Piotr Dałek wrote:
> Hello!
>
>> Piotr Dałek wrote:
>>> Hi!
>>>
>>> This drives me crazy. I can estabilish standard, unencrypted
>>> connection with any non-SSL server and successfully transfer data,
>>> and I can estabilish unencrypted connection, estabilish SSL/TLS
>>> session (via means similiar
>>> to STARTTLS in POP3/SMTP), then communicate in both ways. But if I
>>> want
>>> to estabilish direct SSL/TLS (not STARTTLS) connection, I succed
>>> only in handshaking and receiving first server's response after SSL
>>> handshake - ie. the first line (banner) after handshaking. Then I
>>> can't send anything. No matter what I use, data are sent to buffers,
>>> my_BIO_ctrl([..] BIO_CTRL_FLUSH [..]) returns success but data
>>> aren't really sent (checked with external sniffer), and I get no
>>> notification of data being sent out. SSL'ised versions of TPop3Cli
>>> and TSmtpCli don't work either. Any ideas what may be wrong? I'm
>>> struggling with this for two days now.
>
>> Have you tried the SslMailSnd demo yet? If not please try.
>
> Already tried, doesn't work.
>
>> I just tested with gmail succesfully. Is this ICS v6?
>
> ICS V5.
In v5 there are two basic fixes still missing, also the TSslSmtpCli has been
rewritten
in v6 and the TSslPop3Cli is available in v6 and better only, same applies to
the
working demo applications. I strongly suggest to upgrade to ICSv6, it's very
easy,
all you need of course is D7 or better. ICS-SSL v5 is unmaintained since more
than
one year. I currently do not believe that somebody will continue it.
Anyway, here are the two basic fixes, however I guess the problem is somewhere
else:
1)[ICS-SSL] Fix: SessionClosed may trigger twice
In (OverbyteIcs)WSocketImplSsl.inc change:
procedure TCustomSslWSocket.Do_FD_CLOSE(var Msg: TMessage);
[..]
<== //if (not FCloseInvoked) and
==> if (FHSocket <> INVALID_SOCKET) and (not FCloseInvoked) and {AG 12/30/07}
(not (csDestroying in ComponentState)) then begin // AG 03/03/06
FCloseInvoked := TRUE;
TriggerSessionClosed(msg.LParamHi);
end;
[..]
2)[ICS-SSL] Bug and Fix in SSL code, please update your source!
After a SslContext has been freed it may happen that RemoveSessionCallback() is
called delayed and thus tries to call a method of the already freed instance
which raises bad AVs.
In (OverbyteIcs)WSocketImplSsl.inc change your code as follows:
procedure TSslContext.DeInitContext;
begin
{$IFNDEF NO_ADV_MT}
Lock;
try
{$ENDIF}
if Assigned(FSslCtx) then begin
==> f_SSL_CTX_set_ex_data(FSslCtx, 0, nil); // Main fix // AG
12/25/07
==> { It may be a good idea to disable all callbacks as well }
==> { before freeing the context pointer, should not hurt, }
==> { otherwise please let me know }
==> f_SSL_CTX_sess_set_remove_cb(FSslCtx, nil); // AG
12/25/07
==> f_SSL_CTX_sess_set_new_cb(FSslCtx, nil); // AG
12/25/07
==> f_SSL_CTX_sess_set_get_cb(FSslCtx, nil); // AG
12/25/07
==> f_SSL_CTX_set_default_passwd_cb(FSslCtx, nil); // AG
12/25/07
==> f_SSL_CTX_set_default_passwd_cb_userdata(FSslCtx, nil); // AG
12/25/07
f_SSL_CTX_free(FSslCtx);
FSslCtx := nil;
end;
{$IFNDEF NO_ADV_MT}
finally
Unlock;
end;
{$ENDIF}
FinalizeSsl;
end;
--
Arno Garrels
>
> --
> Piotr Dałek
> [EMAIL PROTECTED]
>
> ----------------------------------------------------------------------
> Szukasz mieszkania, domu dzialki?
> Sprawdz >>> http://link.interia.pl/f1f47
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
