I have a problem with OpenSSL libraries (libeay32.dll and ssleay32.dll), version 1.02.u (but the same issue with older releases), Windows 64, both Embarcadero Delphi 10.3 Rio and Lazarus 2.1 (FPC 3.3.1) - from the trunk.
The problem is in my multi-threading application, which uses TIdHTTP.Get() for consuming data from a REST api (using SSL/TLS) and picture download function:
When I am executing the code for a first time, everything is OK.
But, on second code execution(in other thread), I received the following exception core:
Error creating SSL context:error:140A90F1:lib(20):func(169):reason(241)
in HTTP.Get method.
So after some debug in Indy sources, I found that the problem comes in execution of method "SSL_CTX_new" in unit IdSSLOpenSSL, line 3156:
After some google research, I found this:
https://curl.haxx.se/mail/lib-2018-07/0057.html
and modify Indy code like described:
and now everything works fine.
Is this OK?
and if it is, how to modify Indy source code ( is there some bug tracker or whatever, to create issue)?
The problem is in my multi-threading application, which uses TIdHTTP.Get() for consuming data from a REST api (using SSL/TLS) and picture download function:
Code:
begin
Result := TMemoryStream.Create;
Http := TIdHttp.Create(nil);
IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
IOHandler.SSLOptions.SSLVersions := [sslvSSLv2, sslvSSLv23, sslvSSLv3, sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2];
Request := TIdHTTPRequest.Create( Http );
Request.UserAgent := UserAgent;
HTTP.Request := Request;
HTTP.IOHandler := IOHandler;
try
try
ii := 0;
repeat
Result.Position := 0;
Http.Get(AURL, Result);
Result.Position := 0;
Result.read( Buffer, 20 );
Inc(ii);
until CheckValidPicture( Buffer )or (ii>2);
if (ii>2) then
Result.Clear;
Result.Position := 0;
except
// Just in case - second try
try
ii := 0;
repeat
Result.Position := 0;
Http.Get(AURL, Result);
Result.Position := 0;
Result.read( Buffer, 20 );
Inc(ii);
until CheckValidPicture( Buffer ) or (ii>2);;
if (ii>2) then
Result.Clear;
Result.Position := 0;
except
if (ii>2) then
Result.Clear;
end;
end;
finally
Http.DisposeOf;
Request.DisposeOf;
IOHandler.DisposeOf;
end;
When I am executing the code for a first time, everything is OK.
But, on second code execution(in other thread), I received the following exception core:
Error creating SSL context:error:140A90F1:lib(20):func(169):reason(241)
in HTTP.Get method.
So after some debug in Indy sources, I found that the problem comes in execution of method "SSL_CTX_new" in unit IdSSLOpenSSL, line 3156:
Code:
// create new SSL context
fContext := SSL_CTX_new(SSLMethod);
if fContext = nil then
EIdOSSLCreatingContextError.RaiseException(RSSSLCreatingContextError);
end;
//set SSL Versions we will use
After some google research, I found this:
https://curl.haxx.se/mail/lib-2018-07/0057.html
and modify Indy code like described:
Code:
// create new SSL context
fContext := SSL_CTX_new(SSLMethod);
if fContext = nil then begin
OpenSSL_add_all_digests;
fContext := SSL_CTX_new(SSLMethod);
if fContext = nil then
EIdOSSLCreatingContextError.RaiseException(RSSSLCreatingContextError);
end;
//set SSL Versions we will use
and now everything works fine.
Is this OK?
and if it is, how to modify Indy source code ( is there some bug tracker or whatever, to create issue)?