I'm trying to post on a web service via TIdHTTP (Indy) using Delphi 5, and whenever i call the post method, it returns an "Error connecting with SSL error" exception.
This is the code i'm trying to run
FHandle := TIdSSLIOHandlerSocket.Create(nil);
FHandle.SSLOptions.Method := sslvTLSv1;
IdHttp.IOHandler := FHandle;
IdHttp.HandleRedirects := True;
IdHTTP.Request.CustomHeaders.Add('Content-Type: application/json');
IdHttp.Request.ContentType := 'application/json';
Load();
vAux := TMemoryStream.Create();
try
WriteStringToStream(vAux, edJson.Text);
vAux.Position := 0;
vRet := IdHTTP.Post(edHost.Text, vAux);
finally
vAux.Free();
end;
It seems that no matter what i change in CustomHeaders or any other property, the same error happens.
I try changing de SSLOption.Method to all the available ones, but i can't get it to work.
Any suggestion for me to try?
I figured it out what the problem was. It was a certificate file that was faulty on the CertFile property from TIdSSLIOHandlerSocket component and i didn't even realized it was there. After pointing out to the right certificate file everything worked out smoothly. Thank you guys for the insights!
Related
I have a project that still works on Windows 10, and it was working on Windows 11. But, after I installed updates for Windows 11 (not 22H2):
I now get an error:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure.
My setup is Indy 10.6.2.5263, OpenSSL 1.0.2u, Delphi XE8, and I am using the following code:
CInitialized := false;
idHttpC := TIdHTTP.Create(nil);
idHttpC.ConnectTimeout := 80000;
idHttpC.ReadTimeout := 80000;
idHttpC.AllowCookies := true;
// config Redirect's
idHttpC.RedirectMaximum := 35;
idHttpC.HandleRedirects := true;
idHttpC.HTTPOptions := [hoTreat302Like303, hoKeepOrigProtocol];
idHttpC.OnRedirect := IdHTTP1Redirect;
// create Cookie's
idCookieC := TIdCookieManager.Create(IdHttpC);
idHttpC.CookieManager := idCookieC;
// create gzip Compressor
idHttpC.Compressor := TIdCompressorZLib.Create(idHttpC);
// create OpenSSL
lIOHandlerC := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
lIOHandlerC.SSLOptions.Mode := sslmClient;
lIOHandlerC.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
idHttpC.IOHandler := lIOHandlerC;
On my request:
Result := idHttpC.Get('https://leinestern.de/');
I get:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure.
What's is wrong here? Maybe I have to change some new settings?
I am not using any antivirus or firewall, the built-in antivirus and firewall are disabled.
i updated Indy from GitHub and it's working again.
I'm trying to POST to a https Web service from Delphi 7. Initially the error was "Unable to Load SSL library". So placed ssleay32.dll & libeay32.dll (from indy_openssl096k.zip in https://indy.fulgan.com/SSL/Archive/) in the folder containing my executable.
Now the error is "Error connecting to SSL". In the exception, I also used WhichFailedToLoad() function and below is also reported
"Failed To Load: EVP_md5 X509_digest X509_NAME_hash"
From different sites, I could understand, above functions is part of libeay32.dll. But why is this still reported as FailedToLoad ?
I saw suggestions that updating to Indy10 ca solve this. But the applications I'm working on uses Indy functions on large number of modules and I don't want to cause any issues if Indy update fails. Is there anyway to resolve this error with Indy9. Any help is greatly appreciated.
I have been trying to find out a solution for the past few days and can't get one. Could someone kindly help me please ?
My Code
Protocol := TIdHTTP.Create(nil);
try
jsonToSend := TStringList.create;
Id_HandlerSocket := TIdSSLIOHandlerSocket.create(nil);
Id_HandlerSocket.SSLOptions.Method := sslvTLSv1;
Id_HandlerSocket.SSLOptions.Mode := sslmClient;
Id_HandlerSocket.SSLOptions.VerifyMode := [];
Id_HandlerSocket.SSLOptions.VerifyDepth := 0;
try
jsonToSend.Add('{"Branch":"' + branch + '", "Country":"' + country + '"}');
Protocol.IOHandler := Id_HandlerSocket;
Protocol.Request.ContentType := 'application/json';
Protocol.Request.Accept := '*/*';
Protocol.Post(ServerURL,jsonToSend);
except
on E:EIdOSSLConnectError do
begin
showmessage(E.Message);
showmessage('Failed to Load: ' + IdSSLOpenSSLHeaders.WhichFailedToLoad);
end;
end;
finally
Protocol.Destroy;
Id_HandlerSocket.Free;
jsonToSend.Destroy;
end;
My question is: why gmail gives me that error:
Username and Password not accepted. Learn more at
http://support.google.com/mail/bin/answer.py?answer=14257 lp8sm18275694wic.17 - gsmtp
I tried everything, whole bunch of options: SSL, TSL, SASL and still nothing. Somewhere I found that google demands some OAUTH2 SASL method wchich is to be done in Indy.
Of course on Delphi 6 and Indy 9 with proper eay dlls on port 465 with ssl works fine.
Anyone has some idea what to do with that?
O course I installed http://slproweb.com/products/Win32OpenSSL.html i anyone asked...
here is the code:
procedure send(Recipientemail, AccountName, Pass, EmailSMTP,EmailPortNo :string);
var
lTextPart: TIdText;
lImagePart: TIdAttachmentfile;
IdSMTP1: TIdSMTP;
IdMsg: TIdMessage;
SSLHandler:TIdSSLIOHandlerSocketOpenSSL;
IdUserPassProv1: TIdUserPassProvider;
IdSASLLogin1: TIdSASLLogin;
IdSASLCRAMMD5: TIdSASLCRAMMD5;
IdSASLCRAMSHA1: TIdSASLCRAMSHA1;
IdSASLPlain: TIdSASLPlain;
IdSASLLogin: TIdSASLLogin;
IdSASLSKey: TIdSASLSKey;
IdSASLOTP: TIdSASLOTP;
IdSASLAnonymous: TIdSASLAnonymous;
IdSASLExternal: TIdSASLExternal;
begin
IdSMTP1:=TIdSMTP.Create(nil);
IdMsg:=TIdMessage.Create(nil);
IdSMTP1.Host:=EmailSMTP;
IdSMTP1.Port:=EmailPortNo;
//IdSMTP1.Username:=trim(AccountName);//tried with or without
//IdSMTP1.Password:=trim(Pass);//tried with or without
TIdSSLContext.Create.Free;
SSLHandler:=TIdSSLIOHandlerSocketOpenSSL.Create(IdSMTP1);
SSLHandler.SSLOptions.Method := sslvSSLv3;
SSLHandler.SSLOptions.Mode := sslmClient;
IdSMTP1.IOHandler := SSLHandler;
if (IdSMTP1.port = 465) then
IdSMTP1.UseTLS := utUseImplicitTLS
else
IdSMTP1.UseTLS := utUseExplicitTLS;
IdSASLLogin1:=TIdSASLLogin.Create(IdSMTP1);
IdUserPassProv1:=TIdUserPassProvider.Create(IdSMTP1);
IdUserPassProv1.Password:=trim(EmailHasloKonta);
IdUserPassProv1.Username:=trim(EmailNazwaKonta);
IdSMTP1.AuthType:=satSASL;
IdSASLCRAMSHA1 := TIdSASLCRAMSHA1.Create(idSMTP1);
IdSASLCRAMSHA1.UserPassProvider := IdUserPassProv1;
IdSASLCRAMMD5 := TIdSASLCRAMMD5.Create(idSMTP1);
IdSASLCRAMMD5.UserPassProvider := IdUserPassProv1;
IdSASLSKey := TIdSASLSKey.Create(idSMTP1);
IdSASLSKey.UserPassProvider := IdUserPassProv1;
IdSASLOTP := TIdSASLOTP.Create(idSMTP1);
IdSASLOTP.UserPassProvider := IdUserPassProv1;
IdSASLAnonymous := TIdSASLAnonymous.Create(idSMTP1);
IdSASLExternal := TIdSASLExternal.Create(idSMTP1);
IdSASLLogin := TIdSASLLogin.Create(idSMTP1);
IdSASLLogin1.UserPassProvider:=IdUserPassProv1;
IdSASLPlain := TIdSASLPlain.Create(idSMTP1);
IdSASLPlain.UserPassProvider := IdUserPassProv1;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLCRAMSHA1;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLCRAMMD5;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLSKey;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLOTP;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLAnonymous;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLExternal;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLLogin1;
IdSMTP1.SASLMechanisms.Add.SASL := IdSASLPlain;
IdMsg.CharSet:=CmbEncod.Text;
IdMsg.From.Address:=EmailAdresNadawcy;
IdMsg.From.Name:=ToISO_8859_2(true, EmailNadawca);
IdMsg.Recipients.Add.Address:=email;
if EmailDoWiad<>'' then IdMsg.BccList.Add.Address:=EmailDoWiad;
IdMsg.ContentType:='multipart/relative';//; charset='+CmbEncod.Text;
IdMsg.Subject:=ifthen(TytulEmaila='',translate('Potwierdzenie rezerwacji'),TytulEmaila);
IdMsg.Body.Clear;
IdMsg.Body.Text:='';
lTextPart := TIdText.Create(IdMsg.MessageParts);
lTextPart.Body.text:='Some body text';
lTextPart.ContentType := 'text/plain';
try
IdSMTP1.Connect;
//IdSMTP1.Authenticate; //tried with or without
try
try
IdSMTP1.Send(IdMsg);
except
on e: exception do
MessageDlg('Sending error:'#13+
e.message,
mtinformation,[mbok],0);
end;
finally
IdSMTP1.Disconnect;
end;
finally
IdSMTP1.Disconnect;
IdUserPassProv1.free;
IdSASLLogin1.free;
IdSASLCRAMMD5.free;
IdSASLCRAMSHA1.free;
IdSASLPlain.free;
IdSASLLogin.free;
IdSASLSKey.free;
IdSASLOTP.free;
IdSASLAnonymous.free;
IdSASLExternal.free;
lTextPart.Free;
lImagePart.Free;
SSLHandler.free;
IdSMTP1.Free;
IdMsg.Free;
SSLHandler.Free;
end;
end;
Using the latest Indy version (10.6.1), I can successfully connect and authenticate TIdSMTP to Gmail using Indy's SASL components with both SSL (UseTLS=utUseImplicitTLS on port 465) and TLS (UseTLS=utUseExplicitTLS on port 587) using similar code to what you have shown. Despite popular belief, OAUTH2 is not required yet.
The fact that you are getting a human-readable authentication error means the SSL/TLS portion is working fine, so this is strictly a SASL issue.
If your Gmail account is using 2-step verification, make sure you have created an Application Password in your Gmail account settings, you cannot use your primary Gmail password. Read Gmail's documentation for more details:
Application-specific password required
Sign in using App Passwords
With that said, the only changes I would suggest you make to the code you have showed are:
setting the UseTLS property may change the Port property value, so you should set UseTLS first and then set the Port to the desired value afterwards:
if (EmailPortNo = 465) then
IdSMTP1.UseTLS := utUseImplicitTLS
else
IdSMTP1.UseTLS := utUseExplicitTLS;
IdSMTP1.Port := EmailPortNo;
you do not need to create and destroy a TIdSSLContext object, so get rid of that. The only reason to create a TIdSSLContext manually is so it can call the IdSSLOpenSSL.LoadOpenSSLLibrary() function, which is public so you can call it directly if needed (which you don't really need to in this situation).
multipart/relative is not a valid ContentType. Did you mean multipart/related instead? Your TIdMessage does not contain multiple parts so you should not be using multipart ContentType to begin with.
Most of your calls to Free() are redundant since you assigned the TIdSMTP as the Owner for everything except the TIdMessage. You don't need to free the SASL components manually, you can let TIdSMTP do that for you.
you are calling IdSMTP1.Disconnect() twice. You don't need that.
Here is the solution:
After all tries is seems to I have had the wrong version of two dlls libeay.dll and ssleay.dll.
Here is my Issue. I'm using Delphi 5 and Indy 9. I have no option to upgrade either at the moment. I am trying to send an email via gmail, and i hard code the string as 'smtp.google.com' it works just fine. however, if smtp.host is getting the host name from a variable it fails with error 11001, and i havent been able to figure out why. I'm new using indy so i'm probably missing something silly, but i don't understand why it could accept a string as the host, but not a variable holding the string. (It's got to be a variable because i need to pass the procedure different SMTP hosts based on the user signed in. Here is the code:
procedure TFormEmail.SendSimpleMail(ToEmail, MyAttachment: string);
var
Msg: TIdMessage;
DestAddr: TIdEmailAddressItem;
SMTP: TIdSMTP;
SSLHandler : TidSSLIOHandlerSocket;
Attachment: TIdAttachment;
SMTPHost1 :string;
begin
Msg := idMessage1;
Msg.From.Text := EmailName(My_User);
Msg.From.Address := EmailAddress(My_User);
msg.Subject := 'Test';//email subject
DestAddr := Msg.Recipients.Add;
DestAddr.Text := '';//receiver's name (optional)
DestAddr.Address := ToEmail;//where its going
Msg.Body.Add(edtEmailBody.text); //email body
SMTP := IdSMTP1;
SMTP.IOHandler := idSSLIOHandlerSocket1;
SMTPhost1 := SMTPHost(My_User);
SMTPhost1 := 'smtp.google.com';
//SMTP.Host := SMTPhost1; //<--FAILS
SMTP.Host := 'smtp.google.com'; //<--SUCCEEDS
SMTP.Port := SMTPPort(My_User);
SMTP.AuthenticationType := atLogin; //error here (2 error)
SMTP.Username := EmailAddress(My_User);
SMTP.Password := SMTPPassword(My_User);
If not empty(MyAttachment) then
Attachment := TIdAttachment.Create(Msg.MessageParts, MyAttachment);//loads Att
Try
SMTP.Connect;
except
SMTP.Connect;//refire if exception (issue with INDY)
end;
if useSSL(My_User) then
SMTP.SendCmd('STARTTLS');//load TLS
SMTP.Authenticate;
SMTP.Send(Msg);
SMTP.Disconnect;//disconnect from server
end;
I marked the one that fails and the one that succeeds, but i don't understand what i'm doing wrong. Any help would be appreciated
Seems you have more issues in one question, I can only help you with one.
I had the same issue with Connect, I simply called the Load method from IdSSLOpenSSLHeaders.
Try the following:
SMTP := IdSMTP1;
IdSSLOpenSSLHeaders.Load;
SMTP.IOHandler := idSSLIOHandlerSocket1;
I have a delphi code that basically upload files to remote secure server using Indy 10.4.704:
IdHTTP := TIdHTTP.Create(nil);
try
TheCompressor := TIdCompressorZLib.Create(nil);
TheSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
with IdHTTP do
begin
HTTPOptions := [hoForceEncodeParams];
AllowCookies := True;
HandleRedirects := True;
ProtocolVersion := pv1_1;
IOHandler := TheSSL;
Compressor := TheCompressor;
end; // with
// Get upload resume offset
try
IdHttp.Head('https://www.domain.com/my-file.bin');
if (IdHttp.Response.ResponseCode <> 404) And (IdHttp.Response.ContentLength >= 0) then
StartPos := IdHttp.Response.ContentLength
else
StartPos := 0;
except
StartPos := 0;
end; // try/except
// Upload File
TheFile := TFileStream.Create(FileName, fmOpenRead OR fmShareDenyWrite);
RangeStream := TIdHTTPRangeStream.Create(TheFile, StartPos, -1, True);
try
if (RangeStream.ResponseCode = 206) then
IdHTTP.Post(https://www.domain.com/upload.php', RangeStream);
finally
RangeStream.Free;
end; // try/finally
finally
FreeAndNil(IdHTTP);
end; // try/finally
The problem is that sometimes the code fails with Indy throwing a EIdSocketError Socket Error # 0 exception (idHTTP.ResponseCode is -1)
Given my crappy internet connection, I launched an EC2 windows instance and tested my code on it (the windows instance is running on the cloud, so I assume connection is not a problem), yet I got the same issue!
The error seems to be random, sometimes upload works, sometimes not. I debugged with TidLogFile, all I could find is something like this:
Stat Connected.
Sent 4/26/2012 4:18:42: POST /app/upload.php...
Sent 4/26/2012 4:18:42: <uploaded_file_data_here>
Stat Disconnected.
Anyone knows what's causing this/how to fix this?
EDIT
I traced the exception back to TIdSSLIOHandlerSocketOpenSSL. I googled a lot, it seems that it's not an SSL error.
Please upgrade to the latest Indy 10 version, which is 10.5.8 r4743. SSL-related issues with Error Code 0 were fixed over a year ago.