Hi Arno
Thanks for the quick reply.
Setting the Clients SslContext obj property SslVerifyPeer = true yields
an errCode = 1 in the Clients HandshakeDone event (not a winsock error)
I tried setting up the clients SslContext::SslPrivKeyFile to the "C:\
... \ClientKey.pem" file created by the IcsSslBuildCerts.bat file and
retried, got ErrCode = 1 still.
I also tried setting up SslContext::SslCertFile on the client to "C:\
... \ClientCert.pem" created by IcsSslBuildCerts.bat, but still ErrCode
= 1.
I should note that the passphrase was set up correctly to "password",
failing to do so gave me an exception.
Any idea what might be causing this errCode = 1 ?
Below are some snippets from the initializing code and the DFM files:
All cert files are located in my
""C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\" folder.
Server init code:
------------------------------------------------------------------------
SslWSocketServer1->SslContext = this->SslContext1;
SslWSocketServer1->OnClientConnect = SslWSocketServer1ClientConnect;
SslWSocketServer1->SslMode = sslModeServer;
SslWSocketServer1->Proto = "tcp";
SslWSocketServer1->Addr = "0.0.0.0"; // Use any interface
SslWSocketServer1->Port = "443";
SslWSocketServer1->SslEnable = true;
SslContext1->SslCertFile =
"C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\ServerCert.pem
";
SslContext1->SslPassPhrase = "password";
SslContext1->SslPrivKeyFile =
"C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\ServerKey.pem"
;
SslContext1->SslCAFile =
"C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\ServerCA.pem";
SslContext1->SslCAPath = "";
SslContext1->SslVerifyPeer = true;
SslWSocketServer1->SetAcceptableHostsList("127.0.0.1;www.overbyte.be;www
.borland.com");
SslWSocketServer1->Listen();
SslWSocketServer1->ClientClass = __classid(TTcpSrvClient); // Use our
component
Display("Listenning...");
Server DFM:
------------------------------------------------------------------------
object SslWSocketServer1: TSslWSocketServer
LineMode = False
LineLimit = 65536
LineEnd = #13#10
LineEcho = False
LineEdit = False
Addr = '0.0.0.0'
Port = '443'
Proto = 'tcp'
LocalAddr = '0.0.0.0'
LocalPort = '0'
MultiThreaded = False
MultiCast = False
MultiCastIpTTL = 1
FlushTimeout = 60
SendFlags = wsSendNormal
LingerOnOff = wsLingerOn
LingerTimeout = 0
KeepAliveOnOff = wsKeepAliveOff
KeepAliveTime = 0
KeepAliveInterval = 0
SocksLevel = '5'
SocksAuthentication = socksNoAuthentication
LastError = 0
ReuseAddr = False
ComponentOptions = []
ListenBacklog = 5
ReqVerLow = 1
ReqVerHigh = 1
Banner = 'Welcome to OverByte ICS TcpSrv'
BannerTooBusy = 'Sorry, too many clients'
MaxClients = 0
SslEnable = True
Left = 352
Top = 240
end
object SslContext1: TSslContext
SslVerifyPeer = False
SslVerifyDepth = 9
SslOptions = []
SslVerifyPeerModes = [SslVerifyMode_PEER]
SslSessionCacheModes = [sslSESS_CACHE_SERVER]
SslCipherList = 'ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH'
SslVersionMethod = sslV23_SERVER
SslSessionTimeout = 0
SslSessionCacheSize = 20480
SslDefaultSessionIDContext = 'dfhgdfg'
Left = 384
Top = 240
end
Client init code:
------------------------------------------------------------------------
Sock->SslContext = this->SslContext1;
Sock->SslEnable = false;
Sock->SslMode = sslModeClient;
Sock->OnDataAvailable = SockDataAvailable;
Sock->OnSessionClosed = SockSessionClosed;
Sock->OnSessionConnected = SockSessionConnected;
Sock->OnSslHandshakeDone = SockSslHandshakeDone;
Sock->OnSslCliCertRequest = SockSslCliCertRequest;
SslContext1->SslVerifyPeer = true;
SslContext1->SslCertFile =
"C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\ClientCert.pem
";
SslContext1->SslPrivKeyFile =
"C:\\cvswork\\prereq\\ics\\Delphi\\SslInternet\\SslCerts\\ClientKey.pem"
;
SslContext1->SslPassPhrase = "password";
Sock->Addr = "127.0.0.1";
Sock->Port = "443";
Sock->SslEnable = false;
Sock->Connect();
//Client Connect event
void __fastcall TForm2::SockSessionConnected(TObject* Sender, Word
ErrCode)
{
if( ErrCode == 0 )
{
Sock->SslEnable = True;
Sock->StartSslHandshake();
Button1->Enabled = false;
Button2->Enabled = true;
}
}
// Client Handshake done event
void __fastcall TForm2::SockSslHandshakeDone(TObject* Sender, Word
ErrCode, TX509Base* PeerCert, bool& Disconnect)
{
// ErrCode resolves to 1 ... should be 0 if successfull
Memo1->Lines->Add( "SockSslHandshakeDone, ErrCode = " +
IntToStr(ErrCode) + ", Desc = " + WSocketErrorDesc(ErrCode) );
// All data members read contain NULL or other default values.
PeerCert->IssuerOneLine;
AnsiString s = PeerCert->GetRawText();
PeerCert->SubjectOneLine;
PeerCert->SerialNum;
PeerCert->VerifyResult;
PeerCert->FirstVerifyResult;
PeerCert->PublicKey;
SslContext1->SslPassPhrase;
Button3->Enabled = true;
}
Client DFM
------------------------------------------------------------------------
object Sock: TSslWSocket
LineMode = False
LineLimit = 65536
LineEnd = #13#10
LineEcho = False
LineEdit = False
Port = '443'
Proto = 'tcp'
LocalAddr = '0.0.0.0'
LocalPort = '0'
MultiThreaded = False
MultiCast = False
MultiCastIpTTL = 1
FlushTimeout = 60
SendFlags = wsSendNormal
LingerOnOff = wsLingerOn
LingerTimeout = 0
KeepAliveOnOff = wsKeepAliveOff
KeepAliveTime = 0
KeepAliveInterval = 0
SocksLevel = '5'
SocksAuthentication = socksNoAuthentication
LastError = 0
ReuseAddr = False
ComponentOptions = []
ListenBacklog = 5
ReqVerLow = 1
ReqVerHigh = 1
SslEnable = False
SslMode = sslModeClient
Left = 24
Top = 24
end
object SslContext1: TSslContext
SslVerifyPeer = False
SslVerifyDepth = 9
SslOptions = []
SslVerifyPeerModes = [SslVerifyMode_PEER]
SslSessionCacheModes = []
SslCipherList = 'ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH'
SslVersionMethod = sslV23
SslSessionTimeout = 0
SslSessionCacheSize = 20480
Left = 56
Top = 24
end
Best regards
Kurt
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
