HTTPS with Synapse on Mac

[Leledumbo]

When I edit code next , I get empty file:

I don't know how compatible ssl_openssl unit on Windows, but one thing for sure: https://google.com returns 302 Found (redirect response), not 200 OK with content, so you have to handle that redirect instead.

[anna]

When I edit code next , I get empty file:

I don't know how compatible ssl_openssl unit on Windows, but one thing for sure: https://google.com returns 302 Found (redirect response), not 200 OK with content, so you have to handle that redirect instead.

I have traced code. No sending is made. I see in OllyDBG  WS2_32.connect call which return 0 (success). Then lazarus call FSock.SSLDoConnect; which return error.  . Application stops on this step.

It contain hard-coded error 'SSL/TLS support is not compiled!' . I have no idea, how synapse works on you PC. It's miracle.

[anna]

When I change function like next, I see non-encrypted http GET request on 443 port by TCP protocol. I think it is not correct, as browser uses TLS protocol over TCP protocol. Browser makes Client Hello. Synapse does not. I think that synapse has absolutely wrong  interpretation of standard.

Code: [Select]

function THTTPSend.InternalDoConnect(needssl: Boolean): Boolean;
begin
  Result := False;
  FSock.CloseSocket;
  FSock.Bind(FIPInterface, cAnyPort);
  if FSock.LastError <> 0 then
    Exit;
  FSock.Connect(FTargetHost, FTargetPort);
  if FSock.LastError <> 0 then
    Exit;
  if needssl then
  begin
    if (FSock.SSL.SNIHost='') then
      FSock.SSL.SNIHost:=FTargetHost;
    sleep(1);// marker for debugging in OllyDBG
    FSock.SSLDoConnect;
    sleep(2);
    FSock.SSL.SNIHost:=''; //don't need it anymore and don't wan't to reuse it in next connection
    {if FSock.LastError <> 0 then
      Exit;    }
  end;
  FAliveHost := FTargetHost;
  FAlivePort := FTargetPort;
  Result := True;
end;     


[anna]

Yep. It's my fault. SSLEAY32.dll and LIBEAY32.dll must be put in project folder.

[skalogryz]

Well, last year you didn't like the fact that you've to have .dlls out there. That's why I asked if you are still interested in static linking it.

[skalogryz]

I don't know how compatible ssl_openssl unit on Windows, but one thing for sure: https://google.com returns 302 Found (redirect response), not 200 OK with content, so you have to handle that redirect instead.

It's compatible. The only trick is to have external openssl libraries available. They're available by default in OSX, but has to be installed for Windows.
Btw, for google testing https://www.google.com should be used.

[anna]

Well, last year you didn't like the fact that you've to have .dlls out there. That's why I asked if you are still interested in static linking it.

Yes . Single file is 1000 % better then myriad of DLLs . Do you have a simple PAS-file which can be included to project? Give it to me, please.

[skalogryz]

I don't have the file, but I certainly know it's possible, as shown in this thead

[Daniel Simoes]

I see that the problem is not resolved in the latest svn snapshot (from february 2013) so i will attach the modified ssfpc.inc file for others to use.

ludob and mdalacu,

Thanks for your fix in ssfpc.inc, it works like a charm...