Support OpenSSL 1.1.0 and later

[rlebeau]

Indy currently supports OpenSSL up to 1.0.2. OpenSSL 1.1.0 makes a number of major API changes that break TIdSSLIOHandlerSocketOpenSSL. Removing/renaming functions, changing/obscuring structures, changing the DLL filenames, etc. Indy needs to either have TIdSSLIOHandlerSocketOpenSSL recognize 1.1.0+ and adjust itself accordingly, or else define a whole new IOHandler just for 1.1.0+.

Also, in order to support TLS 1.3, Indy needs to support OpenSSL 1.1.1+, as TLS 1.3 will NOT be added to OpenSSL 1.0.2 or 1.1.0.

The OpenSSL devs will stop supporting OpenSSL 1.0.2 on Dec 31 2019, and 1.1.0 on Sept 11 2019.

UPDATE: as of 07-Sep-2021, OpenSSL 3.0.0 has been released, which is largely backwards compatible with 1.1.x, but does make some additional API changes. Refer to https://www.openssl.org/docs/man3.0/man7/migration_guide.html

[winkelsdorf]

@rlebeau Bringing this again to the team's attention. Afaik, Indy currently only supports the 1.0.2 branch which will be unsupported in a few weeks (by the end of this year).

Unfortunately I never found enough testers for my experimental 1.1.1 library builds and I am currently out of native windows development. I had a look at the current list on https://wiki.openssl.org/index.php/Binaries and saw that François Piette (ICS) started providing pre-compiled libraries too and already provides the 1.1.1 branch. Bintray releases seem solid too (build chain on https://github.com/curl/curl-for-win).

[rlebeau]

Work is in progress to support OpenSSL 1.1.x. I do not know at this time whether it will be ready by the deadline, though.

[jgv-Lisam]

@rlebeau Would be great if you could create a new branch for this support.

[rlebeau]

I have created an "OpenSSL-1.1.x" branch

[JPeterMugaas]

No, there has been too many setbacks in my life.

[rlebeau]

@JPeterMugaas you are not the only one working on it lately.

[mezen]

I created a fork (https://github.com/mezen/Indy/commits/NewOpenSSL) where a lot of progress is already done. A release-able version is not far away

[nag944]

I tried this code. Seems to be functional, but some strong problems with stability. Even at medium load, http server halts every several hours with exception "Failed to shutdown with result reason code 5".

[smeier1218]

What do I have to do to make INDY 10 on my Delphi 7 installed on windows 10 64Bit work with TLS 1.2 ?