Re: [twsocket] SSL session closed with 10053
HttpCli := THttpCli.Create(nil); Of course it had to be: TSslHttpCli.Create(nil); It is working now, thanks! mvg, Wilfried -Oorspronkelijk bericht- Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org] Namens Fastream Technologies Verzonden: maandag 17 oktober 2011 15:56 Aan: ICS support mailing Onderwerp: Re: [twsocket] SSL session closed with 10053 Use HttpCli.SslContext := TSslContext.Create(nil); Best Regards, SubZero On Mon, Oct 17, 2011 at 16:06, Wilfried Mestdagh wilfr...@mestdagh.bizwrote: Ok thx SZ :) FSslContext := TSslContext.Create(nil); HttpCli := THttpCli.Create(nil); -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Wilfried Mestdagh wrote: Hi, This is my First SSL with THttpCli. This site requires a BASIC authentication but that is not importand here. The strange thing is I get a session closed with winsock error 10053. Nothing is sent. If I put SocketSpy in between then I also have the 10053 in Socketspy immediately after the client connect. So I think there is something I forget. I have add the 2 DLL's into project folder, USE_SLL in project options. Do I have something else to do? Note that this is a project in Delphi7 with ThttpCli version 1.93. ICSSSLLAY and ICSLIBEAY are both from 2006. So version period is same I think. I have IcsLogger log here. It seems the 10053 is with the StartSslHandshake. You use a far too old version IMO. Anyway it looks like FSslEnable isn't set for some reason so SSL is not used and the peer doesn't like that: procedure TCustomSslWSocket.StartSslHandshake; begin {$IFNDEF NO_DEBUG_LOG} if CheckLogOptions(loSslInfo) then { V5.21 } DebugLog(loSslInfo, _IntToHex(INT_PTR(Self), SizeOf(Pointer) * 2) + ' StartSslHandshake ' + _IntToStr(FHSocket)); {$ENDIF} if not FSslEnable then == Here ** Exit; My log (debug output) with latest and greatest on Server 2008: Debug Output: 13:09:27:450 7 header lines to send GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* Connection: Keep-Alive Accept-Language: en, fr User-Agent: Mozilla/4.0 (compatible; ICS; MSIE 4.0) Host: www.microsoft.com:443 Proxy-Connection: Keep-Alive Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:461 01F5CAC0 PutDataInSslBuffer 500 len 245 [1] Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:461 01F5CAC0 SslTryToSend 500 Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:461 SendRequest Done Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:461 01F5CAC0 StartSslHandshake 500 Process OverbyteIcsHttpsTst.exe (996) Module Load: LIBEAY32.dll. No Debug Info. Base Address: $1000. Process OverbyteIcsHttpsTst.exe (996) Module Load: SSLEAY32.dll. No Debug Info. Base Address: $0409. Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:481 InitCtx OpenSSL version: OpenSSL 0.9.8r 8 Feb 2011 Process OverbyteIcsHttpsTst.exe (996) Module Load: NETAPI32.dll. No Debug Info. Base Address: $740E. Process OverbyteIcsHttpsTst.exe (996) Module Load: netutils.dll. No Debug Info. Base Address: $740D. Process OverbyteIcsHttpsTst.exe (996) Module Load: srvcli.dll. No Debug Info. Base Address: $744C. Process OverbyteIcsHttpsTst.exe (996) Module Load: wkscli.dll. No Debug Info. Base Address: $740C. Process OverbyteIcsHttpsTst.exe (996) Module Unload: NETAPI32.dll. Process OverbyteIcsHttpsTst.exe (996) Module Unload: wkscli.dll. Process OverbyteIcsHttpsTst.exe (996) Module Unload: srvcli.dll. Process OverbyteIcsHttpsTst.exe (996) Module Unload: netutils.dll. Process OverbyteIcsHttpsTst.exe (996) Module Load: CRYPTSP.dll. No Debug Info. Base Address: $7430. Process OverbyteIcsHttpsTst.exe (996) Module Load: RSAENH.dll. No Debug Info. Base Address: $7424. Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:872 01F5CAC0 InitSSLConnection 500 Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:880 01F5CAC0 BIO_ctrl(sslbio, BIO_C_SET_SSL, BIO_NOCLOSE, 0x441D118) = 1 [2] Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:888 ICB SSL_CB_HANDSHAKE_START Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:897 ICB SSL_connect: before/connect initialization Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:905 ICB SSL_connect: SSLv2/v3 write client hello A Process OverbyteIcsHttpsTst.exe (996) Debug Output: 13:09:27:912 ICB SSL_connect: error in SSLv2/v3 read server hello A Process OverbyteIcsHttpsTst.exe (996) [..] -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Hi Arno, Thank you. You put me on a tracé. I put a breakpunt over there, it is not the FSslEnable, but FSslContext is NIL so exeption is raised and eaten somewhere. Now my question: What is SSLContext and what should I do with it? procedure TCustomSslWSocket.StartSslHandshake; begin {$IFNDEF NO_DEBUG_LOG} if CheckLogOptions(loSslInfo) then { V5.21 } DebugLog(loSslInfo, IntToHex(Integer(Self), 8) + ' StartSslHandshake ' + IntToStr(FHSocket)); {$ENDIF} if not FSslEnable then Exit; if not Assigned(FSslContext) then raise Exception.Create('SSL requires a context object'); -- Here Exception -- mvg, Wilfried -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Hello Wilfried, You create one TSslContext per SSL certificate your server has and you need to assign one of it to each ICS SSL instance. It is useful in sharing SSL context objects accross many SSL client/servers in a thread. Best Regards, SZ On Mon, Oct 17, 2011 at 14:51, Wilfried Mestdagh wilfr...@mestdagh.bizwrote: Hi Arno, Thank you. You put me on a tracé. I put a breakpunt over there, it is not the FSslEnable, but FSslContext is NIL so exeption is raised and eaten somewhere. Now my question: What is SSLContext and what should I do with it? procedure TCustomSslWSocket.StartSslHandshake; begin {$IFNDEF NO_DEBUG_LOG} if CheckLogOptions(loSslInfo) then { V5.21 } DebugLog(loSslInfo, IntToHex(Integer(Self), 8) + ' StartSslHandshake ' + IntToStr(FHSocket)); {$ENDIF} if not FSslEnable then Exit; if not Assigned(FSslContext) then raise Exception.Create('SSL requires a context object'); -- Here Exception -- mvg, Wilfried -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Hello SZ, Stupid question: in which unit is TSSlContext declared? I'm pulling my hair :( -- mvg, Wilfried http://www.mestdagh.biz http://www.comfortsoftware.be http://www.expertsoftware.be -Oorspronkelijk bericht- Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org] Namens Fastream Technologies Verzonden: maandag 17 oktober 2011 13:56 Aan: ICS support mailing Onderwerp: Re: [twsocket] SSL session closed with 10053 Hello Wilfried, You create one TSslContext per SSL certificate your server has and you need to assign one of it to each ICS SSL instance. It is useful in sharing SSL context objects accross many SSL client/servers in a thread. Best Regards, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Overbyteicswsocket.pas. ;-) Regards, SubZero On Mon, Oct 17, 2011 at 15:23, Wilfried Mestdagh wilfr...@mestdagh.bizwrote: Hello SZ, Stupid question: in which unit is TSSlContext declared? I'm pulling my hair :( -- mvg, Wilfried http://www.mestdagh.biz http://www.comfortsoftware.be http://www.expertsoftware.be -Oorspronkelijk bericht- Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org] Namens Fastream Technologies Verzonden: maandag 17 oktober 2011 13:56 Aan: ICS support mailing Onderwerp: Re: [twsocket] SSL session closed with 10053 Hello Wilfried, You create one TSslContext per SSL certificate your server has and you need to assign one of it to each ICS SSL instance. It is useful in sharing SSL context objects accross many SSL client/servers in a thread. Best Regards, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Ok thx SZ :) FSslContext := TSslContext.Create(nil); HttpCli := THttpCli.Create(nil); Where and to what do I assign FSslContext to THttpCli ? -- mvg, Wilfried -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Use HttpCli.SslContext := TSslContext.Create(nil); Best Regards, SubZero On Mon, Oct 17, 2011 at 16:06, Wilfried Mestdagh wilfr...@mestdagh.bizwrote: Ok thx SZ :) FSslContext := TSslContext.Create(nil); HttpCli := THttpCli.Create(nil); Where and to what do I assign FSslContext to THttpCli ? -- mvg, Wilfried -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL session closed with 10053
Wilfried Mestdagh wrote: Hi Arno, Thank you. You put me on a tracé. I put a breakpunt over there, it is not the FSslEnable, but FSslContext is NIL so exeption is raised and eaten somewhere. Now my question: What is SSLContext and what should I do with it? It encapsulates an OpenSsl SSL context handle/object ;) Take a look at the SslInternet\(OverbyteIcs)HttpsTst.dpr demo for example, you'll get the idea. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be