I have a delphi code that basically upload files to remote secure server using Indy 10.4.704:
IdHTTP := TIdHTTP.Create(nil);
try
TheCompressor := TIdCompressorZLib.Create(nil);
TheSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
with IdHTTP do
begin
HTTPOptions := [hoForceEncodeParams];
AllowCookies := True;
HandleRedirects := True;
ProtocolVersion := pv1_1;
IOHandler := TheSSL;
Compressor := TheCompressor;
end; // with
// Get upload resume offset
try
IdHttp.Head('https://www.domain.com/my-file.bin');
if (IdHttp.Response.ResponseCode <> 404) And (IdHttp.Response.ContentLength >= 0) then
StartPos := IdHttp.Response.ContentLength
else
StartPos := 0;
except
StartPos := 0;
end; // try/except
// Upload File
TheFile := TFileStream.Create(FileName, fmOpenRead OR fmShareDenyWrite);
RangeStream := TIdHTTPRangeStream.Create(TheFile, StartPos, -1, True);
try
if (RangeStream.ResponseCode = 206) then
IdHTTP.Post(https://www.domain.com/upload.php', RangeStream);
finally
RangeStream.Free;
end; // try/finally
finally
FreeAndNil(IdHTTP);
end; // try/finally
The problem is that sometimes the code fails with Indy throwing a EIdSocketError Socket Error # 0 exception (idHTTP.ResponseCode is -1)
Given my crappy internet connection, I launched an EC2 windows instance and tested my code on it (the windows instance is running on the cloud, so I assume connection is not a problem), yet I got the same issue!
The error seems to be random, sometimes upload works, sometimes not. I debugged with TidLogFile, all I could find is something like this:
Stat Connected.
Sent 4/26/2012 4:18:42: POST /app/upload.php...
Sent 4/26/2012 4:18:42: <uploaded_file_data_here>
Stat Disconnected.
Anyone knows what's causing this/how to fix this?
EDIT
I traced the exception back to TIdSSLIOHandlerSocketOpenSSL. I googled a lot, it seems that it's not an SSL error.
Please upgrade to the latest Indy 10 version, which is 10.5.8 r4743. SSL-related issues with Error Code 0 were fixed over a year ago.
Related
I have a project that still works on Windows 10, and it was working on Windows 11. But, after I installed updates for Windows 11 (not 22H2):
I now get an error:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure.
My setup is Indy 10.6.2.5263, OpenSSL 1.0.2u, Delphi XE8, and I am using the following code:
CInitialized := false;
idHttpC := TIdHTTP.Create(nil);
idHttpC.ConnectTimeout := 80000;
idHttpC.ReadTimeout := 80000;
idHttpC.AllowCookies := true;
// config Redirect's
idHttpC.RedirectMaximum := 35;
idHttpC.HandleRedirects := true;
idHttpC.HTTPOptions := [hoTreat302Like303, hoKeepOrigProtocol];
idHttpC.OnRedirect := IdHTTP1Redirect;
// create Cookie's
idCookieC := TIdCookieManager.Create(IdHttpC);
idHttpC.CookieManager := idCookieC;
// create gzip Compressor
idHttpC.Compressor := TIdCompressorZLib.Create(idHttpC);
// create OpenSSL
lIOHandlerC := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
lIOHandlerC.SSLOptions.Mode := sslmClient;
lIOHandlerC.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
idHttpC.IOHandler := lIOHandlerC;
On my request:
Result := idHttpC.Get('https://leinestern.de/');
I get:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure.
What's is wrong here? Maybe I have to change some new settings?
I am not using any antivirus or firewall, the built-in antivirus and firewall are disabled.
i updated Indy from GitHub and it's working again.
I'm trying to post on a web service via TIdHTTP (Indy) using Delphi 5, and whenever i call the post method, it returns an "Error connecting with SSL error" exception.
This is the code i'm trying to run
FHandle := TIdSSLIOHandlerSocket.Create(nil);
FHandle.SSLOptions.Method := sslvTLSv1;
IdHttp.IOHandler := FHandle;
IdHttp.HandleRedirects := True;
IdHTTP.Request.CustomHeaders.Add('Content-Type: application/json');
IdHttp.Request.ContentType := 'application/json';
Load();
vAux := TMemoryStream.Create();
try
WriteStringToStream(vAux, edJson.Text);
vAux.Position := 0;
vRet := IdHTTP.Post(edHost.Text, vAux);
finally
vAux.Free();
end;
It seems that no matter what i change in CustomHeaders or any other property, the same error happens.
I try changing de SSLOption.Method to all the available ones, but i can't get it to work.
Any suggestion for me to try?
I figured it out what the problem was. It was a certificate file that was faulty on the CertFile property from TIdSSLIOHandlerSocket component and i didn't even realized it was there. After pointing out to the right certificate file everything worked out smoothly. Thank you guys for the insights!
I tried with Indy component to send email in XE2, and it works fine on my laptop that I compiled my project on.
But if I take my exe project to another PC, it shows an error message
Connection closed gracefully
or, sometimes I get
SSL Negotiation failed
Actually I tried many times to solve my problem, but I can't.
This is my code - where is my mistake? I need a practical solution.
procedure Gmail(username, password, totarget, subject, body :string);
var
DATA : TIdMessage;
SMTP : TIdSMTP;
SSL : TIdSSLIOHandlerSocketOpenSSL;
result:Boolean;
begin
try
SMTP := TIdSMTP.Create(nil);
DATA := TIdMessage.Create(nil);
SSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
SSL.Destination := 'smtp.gmail.com:587';
SSL.Host := 'smtp.gmail.com';
// SSL.MaxLineAction.maException;
SSL.Port:= 587;
SSL.SSLOptions.Method := sslvTLSv1;
SSL.SSLOptions.Mode := sslmUnassigned;
SSL.SSLOptions.VerifyMode := [];
SSL.SSLOptions.VerifyDepth := 0;
DATA.From.Address := username;
DATA.Recipients.EMailAddresses := totarget;
DATA.Subject := subject;
DATA.Body.Text := body;
if FileExists('D:\Test1.txt') then
TIdAttachmentFile.Create(DATA.MessageParts, 'D:\Test1.txt');
SMTP.IOHandler := SSL;
SMTP.Host := 'smtp.live.com';
SMTP.Port := 587 ;
SMTP.Username := username;
SMTP.Password := password;
// SMTP.SASLMechanisms;
SMTP.UseTLS := utUseExplicitTLS;
try
try
SMTP.Connect;
SMTP.Send(DATA);
Result := True;
except
on E:Exception do
begin
ShowMessage('Cannot send E-Mail: ' + E.Message);
Result := False;
end;
end;
finally
if SMTP.Connected then SMTP.Disconnect;
end;
except
on E : Exception do
begin
ShowMessage('Error in the function SendEmailDelphi: ' + E.Message);
Result := False;
end;
end;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
Timer1.Enabled:= True;
end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
mail_username := 'email#gmail.com';
mail_password := 'pass';
mail_to := 'email#gmail.com';
mail_subject := 'Text email from Delphi project';
mail_body := 'this is a test email sent from Delphi project, do not reply';
try
begin
Gmail(mail_username, mail_password, mail_to , mail_subject, mail_body);
end;
finally
end;
end;
DO NOT set the SSL.Destination, SSL.Host, or SSL.Port properties manually! TIdTCPClient.Connect() handles that for you. Besides, don't you think it's odd that you are setting SSL.Destination/Host to smtp.gmail.com but are setting SMTP.Host to smtp.live.com instead? Gmail and Live are not the same service provider.
Also, SSL.SSLOptions.Mode should be set to sslmClient instead of sslmUnassigned. Not too important, TIdSSLIOHandlerSocketOpenSSL will simply flip it when it configures the connection. But you should do it anyway, since you know your code is acting as a client.
And lastly, try setting SMTP.UseTLS before setting SMTP.Port, as setting UseTLS may change the Port, so you want to make sure you are really connecting to the correct port you are expecting.
With that said, the SSL Negotiation failed error means the TLS handshake was started but failed part-way through the negotiation. Try assigning handlers to TIdSSLIOHandlerSocketOpenSSL's OnStatusInfo/Ex events to see how far the handshake is actually getting. And if you are using a relatively modern version of Indy 10, try looking at the raised exception's InnerException property, it might give you a clue as to what went wrong before the EIdTLSClientTLSHandShakeFailed exception was raised afterwards.
I have this delphi code that basically download files from a secure server (using Indy build 10.5.8 r4743 if I'm not mistaken):
The problem is: I'm getting random "Socket Error # 0" exceptions that I couldn't get fix or even understand:
Project MyProject.exe raised exception class EIdSocketError with message 'Socket Error # 0
Stack is here, pascal code is:
IdHTTP := TIdHTTP.Create(nil);
TheSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
TheCompressor := TIdCompressorZLib.Create(nil);
TheCookieManager := TIdCookieManager.Create(IdHTTP);
try SetupWebComponents(IdHTTP, TheSSL, TheCompressor, TheCookieManager); except end;
TheCookieManager.OnNewCookie := MainForm.SyncNewCookie;
// Go!
Stream := TMemoryStream.Create;
try
IsError := False;
try
with IdHTTP do
begin
OnWork := MainForm.IdHTTPWork_Download;
try
try
IsNewFile := (Not FileExists(LocalFile));
if IsNewFile then
TheFile := TFileStream.Create(LocalFile, fmCreate)
else
// File already exist, resume download
TheFile := TFileStream.Create(LocalFile, fmOpenReadWrite);
DoExit := False;
// Use [ Request.Referer ] it to pass VersionGUID to Work event (to record download progress in db)
Request.Referer := VersionGUID;
repeat
// Get resume byte
if IsNewFile then
begin
ResumeByte := 0;
IsNewFile := False;
end
else
ResumeByte := GetResumeByteFromDB();
if FileExists(LocalFile) then
begin
// File already exist, resume download
DoExit := (ResumeByte >= TheFileSize);
TheFile.Seek(ResumeByte, soFromBeginning);
end;
// Save ResumeByte, it will be used to record download progress in db & eventually use it to resume downloads)
IdHTTP.Tag := ResumeByte;
Request.Range := IntToStr(ResumeByte) + '-';
Get(TheURL, TheFile);
IsError := (Not (ResponseCode in [200, 206])) OR (Pos('login', URL.Document) <> 0);
// Break if there's any error (to allow retrying later in a clean fashion)
if IsError then
Break;
until DoExit;
Disconnect;
except
if (ResponseCode = 404) then
begin
// File doesn't exist, get out
Result := False;
Exit;
end;
end; // try/except
finally
FreeAndNil(TheFile);
end; // try/finally
end; // with
except
IsError := True;
end; // try/except
finally
Stream.Free;
end;
I posted a similar question some time ago, but that was regarding upload, not download. The code was fixed since then with the kind help of SO members, and the same code (used to deal with cookies, re-login, etc...) is being used now so I assume the problem is really in the download procedure shown above
Can someone please take a look at this tell me what I'm doing wrong?
Just like with your other question, you should upgrade to a more recent version, if possible, and verify the problem still occurs before then asking for help. The current version is 10.5.9 r4861.
Using Delphi XE2, Indy 10 that ships with it and OpenSSL dll's version 1.0.1c.
We are in the final stages of converting our Delphi 6 project to Delphi XE2.
We have solved every show stopper so far but I am running into one trying to connect to Gmail smtp server.
Our Delphi 6 app works fine using SSL v2.3 and SSL v3 and Indy 9 components connecting to port 465 per Google's own documentation. Google Support
Our Delphi XE2 app does not connect at all. The call to connect goes into the ether and nothing happens for some 7 minutes until I get bored waiting for the thing to timeout and kill it off. I actually traced the program execution all the way to the IdWinsock2 funcion here:
function Stub_select(nfds: Integer; readfds, writefds, exceptfds: PFDSet; timeout: PTimeVal): Integer; stdcall;
begin
#select := FixupStub(hWinSockDll, 'select'); {Do not Localize}
Result := select(nfds, readfds, writefds, exceptfds, timeout);//<-this line never returns and timeout is always nil
end;
I need to maintain the old SSL connectivity for existing users' configurations.
New users will be able to connect using TLS (to port 587) and that DOES work!?!?
I am at a loss as to why the non-TLS SSL options do not work and do not report any error and do not time out but just go off to Never-Never Land. Please help!
TJ
Here is the code:
SMTPClient.Host := trim(EditSMTPServer.Text);
SMTPClient.Port := EditSMTPServerPort.AsInteger;//<- value from custom edit box
SMTPClient.Username := trim(EditSMTPLogon.Text);
SMTPClient.Password := trim(EditSMTPPassword.Text);
SMTPClient.AuthType := satDefault;
if CheckBoxUseSSL.Checked then begin
SMTPClient.IOHandler := IdSSLIOHandlerSocket1;
IdSSLIOHandlerSocket1.ReadTimeout := 30000;//30 second timeout which does not appear to work
case ComboBoxSSLMode.ItemIndex of
0 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv2;
1 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv23;
2 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv3;
3 : begin
IdSSLIOHandlerSocket1.SSLOptions.Method := sslvTLsv1;
SMTPClient.UseTLS := utUseImplicitTLS;
end;
end;//case
IdSSLIOHandlerSocket2.SSLOptions.Method := IdSSLIOHandlerSocket1.SSLOptions.Method;
IdSSLIOHandlerSocket2.PassThrough := False;
end
else begin
SMTPClient.IOHandler := nil;
end;
try
SMTPClient.Connect;
if SMTPClient.Connected then begin
if SMTPClient.Authenticate then begin
... do some work ...
end;
end;
except
on e:Exception do begin
showmessage(e.message);
end;
end;
EDIT:
As usual, after I post a question I have stumbled across a workaround.
If I set the UsetTLS property to utUseImplicitTLS for all NON-SSL transactions and set it to utUseExplicitTLS for TLS transactions my connections appear to work in a timely manner.
Hopefully this helps someone out.
updated code:
if CheckBoxUseSSL.Checked then begin
SMTPClient.IOHandler := IdSSLIOHandlerSocket1;
SMTPClient.UseTLS := utUseImplicitTLS;
case ComboBoxSSLMode.ItemIndex of
0 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv2;
1 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv23;
2 : IdSSLIOHandlerSocket1.SSLOptions.Method := sslvSSLv3;
3 : begin
IdSSLIOHandlerSocket1.SSLOptions.Method := sslvTLsv1;
SMTPClient.UseTLS := utUseExplicitTLS;
end;
end;//case
IdSSLIOHandlerSocket2.SSLOptions.Method := IdSSLIOHandlerSocket1.SSLOptions.Method;
IdSSLIOHandlerSocket2.PassThrough := False;
end
else begin
SMTPClient.UseTLS := utNoTLSSupport;//reset TLS support flag
SMTPClient.IOHandler := nil;
end;
What you discovered is what you are supposed to be doing. SSL and TLS have different semantics, so you have to set UseTLS accordingly.
For SSL on port 465, the server expects your client to initiate an SSL handshake immediately upon connecting, before the server then sends an encrypted Greeting. UseTLS=utUseImplicitTLS does that, but UseTLS=utUseExplicitTLS does not. When UseTLS=utUseExplicitTLS, TIdSMTP will expect the server to send an unencrypted Greeting immediately, which would explain the hang in select() - the server is not sending any data!
For TLS on port 587, the server is expecting the client to connect initially unencrypted and then send an explicit STARTTLS command when it is ready to initiate encryption. UseTLS=utUseExplicitTLS does that, but UseTLS=utUseImplicitTLS does not.