tothpaul / delphi Goto Github PK
View Code? Open in Web Editor NEWDelphi source code by Execute SARL
License: GNU General Public License v3.0
Delphi source code by Execute SARL
License: GNU General Public License v3.0
This project does not seem to specify a license. Effectively that means it's completely restricted under copyright. If that's not intended, please specify one.
I'm trying to use your schannel implementation with Indy, it works great, until I assign TIdSocksInfo
to TIdSSLIOHandlerSocketSChannel.TransparentProxy
, in this case I get an exception -> access violation at 0xXXX: read of address 0xXXX.
I little debugged what is happening and the problem occurs at TIdSSLIOHandlerSocketBase.WriteDataToTarget
because PassThrough
is False
, when I execute the same example with TIdSSLIOHandlerSocketOpenSSL
, so PassThrough
is True
.
So somewhere before PassThrough
is not initialized correctly.
Example code is simple:
LMem := TStringStream.Create;
LSchannel := TIdSSLIOHandlerSocketSChannel.Create;
LSchannel.TransparentProxy := IdSocksInfo1;
IdHTTP1.IOHandler := LSchannel;
// for openssl
// LOpenSsl := TIdSSLIOHandlerSocketOpenSSL.Create;
// LOpenSsl.TransparentProxy := IdSocksInfo1;
// IdHTTP1.IOHandler := LOpenSsl;
IdHTTP1.Get(
'https://check.torproject.org/api/ip',
LMem
);
LMem.Free;
FreeAndNil(LOSssl);
FreeAndNil(LSchannel);
In Execute.SChannel.pas you have several functions like SSLRead that take an SSL parameter that is declared as Integer and then typecasted to a pointer type PSSLInfo. In Execute.IdSSLSChannel.pas you are passing a variable declared as THandle as this parameter. This looks incorrect to me. On 64-bit Windows, THandle and Pointer are 64-bit, but Integer is 32-bit. I'd expect the pointer to be passed incorrectly when the application uses more than 4 GB of RAM or when MEM_TOP_DOWN is enabled. If the SSL parameter is really a pointer, why not just use the Pointer type?
Hello, this code is a client websocket or a server?
Thanks
function SSLAvailable: Boolean; is not thread safe, because Initialized is set early and when second thread check SSLAvailable too quick, SSPI is not set, but Initialized is set.
So second thread crash with AV on SSPI.something ( in my case in SSPI.AcquireCredentialsHandle).
Maybe can be solve dirty with
function SSLAvailable: Boolean; var init: function: PSecurityFunctionTable; stdcall; begin Result := Initialized; SSPError := 0; if not Initialized or (SSPI = nil) then {SSPI = nil can be when SSL is inicializing in threads and SSPI is not assigned yet} begin {$IFDEF LOG}WriteLn('SSLAvailable');{$ENDIF} Initialized := True;
Using OpenSSL , my program works to connect to a FTP server running TLS 1.2.
Snippet of code from a stand alone example...
Gets A "session reuse required" error.
If i switch to the openSSL IOHandler, it all works.
` IdFTP1 := tidftp.Create(nil);
ssl := TIdSSLIOHandlerSocketSChannel.Create(nil);
IdFTP1.OnStatus := FTPStatus;
IdFTP1.OnTLSNotAvailable := TLSNotAvailable;
IdFTP1.OnTLSHandShakeFailed := TLSHandShakeFailed;
IdFTP1.OnTLSNegCmdFailed := TLSNegCmdFailed;
IdFTP1.IOHandler := ssl;
IdFTP1.UseTLS := utUseExplicitTLS;
IdFTP1.Passive := True;
IdFTP1.Host := 'some-sever.com';
IdFTP1.Username := 'user';
IdFTP1.Password := 'pass';
IdFTP1.Connect;
IdFTP1.DataPortProtection := ftpdpsPrivate;
Memo1.lines.add('');
if IdFTP1.SupportsTLS then
Memo1.lines.add('TLS IS SUPPORTED')
else
Memo1.lines.add('TLS IS NOT SUPPORTED');
Memo1.lines.add('');
IdFTP1.list; /// < ---- FAILS RIGHT HERE. session reuse required
for i := 0 to IdFTP1.DirectoryListing.Count - 1 do
begin
Memo1.lines.add(IdFTP1.DirectoryListing.Items[i].FileName);
end;
IdFTP1.TransferType := ftBinary;
if fileexists('test.txt') then
IdFTP1.Put('test.txt');
IdFTP1.Disconnect;
IdFTP1.Free;
ssl.Free;
`
Is there A chance a server IOHandler for SChannel to become available?
I have HTTP servers and Delphi REST severs which use Indy.
And I need to get rid of OpenSSL ( long story )
Hi
I have come across and issue when using your Indy SChannel component with the Indy IdFTP component and the following properties are set
UseTLS := utUseRequireTLS
DataPortProtection := ftpdpsPrivate;
Whilst the initial logon passes certificate validation when issuing a List or Get command it then fails with
SChannel initialization fails CertVerifyCertificateChainPolicy.Status = 800B010F
The call stack is as follows
Execute.IdSSLSChannel.TIdSSLIOHandlerSocketSChannel.Clone
IdFTP.TIdFTP.InitDataChannel
IdFTP.TIdFTP.InternalGet('NLST .',$31BB180,False)
IdFTP.TIdFTP.List($31FC8E0,'.',False)
followed by
Execute.IdSSLSChannel.TIdSSLIOHandlerSocketSChannel.GetTargetHost
Execute.IdSSLSChannel.TIdSSLIOHandlerSocketSChannel.ConnectSSL
Execute.IdSSLSChannel.TIdSSLIOHandlerSocketSChannel.SetPassThrough(False)
In GetTargetHost, the Host property is now an ip address, not the original host name and therefore a CERT_E_CN_NO_MATCH error occurs when it revalidates the certificate.
When DataPortProtection is ftpdpsClear it works ok.
Stephen
Below is report from the VirusTotal, added all virus scanners detected something fishy (Or think so)
Is distributing the Binary necessary at the Repository it self. Maybe separate download would be better in anyways.
Ad-Aware Trojan.GenericKD.4921127
AhnLab-V3 Trojan/Win32.Scar.C1594560
ALYac Trojan.GenericKD.4921127
Arcabit Trojan.Generic.D4B1727
Avira ADWARE/Agent.btuqu
AVware Trojan.Win32.Generic!BT
BitDefender Trojan.GenericKD.4921127
CAT-QuickHeal Heur.Adware
Emsisoft Trojan.GenericKD.4921127 (B)
Endgame malicious (high confidence)
eScan Trojan.GenericKD.4921127
F-Secure Trojan.GenericKD.4921127
Fortinet Adware/Generic
GData Trojan.GenericKD.4921127
Kaspersky not-a-virus:HEUR:AdWare.Win32.Generic
Panda Trj/GdSda.A
Qihoo-360 Win32/Virus.Adware.b51
Rising Malware.Undefined!8.C (cloud:Vqnlvfk2J5S)
Symantec Trojan.Gen
TrendMicro TROJ_GEN.R0ADC0VDS17
TrendMicro-HouseCall TROJ_GEN.R0ADC0VDS17
VIPRE Trojan.Win32.Generic!BT
ZoneAlarm not-a-virus:HEUR:AdWare.Win32.Generic
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.