ICS v8 has been updated to support OpenSSL 1.0.2a and 1.0.1m, which include various security advisory fixes.
The changes and OpenSSL zips may be downloaded from the SVN repository or the overnight zip file at: http://www.magsys.co.uk/delphi/magics.asp These SMPT and POP3 mail components now both support the IcsLogger. I added the logger to try and find out why I could no longer collect email from Hotmail/Live at pop3.live.com after updating to OpenSSL 1.0.2 which appears to be because it used very old ciphers. SSL Connected OK with TLSv1, cipher RC4-MD5, key exchange RSA, encryption RC4(128), message authentication MD5 No idea why Microsoft uses such old ciphers, whereas Google goes out of it's way to use the latest ciphers, as does Windows 2012. Fortunately, this transpires to be a limitation of OpenSSL 1.0.2, not an ICS bug, and is unchanged in 1.0.2a. I found users of other applications with a similar problem, although one solution found is to set SslVersionMethod := sslTLS_V1_CLIENT; to force TLSv1 instead of starting with TLSv1.2. Alternatively if support for older ciphers is important, stick to 1.0.1m which still works OK. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
