Re: [fpc-pascal] https how does it work

2017-03-13 Thread Tony Whyman 
Thanks. It's good to know this. Perhaps the Indy site at 
http://www.indyproject.org should be updated to reflect this. You have 
to dig very deep to find the links to the svn (and labelled as a 
development snapshot). The last source code package appears to be the 
2004 release 10.0.52. With the site copyright being 1993 - 2008 it does 
look rather moribund.



On 13/03/17 07:20, Bo Berglund wrote:

On Thu, 16 Feb 2017 14:18:28 +, Tony Whyman
 wrote:


The downside is that the indy components do not seem to have been
updated for a long time and have not kept up-to-date with OpenSSL. I
have attached below a patch I have used to keep the components
up-to-date with SSL headers.

The Indy project is hosted on Fulgan here:
https://indy.fulgan.com/
You can find current versions of both SSL and Indy here.

It is easy to get using svn too:
svn co https://svn.atozed.com:444/svn/Indy10/trunk/Lib/ indy10

If you want to use one of the tagged versions then you face the caveat
concerning the svn tags that they contain spaces so you have to
replace these with %20 when you construct the svn command for
downloading a tag thus:
https://svn.atozed.com:444/svn/Indy10/tags/Indy%2010.6.2%20-%20XE8%20RTM/Lib/


Current version is 10.6.2 and it includes a lazarus package as well.
It is in constant development so no need to complain about not being
up-to-date! Last activity was 2017-03-08

You can browse the svn store by using your browser:
https://svn.atozed.com:444/svn/Indy10/

Go there and browse the versions for yourself.
Username is : Indy-Public-RO
No password needed for read-only access.

Lazarus package is: Lib/indylaz.lpk




___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] https how does it work

2017-03-13 Thread Bo Berglund 
On Thu, 16 Feb 2017 14:18:28 +, Tony Whyman
 wrote:

>The downside is that the indy components do not seem to have been 
>updated for a long time and have not kept up-to-date with OpenSSL. I 
>have attached below a patch I have used to keep the components 
>up-to-date with SSL headers.

The Indy project is hosted on Fulgan here:
https://indy.fulgan.com/
You can find current versions of both SSL and Indy here.

It is easy to get using svn too:
svn co https://svn.atozed.com:444/svn/Indy10/trunk/Lib/ indy10

If you want to use one of the tagged versions then you face the caveat
concerning the svn tags that they contain spaces so you have to
replace these with %20 when you construct the svn command for
downloading a tag thus:
https://svn.atozed.com:444/svn/Indy10/tags/Indy%2010.6.2%20-%20XE8%20RTM/Lib/


Current version is 10.6.2 and it includes a lazarus package as well.
It is in constant development so no need to complain about not being
up-to-date! Last activity was 2017-03-08

You can browse the svn store by using your browser:
https://svn.atozed.com:444/svn/Indy10/

Go there and browse the versions for yourself.
Username is : Indy-Public-RO
No password needed for read-only access.

Lazarus package is: Lib/indylaz.lpk


-- 
Bo Berglund
Developer in Sweden

___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] https how does it work

2017-02-16 Thread Tony Whyman 
You can always use the indy components. They have a working https 
implementation which I have successfully used in a SOAP based 
application and Lazarus's WST package. (see 
http://wiki.lazarus.freepascal.org/Indy_with_Lazarus).


The downside is that the indy components do not seem to have been 
updated for a long time and have not kept up-to-date with OpenSSL. I 
have attached below a patch I have used to keep the components 
up-to-date with SSL headers.


Tony



On 16/02/17 12:41, Rainer Stratmann wrote:

How does httpy work, what is needed?

TLS/SSL library?

A http webserver without encryption I programed already on my own and wanted
to integrate https.

Is there any example code of https?
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Index: fpc/IdSSLOpenSSLHeaders.pas
===
--- fpc/IdSSLOpenSSLHeaders.pas(.../tags/R10-2-0-3)(revision 8065)
+++ fpc/IdSSLOpenSSLHeaders.pas(.../trunk)(revision 8065)
@@ -7073,7 +7076,8 @@
   where the symbolic link libbsl.so and libcrypto.so do not exist}
   SSL_DLL_name = 'libssl'; {Do not localize}
   SSLCLIB_DLL_name = 'libcrypto'; {Do not localize}
-  SSLDLLVers : array [0..4] of string = 
('','0.9.9','.0.9.8','.0.9.7','0.9.6');
+  SSLDLLVers : array [0..6] of string = 
('','1.0.1','1.0.0','0.9.9','.0.9.8','.0.9.7','0.9.6');
+//  SSLDLLVers : array [0..3] of string = 
('0.9.9','.0.9.8','.0.9.7','0.9.6');

   {$ENDIF}
   {$IFDEF WIN32_OR_WIN64_OR_WINCE}
   SSL_DLL_name   = 'ssleay32.dll';  {Do not localize}
@@ -9479,9 +9485,9 @@
   @IdSslWrite := LoadFunction(fn_SSL_write);
   @IdSslCtxCtrl := LoadFunction(fn_SSL_CTX_ctrl);
   @IdSslGetError := LoadFunction(fn_SSL_get_error);
-  @IdSslMethodV2 := LoadFunction(fn_SSLv2_method);
-  @IdSslMethodServerV2 := LoadFunction(fn_SSLv2_server_method);
-  @IdSslMethodClientV2 := LoadFunction(fn_SSLv2_client_method);
+//  @IdSslMethodV2 := LoadFunction(fn_SSLv2_method);
+//  @IdSslMethodServerV2 := LoadFunction(fn_SSLv2_server_method);
+//  @IdSslMethodClientV2 := LoadFunction(fn_SSLv2_client_method);
   @IdSslMethodV3 := LoadFunction(fn_SSLv3_method);
   @IdSslMethodServerV3 := LoadFunction(fn_SSLv3_server_method);
   @IdSslMethodClientV3 := LoadFunction(fn_SSLv3_client_method);

___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] https how does it work

2017-02-16 Thread Michael Van Canneyt 



On Thu, 16 Feb 2017, Rainer Stratmann wrote:


How does httpy work, what is needed?

TLS/SSL library?


Yes.

The ssockets unit has the ability to set up a TLS/SSL connection.
It uses openssl as a library.

You can check the fphttpclient unit to see how this is done.
The fphttpserver currently does not support this yet.

Michael.
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal