OpenSSL 1.0.2.g更新打破我的Delphi应用程序 [英] OpenSSL 1.0.2.g update breaks my Delphi app
问题描述
我的Win32程序从OpenSSL 1.02f升级到1.02g后失败。
我确保在升级后重新启动,并且我已经验证了正确的 libeay32。 dll
, libssl32.dll
和 ssleay32.dll
位于 C:\Windows \SysWOW64
(如果我将它们复制到我的应用程序目录,它也没有帮助)。
My Win32 program fails after an upgrade from OpenSSL 1.02f to 1.02g.
I made sure to reboot after the upgrade, and I have verified that the correct libeay32.dll
, libssl32.dll
, and ssleay32.dll
are in C:\Windows\SysWOW64
(and it does not help either if I copy them to my app directory).
var
lIOHandleSSL : TIdServerIOHandlerSSLOpenSSL;
FWebBrokerBridge : TIdHTTPWebBrokerBridge; // = class(TIdCustomHTTPServer)
begin
FWebBrokerBridge := TIdHTTPWebBrokerBridge.Create(Self);
LIOHandleSSL := TIdServerIOHandlerSSLOpenSSL.Create(FWebBrokerBridge); // LIOHandleSSL.SSLOptions.method is sslvTLSv1
LIOHandleSSL.SSLOptions.CertFile := ...
LIOHandleSSL.SSLOptions.RootCertFile := ...
LIOHandleSSL.SSLOptions.KeyFile := ...
LIOHandleSSL.OnGetPassword := HTTPSIOHandlerSSLOpenSSLGetPassword;
FWebBrokerBridge.IOHandler := LIOHandleSSL;
FWebBrokerBridge.Active := true;
错误是 EIdOSSLCouldNotLoadSSLLibrary:无法加载SSL库$ c $
The error is EIdOSSLCouldNotLoadSSLLibrary: Could not load SSL library
on the 'Active' statement.
这是一个Delphi XE2应用程序,Indy版本是10.5.8.0
It's a Delphi XE2 app, the Indy version is 10.5.8.0
FWIW 这里是OpenSSL 1.02g更改日志
- We use this OpenSSL binary installer.
- I added the WhichFailedToLoad() function (from IdSSLOpenSSLHeaders.pas
) and it returns the following string: SSLv2_method,SSLv2_server_method,SSLv2_client_method
- I have removed the description of my certificate files from this question. Ken White correctly remarked that the code its not at the stage yet where the certs are loaded
推荐答案
href =http://www.indyproject.org/sockets/blogs/changelog/20150907.en.aspx =nofollow> http://www.indyproject.org/sockets/blogs/changelog/20150907.en .aspx
This is covered here: http://www.indyproject.org/sockets/blogs/changelog/20150907.en.aspx
总之,SSLv2不安全,因此OpenSSL的某些发布商禁用SSL2。您似乎使用这样的OpenSSL。旧版本的Indy将以下功能视为关键:
In summary, SSLv2 is not secure, so some distributors of OpenSSL disable SSL2. You appear to be using such an OpenSSL. Older versions of Indy regard the following functions as critical:
-
SSLv2_method
-
SSLv2_server_method
-
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv2_client_method
如果这些函数未由OpenSSL DLL导出,则这些版本的Indy将无法加载。
These versions of Indy will fail to load if these functions are not exported by the OpenSSL DLLs.
要解决此问题,您需要执行以下操作之一:
To get past this problem you will need to do one of the following:
- 查找不禁用SSLv2的OpenSSL DLL。
- 升级到可以处理SSLv2被停用的Indy版本。
- 升级到Delphi 10西雅图更新1,其中包括Indy修订5311是处理这个问题的最早的Delphi版本。
这篇关于OpenSSL 1.0.2.g更新打破我的Delphi应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!