Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 12:00
    arvanus commented #201
  • 09:07
    wqmeng commented #201
  • 09:05
    wqmeng commented #201
  • Oct 30 16:15
    rlebeau edited #260
  • Oct 16 04:22
    rlebeau labeled #269
  • Oct 16 04:22
    rlebeau opened #269
  • Oct 08 19:00

    Fulgan on Restructure

    Bug fix for a typo in TIdIMAP4.… (compare)

  • Oct 08 19:00

    Fulgan on master

    Bug fix for a typo in TIdIMAP4.… (compare)

  • Oct 02 21:00

    Fulgan on Restructure

    Updating TIdIMAP4's InternalSea… (compare)

  • Oct 02 21:00

    Fulgan on master

    Updating TIdIMAP4's InternalSea… (compare)

  • Sep 20 21:50

    Fulgan on master

    Embarcadero patch for race cond… (compare)

  • Sep 20 21:50

    Fulgan on Restructure

    Embarcadero patch for race cond… (compare)

  • Sep 10 18:50
    rlebeau closed #268
  • Sep 10 18:50
    rlebeau commented #268
  • Sep 10 18:50

    Fulgan on Restructure

    Fix for TIdResponseHeaderInfo.S… (compare)

  • Sep 10 18:50

    Fulgan on master

    Fix for TIdResponseHeaderInfo.S… (compare)

  • Sep 10 18:49
    rlebeau labeled #268
  • Sep 10 18:49
    rlebeau labeled #268
  • Sep 10 18:49
    rlebeau assigned #268
  • Sep 10 18:49
    rlebeau review_requested #268
Kudzu
@czhower
they are based on the openssl releases, so check their release notes.
Justin
@klsyzzz
oh. didn't know that
does that means I need to update openssl as well ?
I didn't recall I installed openssl, just using Indy lib from Delphi install
Remy Lebeau
@rlebeau
@klsyzzz openssl-1.0.2k-i386-win32 = OpenSSL 1.0.2k for Windows 32bit, openssl-1.0.2j-i386-win32 = OpenSSL 1.0.2j for Windows 32bit, openssl-1.0.2k-x64_86-win64 = OpenSSL 1.0.2k for Windows 64bit. They are just different builds of different releases of OpenSSL
Justin
@klsyzzz
how do I find out which openssl on my pc, the Indy package come with Delphi 10.2 berlin install
Remy Lebeau
@rlebeau
OpenSSL is a standalone library. There can be multiple versions installed on a PC. Look at the DLL's version info properties in Windows Explorer. In your code, you can find out which version of OpenSSL is being used by your app by calling Indy's OpenSSLVersion() wrapper function in the IdSSLOpenSSL unit.
Justin
@klsyzzz
i see, thank you very much
sorry one more question, do we need to include OpenSSL dlls for deployment to client's pc which runs our delphi application?
as we don't need to deploy any Indy lib to client PC
Remy Lebeau
@rlebeau
@klsyzzz OpenSSL is a separate library, so yes, you need to deploy it (or, if encryption export laws get in your way, have the user download it from OpenSSL's website), unless it is already installed on the PC (if so, you can use Indy's IdOpenSSLSetLibPath() function to point to it), or if you are compiling for iOS devices (Indy compiles OpenSSL statically on that platform). Indy itself is compiled directly into your app (unless you enable runtime packages, in which case you would then have to deploy those)
Justin
@klsyzzz
thank you very much Remy
mezen
@mezen

But pls consider https://www.openssl.org/source/license.html, for example

    1. Redistributions in binary form must reproduce the above copyright
  • notice, this list of conditions and the following disclaimer in
  • the documentation and/or other materials provided with the
  • distribution.

    1. Redistributions of any form whatsoever must retain the following
  • acknowledgment:
  • "This product includes software developed by the OpenSSL Project
  • for use in the OpenSSL Toolkit (http://www.openssl.org/)"

    1. All advertising materials mentioning features or use of this software
  • must display the following acknowledgement:
  • "This product includes cryptographic software written by
  • Eric Young (eay@cryptsoft.com)"
  • The word 'cryptographic' can be left out if the rouines from the library
  • being used are not cryptographic related :-).
Hmpf, gitter broken my format :-\
Remy Lebeau
@rlebeau
looks fine to me
Justin
@klsyzzz
@mezen thank you, will add that to consideration.
Justin
@klsyzzz
so if we planning to distribute the dlls, we just distribute the openssl license.txt to the same folder on client side, is it enough?
Justin
@klsyzzz
Hi @rlebeau is there any where I can get the help file or KB for the latest Indy release? the one on http://www.indyproject.org seems old
Remy Lebeau
@rlebeau
the documentation hasn't been updated in a long time
Justin
@klsyzzz
ok, so best ask here?
Remy Lebeau
@rlebeau
if you have a specific issue, sure
Justin
@klsyzzz
Just wondering in TIdSMTP there is a property named UseTLS, what's the one utUseRequireTLS?
what's the difference between this one and the other 2: implicit and explicit
Remy Lebeau
@rlebeau
that is a little hard to explain. it is not really used much on the client-side (though it can be), more on the server-side. It is kind of like a mix of utUseImplicitTLS and utUseExplicitTLS. It is like Explicit in that SSL/TLS is activated dynamically only when supported by both parties, but it is like Implicit in that if the handshake fails then an exception is always raised and the connection is aborted, whereas with utUseExplicitTLS the exception can optionally be bypassed (with an event handler) so the connection can continue being used unsecure (thus making SSL/TLS optional even if attempted and failed). Also, utUseRequireTLS is used by some servers to make sure that certain commands can only be executed by clients over an already-secure SSL/TLS connection. If the connection is not secure, those commands fail.
Justin
@klsyzzz
you explained it clear like mud, thanks

we currently using Explicit option, and here is the code:

1 idSMTP.Connect;
2 idSMTP.Authenticate;
3 idSMTP.send(idMessage);

however I found that even I remove line 2, it still works correctly. I checked the code for Authenticate, it calls StartTLS. Does TIdSMTP.Connect also call StartTLS as well somewhere?

Remy Lebeau
@rlebeau
Send() calls Authenticate(), which in turn calls StartTLS()
Justin
@klsyzzz
oh that's why. thank you.
jimakoz
@jimakoz
Hi guys, my set up is Delphi 10.1 and Indy 10.6.2.5341 and basically I’ve got an issue with the TIdFTPServer when clients abruptly disconnect during a data transfer. So, the problem is really the fact that when an abruptly disconnect occurs the server doesn’t pick it up and never triggers the OnDisconenct() event. I’ve introduced a mechanism that periodically checks for timed out connections but I cannot find a way to completely kick out the connection. Any ideas?
jimakoz
@jimakoz
That’s the code I’m using to clear idle connections, but unfortunately doesn’t work.
with ftpServer.Contexts.LockList do
begin
try
for i := Count - 1 downto 0 do
begin
Context := TidContext(List[i]);
if Context = nil then Continue;
Context.Connection.IOHandler.WriteBufferClear;
Context.Connection.IOHandler.InputBuffer.Clear;
Context.Connection.IOHandler.Close;
if Context.Connection.Connected then Context.Connection.Disconnect;
end;
finally
ftpServer.Contexts.UnlockList;
end;
end;
jimakoz
@jimakoz
Hi, I think I have found some sort of a work around to this issue. Instead of getting the TIdContext context of a connection I get the TIdFTPServerContext instead. Then by calling the KillDataChannel method I can disconnect fully the connection. Yes, it produces a couple of exception but the OnException Event will trap all of those, so no problem!
Remy Lebeau
@rlebeau
@jimakoz abnormal disconnects take time for the OS to detect, they are not immediate. Only graceful disconnects are. What you are doing is VERY dangerous code, because you are manipulating connections that may be actively busy doing things, like processing commands or transferring files. You are not doing anything to validate the current state of the connections. Each client runs in its own thread, you can't just wipe the buffers, or rip out the data channel, from behind the thread's back. If you really want to kill idle connections, just set a timeout on each connection in the OnConnect event, and let the client thread raise an exception if the timeout elapses while waiting for new data from the client. You can do the same thing for the data channel conection during each transfer. Let the server handle any raised exception and it will close the connection(s) for you. You can use an IOHandler's own ReadTimeout property, or you can enable TCP layer keep-alives using the IOHandler's Binding.SetKeepAliveValues() method.
jimakoz
@jimakoz
@rlebeau many thanks for your reply. I have tried indeed setting both ReadTimeout and SetKeepAliveValues in the OnConnect event as part of a solution, but nothing is happening when the client disconnects abruptly. For example when a client uploads a file and the network cable gets unplugged the server will never trigger the disconnect event. It will release the connections only when the server gets deactivated, with errors simi!ar to the ones i get with the above solution. How can i set timeouts on the data channel connection?
Remy Lebeau
@rlebeau
@jimakoz Let me say it again - "abnormal disconnects take time for the OS to detect" You are NOT going to get an immediate reaction from the OS, it needs time to timeout internally, and that can take a LONG time, but it will happen EVENTUALLY. Until that happens, socket operations will not report failures. TCP is designed to recover connections after short network outages, so the OS has to wait awhile before it kills a lost connection for good. If you don't want to wait that long, you have to use your own timeout in your own code. TCP keepalives help with that, as do reading timeouts. You might also consider using Binding.SetSockOpt(SO_SNDTIMEO) and Binding.SetSockOpt(SO_RCVTIMEO) on platforms that support those options (like Windows).
@jimakoz as for setting a data channel timeout, there does not appear to be a specific event that is appropriate for that, but TIdFTPServer.OnDataPortAfterBind might work, at least in Active mode transfers (probably not for Passive mode transfers since an inbound connection is not accepted yet).
jimakoz
@jimakoz
@rlebeau , i see what you are saying, but unfortunately the connection will NEVER timeout (even if i set the keepalive and readtimeout values) , we're talking about days here. I've seen cases that the connection was still "active" even after a month! Anyhow, i might give it another go with the SetSockOpt option but i doubt is going to make any difference. I think the issue is on the data channel side, that never gets released...thanks for your support anyway.
Remy Lebeau
@rlebeau
@jimakoz The OS will certainly never wait THAT long, so the socket code is either deadlocked, or probably stuck in an endless loop somewhere. Rather than rip the connection out, you should debug the server to find out where the code flow is going to when the cable is pulled out and then patch the code to address that.
jimakoz
@jimakoz
Thanks @rlebeau , I'll try that and if i find something i'll let you know
Justin
@klsyzzz
hi got another question, The property TIdSMTP.Port, is it true that if useTLS then TLS will select a different port for connection? for example, if I assign port 25 to the TIdSMTP, when start TLS, does it using 25 or use different port like 587?
Remy Lebeau
@rlebeau
@klsyzzz it depends on what you set UseTLS to. If you set UseTLS=utUseImplicitTLS and the Port is currently 25 or 587, the Port is changed to 465. If you set UseTLS=utUseExplicitTLS and the Port is currently 25 or 465, the Port is changed to 587. If you set UseTLS=utNoTLSSupport and the Port is currently 465 or 587, the Port is changed to 25. If you want to use a specific Port, set UseTLS first, then set the Port afterwards
Justin
@klsyzzz
thanks @rlebeau, i'm using utUseExplicitTLS, so if the port currently is 587, it will use 587 no change, right?
Remy Lebeau
@rlebeau
@klsyzzz yes
Justin
@klsyzzz
thank you very much @rlebeau
irawancepu
@irawancepu
Using Indy 10.6.2.0, i got warning that TidNotify is deprecated. What the replacement is? How to use it?
Remy Lebeau
@rlebeau
@irawancepu the answer is in the deprecated warning message: 'Use static TThread.Queue()', which is all TIdNotify calls, so you may as well just call it directly. That is why TIdNotify is deprecated.
Sergey
@icegood

Hi, Remy. After migration from Indy9 to Indy10 i found one more issue:
our web server always requires Content-Length in header of HTTP Post method. It doesn't matter whether ContentStream is assigned or not.
In Indy10 code i see that in case when ASource is not assigned then header is not added:
if Assigned(ARequest.Source) then begin
ARequest.ContentLength := ARequest.Source.Size;
end else begin
ARequest.ContentLength := -1; => leads to omitting of 'Content-Length'
end;
For this moment i have workaround via adding 'Content-Length' to CustomHeaders (value is '0', works great!). Moreover, seems Indy9 always added 'Content-Length'!

Please, consider adding 'Content-Length' always in library as well. At least i see it is a widespread issue:
http://stackoverflow.com/questions/19227142/http-status-code-411-length-required

perverez
@perverez
Hi, I have problem with GStack.LocalAddress. When I call this function on Windows Server 2016 (ver. 1607, build 14393, virtualized), error occured. Function Stub_GetAdaptersAddresses() returns any pointer, but GetAdaptersAddresses() return error 127. Some solution?
Remy Lebeau
@rlebeau
@icegood Indy 9 does not allow the source stream to be nil. If the request is POST or PUT, it assumes a valid stream and will crash accessing the Size if the stream is nil. Indy 9 also omitted the Content-Length for all requests other than POST and PUT. Indy 10 allows a nil source stream, but the real question is - why are you posting a nil source stream to begin with? You really shouldn't be. That being said, I have checked in a fix to generate a 'Content-Length: 0' header when the source stream is nil for POST and PUT requests.
Remy Lebeau
@rlebeau
@perverez error 127 is ERROR_PROC_NOT_FOUND. GetAdaptersAddresses() should not be returning that error, it comes from GetProcAddress() instead. Did you check to make sure Indy is able to load iphlpapi.dll correctly before calling GetAdaptersAddresses()?
perverez
@perverez
Hi, I check all - DLL is loaded (hIpHlpApi > 0), GetAdaptersAddresses is assigned, function Stub_GetAdaptersAddresses not calling Impl_GetAdaptersAddresses. The problem does not occur in the physical network interface cards, only in Hyper-V.