Re: [twsocket] IcsLogger
Hi Angus! On Wed, 26 Nov 2014 08:00 + (GMT Standard Time), you wrote: I have been unable to establish if ICS supports TLSv1.1 and TLSv1.2. I expect it does, but would appreciate your confirming this. Yes, OpenSSL supports TLSv1.1 and TLSv1.2, you should see this reported in the handshake completed event like: Secure connection with TLSv1.2, cipher AES128-SHA, Thanks for this info. But OpenSSL settings may disable some features for backward compatibility, so you do need to check carefully. I'm using the openssl 1.0.1i that you guys compiled. Thank you so much for your reply. I'm taking your advice and forgetting the IcsLogger and pursuing SSL errors via SSL events. I've been debugging a handshake problem and it turns out that currently the IcsLogger uses some OpenSSL error handling routines that are not currently public in twsocket.pas so can not be accessed by applications. so you may get more detailed errors using IcsLogger for SSL errors at present. I'm going to try and improve the SSL error reporting next month. That would be great! I didn't find much to follow in the components ssl events--only one function reporting an error code. I did hook up logging like you said and in the various components. The more info you speak of would be helpful. As far as understanding the many log entries, I'm like you. Much of it does not make sense. However, I'm working with some internet security experts, so logging will be useful. Thanks so much, George -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] IcsLogger
I have been unable to establish if ICS supports TLSv1.1 and TLSv1.2. I expect it does, but would appreciate your confirming this. Yes, OpenSSL supports TLSv1.1 and TLSv1.2, you should see this reported in the handshake completed event like: Secure connection with TLSv1.2, cipher AES128-SHA, But OpenSSL settings may disable some features for backward compatibility, so you do need to check carefully. Thank you so much for your reply. I'm taking your advice and forgetting the IcsLogger and pursuing SSL errors via SSL events. I've been debugging a handshake problem and it turns out that currently the IcsLogger uses some OpenSSL error handling routines that are not currently public in twsocket.pas so can not be accessed by applications. so you may get more detailed errors using IcsLogger for SSL errors at present. I'm going to try and improve the SSL error reporting next month. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] IcsLogger
I'm trying to use the IcsLogger to trace down an SSL problem, but I'm only getting this one line in the log file: 15:21:49:633 InitCtx OpenSSL version: OpenSSL 1.0.1i 6 Aug 2014 You also need to attach the logger to any socket or other components you are using, they should all have an IcsLogger property (so that is also an ambiguous name for a component). But generally you are unlikely to learn more about any SSL errors from the logger than from properly reporting errors after SSL requests complete. The logger is primarily for internal ICS development purposes. Few people understand the actual OpenSSL calls, I certainly don't. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
[twsocket] IcsLogger
Hi, I'm trying to use the IcsLogger to trace down an SSL problem, but I'm only getting this one line in the log file: 15:21:49:633 InitCtx OpenSSL version: OpenSSL 1.0.1i 6 Aug 2014 This is the IcsLogger component: object IcsLogger: TIcsLogger TimeStampFormatString = 'hh:nn:ss:zzz' TimeStampSeparator = ' ' LogFileOption = lfoAppend LogFileName = 'ssllog.txt' LogOptions = [loDestFile, loAddStamp, loWsockErr, loWsockInfo, loSslErr, loSslInfo, loProtSpecErr, loProtSpecInfo] Left = 216 Top = 264 end This is the SslContext: object SslContext: TSslContext IcsLogger = IcsLogger SslVerifyPeer = False SslVerifyDepth = 9 SslVerifyFlags = [] SslOptions = [] SslVerifyPeerModes = [SslVerifyMode_PEER] SslSessionCacheModes = [] SslCipherList = 'ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH' SslVersionMethod = sslV23 SslSessionTimeout = 0 SslSessionCacheSize = 20480 Left = 144 Top = 264 end I've been looking at this for a day, and can't seem to get the logging going. I would greatly appreciate if you could help me out with this. Thank you, George -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be