Implement your own timeout using a timer. I think calling abort on the
WSocket should cancel the connection attempt.
Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Erich Kuba
Sent: 14 September 2006 01:32
To: ICS support mailing
Subject: [twsocket]
I tested with Opera successfully!
Change the format string below in order to get a hex display like:
raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
Post the hex value.
Fastream Technologies wrote:
Hello,
With FF, after msg3,
Sec := FPSFT^.AcceptSecurityContext(@FHCred,
Any suggestions on how I can prevent this behaviour from
holding up my system in the future ??
Implement a timeout which would reset the connection even before it is
established. A simple TTimer would do.
Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html
--
[EMAIL
It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and gave
no errors/exceptions! But I cannot deploy in this form... ;(
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 10:49 AM
Also the unicode directive enabled, it does not compile! Perhaps that could
be a cure?!
Regards,
SZ
- Original Message -
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 11:40 AM
Subject: Re: [twsocket] Fw:
Fastream Technologies wrote:
Also the unicode directive enabled, it does not compile! Perhaps that
could be a cure?!
No, internally user names, domain names etc. are unicoded anyway.
To enable the unicode versions of the SSPI functions you need to uncomment
both defines in
Hello,
I found the problem source pinpointed:
if Sec 0 then
begin
{$IFDEF DEBUG_EXCEPTIONS}
Exception.CreateFmt('Init context failed: 0x%x', [Sec]); //
Sec -2146893048 (0x80090308)
{$ELSE}
Result := '';
FState := lsDoneErr;
Fastream Technologies wrote:
Hi Arno,
I also wonder if this could be a lifetime/time zone problem? We are
GMT+200. What is the timeout period of this authentication and did
you consider different time zones?
I do not think so.
Function AcceptSecurityContext (NTLM) is documented here:
FS, can you try it with FF with the site added to the trusted URIs and NTLM
auto-login enabled?
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
I do not know how to do this in FF. Also, see my previous message as I think
I found the source of the problem.
What's annoying with the problem is that in Opera, it causes 100% CPU usage
ON THE SERVER-SIDE--typical DoS.
Best Regards,
SZ
- Original Message -
From: Stadin, Benjamin
Now it gives SEC_E_LOGON_DENIED. :(
Regards,
SZ
- Original Message -
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 12:30 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: Hello,
:
: I
Latest report: when I used the Administrator account of Windows, it worked!
:) So I am beginning to think this is a problem with security policies of
some Windows.
Regards,
SZ
- Original Message -
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing
This maybe a little OT but it's related to the use of ICS.
I have some real-time data generated by my application that I'd like external
users to be able to view in the form of a web page. My web programming
knowledge is scant to say the least. I know I can use the HttpServ component
to
Fastream Technologies wrote:
Latest report: when I used the Administrator account of Windows, it
worked! :) So I am beginning to think this is a problem with security
policies of some Windows.
Yesterday I tested on a out-of-the-box, new XP SP2 installation, since
this box had a hd crash :(
You can use a web programming framework like asp, php or asp.net to
deliver your web content dyncamically
On Thu, 14 Sep 2006 11:24:29 +0100, you wrote:
This maybe a little OT but it's related to the use of ICS.
I have some real-time data generated by my application that I'd like
Also even with IE6XP, POST does not work under my reverse proxy whereas it
works with Digest. Digest also has a 3-message mechanism. Did you test with
POST??
Regards,
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent:
Scrive Fastream Technologies [EMAIL PROTECTED]:
Here is the full log:
How are these logs created? I asked for ethereal logs because it decode the
NTLM message, so we can see what domain and username will send by each client
(you can do this yourself).
Both browser asking for credential or
Arno Garrels wrote:
Fastream Technologies wrote:
Latest report: when I used the Administrator account of Windows, it
worked! :) So I am beginning to think this is a problem with security
policies of some Windows.
Yesterday I tested on a out-of-the-box, new XP SP2 installation, since
this
Ethereal does not work on localhost!! I put together these logs using
socketspy.
IE does not ask for credentials until you press POST then it begins not
accepting even the administrator password! Opera gets the server go 100%
CPU. FF only accepts administrator password.
Regards,
SZ
-
Arno Garrels wrote:
Arno Garrels wrote:
Fastream Technologies wrote:
Latest report: when I used the Administrator account of Windows, it
worked! :) So I am beginning to think this is a problem with
security policies of some Windows.
Yesterday I tested on a out-of-the-box, new XP SP2
Yes it is 0 here as well!
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 2:13 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: Arno Garrels wrote:
: Arno Garrels wrote:
:
Scrive Fastream Technologies [EMAIL PROTECTED]:
Ethereal does not work on localhost!! I put together these logs using
socketspy.
I think that if you want to know if your application works you should
reproduce a real environment. Will your reverse proxy run on a real server
or on the same pc
This maybe a little OT but it's related to the use of ICS.
Not OT at all !
I have some real-time data generated by my application that I'd like
external users to be able to view in the form of a web page. My web
programming knowledge is scant to say the least. I know I can use the
HttpServ
Even IE6 does not work with HTTP POST under NTLM!
I have setup a server and will try on that.
Regards,
SZ
- Original Message -
From: Maurizio Lotauro [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 2:33 PM
Subject: Re: [twsocket] Fw:
I uploaded a new version, added error logging to the demo and
fixed some minor bugs. EXE is also included.
http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
Though it won't fix the problem.
Fastream Technologies wrote:
Yes it is 0 here as well!
- Original Message
Fastream Technologies wrote:
Even IE6 does not work with HTTP POST under NTLM!
I have setup a server and will try on that.
In the first place we should make the demo working,
so we can be sure the problem is not in your proxy
code.
Why does it work on my boxes with the same browsers,
why
Fastream Technologies wrote:
Latest report: when I used the Administrator account of Windows, it
worked! :) So I am beginning to think this is a problem with security
policies of some Windows.
Also turn on eventlog, monitor the security events.
Regards,
SZ
- Original Message
Ok I recreated the user a with a non-null pwd and it worked. BUT POST does
not work in ANY browser! Never authenticates. This is the Ethereal dump:
Ôò¡ ÿÿ €E E¬D ú ú v÷êË [EMAIL PROTECTED] E ì-@
€EÀ¨À¨“
PqÃA…h7õµPÿÿX] POST / HTTP/1.1
Accept: image/gif,
Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this
malformed header!!!
Regards,
SZ
- Original Message -
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:15 PM
Subject: Re: [twsocket]
I keep getting the File not Found . adler32.obj error when
attempting to compile projects with ICS. I have the zobj123 directory
added to my search path, and if I compile again when the compiler stops
on the initialization section of the IcsXLibObj file then it compiles
fine.
Do I need to
I just noticed that Ethereal cannot dump the protocol insight. :( Or maybe
there is a way??
Arno, I think you will need to use the POST demo together with NTLM to test
against.
Benjamin, thanks for the empty password idea!
Best Regards,
SubZero
- Original Message -
From: Fastream
Fastream Technologies wrote:
Basicallly the ntlmmessage = NULL where it must not be--ethereal
calls this
malformed header!!!
Please, please, please upload the Ethereal dump in as a *.pcap file
somewhere so we can open it with ethereal.
--
To unsubscribe or change your settings for TWSocket
Here it is: http://www.fastream.com/ics/ntlm.pcap
Regards,
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:36 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: Fastream
NTLM requires Keep-Alive, but the server sends Connection: close in
the header of 401Answer.
Fastream Technologies wrote:
Here it is: http://www.fastream.com/ics/ntlm.pcap
Regards,
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing
Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? What
should we do if the server admin specifies NTLM but the client does not
support HTTP/1.1? Is this a rare situation?
Best Regards,
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support
Fastream Technologies wrote:
Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only?
No it is not. Same as with digest that also works in my demo with 1.0.
What should we do if the server admin specifies NTLM but the client
does not support HTTP/1.1? Is this a rare situation?
I keep getting the File not Found . adler32.obj error when
attempting to compile projects with ICS.
Try copying the OBJ files into the same directory as IcsLibObj. I had
to do this to build ICS under Delphi 6 the other day, it should not be
necessary...
Angus
--
To unsubscribe or
Scrive Angus Robertson - Magenta Systems Ltd [EMAIL PROTECTED]:
I keep getting the File not Found . adler32.obj error when
attempting to compile projects with ICS.
Try copying the OBJ files into the same directory as IcsLibObj. I had
to do this to build ICS under Delphi 6 the other
Hello Arno,
Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I
will need to complete the HTML authentication until next week now... Hmm. ;)
Best Regards,
SZ
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
One last lesson: when NTLM POST is taking place, if you press too frequently
on Mozilla, the progress meter stalls. When you click on another link it
works fine then. This does not happen with IE. I think this is a FF bug in
their state machine!
Best Regards,
SZ
- Original Message -
Francoise,
I am using Delphi 5 and I don't beleive the latest Beta supports it. I
seem to remember seeing something that said this was the case but please
correct me if I am wrong.
Anyway, the WebServ App is there and so is the template code.So, I
create a template of HTML with special tags
I just checked and I noticed that the dir written in the $L
directive has a different case of the directory name that contains
the .obj files.
Certainly no harm in correcting it, next time I can reproduce the error,
I was using several ICS/Delphi combinations last week and it gets very
I am using Delphi 5 and I don't beleive the latest Beta supports it
All versions and betas of ICS currently support Delphi 5. Such support
is planned to be removed from a later version of V6.
Angus
--
To unsubscribe or change your settings for TWSocket mailing list
please goto
Francoise,
You added an 'e' at the end of my first name, making it female (that's how
french works). Don't worry.
I am using Delphi 5 and I don't beleive the latest Beta supports it. I
seem to remember seeing something that said this was the case but please
correct me if I am wrong.
You
I don't think so. NTLM works fine for me in FF ever since. FF just fills
data into an NTLM context struct and if the message is complete it is used.
This has nothing to do with a state machine.
And btw, I've looked at the Pascal code of this pslib, I think it's more a
hack than a solution.
Hello,
Perhaps you can check out POSTing with IQRP 1.2b1
(http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you
need to do is,
- define the web server IP/port in Servers
- Go to URL Rules and assign the web server to Default (catch-all) URL rule
- Enable NTLM authentication
I remember that there was the same problem in ICS-SSL with Firefox in the
beginning. I think the connection isn't closed when this happens. Check with
your network sniffer if that's the case and set a break point to check
whether the connection is closed in your code. I don't believe that this is
Stadin, Benjamin wrote:
FF has a function table for
function calls to Windows' own secure32.dll / security.dll to provide
SSPI functionality (also a good lesson in C programming,
OverbyteIcsSspi as well ;-) this how the API works!
---
Arno Garrels [TeamICS]
Hi,
For those of you not having followed the very long thread Urgent...
Here is an updated version of the THttpSrv supporting NTLM available.
http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
Read readme.txt for how to install.
This is for ICS V6 only.
I'd be happy if someone test
://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
:
: Read readme.txt for how to install.
: This is for ICS V6 only.
:
: I'd be happy if someone test it in a domain environment, since I'm
: running peer to peer. It includes a modified Websrv demo, a compiled
: EXE is also included
of the THttpSrv supporting NTLM available.
:: http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
::
:: Read readme.txt for how to install.
:: This is for ICS V6 only.
::
:: I'd be happy if someone test it in a domain environment, since I'm
:: running peer to peer. It includes a modified
-Ntlm-20060914.zip
Read readme.txt for how to install.
This is for ICS V6 only.
I'd be happy if someone test it in a domain environment, since I'm
running peer to peer. It includes a modified Websrv demo, a compiled
EXE is also included.
---
Arno Garrels [TeamICS]
http://www.overbyte.be
/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
::
:: Read readme.txt for how to install.
:: This is for ICS V6 only.
::
:: I'd be happy if someone test it in a domain environment, since I'm
:: running peer to peer. It includes a modified Websrv demo, a compiled
:: EXE is also included
Fastream Technologies schrieb:
I see why I did not face this problem before with other auth methods:
because they (basic + digest) send 401 response only once per connection
and
the first request most probably is a GET. However, NTLM requires each
request to have its own 401!
That would be
Hello,
sorry, this will be just a tiny bit longer... ;-)
I'm currently building some large application where several parts will
act together. Two of them are connected via TCP and TWSocket. One is
client and one server (okay there is TWSocketServer, but since there's
always a 1:1 relation
I debugged the code and this is the problem (client sending data before
receiving 401). Here is my idea:
In OnDataAvailable, instead of FRcvdLine = RecieveStr(); we need to count
the number of bytes we receive and then pass to the hcRequest state
(PostDataReceived()) after that!
Regards,
SZ
56 matches
Mail list logo