rio, 10.4 Sydney and 11.0 and C++ Builder 2006 to XE3, 10.2 Tokyo, 10.3 Rio, 10.4 Sydney and 11.0. ICS supports VCL and FMX, Win32, Win64 and MacOS 32-bit targets. The distribution zip includes the latest OpenSSL 3.0.1 win32, with other versions of OpenSSL being available from the download page. Major Changes in ICS V8.69 include: 1 - V8.69 has a lot of minor improvements, more HTTP client and server features, better built-in authentication, and added built in file uploading to the REST client component. Also continuing improving all the HTTP samples so they now hopefully test all the features of the ICS HTTP server, specifically adding POST and PUT file uploading, and a new client login window for interactive authentication with servers. Also added OCSP (Online Certificate Status Protocol) to ICS, which is used to check SSL/TLS certificates are legitimately issued and not revoked. 2 - In the HTTP client, added new methods RequestAsync and RequestSync which start a specified request by parameter, useful to repeat the last request from an event (such as should be trust the certificate and repeat). When using a proxy, make sure Path is not blank which will break proxies, change to / as for non-proxy requests. GetRequestDoneErrorStr now handles TWsocket errors. Fixed NTLM authentication which got broken in V8.61. Added a new THttpAuthType of httpAuthDigest2 for Digest with the modern SHA-256 algorithm instead of MD5 used by httpAuthDigest, only with USE_SSL. Added new property WWWAuthInfos array filled after 401/407 failure by parsing AuthorizationRequest headers for AuthType and Realm that may be presented to select an authentication option, get login and repeat request. Remove # fragment anchor rom the URL unless the new Option httpoAllowAnchor is set. 3 - In the HTTP REST client, added built in file uploading using POST or PUT. The file name is specified in HttpUploadFile using type HttpUploadStrat ofHttpUploadSimple with parameters in the URL or HttpUploadMIME for multipart with parameters in the first MIME part. Note the applications needs to supply parameters like FileName so the server knows what to do with the file. This may be tested against the ICS web server samples. Upon request completion, ReasonPhrase now also has status, so OK becomes 200 OK, etc. Previously the SslRevocation property was only effective when checking the windows certificate store, now it also works with bundle files using the new TOcspHttp component and OCSP stapling if available. 4 - In the HTTP server component, now converting FLastModified to UTC/GMT time for the response header. Added new authentication type atDigestSha2 with a SHA256 hash instead of MD5 with atDigest only supported with USE_SSL. Note: Mozilla Firefox supports Digest SHA-256, Chrome and Edge do not. Added a new client connection OnHttpRespHdr event to allow response headers to be logged, previously only request headers could be logged. Cleaned up AnswerStream functions so separate lines don't go into send buffer. Added OcspSrvStapling property which should be set to enables OCSP checks and stapling only with AUTO_X509_CERTS define since it adds extra HTTP client code. A revoked certificate will be auto ordered. 5 - In TWSocket, added new method SendTB(const Data: TBytes; Len: Integer=-1) where Len is optional, also similar SendToTB and SendToTB6 with TBytes, as an alternative to casting such types to use Send(). Restored the TlsExtension_cb callback for client debugging since ClientHelloCallback only works with servers. 6 - In TSslWSocketServer added OCSP (Online Certificate Status Protocol) support with IcsHosts using the TOcspHttp component to confirm server SSL/TLS certificates are legitimate and not revoked for security reasons. The certificate OCSP response is also stapled to the initial SSL/TLS HELO handshake and sent to the client to avoid it needing to lookup OCSP using HTTP itself. OCSP responses are cached and saved to a file for reloading later, but are refreshed every time the certificate is validated, at least once a day. The new server property OcspSrvStapling enables OCSP checks and stapling only with AUTO_X509_CERTS define since it adds extra HTTP client code. A revoked certificate will be auto ordered. OCSP checking is done in LoadOneCert and the stapled response sent in TriggerSslServerName when checking SNI. The same OCSP support is available in all ICS servers that use IcsHosts, including FTP, HTTP and TIcsIpStrmLog. 7 - All three main HTTP SSL client sample applications FrameBrowserIcs, OverbyteIcsHttpsTst and OverbyteIcsHttpRestTst now support interactive authentication with a new Login window that displays the different methods the server will accept (from the new property WWWAuthInfos array) allowing one to be selected from Basic, Digest MD5, Digest SHA256 and NTLM logins. This window is displayed after an 401 error and the request then repeated. 8 - The OverbyteIcsHttpsTst SSL sample now has all the missing features from the non-SSL samples, Content Encoding Gzip tick box to support compression, persistent cookie support, POST/PUT support to either send simple data or upload files in various ways (from OverbyteIcsHttpPost1 sample), may be tested against the ICS web server samples. 9 - The OverbyteIcsDDWebService SSL web server sample now builds on unicode compilers. Added authentication for POST requests and new 'Password protected page (POST)' button on the demo menu to test authentication using POST. Fixed web logging to log correct multiple listener. Builds on unicode compilers. Added Digest SHA-256 authentication page DemoDigest2Auth.html and DemoDigestsAll.html that does both digests. DemoAuthAll.html no longer does NTLM, use the separate page. Now displays server response headers if box ticked, only displayed request headers before. File Upload Form and Email Form pages now work without exceptions. The OverbyteIcsSslMultiWebServ SSL web sample has similar new authentication features and logging fixes. 10 - Updated OpenSSL to 3.0.3 and ZLIB (HTTP compression) to 1.2.12, sorry for long delay in updating zlib, now including some important bug fixes, although never saw any issues with the minimal use ICS makes of it. Updated the various ICS CA Trusted Stores. 11 - The OverbyteIcsPemtool SSL sample now does OCSP checks when examining certificate files. There is also a new Test Host Certificates tab that tests SSL/TLS handshake and certificates (using TIcsIpStrmLog) for a list of host names and ports, building a list of host and intermediate certificates that may be further checked and saved as files or added to an intermediate bundle. This new tester should prove useful for debugging sites that return SSL or certificate errors. More detailed release notes are at http://wiki.overbyte.eu/wiki/index.php/ICS_V8.69 1 8 Share this post Link to post
Guest Posted May 28, 2022 When compiling ICS 8.69 on Delphi 11.1 I got an error for the missing 'Ics.Fmx.OverbyteIcsSslHttpOAuth.pas' file on '...\ICS\Source\OverbyteIcsSslX509Certs.pas' Share this post Link to post
Angus Robertson 577 Posted May 28, 2022 Whoops, the file is in SVN but missing from the zips, they will be updated shortly. Angus Share this post Link to post
PizzaProgram 9 Posted May 31, 2022 Great Work! Thanks :-) inside unit OverbyteIcsHttpsTst1; found this 114. line: May 19, 2023 V8.69 Support OCSP ... It's next year version ;-) Share this post Link to post
PizzaProgram 9 Posted May 31, 2022 IMHO the OverbyteIcsHttpRestTst2.pas should be renamed to something like: OverbyteIcsParseJSON.pas We are new to ICS and it was hard to find an iSuperObj. parse example with this "camouflaged" name 😊 Share this post Link to post
Angus Robertson 577 Posted May 31, 2022 Thanks, 2023 might appear in one or two other units, as well. The JSON visual parser is quite useful, keep meaning to add a backwards button to make it faster. Angus Share this post Link to post
PizzaProgram 9 Posted May 31, 2022 9 minutes ago, Angus Robertson said: The JSON visual parser is quite useful, keep meaning to add a backwards button to make it faster. Sorry, but I don't understand what you mean. Can you please explain it more detailed? - What is " JSON visual parser "? - How and why should I make it "faster"? - What "backwards button" ? I'm was talking about examples, and how to make it easier to understand for newbies, like me. Share this post Link to post
Angus Robertson 577 Posted June 1, 2022 If I improve the JSON sample, I'll explain the improvements. Angus Share this post Link to post
omnibrain 15 Posted June 7, 2022 GetIt on my Delphi 11 still shows 8.68. Does the release via GetIt take more time, or did I miss some refresh somewhere? Share this post Link to post
Angus Robertson 577 Posted June 7, 2022 Sorry, downloading from GetIt is after the web sites, and even longer when I forget to notify them. Angus 1 Share this post Link to post
Angus Robertson 577 Posted June 15, 2022 Sorry for the delay, ICS V8.69 is now available for automated install from GetIt for Delphi 10.4 and 11. Once installed, you should find the SSL demo sample group in a directory similar to: C:\Users\angus\Documents\Embarcadero\Studio\22.0\CatalogRepository\ICS_FMX-8.69-11\Samples\Delphi\SslInternet\SslDemos.bpg Angus 3 Share this post Link to post
LcamediaCE 0 Posted July 28, 2022 Hello, I've a small issue on D11 Enterprise, I try to install via Getit and don't work, then I download Zip file from http://wiki.overbyte.eu/ but when I open Group projects "D110Install" on subfolder install and I build it, I receive this error [MSBuild Error] "0" is an invalid value for the "IgnoreExitCode" parameter of the "Exec" task. The "IgnoreExitCode" parameter is of type "System.Boolean". Someone can help me? Thanks' a lot Share this post Link to post
Angus Robertson 577 Posted July 28, 2022 We build IcsCommonD110Run almost daily during development of ICS. Many others have installed it without any errors reported. This would suggest you either have a corrupted version of ICS, unlikely since GetIt also failed, or something is strange about your installation. Angus Share this post Link to post
FPiette 385 Posted July 29, 2022 14 hours ago, LcamediaCE said: IcsCommonD110Run [MSBuild Error] "0" is an invalid value for the "IgnoreExitCode" parameter of the "Exec" task. The "IgnoreExitCode" parameter is of type "System.Boolean". There is no "IgnoreExitCode" parameter in the project. Actually, I don't even know about that parameter in projects or IDE. The error you see comes from MSBuild. The IDE generate a MSBuild script based on project and IDE options. Somehow you have something wrong there. I have no idea what but maybe you have an IDE extension (Sometimes called an IDE wizard or expert) that modify thing on the fly. Maybe there is a bug in the IDE we have not seen ourself. Verify that you installed all IDE updates. In the IDE "about box" you should see "Embarcadero® Delphi 11 Version 28.0.44500.8973" and also "Delphi 11 and C++Builder 11 Update 1" as I do. Share this post Link to post
LcamediaCE 0 Posted July 29, 2022 Hello François, thank's for your reply. I check my version and it's correct. I seek every IDE ext and unistall all, but never work. then i delete dProj, files and I recreate it, at the end I rebuild all package and I solved my problem. I think that my delphi installation have some problem that i not found, but now work and my migration from D2007 to D11 go on. 🙂 it's the hard work, but now is neccessary. Thank's a lot. Oddone Cesare Lca Media Share this post Link to post
FPiette 385 Posted July 29, 2022 I'm happy it worked for you. Maybe you should do a full Delphi reinstall ? 1 Share this post Link to post
LcamediaCE 0 Posted August 1, 2022 Now, I've small Time for full Reinstall, because I work for migrate big project from D2007 to D11, but I hope to reinstall all when i finisched migration. Thank's Francois for you support. Share this post Link to post