i have analyzed a site to see how data sent .. but i got some problem ..
the site use connect method to connect to site like this connet to "http://example.com:443" and there is no S in the http ..
there is no such method in Indy or clever compenents .. only post ,Get , put ..
this is a pic to understand me ..
so how i can use that connect method in indy or clever compenents .. !!
CONNECT is used to let a client connect to a target server through an HTTP proxy. This is most commonly used (but not limited) to proxying SSL connections, like those used for HTTPS.
Indy's TIdHTTP component uses CONNECT internally when you have configured a proxy Host:Port in the TIdHTTP.ProxyParams property and then:
request an HTTPS url.
request an HTTP url and have the hoNonSSLProxyUseConnectVerb flag enabled in the TIdHTTP.HTTPOptions property.
Indy also has a TIdConnectThroughHttpProxy component that can be used with Indy's other non-HTTP TCP clients to proxy connections through an HTTP proxy using CONNECT.
If I remember correctly, the following Synapse-based code would trigger a CONNECT to port 443 using the OpenSSL libraries...
procedure Test;
var HTTP:THTTPSend;
begin
HTTP:=THTTPSend.Create;
try
HTTP.Sock.CreateWithSSL(TSSLOpenSSL);
HTTP.Sock.SSLDoConnect; // CONNECT happens here
HTTP.HTTPMethod('GET','https://www.google.com/');
(...)
finally
HTTP.Free;
end;
end;
Related
I have a basic "Web Server Application" created by going to File > New > Web Server Application and choosing ISAPI Dynamic Link Library, which I am using to test Windows Authentication when running within IIS.
I have code that reads in the TWebRequest.Authorization property and decodes the string that is sent from IIS (which is usually Negotiate xxxxxxxxxxxx...) This all works when running the site without SSL. I can extract the username, password, domain and workstation name from the Type3 Message as per http://davenport.sourceforge.net/ntlm.html#type3MessageExample.
When SSL is enabled, it seems the string is somehow further encrypted and I get a mess of data from my code which as stated works when SSL is not enabled.
Could anyone tell me what I could be missing? I have not posted any code (but can) as I suspect this is not specific to my code but something to do with SSL that I am not aware of. And searching for answers to this has been somewhat uneventful as I am unaware of the correct terminology to use to get the to correct answers.
I am not so much looking for a "here is the answer" but a pointer in the correct direction would be most appriciated.
When not using SSL, the Negotiate value is: 'Negotiate TlRMTVNT....
When using SSL, the Negotiate value is: 'Negotiate oXcwdaADCgEBo......
Note on the Non-SSL version the string begins TlRMTVNT, this is what I would expect as that is the NTMLSSP signature Base64Encoded.
When you create a "Web Service Application" project, Delphi creates a TIdHTTPWebBrokerBridge object by default as Server :
type
TForm1 = class(TForm)
...
private
FServer: TIdHTTPWebBrokerBridge;
procedure StartServer;
...
end;
During the wizard of creating Web Service Application project, you have an option to use HTTPS :
By Activating this check-box, you will be prompted for information of a Certificate file :
You can search a bit about SSL Certificate files, but you can use OpenSSL to create a self-signed SSL Certificate, here are some useful explanations: https://www.cloudflare.com/learning/ssl/what-is-an-ssl-certificate/
And regarding using OpenSSL : How to generate a self-signed SSL certificate using OpenSSL?
Here are the OpenSSL binary file and Indy SSL required DLL files:
https://github.com/IndySockets/OpenSSL-Binaries
....
After creating your project by activating HTTPS option you will have some other things included by default, the main difference is that now the TIdHTTPWebBrokerBridge component is using a TIdServerIOHandlerSSLOpenSSL component as IO-Handler:
procedure TForm1.FormCreate(Sender: TObject);
var
LIOHandleSSL: TIdServerIOHandlerSSLOpenSSL;
begin
FServer := TIdHTTPWebBrokerBridge.Create(Self);
LIOHandleSSL := TIdServerIOHandlerSSLOpenSSL.Create(FServer);
LIOHandleSSL.SSLOptions.CertFile := '';
LIOHandleSSL.SSLOptions.RootCertFile := '';
LIOHandleSSL.SSLOptions.KeyFile := '';
LIOHandleSSL.OnGetPassword := OnGetSSLPassword;
FServer.IOHandler := LIOHandleSSL;
end;
You just need to make SSL Certificate files and put their addresses on OnCreate event as shown above, that IOHandler will handle SSL decryption
I have a program which uses a TIdHTTPServer. Now I want to write some automated tests using a TIdHTTP which talks to the TIdHTTPServer. The test code is in the program itself.
When the TIdHTTP tries to connect a 'Socket Error # 10061 Connection refused.' exception is raised. I'm guessing that's beacuse the TIdHTTPServer is using the port already.
Is it possible for a TIdHTTPServer and a TIdHTTP which are in the same executable to talk to each other at all? If so, how?
Yes, they can run in the same executable and connect to each other. Simply specify (one of) TIdHTTPServer's listening IP(s) in the URL that you pass to TIdHTTP, eg:
with IdHTTPServer1.Binding.Add do
begin
IP := '127.0.0.1';
Port := 80;
end;
IdHTTPServer1.Active := True;
...
IdHTTP1.Get('http://127.0.0.1/');
I am developed one application for sending files client to server using TCP/IP Components using SSL.
Error is Connection Timed Out is occurred when Sending Large Files at Server Side
Server Side (SSL)
idTCPServer1.IOHandler := IdServerIOHandlerSSLOpenSSL1;
OnExecute
Acontext.Connection.IOHandler.LargeStream := True;
Acontext.Connection.IOHandler.ReadStream(filestream,Filesize); // Error is occurred here.
End;
Client Side (SSL)
idTCPClient1.IOHandler := IdSSLIOHandlerSocketOpenSSL1;
idTCPClient1.IOHandler.LargeStream := True;
idTCPClient1.IOHandler.WriteStream(fms,-1,True);
Connection is established between Client & Server. When send the files after some time Connection Timed out is error is shown at server & at client application going to Not Responding .
Here another scenario is when i connect the Client & Server as Normal using IdIOHandlerStack1 (at Client Side) and server side not assign any Handler. Files transfered successfully with out any problem.
I am using Delphi2010 & Indy10.5.5, DLL Version is 0.9.8.18
anyone guide to me
There is no WriteStream() method, there is a TStream overload of the Write() method instead.
You are telling Write() to send the stream size as a 64-bit integer, but you are not telling ReadStream() to read the stream size, so presumably you have read the full 64-bit file size beforehand using ReadInt64(), correct?
Also, 10.5.5 is an outdated version of Indy. The current version is 10.5.9. Try upgrading to make sure you have all of the latest bug fixes and such, and then report back if you are still having problems.
I'm using the TIdSSLIOHandlerSocketOpenSSL Indy component in Delphi XE2 to send data to an SSL server (Apple Push Notification Service) over TCP. I've got it working to a degree but not sure if I'm going about it the best way. I'm doing the following :
Set the SSL properties inc. path to certificates
Call the .Open method to open the connection
Check the AType parameter in the OnStatusInfoEx event until I get a 'Handshake Done'
Send the data using .WriteDirect
Close the connection with .Close
Is there a better way to know when the connection is ready to send data? Does anybody have sample code using the TIdSSLIOHandlerSocketOpenSSL component directly over TCP? The samples I've found are mainly for HTTP calls where the TIdSSLIOHandlerSocketOpenSSL component is just attached to secure the connection.
Since you are using the client component, you only need to setup the certificates on the client if the server is going to authenticate the client's certificate.
Otherwise, set the TIdSSLIOHandlerSocketOpenSSL's SSLOptions.Mode to sslmClient, and you should be able to connect.
It's a good idea to enable the VerifyMode and use the OnVerifyPeer event on the socket component to verify the fingerprint on the server certificate in order to avoid man in the middle attacks.
Depending on your version of Indy, you may need to set the SSLOptions Method to sslvTLSv1. Some web servers no longer support SSLv2, which Indy 9 defaults to.
Here's some sample code that demonstrates retrieving a web page over SSL using the TCP component:
procedure TForm1.Button1Click(Sender: TObject);
var
s: String;
begin
IdTCPClient1.Host := 'example.com';
IdTCPClient1.Port := 443;
IdTCPClient1.Connect;
IdTCPClient1.WriteLn('GET / HTTP/1.1');
IdTCPClient1.WriteLn('Host: example.com');
IdTCPClient1.WriteLn('');
// Retrieve all the data until the server closes the connection
s := IdTCPClient1.AllData;
Memo1.Lines.Add(s);
end;
Don't forget to include the OpenSSL libraries libeay32.sll and ssleay32.dll in the same folder as your EXE on Windows. Use the standard (latest) binaries for Indy 10.
This is what works for me. I am using Delphi 2010, but it this probably works just as well on Delphi XE2 (not tested). I use the current tip revision of Indy, which is revision 4774, rather that the out-of-the-box version.
I have 3 components on a datamodule or webmodule:
TIdHTTP
TIdSSLIOHandlerSocketOpenSSL
TidCookieManager
Hook all the components up to each other at design-time, with the following change at run-time: If the protocol is plain http:, then disconnect the TIdSSLIOHandlerSocketOpenSSL component. If the protocol is https:, then set the Handler property of the IdHTTP to the IdSSLIOHandlerSocketOpenSSL.
In the SSL Options, set method to sslvSSLv23 and SSLVersions to [sslvSSLv2,sslvSSLv3,sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2]. I found that other permutations these properties just did not work. I can't explain it. I just know that this works with a wide range of webservers.
From there it is dead easy. To GET, simple call the Get() method on the TIdHTTP. For POST, call Post(). Parameters and Cookies are accessible by obviously named properties.
I had a lot of trouble get the out-of-the-box version to POST correctly, but with the tip revision, and setting the options as I mentioned, its been a breeze.
This is my Form1.FormCreate code:
GoodWB:=TEmbeddedWB.Create(Form1);
TWinControl(GoodWB).Name :='NetPartBmb';
TWinControl(GoodWB).Parent := Form1;
GoodWB.SetBounds(0,50,300,300);
//GoodWB.ProxySettings.SetProxy('','83.137.53.190:8080','<local>');
//GoodWB.ProxySettings.AutoLoadProxy:=true;
GoodWB.Navigate('www.google.com');
EmbeddedWB performs weirdly. When I try to load a page it throws an error like if I was not online.
But if I uncomment those proxy settings (The proxy 83.137.53.190:8080 is a fully functionating proxy btw) then it works, but with that proxy. It seems like it uses some unknown proxy. How can I disable the proxy and work with my own IP?
BTW: This wasn't happening before and I have also been setting proxies with it before but then I have removed all the proxy code parts so I have no idea what is causing this when there are no codes for proxy settings.
I don't know how TEmbeddedWB works, but in TWebBrowser you have to pass a full URL to Navigate(), not just the hostname by itself:
GoodWB.Navigate('http://www.google.com');
If you want to connect to an IP address instead of a hostname, you still would need to specify the protocol scheme:
GoodWB.Navigate('http://TheIPHere');