subject:"\[Synalist\] Error with OpenSSL 1.1"

Re: [Synalist] Error with OpenSSL 1.1

2020-02-26 Thread Virgo Pärna via synalist-public


OpenSSL 1.1.1 compiles on Windows by default to different
filenames, then 1.0.2. libcrypto-1_1.dll and libssl-1_1.dll.

So I changed in non-CRL version DLLSSLName and DLLUtilName to 
array[1..LIB_COUNT] of string (LIB_COUNT being 3 on Windows and  1 
on another platforms). In that way matching pairs library names can 
be defined from newest to oldest.

When LoadLib one of the pair fails, then other is also freed (if
other was successful) and next one is tried until all versions are
tried or both are loaded successfully. After that 1.1.1 seems to work
with current version.

PS: SslMethodTLS has problems with lineendings.

Diff is below.

 ssl_openssl_lib.pas | 53
++---
 1 file changed, 34 insertions(+), 19 deletions(-)

diff --git a/ssl_openssl_lib.pas b/ssl_openssl_lib.pas
index b689a05..d7e3161 100644
--- a/ssl_openssl_lib.pas
+++ b/ssl_openssl_lib.pas
@@ -110,29 +110,31 @@ const
   DLLUtilName = 'libeay32.dll';
   {$ENDIF}
 {$ELSE}
-var
+const
   {$IFNDEF MSWINDOWS}
+  //Arrays must have same length, must describe combinations of
names...
+LIB_COUNT = 1;
 {$IFDEF DARWIN}
-DLLSSLName: string = 'libssl.dylib';
-DLLUtilName: string = 'libcrypto.dylib';
+DLLSSLName: array[1..LIB_COUNT] of string = ('libssl.dylib');
+DLLUtilName: array[1..LIB_COUNT] of string = ('libcrypto.dylib');
 {$ELSE}
  {$IFDEF OS2}
   {$IFDEF OS2GCC}
-DLLSSLName: string = 'kssl.dll';
-DLLUtilName: string = 'kcrypto.dll';
+DLLSSLName: array[1..LIB_COUNT] of string = ('kssl.dll');
+DLLUtilName: array[1..LIB_COUNT] of string = ('kcrypto.dll');
   {$ELSE OS2GCC}
-DLLSSLName: string = 'ssl.dll';
-DLLUtilName: string = 'crypto.dll';
+DLLSSLName: array[1..LIB_COUNT] of string = ('ssl.dll');
+DLLUtilName: array[1..LIB_COUNT] of string = ('crypto.dll');
   {$ENDIF OS2GCC}
  {$ELSE OS2}
-DLLSSLName: string = 'libssl.so';
-DLLUtilName: string = 'libcrypto.so';
+DLLSSLName: array[1..LIB_COUNT] of string = ('libssl.so');
+DLLUtilName: array[1..LIB_COUNT] of string = ('libcrypto.so');
  {$ENDIF OS2}
 {$ENDIF}
   {$ELSE}
-  DLLSSLName: string = 'ssleay32.dll';
-  DLLSSLName2: string = 'libssl32.dll';
-  DLLUtilName: string = 'libeay32.dll';
+  LIB_COUNT = 3;
+  DLLSSLName: array[1..LIB_COUNT] of string = ('libssl-1_1.dll',
'ssleay32.dll', 'libssl32.dll');
+  DLLUtilName: array[1..LIB_COUNT] of string = ('libcrypto-1_1.dll',
'libeay32.dll', 'libeay32.dll');
   {$ENDIF}
 {$ENDIF}
 
@@ -1861,7 +1863,7 @@ end;
 function InitSSLInterface: Boolean;
 var
   s: string;
-  x: integer;
+  x, i: integer;
 begin
   {pf}
   if SSLLoaded then
@@ -1878,12 +1880,25 @@ begin
   SSLLibHandle := 1;
   SSLUtilHandle := 1;
 {$ELSE}
-  SSLUtilHandle := LoadLib(DLLUtilName);
-  SSLLibHandle := LoadLib(DLLSSLName);
-  {$IFDEF MSWINDOWS}
-  if (SSLLibHandle = 0) then
-SSLLibHandle := LoadLib(DLLSSLName2);
-  {$ENDIF}
+  i := 1;
+  repeat
+SSLUtilHandle := LoadLib(DLLUtilName[i]);
+SSLLibHandle := LoadLib(DLLSSLName[i]);
+if not ((SSLUtilHandle <> 0) and (SSLLibHandle <> 0)) then
+begin//Both libraries were not initialized...
+  if SSLLibHandle <> 0 then
+  begin
+FreeLibrary(SSLLibHandle);
+SSLLibHandle := 0;
+  end;
+  if SSLUtilHandle <> 0 then
+  begin
+FreeLibrary(SSLUtilHandle);
+SSLUtilHandle := 0;
+  end;
+  Inc(i);//try next
+end;
+  until (i > LIB_COUNT) or ((SSLLibHandle <> 0) and (SSLUtilHandle
<> 0));
 {$ENDIF}
   if (SSLLibHandle <> 0) and (SSLUtilHandle <> 0) then
   begin


-- 
Virgo Pärna
virgo.pa...@mail.ee



___
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

Re: [Synalist] Error with OpenSSL 1.1

2017-04-14 Thread brian -

Is this the current SVN?
https://sourceforge.net/p/synalist/code/HEAD/tree/trunk/

On 12 April 2017 at 12:46, Lukas Gebauer  wrote:

>
> Latest changes are a few months ago... I have no time for huge
> development now, however Synapse still working fine.
>
> Fact is - OpenSSL 1.1 still not sopported yet. Sorry.
>
> > I wouldn't count on it, I think Synapse has been abandoned for a very
> long
> > time.
> >
> > On 7 April 2017 at 20:12, Mattia Verga  wrote:
> >
> > > Hi,
> > >
> > > I'm not a developer, but just a user of Skychart
> > > (http://www.ap-i.net/skychart), which uses Synapse in its code.
> > > I've found that using Synapse with OpenSSL gives an error:
> > > Error: 500  error:140A90C4:SSL routines:func(169):reason(196)
> > >
> > > I suspect that this is due to the fact that OpenSSL now uses
> > > TLS_method() as default instead of SSLv23_method() (see
> > > https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_new.html).
> > > At the moment only Fedora 26 has switched to OpenSSL 1.1, but this will
> > > probably become a problem with other distributions too in future.
> > >
> > > I would like to put this under your attention and ask if there's any
> > > workaround or Synapse update planned to fix that.
> > >
> > > Thanks
> > > Mattia
> > >
> > >
> > > 
> > > --
> > > Check out the vibrant tech community on one of the world's most
> > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > > ___
> > > synalist-public mailing list
> > > synalist-public@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/synalist-public
> > >
> >
>
>
>
> --
> Lukas Gebauer.
>
> http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib.
> http://geoget.ararat.cz/ - Geocaching solution
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> synalist-public mailing list
> synalist-public@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

Re: [Synalist] Error with OpenSSL 1.1

2017-04-12 Thread Mattia Verga


Il 12/04/2017 12:46, Lukas Gebauer ha scritto:

Latest changes are a few months ago... I have no time for huge
development now, however Synapse still working fine.

Fact is - OpenSSL 1.1 still not sopported yet. Sorry.



Thanks,
I wrote the attached patch for Skychart and Fedora specifically to make 
Synapse use the new TLS_method as default.
It's not backward compatible with OpenSSL 1.0 (which does not recognize 
the new method), but I hope it helps.


Mattia
diff -U 3 -dHrN -- a/skychart/component/synapse/source/lib/blcksock.pas b/skychart/component/synapse/source/lib/blcksock.pas
--- a/skychart/component/synapse/source/lib/blcksock.pas	2017-04-12 09:21:36.872249313 +0200
+++ b/skychart/component/synapse/source/lib/blcksock.pas	2017-04-12 09:21:58.686247010 +0200
@@ -240,7 +240,7 @@
   {:Specify requested SSL/TLS version for secure connection.}
   TSSLType = (
 LT_all,
-LT_SSLv2,
+LT_SSLv23,
 LT_SSLv3,
 LT_TLSv1,
 LT_TLSv1_1,
diff -U 3 -dHrN -- a/skychart/component/synapse/source/lib/ssl_openssl_lib.pas b/skychart/component/synapse/source/lib/ssl_openssl_lib.pas
--- a/skychart/component/synapse/source/lib/ssl_openssl_lib.pas	2017-03-05 10:27:48.0 +0100
+++ b/skychart/component/synapse/source/lib/ssl_openssl_lib.pas	2017-04-12 09:16:06.067282537 +0200
@@ -125,8 +125,8 @@
 DLLUtilName: string = 'crypto.dll';
   {$ENDIF OS2GCC}
  {$ELSE OS2}
-DLLSSLName: string = 'libssl.so';
-DLLUtilName: string = 'libcrypto.so';
+DLLSSLName: string = 'libssl.so.1.1';
+DLLUtilName: string = 'libcrypto.so.1.1';
  {$ENDIF OS2}
 {$ENDIF}
   {$ELSE}
@@ -283,11 +283,6 @@
 
   [DllImport(DLLSSLName, CharSet = CharSet.Ansi,
 SetLastError = False, CallingConvention= CallingConvention.cdecl,
-EntryPoint = 'SSLv2_method')]
-function SslMethodV2 : PSSL_METHOD; external;
-
-  [DllImport(DLLSSLName, CharSet = CharSet.Ansi,
-SetLastError = False, CallingConvention= CallingConvention.cdecl,
 EntryPoint = 'SSLv3_method')]
 function SslMethodV3 : PSSL_METHOD;  external;
 
@@ -313,6 +308,11 @@
 
   [DllImport(DLLSSLName, CharSet = CharSet.Ansi,
 SetLastError = False, CallingConvention= CallingConvention.cdecl,
+EntryPoint = 'TLS_method')]
+function SslMethodTLS : PSSL_METHOD; external;
+
+  [DllImport(DLLSSLName, CharSet = CharSet.Ansi,
+SetLastError = False, CallingConvention= CallingConvention.cdecl,
 EntryPoint = 'SSL_CTX_use_PrivateKey')]
 function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):Integer;  external;
 
@@ -713,12 +713,12 @@
   function SslCtxNew(meth: PSSL_METHOD):PSSL_CTX;
   procedure SslCtxFree(arg0: PSSL_CTX);
   function SslSetFd(s: PSSL; fd: Integer):Integer;
-  function SslMethodV2:PSSL_METHOD;
   function SslMethodV3:PSSL_METHOD;
   function SslMethodTLSV1:PSSL_METHOD;
   function SslMethodTLSV11:PSSL_METHOD;
   function SslMethodTLSV12:PSSL_METHOD;
   function SslMethodV23:PSSL_METHOD;
+  function SslMethodTLS:PSSL_METHOD;
   function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):Integer;
   function SslCtxUsePrivateKeyASN1(pk: integer; ctx: PSSL_CTX; d: AnsiString; len: integer):Integer;
 //  function SslCtxUsePrivateKeyFile(ctx: PSSL_CTX; const _file: PChar; _type: Integer):Integer;
@@ -841,12 +841,12 @@
   TSslCtxNew = function(meth: PSSL_METHOD):PSSL_CTX; cdecl;
   TSslCtxFree = procedure(arg0: PSSL_CTX); cdecl;
   TSslSetFd = function(s: PSSL; fd: Integer):Integer; cdecl;
-  TSslMethodV2 = function:PSSL_METHOD; cdecl;
   TSslMethodV3 = function:PSSL_METHOD; cdecl;
   TSslMethodTLSV1 = function:PSSL_METHOD; cdecl;
   TSslMethodTLSV11 = function:PSSL_METHOD; cdecl;
   TSslMethodTLSV12 = function:PSSL_METHOD; cdecl;
   TSslMethodV23 = function:PSSL_METHOD; cdecl;
+  TSslMethodTLS = function:PSSL_METHOD; cdecl;
   TSslCtxUsePrivateKey = function(ctx: PSSL_CTX; pkey: sslptr):Integer; cdecl;
   TSslCtxUsePrivateKeyASN1 = function(pk: integer; ctx: PSSL_CTX; d: sslptr; len: integer):Integer; cdecl;
   TSslCtxUsePrivateKeyFile = function(ctx: PSSL_CTX; const _file: PAnsiChar; _type: Integer):Integer; cdecl;
@@ -948,12 +948,12 @@
   _SslCtxNew: TSslCtxNew = nil;
   _SslCtxFree: TSslCtxFree = nil;
   _SslSetFd: TSslSetFd = nil;
-  _SslMethodV2: TSslMethodV2 = nil;
   _SslMethodV3: TSslMethodV3 = nil;
   _SslMethodTLSV1: TSslMethodTLSV1 = nil;
   _SslMethodTLSV11: TSslMethodTLSV11 = nil;
   _SslMethodTLSV12: TSslMethodTLSV12 = nil;
   _SslMethodV23: TSslMethodV23 = nil;
+  _SslMethodTLS: TSslMethodTLS = nil;
   _SslCtxUsePrivateKey: TSslCtxUsePrivateKey = nil;
   _SslCtxUsePrivateKeyASN1: TSslCtxUsePrivateKeyASN1 = nil;
   _SslCtxUsePrivateKeyFile: TSslCtxUsePrivateKeyFile = nil;
@@ -1106,14 +1106,6 @@
 Result := 0;
 end;
 
-function SslMethodV2:PSSL_METHOD;
-begin
-  if InitSSLInterface and Assigned(_SslMethodV2) then
-Result := _SslMethodV2
-  else
-Result := nil;
-end;
-
 function SslMethodV3:PSSL_METHOD;
 begin
   if InitSSLInterface and Assigned(_SslMethodV3) then
@@ -1154,6

Re: [Synalist] Error with OpenSSL 1.1

2017-04-12 Thread Lukas Gebauer


Latest changes are a few months ago... I have no time for huge 
development now, however Synapse still working fine.

Fact is - OpenSSL 1.1 still not sopported yet. Sorry.

> I wouldn't count on it, I think Synapse has been abandoned for a very long
> time.
> 
> On 7 April 2017 at 20:12, Mattia Verga  wrote:
> 
> > Hi,
> >
> > I'm not a developer, but just a user of Skychart
> > (http://www.ap-i.net/skychart), which uses Synapse in its code.
> > I've found that using Synapse with OpenSSL gives an error:
> > Error: 500  error:140A90C4:SSL routines:func(169):reason(196)
> >
> > I suspect that this is due to the fact that OpenSSL now uses
> > TLS_method() as default instead of SSLv23_method() (see
> > https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_new.html).
> > At the moment only Fedora 26 has switched to OpenSSL 1.1, but this will
> > probably become a problem with other distributions too in future.
> >
> > I would like to put this under your attention and ask if there's any
> > workaround or Synapse update planned to fix that.
> >
> > Thanks
> > Mattia
> >
> >
> > 
> > --
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > ___
> > synalist-public mailing list
> > synalist-public@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/synalist-public
> >
> 



-- 
Lukas Gebauer.

http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib.
http://geoget.ararat.cz/ - Geocaching solution


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

Re: [Synalist] Error with OpenSSL 1.1

2017-04-11 Thread brian -

I wouldn't count on it, I think Synapse has been abandoned for a very long
time.

On 7 April 2017 at 20:12, Mattia Verga  wrote:

> Hi,
>
> I'm not a developer, but just a user of Skychart
> (http://www.ap-i.net/skychart), which uses Synapse in its code.
> I've found that using Synapse with OpenSSL gives an error:
> Error: 500  error:140A90C4:SSL routines:func(169):reason(196)
>
> I suspect that this is due to the fact that OpenSSL now uses
> TLS_method() as default instead of SSLv23_method() (see
> https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_new.html).
> At the moment only Fedora 26 has switched to OpenSSL 1.1, but this will
> probably become a problem with other distributions too in future.
>
> I would like to put this under your attention and ask if there's any
> workaround or Synapse update planned to fix that.
>
> Thanks
> Mattia
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> synalist-public mailing list
> synalist-public@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

[Synalist] Error with OpenSSL 1.1

2017-04-07 Thread Mattia Verga

Hi,

I'm not a developer, but just a user of Skychart 
(http://www.ap-i.net/skychart), which uses Synapse in its code.
I've found that using Synapse with OpenSSL gives an error:
Error: 500  error:140A90C4:SSL routines:func(169):reason(196)

I suspect that this is due to the fact that OpenSSL now uses 
TLS_method() as default instead of SSLv23_method() (see 
https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_new.html).
At the moment only Fedora 26 has switched to OpenSSL 1.1, but this will 
probably become a problem with other distributions too in future.

I would like to put this under your attention and ask if there's any 
workaround or Synapse update planned to fix that.

Thanks
Mattia


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

Re: [Synalist] Error with OpenSSL 1.1

Re: [Synalist] Error with OpenSSL 1.1

Re: [Synalist] Error with OpenSSL 1.1

Re: [Synalist] Error with OpenSSL 1.1

Re: [Synalist] Error with OpenSSL 1.1

[Synalist] Error with OpenSSL 1.1

6 matches

Site Navigation

Mail list logo

Footer information