Activity for Ararat Synapse
-
Benito van der Zander created ticket #81
Synapse HTTPS-server does not accept private keys in EC format
-
This is almost the same problem as I reported in tickets #42 and #56
-
Denis Grinyuk created ticket #30
OpenSSL engines support (GOST)
-
Olivier Sannier created ticket #80
Allow proper Abort of THTTPSend.HTTPMethod
-
ERangeError in ssl_openssl_lib.pas
-
marsupilami79 created ticket #78
SSLOpenSSL.CreateSelfSignedCert creates invalid certificates on 64 Bits Linux
-
Geby modified ticket #77
Missing declaration of _SslSet1Host
-
Fix bug #77
-
Function for adding extensions to a self signed certificate
-
Missing declaration of _SslSet1Host
-
New BSD SysLog sender with RFC-5424 support
-
New Rfc3339DateTime function
-
Andreas Brietzke posted a comment on ticket #76
Thanks, also for this great SW! Am Dienstag, dem 07.11.2023 um 10:57 +0000 schrieb Geby: status: open --> closed-fixed Comment: OK, ttyACM* added [bugs:#76] ACM serial devices under LInux Status: closed-fixed Group: SVN Created: Mon Nov 06, 2023 04:57 AM UTC by Andreas Brietzke Last Updated: Mon Nov 06, 2023 04:57 AM UTC Owner: nobody Attachments: synaser.pas (71.8 kB; text/x-pascal) the devices like /dev/ttyACMxx will not recognize. Fix: add lines if FindFirst('/dev/ttyAC*', ATTR, sr) = 0 then begin...
-
ACM serial devices under LInux
-
OK, ttyACM* added
-
GetSerialPortNames returns ttyACM* too
-
Thank you, fixed now!
-
[Patch available] Synapse/OpenSSL accepts wrong-host certificates (security risk)
-
Enable hostname verification in OpenSSL (bug #75 by dokkie8844)
-
synaser.pas does not pass FPC_Range Check
-
Thanks, fixed.
-
synaser.pas - fix rangecheck error
-
ssl_openssl3.pas not included in laz_synapse.lpk
-
Thanks, fixed.
-
Updated Lazarus package definition to use OpenSSL 3.x
-
syslog - use FDQN (instead of first IP) as message sender identification
-
ACM serial devices under LInux
-
dokkie8844 created ticket #75
[Patch available] Synapse/OpenSSL accepts wrong-host certificates (security risk)
-
Uwe Schächterle created ticket #74
synaser.pas does not pass FPC_Range Check
-
Zoran Vučenović created ticket #73
ssl_openssl3.pas not included in laz_synapse.lpk
-
Jon Trepte posted a comment on ticket #72
Thanks Geby, OK I'll try that. Regarding V3 I can't install it on my PI4 as I'm running 32 bit OS. The installation fails when I run make. I don't know if it's possible to pass a parameter to make for 32 bit. I'm looking into that. Thanks again Kindest Regards Jon On 7 Jun 2023, at 11:53, Geby geby@users.sourceforge.net wrote: Of course, OpenSSL 1.1.1 does not have function SSLeayversion at all. You must use plugin ssl_openssl11.pas instead. However all these OpenSSL versions are outdated and deprecated,...
-
Of course, OpenSSL 1.1.1 does not have function SSLeayversion at all. You must use plugin ssl_openssl11.pas instead. However all these OpenSSL versions are outdated and deprecated, best is OpenSSL 3 with ssl_openssl3.pas plugin.
-
Hi Geby, Forgive me for being a bit dim here as I'm very new to this. I have checked the openssl version and I get 1.1.1n so I added ssl_openssl.pas from the onlinepackagemanager/packages/synapse40.1/ssl_openssl.pas to my project. Now InitSSLInterface can load the libraries. However the the line __SSLeayversion in InitSSLInterface on line 2036 is NULL Now this is not your problem but XMailer uses SSLeayversion to test if the SSL is loaded and it obviously fails. Could you suggest another way to check...
-
Synapse 40
-
Not a bug. As error message says: "youtr application not have compiled support for SSL/TLS." You must add one of SSL plugins into your project first. Take a look for unit with "ssl_" on begin of their names. It depending on available crypto libraries on your platform.
-
Synapse 40
-
IPV6 PingSend shows overly long RTT values (2000000 and more), though the ping returns within some msec
-
Fixed in SVN commit #270 now. Thank you, I really don't know why I shifted buffer before, maybe some other bug in prehistoric implemetation...
-
Bugfix #71, ICMPv6 on Windows (thanks to Armin)
-
ArminLinder created ticket #71
IPV6 PingSend shows overly long RTT values (2000000 and more), though the ping returns within some msec
-
Trying to load an SSL implementation on macOS results in "loading libcrypto in an unsafe way" error
-
Fixed, thank you!
-
Fix bug #70 - OpenSSL3 on Mac
-
Error in flush method for android with FPC
-
Thnaks, fixed as SVN #268
-
Request #28 - fix for Flush on FPC-Android
-
lighterowl created ticket #70
Trying to load an SSL implementation on macOS results in "loading libcrypto in an unsafe way" error
-
It is wrong datatype for IpHlp handle on Win64 platform. Fixed in r267 now. Thank you!
-
Access Violation in tPingSend on Win64 platform
-
Fixed pingsend.pas on Win64 platform
-
Arthur Hoornweg created ticket #69
Access Violation in tPingSend on Win64 platform
-
Ismael Leandro Faustino created ticket #28
Error in flush method for android with FPC
-
Igor Moneta created ticket #68
Handshakes problem, HTTP2
-
Peter1287 created ticket #67
SMTP STARTTLS
-
function d2iX509bio(): Wrong order of arguments in implementation
-
Thank you, fixed in SVN r266 now.
-
Fix bug #66
-
Ralf Junker created ticket #66
function d2iX509bio(): Wrong order of arguments in implementation
-
Different versions of OpenSSL on a Linux system
-
ssl_openssl3 is for version 3+ only. It using latest API and cannot be used with old deprecated versions. However old ssl_openssl is still here for all openssl versions, but not all features are working fine in all versions. I am focusing to new ssl_openssl3 only.
-
RDL created ticket #65
Different versions of OpenSSL on a Linux system
-
han.k created ticket #64
Functions StrToIP and IptoStr in unit synaip.pas for values integer instead of dword
-
ssl_openssl.pas and ssl_openssl11.pas are deprecated now. Use ssl_openssl3.pas instead.
-
New SSL plugin for OpenSSL 3+ as preferred plugin for future.
-
Set Cert + Key from string failing
-
fixed string result of GetPeerFingerprint (other SSL plugins)
-
SSL.GetPeerFingerprint - bugfix - result must be ansistring for compatibility with Unicode Delphi. (Result is binary nonprintable string) Need to change it in some SSL plugins too!
-
Szakmári László posted a comment on ticket #63
OFF: Sorry, my bad, Of course I wanted to thank :-) I've just clicked the Send button accidentally too soon after Copy-paste. (Phone rang and did not check my post again.) I do appreciate the great work you are doing with this component! I only tried to suggest a possible enhancement (with too raw sentences). The main part of my prev. msg. is the CODE !!! because there is nowhere to find it, and wanted to share. I've just tested it and it works great this way. (I guess not too many of us know about...
-
Thank you very much for the hint!!! Of course it would have been nice, if your code would: 1. auto-recognise if it has '-----' inside it, 2. and if yes, would try to analyse if it's PKCS#8 (containing: _BEGIN_PRIVATE_KEY ) 3. or PKCS#1 (containing: _BEGIN_RSA_PRIVATE_KEY) 4. and auto-convert it. uses basenenc, fppem, ... HTTP.Sock.SSL.PrivateKey := basenenc.GetRawStringFromBytes(fppem.PemToDER( priv_key_string , _BEGIN_PRIVATE_KEY, _END_PRIVATE_KEY )); HTTP.Sock.SSL.Certificate := basenenc.GetRawStringFromBytes(fppem.PemToDER(...
-
joe pasquariello posted a comment on ticket #63
you could just say thank you! the software and supportfrom geby has been incredible.
-
Thank your for the hint! Of course it would have been nice, if your code would: 1. auto-recognise if it has '-----' inside it, 2. and if yes, would try to analyse if it's PKCS#8 (containing: _BEGIN_PRIVATE_KEY ) 3. or PKCS#1 (containing: _BEGIN_RSA_PRIVATE_KEY) 4. and auto-convert it. uses basenenc, fppem, ... HTTP.Sock.SSL.PrivateKey := basenenc.GetRawStringFromBytes(fppem.PemToDER( priv_key_string , _BEGIN_PRIVATE_KEY, _END_PRIVATE_KEY )); HTTP.Sock.SSL.Certificate := basenenc.GetRawStringFromBytes(fppem.PemToDER(...
-
ssl_openssl11 is not adapted for 3.0 yet. I must do it soon. However your problem is very simple! Look at comments on the begin of ssl_openssl.pas where are written acceptable certificate formats: for files are accepted "text based PEM" or "binary based DER" formats. for reading from the memory is accepted "binary based DER" only. ... and you are trying to read PEM. So, try to convert your PEM certificate to DER format first (how to read here: https://www.entrust.com/knowledgebase/ssl/how-do-i-convert-my-pem-certificate-to-a-der-certificate-format)...
-
To be more precise: I've forgot about ssl_openssl11, because it seemed it is not updated to work with OpenSSL3.x, so I had to close that option out. (I had to think a few moments to realize that. It was a month ago and I've red sooooo many things about SSL and things like that, it mixed all up a bit.)
-
Oh, sorry, I didn't know there are more of them... uses ssl_openssl; Is that wrong? It seems it loads libcrypto-3.dll and libssl-3.dll well.
-
Well, but what plugin you have compiled with Synapse? ssl_openssl or ssl_openssl11, or some else?
-
latest OpenSSL (3.0.2) Binary downloaded from here
-
What SSL plugin class are you using?
-
ssl_openssl11 - Read all certificates from the PFX file (Radek Cervinka)
-
Sent 333.33 CZK donation to compensate a few minutes of your time to look into this. (Sorry could not send more, but I'm a simple programmer working alone from Budapest.)
-
Set Cert + Key from string failing
-
That's great! Can you please: - change the version to 2022.04 <version major="2022" minor="04"> - and publish your work?</version>
-
Yes, working... but not full time, sorry.
-
Are you still working on this project? Thanks!
-
Lazarus is outdated - version change 50.0
-
And here an updated version indicating "connection made" or "connection lost". It is for Lazarus & FPC
-
Add improved sample program echo2
-
Daniel Simões de Almeida posted a comment on ticket #26
try last version of trunk...
-
many small POSIX and NEXTGEN fixes (ACBr)
-
synacode.pas - POSIX fixes (ACBr)
-
ssl_openssl_capi.pas small fix
-
ssl_cryptlib.pas Support for TLS1.2 and 1.3 (by ACBr)
-
blcksock.pas - improvements by ACBr
-
synamisc.pas POSIX fixes
-
new function GetLocalIPsFamily
-
synaser.pas - POSIX and Android support by ACBr
-
Charset handling fixes by ACBr
-
Typo errors and little improvements inspired by ACBr
-
synamisc.pas - new function GetProxyForURL (Windows only)
-
New implementation of GetIEProxy for IE 5.0+
-
1 >
