Indy10 with Delphi-7 can't download some SSL pages, even with May 2019 DLLs
I'm working on an old Delphi 7 app that uses Indy 10 to download websites. I'm having difficulty with some, not all, SSL pages.
Version data:
Indy 10
"libeay32.dll": 1.0.2.19 @ 31-May-19
"ssleay32.dll": 1.0.2.19 @ 31-May-19
When trying to download some pages using SSL (e.g. "https://davisashura.com/"), in the IdSSLOpenSSLHeaders unit, which is Rev. 1.8, the following procedure raises the indicated error:
class procedure EIdOpenSSLAPISSLError.RaiseExceptionCode(const AErrCode, ARetCode: TIdC_INT; const AMsg: String);
Initialization code:
HTTP := TIdHTTP.Create;
with HTTP do begin
Request.UserAgent := 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)';
HandleRedirects := True;
RedirectMaximum := 5;
ReadTimeout := 20400;
//Request.AcceptEncoding := 'text/html, deflate, gzip'; // some websites don't download with this set
Compressor := TIdCompressorZLib.Create;
IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
HTTPOptions := HTTPOptions + [hoForceEncodeParams, hoInProcessAuth];
end;
Does anyone know how to resolve this?
The EOF error simply means the server is closing its end of the socket connection during the TLS handshake, without sending back a TLS alert first. Which means the server doesn't like something in the handshake and is bailing out. The most likely culprit is the TLS version.
By default, TIdSSLIOHandlerSocketOpenSSL enables only TLS 1.0, but many sites nowadays require TLS 1.1 or 1.2 instead. You can use the TIdSSLIOHandlerSocketOpenSSL.SSLOptions.SSLVersions property to enable TLS 1.1 and 1.2.
HTTP := TIdHTTP.Create;
HTTP.Request.UserAgent := 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)';
HTTP.HandleRedirects := True;
HTTP.RedirectMaximum := 5;
HTTP.ReadTimeout := 20400;
//HTTP.Request.AcceptEncoding := 'text/html, deflate, gzip'; // some websites don't download with this set
HTTP.Compressor := TIdCompressorZLib.Create(HTTP);
HTTP.HTTPOptions := HTTP.HTTPOptions + [hoForceEncodeParams, hoInProcessAuth];
SSL := TIdSSLIOHandlerSocketOpenSSL.Create(HTTP);
SSL SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2]; // <-- ADD THIS!
HTTP.IOHandler := SSL;
There is a TODO item in Indy's issue tracker about this issue:
#181: Update TIdSSLIOHandlerSocketOpenSSL to enable TLS 1.1 and 1.2 by default
- gobject/gnome/glib bindings for D using GIR?
- How do nested functions get compiled?
- The "this" pointer and message receiving in D
- 64-bit executables with DMD
- GtkD with D lang on Fedora
- Why Android used Java concept instead of D language or C or C++? But Chromium web browser is in C++, its very complicated match
- How to use MongoItemWriter to write a List<T>
- Why a function with protected modifier can be overridden and accessible every where?
- Convert Unicode const(uint)* to a dlang character type
- Compiling D with Code::Blocks
- DMD vs. GDC vs. LDC
- Rendering a font in raylib using freetype
- Digital Mars D compiler; acquiring ASM output
- D Programming: openssl rsa forward reference compiler error
- D compiler DMD doesn't link object files
- OPTLINK: Warning 23: No Stack
- Is there a limit in the amount of temporary generated symbols during a project build using dmd 2.063?
- Is this the right way to combine Garbage collected with none Garbage collected code in D
- D compiler (Digital Mars D Compiler) throwing error
- Which D Compiler to Use?
- Splitting a string treating multiple whitespace as one separator
- Proper way of passing array parameters to D functions
- Detailed Valgrind internals documentation
- Is it possible, in D, to tell the garbage collector to not scan a particular pointer (or anything below it)?
- Iterate over key/value pairs in associative array in D.
- Dlang associative array of an array of strings keyed by a string has unexpected behavior
- How to repeat a statement N times (simple loop)
- Is worth the effort to learn D?
- ld: undefined reference to object I can see in objdump
- D using emplace