ICS - Internet Component Suite - V8.66 - Delphi 7 to RAD Studio 10.4 Sydney
ICS - Internet Component Suite - V8.66 - Delphi 7 to RAD Studio 10.4 Sydney
The Internet Component Suite is composed of various Internet components and applications. It is distributed as freeware with full source code for all Delphi and C++Builder versions. The sample applications exists in two forms: Object Pascal for Delphi and C++ for C++Builder. The components are written in Object Pascal native VCL which can be compiled by Delphi as well as C++Builder. There is a wiki under construction here where you'll find valuable documentation.
Below you'll find the links to download ICS/ICS-SSL distribution archives. You can find the latest source on the version control repository and an archive extracted daily from the repository here: ICS-V8.
TWSocket Basic winsock component. Fully event-driven and multi-thread safe. It supports TCP, UDP, SOCKS5 and can be used to build both client and server programs. Option: SSL support. Click here for a primer text about TCP and UDP.
TWSocketServer A TWSocket derived component for multi-user server handling. Option: SSL support.
TSmtpCli SMTP client protocol support. Used to send mail and attached files to a mail server.
TPop3Cli POP3 client protocol support. Used to retrieve mail form a mail server.
TDnsQuery DNS query component is used to retrieve MX records (Mail Exchange, needed for most SMTP applications) from DNS, as well as A records (IP address from hostname) and PTR records (hostname from IP address) records.
TMimeDecode Supports MIME decoding (file attachments). Useful with the TPop3Cli component.
TFtpCli FTP client protocol support. Used to send and receive files to/from an FTP server. Also able to do directory and file handling.
TFtpSrv FTP server protocol support. This component will make your application a full featured FTP server. Beta version.
TNntpCli NNTP client protocol support. Used to read and post news to/from a newsgroup server.
THttpCli HTTP client protocol support. Used to access any WEB server for getting or posting data. Base component to build a web browser. Includes Proxy support. Option: HTTPS support (Secure SSL communication).
THttpSrv HTTP server protocol support. Used to build a web server or to add a browser interface to your application. Option: HTTPS support (Secure SSL communication).
TTnCnx TELNET client protocol support.
TEmulVT ANSI terminal emulation (like a TMemo but with ANSI escape sequences interpretation).
TTnEmulVT TELNET and ANSI terminal emulation combined into a single component. You can build a full telnet client program in only a few lines of code.
TTnScript TELNET scripting component. Used to automate work with telnet session (such as auto login and password).
TFingerCli FINGER client. Use it to retreive information about logged user connected to a Unix machine (or any other with a finger server).
TPing ICMP Ping support. You can Ping a host and get the resulting info.
Client5 A basic client program using TWSocket component. Use with any of the server applications described below.
TcpSrv A basic multi-user server. Start all your TCP servers from this sample.
DnsLook How to use TWSocket DNS lookup feature.
Finger A Finger client using TFingerCli component.
FtpTst A full featured FTP client based on the TFtpCli component.
FtpSrv A full featured FTP server based on the TFtpSrv component.
HttpPg Use THttpCli component to post some data to a web server.
HttpTst Basic THttpCli component use. No very useful, but demonstrate most component features.
WebServ A THttpSrv component is used to build a webserver.
MtSrv Basic multi-threaded server using TWSocket. Accept any number of simultaneous client, servicing each one in a thread. The base for any real world server. See also TnSrv (event-driven) and MidWare for a complete client/server framework.
NewsRdr A basic newsreader using TNntpCli component.
PingTst A ping program using TPing component.
MimeDemo Show how to use the TMimeDecode to decode EMails received with the TPop3Cli component. You can display or save the message and all its attached files.
Server A basic yet complete event-driven server using TWSocket. Can support any number of client. The server fetch some data from a TTable at client request.
MailRcv A basic POP3 client program. Demonstrate most TPop3Cli features. Quite useful. Can be the base for a real EMail program if merged with the MailSnd program (see below).
MailSnd A basic SMTP program (send mail). Quite useful. Can be the base for a real EMail program if merged with the MailRcv program (see above).
NsLookup Show how to use DNS query component to retrieve MX, A and PTR records directly from DNS.
TnClient A full featured TELNET client program with ANSI terminal emulation.
TnDemo A TELNET client using a TMemo to display incomming data.
TnSrv A basic event-driven server. Can support any number of concurrent clients. The base for any real world server. See also TcpSrv, MtSrv (multi-threaded) and MidWare for a complete client/server framework.
TWSChat A full featured CHAT program, both client and server. It's a good demonstration for many TWSocket features.
UdpLstn A UDP server demo. It listen for UDP messages on a given port and displays them.
UdpSend A UDP client demo. It sends or broadcasts UDP messages to a given port.
SocksTst A simple client program showing how to use the SOCKS5 protocol to traverse a firewall or proxy like WinGate.
ConCli Actually 2 console mode applications showing how to use TWSocket into console mode client applications.
ConSrv Much like TnSrv sample program, but using console mode application (usefull to write a daemon or service).
IcsDll Shows how to build DLL with a TWSocket. The sample DLL connect to TcpSrv sample program to get date/time. A sample demo application shows how to call the DLL.
DynCli A very basic client program showing how to use a dynamically created TWSocket component.
Changes in ICS V8.66 include:
Added a new TIcsInetAlive component to check for IPv4 and/or IPv6 internet connectivity, using Ping and/or HTTP, defaulting to www.msftconnecttest.com run by Microsoft for Windows 10 alive checking. The online and offline check intervals may be set, and event fires when online state changes. Sample OverbyteIcsHttpRestTst has a demo for new component.
OpenSSL 1.0.2 and 1.1.0 ceased security fix support over 12 months ago so ICS now only supports 1.1.1, with 3.0 support due in the next few months. This removes a lot of legacy code and functions, and several old ICS functions needed for backward compatibility. Two components only used for 1.0.2 have been removed, TSslStaticLock and TSslDynamicLock which may give an error loading forms, until they are removed. SslContext SslOptions is now ignored, use sslOptions2 instead which has more modern options. Cannot remove SslOptions because it's saved on too many DFMs. Most modern applications should not be using SslConext, but IcsHosts for servers for high level client components like TSslHttpRest.
Undertook a major clean-up of OpenSSL functions that may require end user application changes if low level OpenSSL functions have been used, hopefully very rarely. All OpenSSL functions have been renamed to their original names removing ICS f_ prefix for commonality with other Delphi applications. Renamed literals BIO_CTRL_PENDING_, CRYPTO_NUM_LOCKS_, CRYPTO_LOCK_, OPENSSL_VERSION_ with underscore to avoid conflicts with functions of the same case sensitive names. Removed unit OverbyteIcsLibeayEx not used for a while. Most OpenSSL type pointers to Dummy array are now simple Pointer type. Changed most OpenSSL var parameters to pointers for commonality. New TSslWSocket method SslOK is TLS/SSL negotiated OK. LoadVerifyLocations no longer lets OpenSSL use default CA folder locations which is potentially a security risk.
Bring server SSL/TLS security levels up to the latest Mozilla recommendations. In 2021 Mozilla now recommends TLSv1.3 as modern ciphers and TLSv1.2/1.3 as Intermediate supporting all browsers from last five years, so IcsHosts now use sslCiphersMozillaSrvTLS12 as Intermediate level, also Mozilla recommends no cipher server preference so changed that. Updated SslSrvSecurity levels: sslSrvSecInter, sslSrvSecInterFS and sslSrvSecHigh now all the same TLSv1.2 or 1.3, sslSrvSecTls12Less now TLSv1.2 only, sslSrvSecSsl3 not supported, only sslSrvSecBack supports TLSv1 and 1.1, sslSrvSecTls13Only unchanged TLSv1.3 only.
Added support for YuOpenSSL which provides OpenSSL in a pre-built DCU statically linked into applications, rather than using external OpenSSL DLLs. This make application distribution more reliable since it can no fail by users deleting the DLLs or copying incompatible versions into the directory. YuOpenSSL is a commercial product from https://www.yunqa.de/ and is supplied as separate compiled DCUs for Delphi 5 to 10.4. DEFINE YuOpenSSL in Include\OverbyteIcsDefs.inc determines whether the DCU is linked or the external DLLs. Note only one version of OpenSSL can be linked with YuOpenSSL, whereas different DLLs can be supported. Apart from setting the define and adding a path to YuOpenSSL.dcu, no other application code changes are needed unless you check or report the DLL directory, when GSSLStaticLinked can be checked to see if OpenSSL is statically linked. Also worth noting that YuOpenSSL provides access to the all OpenSSL APIs, while ICS only accesses those DLL APIs needed for functionality we support.
Added a better way of configuring Socks proxy and HTTP Tunnel proxy settings in TWSocket, similarly to that added for THttpCli in V8.62. The new ProxyURL property sets SOCKS or HTTP Tunnel proxy settings using a single URL, ie proto://[user:password@]host:port where proto is socks5 or http. Also added new methods SetSocks and SetHTTPTunnel to set proxy properties in a single call. Socks proxy and HTTP tunnelling again support host names, broken in V8.56. The sample OverbyteIcsSocksTst has been updated to demonstrate use of the new ProxyURL property and also now supports HTTP Tunnel proxy.
TIcsRestEmail has new OAAuthType property and event for OAuth2 browser URL perhaps via email for servers. TIcsRestEmail now sets OAuth2 errors, and clears old tokens. Increased default timeout for TIcsRestEmail AOuth2 login to 120 seconds since several web page warnings may be seen while attempting to login through the web page.
TIcsHttpMulti has a new ParseLevels property that follow links on a parsed web page to lower level pages, which are also parsed, looking for files to download with a specific file extension, ie .avi. It ignores parent links without a file extension, and external links. This allows the component to download files indexed using HTTP from CCTV camera memory cards.
In TSslHttpRest ensure SSL is initialised for non-REST HTTP requests like GET, POST and PUT.
In TSslWSocketServer, added better error handling when IcsHosts SslCert is blank, so SslContext is still created for automatically created self signed certificates.
In TSslWSocketServer, TSslHttpAppSrv and TSslHttpSrv, added new onBeforeCtxInit event which if set is called once before each IcsHosts SslContext is initialised to allow the context parameters to be adjusted for special ciphers or protocols.
In THttpCli, AddrResolvedStr is now still available after the connection closes to report the IP address used for the connection. When using an HTTPS proxy with the CONNECT command don't send host and port which some servers are unable to handle, probably broken with V8.64.
In TIcsMailQueue, added a new method CheckOAuthLogins that should be called before the queue starts when using OAuth2 email logins, which allows interactively checking with a browser of any OAuth2 login credentials, avoids asking for login first time email sent maybe days later.
In TSslX509Certs, When starting the local web server for file challenges, check the server IP address still exists or change to 0.0.0.0, may not work if multiple IPs exist.
Updated to OpenSSL 1.1.1k with two high security fixes, one introduced in the last version relating to a certificate chain validation that ICS does not use, the other relating to servers using TLSv1.2 and renegotiation, and that feature is removed in V8.66.
Added a new TIcsInetAlive component to check for IPv4 and/or IPv6 internet connectivity, using Ping and/or HTTP, defaulting to www.msftconnecttest.com run by Microsoft for Windows 10 alive checking. The online and offline check intervals may be set, and event fires when online state changes. Sample OverbyteIcsHttpRestTst has a demo for new component.
OpenSSL 1.0.2 and 1.1.0 ceased security fix support over 12 months ago so ICS now only supports 1.1.1, with 3.0 support due in the next few months. This removes a lot of legacy code and functions, and several old ICS functions needed for backward compatibility. Two components only used for 1.0.2 have been removed, TSslStaticLock and TSslDynamicLock which may give an error loading forms, until they are removed. SslContext SslOptions is now ignored, use sslOptions2 instead which has more modern options. Cannot remove SslOptions because it's saved on too many DFMs. Most modern applications should not be using SslConext, but IcsHosts for servers for high level client components like TSslHttpRest.
Undertook a major clean-up of OpenSSL functions that may require end user application changes if low level OpenSSL functions have been used, hopefully very rarely. All OpenSSL functions have been renamed to their original names removing ICS f_ prefix for commonality with other Delphi applications. Renamed literals BIO_CTRL_PENDING_, CRYPTO_NUM_LOCKS_, CRYPTO_LOCK_, OPENSSL_VERSION_ with underscore to avoid conflicts with functions of the same case sensitive names. Removed unit OverbyteIcsLibeayEx not used for a while. Most OpenSSL type pointers to Dummy array are now simple Pointer type. Changed most OpenSSL var parameters to pointers for commonality. New TSslWSocket method SslOK is TLS/SSL negotiated OK. LoadVerifyLocations no longer lets OpenSSL use default CA folder locations which is potentially a security risk.
Bring server SSL/TLS security levels up to the latest Mozilla recommendations. In 2021 Mozilla now recommends TLSv1.3 as modern ciphers and TLSv1.2/1.3 as Intermediate supporting all browsers from last five years, so IcsHosts now use sslCiphersMozillaSrvTLS12 as Intermediate level, also Mozilla recommends no cipher server preference so changed that. Updated SslSrvSecurity levels: sslSrvSecInter, sslSrvSecInterFS and sslSrvSecHigh now all the same TLSv1.2 or 1.3, sslSrvSecTls12Less now TLSv1.2 only, sslSrvSecSsl3 not supported, only sslSrvSecBack supports TLSv1 and 1.1, sslSrvSecTls13Only unchanged TLSv1.3 only.
Added support for YuOpenSSL which provides OpenSSL in a pre-built DCU statically linked into applications, rather than using external OpenSSL DLLs. This make application distribution more reliable since it can no fail by users deleting the DLLs or copying incompatible versions into the directory. YuOpenSSL is a commercial product from https://www.yunqa.de/ and is supplied as separate compiled DCUs for Delphi 5 to 10.4. DEFINE YuOpenSSL in Include\OverbyteIcsDefs.inc determines whether the DCU is linked or the external DLLs. Note only one version of OpenSSL can be linked with YuOpenSSL, whereas different DLLs can be supported. Apart from setting the define and adding a path to YuOpenSSL.dcu, no other application code changes are needed unless you check or report the DLL directory, when GSSLStaticLinked can be checked to see if OpenSSL is statically linked. Also worth noting that YuOpenSSL provides access to the all OpenSSL APIs, while ICS only accesses those DLL APIs needed for functionality we support.
Added a better way of configuring Socks proxy and HTTP Tunnel proxy settings in TWSocket, similarly to that added for THttpCli in V8.62. The new ProxyURL property sets SOCKS or HTTP Tunnel proxy settings using a single URL, ie proto://[user:password@]host:port where proto is socks5 or http. Also added new methods SetSocks and SetHTTPTunnel to set proxy properties in a single call. Socks proxy and HTTP tunnelling again support host names, broken in V8.56. The sample OverbyteIcsSocksTst has been updated to demonstrate use of the new ProxyURL property and also now supports HTTP Tunnel proxy.
TIcsRestEmail has new OAAuthType property and event for OAuth2 browser URL perhaps via email for servers. TIcsRestEmail now sets OAuth2 errors, and clears old tokens. Increased default timeout for TIcsRestEmail AOuth2 login to 120 seconds since several web page warnings may be seen while attempting to login through the web page.
TIcsHttpMulti has a new ParseLevels property that follow links on a parsed web page to lower level pages, which are also parsed, looking for files to download with a specific file extension, ie .avi. It ignores parent links without a file extension, and external links. This allows the component to download files indexed using HTTP from CCTV camera memory cards.
In TSslHttpRest ensure SSL is initialised for non-REST HTTP requests like GET, POST and PUT.
In TSslWSocketServer, added better error handling when IcsHosts SslCert is blank, so SslContext is still created for automatically created self signed certificates.
In TSslWSocketServer, TSslHttpAppSrv and TSslHttpSrv, added new onBeforeCtxInit event which if set is called once before each IcsHosts SslContext is initialised to allow the context parameters to be adjusted for special ciphers or protocols.
In THttpCli, AddrResolvedStr is now still available after the connection closes to report the IP address used for the connection. When using an HTTPS proxy with the CONNECT command don't send host and port which some servers are unable to handle, probably broken with V8.64.
In TIcsMailQueue, added a new method CheckOAuthLogins that should be called before the queue starts when using OAuth2 email logins, which allows interactively checking with a browser of any OAuth2 login credentials, avoids asking for login first time email sent maybe days later.
In TSslX509Certs, When starting the local web server for file challenges, check the server IP address still exists or change to 0.0.0.0, may not work if multiple IPs exist.
Updated to OpenSSL 1.1.1k with two high security fixes, one introduced in the last version relating to a certificate chain validation that ICS does not use, the other relating to servers using TLSv1.2 and renegotiation, and that feature is removed in V8.66.
Only for V.I.P Warning! You are not allowed to view this text.