Re: [twsocket] GpHTTPProxy component
> We need to parse the response but do not know the format. There is no
> indication of GZip or Deflate (it could be compressed as well as
> encrypted)
> and also encryption. Any idea?
It is produced/used by IBM WebSphere which - if I'm not wrong - support
string cryptography using a PKI infrastructure. See my previous message.
That's what I read in a security document I gave reference. So you need the
private keys to decrypt, and of course know which algorythm is used. Forget
about it !
--
Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html
--
[EMAIL PROTECTED]
http://www.overbyte.be
- Original Message -
From: "Fastream Technologies" <[EMAIL PROTECTED]>
To: "ICS support mailing"
Sent: Monday, January 23, 2006 1:29 PM
Subject: Re: [twsocket] GpHTTPProxy component
> Hello,
>
> I am trying to help Ibrahim. With the http proxy, we get the following
> data:
>
> 23/01/2006 13:29:26 From Local (127.0.0.1)
> POST http://212.175.105.144:80/BagkurApp/EczaneApp/EczaneServlet HTTP/1.0
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
> Host: 212.175.105.144
> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
> Content-type: application/x-www-form-urlencoded
> Content-length: 59
>
>
> 23/01/2006 13:29:26 From Local (127.0.0.1)
> ‹[󖵄¡Û+ÀÀÀØÒØÄÀĞØÀÀĞÌ..Ì
> BœBL=
> €±.Í..¸|’...
>
> 23/01/2006 13:29:26 Connection Opened
>
> 23/01/2006 13:29:26 From Remote
> HTTP/1.1 200 OK
> Server: WebSphere Application Server/5.1
> Content-Type: text/html; charset=ISO-8859-1
> Content-Language: tr-TR
> Connection: close
>
> ‹
>
> 23/01/2006 13:29:26 From Remote
> ¥RËMÄ0E
> úH.3
{<>:.±aA.
–:(gµpHÊ¡.ìİ8$ÆpáEŠì§ÑûØ~ÿ¼¸~»º¼‚.Í€ñã¸.
> Ïõ‹2õi£OC°†cpZ+kZY(Ájš§Œ)
> [EMAIL PROTECTED]>qˆq4TQAË¥|2I:ûí‹Ä‰UV
> .ag)úûv
ªjÿqğ_.ÊüÏMRiq?= 9Ò%ïØŸƒ ‰.ë¦}ğıÒ¾])÷?Ÿh:W-f %õ×
> ò«M 0ï
…[ ÀÛf;¯K·İq¿ñí_ı§§3É.èùiÈ̲c(£ú/~ÑÍñ.e’.Ç
>
> 23/01/2006 13:29:26 Connection Closed
>
> We need to parse the response but do not know the format. There is no
> indication of GZip or Deflate (it could be compressed as well as
> encrypted)
> and also encryption. Any idea?
>
> Regards,
>
> SZ
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
Re: [twsocket] ICS install on Delphi 2006
> I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS > components (actual stable release, not beta). > Where are (if exists, I don't see it) the Delphi 2006 packages? > Can I use new ones (beta) without compatibility problems? Yes, you can use the current ICS-V5 beta. There is no known compatibility issue. And it is the version which I personnaly use in my applications (of course I don't use a possible features). -- Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html -- [EMAIL PROTECTED] http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] OnDataAvailable called before shutdown with no data
Hello Francois, > You can't ignore OnDataavailable event ! Got it. >> > There is a flag FPaused but it is not exposed as a property. >> Oh, will you be able to expose it? I can modify the source >> code for now but I think it's useful when Pause and Resume >> is exposed. > Not really. You can have a flag set/reset in your own application > when you call Pause/Resume, or you > can derive from TWSocket and create the property in your derived > component. That's what OOP is all about. Hmm. Is there any particular reason that you don't want to expose FPaused? It seems safe to call Resume on all client socket without checking, am I right? Thanks, Jack -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] GpHTTPProxy component
Hello,
I am trying to help Ibrahim. With the http proxy, we get the following data:
23/01/2006 13:29:26 From Local (127.0.0.1)
POST http://212.175.105.144:80/BagkurApp/EczaneApp/EczaneServlet HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: 212.175.105.144
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Content-type: application/x-www-form-urlencoded
Content-length: 59
23/01/2006 13:29:26 From Local (127.0.0.1)
‹[󖵄¡Û+ÀÀÀØÒØÄÀĞØÀÀĞÌ..Ì
BœBL=
€±.Í..¸|’...
23/01/2006 13:29:26 Connection Opened
23/01/2006 13:29:26 From Remote
HTTP/1.1 200 OK
Server: WebSphere Application Server/5.1
Content-Type: text/html; charset=ISO-8859-1
Content-Language: tr-TR
Connection: close
‹
23/01/2006 13:29:26 From Remote
¥RËMÄ0E
úH.3
{<>:.±aA.
–:(gµpHÊ¡.ìİ8$ÆpáEŠì§ÑûØ~ÿ¼¸~»º¼‚.Í€ñã¸.
Ïõ‹2õi£OC°†cpZ+kZY(Ájš§Œ)
[EMAIL PROTECTED]>qˆq4TQAË¥|2I:ûí‹Ä‰UV
.ag)úûv
ªjÿqğ_.ÊüÏMRiq?=
9Ò%ïØŸƒ ‰.ë¦}ğıÒ¾])÷?Ÿh:W-f %õ×
ò«M 0ï
…[ ÀÛf;¯K·İq¿ñí_ı§§3É.èùiÈ̲c(£ú/~ÑÍñ.e’.Ç
23/01/2006 13:29:26 Connection Closed
We need to parse the response but do not know the format. There is no
indication of GZip or Deflate (it could be compressed as well as encrypted)
and also encryption. Any idea?
Regards,
SZ
- Original Message -
From: "ibrahim bulut" <[EMAIL PROTECTED]>
To: "ICS support mailing"
Sent: Saturday, January 21, 2006 5:34 PM
Subject: Re: [twsocket] GpHTTPProxy component
telefon numaranızdan arayabilir miyim
dahili numara ve isminiz nedir
can i call you
what is your internal number
- Original Message -
From: "Fastream Technologies" <[EMAIL PROTECTED]>
To: "ICS support mailing"
Sent: Saturday, January 21, 2006 5:29 PM
Subject: Re: [twsocket] GpHTTPProxy component
Tükçe: Türkçe konuşabiliyorum. Sanırım sizin sniffer kullanmanız daha uygun.
Şifre çözümü için IBM'in bu iş için kendi API'si olabileceğini düşünüyorum
ben (eğer çözülmesini istiyorlarsa tabi :) ).
English: I can speak Turkish. I believe you should use a sniffer for the
purpose. I think IBM should have an API for decryption if they want this
functionality of course.
- Original Message -
From: "ibrahim bulut" <[EMAIL PROTECTED]>
To: "ICS support mailing"
Sent: Saturday, January 21, 2006 5:25 PM
Subject: Re: [twsocket] GpHTTPProxy component
>
> some pharmacy software companies is about that in turkey.
> can you help me about this
> can you speak turkish
>
>
>
> - Original Message -
> From: "Fastream Technologies" <[EMAIL PROTECTED]>
> To: "ICS support mailing"
> Sent: Saturday, January 21, 2006 5:09 PM
> Subject: Re: [twsocket] GpHTTPProxy component
>
>
>>I am in Turkey too. I wonder which type of applications are you talking
>> about and which companies as well.
>>
>> Regards,
>>
>> SZ
>>
>> - Original Message -
>> From: "ibrahim bulut" <[EMAIL PROTECTED]>
>> To: "ICS support mailing"
>> Sent: Saturday, January 21, 2006 4:32 PM
>> Subject: Re: [twsocket] GpHTTPProxy component
>>
>>
>>> page is not under ssl
>>> but ibm websphere crypting the data
>>>
>>> some software companies in our country do it.
>>> but how they do it i don't know.
>>>
>>>
>>> - Original Message -
>>> From: "Fastream Technologies" <[EMAIL PROTECTED]>
>>> To: "ICS support mailing"
>>> Sent: Saturday, January 21, 2006 4:25 PM
>>> Subject: Re: [twsocket] GpHTTPProxy component
>>>
>>>
IMO, even if you set a tunneling proxy, it would be impossible to read
128-bit SSL traffic in case it is implemented end-to-end.
Regards,
SZ
- Original Message -
From: "ibrahim bulut" <[EMAIL PROTECTED]>
To: "ICS support mailing"
Sent: Saturday, January 21, 2006 4:21 PM
Subject: Re: [twsocket] GpHTTPProxy component
>i have tested Angus's component
> (http://www.magsys.co.uk/download/software/monsock1.zip)
> i can do it with winpcap and snoop component
>
> but problem is that
> java applet is connecting to ibm websphere server
> and server is crpyting the data.
>
> so i can capture the data but i can not decrypt it (data is crypted)
> so i must solve this problem with a different way.
>
> how can i do it with GpHTTPProxy component or another way
>
>
> - Original Message -
> From: "Wilfried Mestdagh" <[EMAIL PROTECTED]>
> To: "ICS support mailing"
> Sent: Saturday, January 21, 2006 4:03 PM
> Subject: Re: [twsocket] GpHTTPProxy component
>
>
>> Hello ibrahim,
>>
>> If you wants to sniff raw traffic then (as SZ suggested) then you can
>> use Angus his components:
>> http://www.magsys.co.uk/download/software/monsock1.zip but if you
>> want
>> to sniff only HTTP traffic from within a given LAN then the proxy can
>> be
>> preferable.
>>
>> Some browser has separate settings for dialup / lan / ... so it could
>> be
>> you set proxy in wrong field ?
>>
>> ---
Re: [twsocket] ICS install on Delphi 2006
I think you meant "Actual ICS betas are more stable than any Microsoft Windows Gold :-)" Alpha -> Beta -> RC -> Gold Darin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dod Sent: Monday, January 23, 2006 4:59 AM To: ICS support mailing Subject: Re: [twsocket] ICS install on Delphi 2006 Hello David, Actual ICS betas are more stable than any Microsoft Windows alpha :-) DM> I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS DM> components (actual stable release, not beta). DM> Where are (if exists, I don't see it) the Delphi 2006 packages? DM> Can I use new ones (beta) without compatibility problems? DM> Thanks in advance. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] ICS install on Delphi 2006
Estimado David, Con fecha dilluns, 23 / gener / 2006, 10:42:29, escribió: > Dear list members, > I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS > components (actual stable release, not beta). > Where are (if exists, I don't see it) the Delphi 2006 packages? > Can I use new ones (beta) without compatibility problems? > Thanks in advance. > -- > David > [EMAIL PROTECTED] Ok, I don't explore 2006 companion CD. Thanks for your time. -- David [EMAIL PROTECTED] -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] ICS install on Delphi 2006
> I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS > components (actual stable release, not beta). > > Where are (if exists, I don't see it) the Delphi 2006 packages? The official version of ICS tested with Delphi 2006 is on the companion disk, I installed it on 2006 and built all the demo and example applications before release. Mind I had to reboot my PC afterwards due to mammoth memory usage after compiling dozens of applications consecutively, but that bug has been in Delphi for many versions and never fixed. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] ICS install on Delphi 2006
Hello David, Actual ICS betas are more stable than any Microsoft Windows alpha :-) DM> I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS DM> components (actual stable release, not beta). DM> Where are (if exists, I don't see it) the Delphi 2006 packages? DM> Can I use new ones (beta) without compatibility problems? DM> Thanks in advance. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
[twsocket] ICS install on Delphi 2006
Dear list members, I'm moving from Delphi 7 to Delphi 2006 and I want to install ICS components (actual stable release, not beta). Where are (if exists, I don't see it) the Delphi 2006 packages? Can I use new ones (beta) without compatibility problems? Thanks in advance. -- David [EMAIL PROTECTED] -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] THttpServer Digest Auth implemented with ICS
The code forks from the basic auth code in the ConnectionDataAvailable event in the checker for "Authorization:" part. If you look at that code piece, it is easy to add new methods. You will need to define your Answer401NTLM() though as the precedence is now Digest and Basic (if you add NTLM to the end, it would never be executed as higher priority Basic is always supported.). Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Monday, January 23, 2006 10:01 AM Subject: Re: [twsocket] THttpServer Digest Auth implemented with ICS > Fastream Technologies wrote: >> Hello Francois and Everybody, >> >> We (me and Peter Nikolow) worked on Digest authentication for ICS >> THttpServer. > > > Could this be implemented so that further authentication methods > can be added easily? > > Would it make sense to add NTLM support as well? > > With NTLM it would be possible to check logins either against Windows- > or a custom user database. Concerning Windows- users I'm not quite sure > if it makes much sence, because although it's possible to verify whether > a NTLM logon is accepted (SSPI), granted privileges and access rights > would apply only if you impersonate the logged on user (which is > impersonating current thread). > > Arno Garrels > > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] THttpServer Digest Auth implemented with ICS
Fastream Technologies wrote: > Hello Francois and Everybody, > > We (me and Peter Nikolow) worked on Digest authentication for ICS > THttpServer. Could this be implemented so that further authentication methods can be added easily? Would it make sense to add NTLM support as well? With NTLM it would be possible to check logins either against Windows- or a custom user database. Concerning Windows- users I'm not quite sure if it makes much sence, because although it's possible to verify whether a NTLM logon is accepted (SSPI), granted privileges and access rights would apply only if you impersonate the logged on user (which is impersonating current thread). Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
