|
| 1 | +August 2025 - OpenSSL Package Clean Up |
| 2 | + |
| 3 | +The objective of this package cleanup is to improve readability and maintainability with only minimal impact on the end user. Primarily, this involves splitting up the IdSSLOpenSSL unit with limited code clean up. IdSSLOpenSSL is retained and continues to provide the classes TIdSSLIOHandlerSocketOpenSSL and TIdServerIOHandlerSSLOpenSSL. This should ensure that basic users of Indy OpenSSL should need to do no more than recompile their source code in order to use this update. |
| 4 | + |
| 5 | +If SSLOptions are set by user code, then additionally, the IdSSLOpenSSLOptions unit must now be included in a using units "uses" list. |
| 6 | + |
| 7 | +If X.509 certificates are set or processed by user code, then additionally, the IdSSLOpenSSLX509 unit must now included in a using units "uses" list. |
| 8 | + |
| 9 | +Unit Split |
| 10 | +========== |
| 11 | + |
| 12 | +IdSSLOpenSSL has been split into the following units: |
| 13 | + |
| 14 | +1. IdSSLOpenSSL including TIdSSLIOHandlerSocketOpenSSL and TIdServerIOHandlerSSLOpenSSL classes and supporting types. |
| 15 | + |
| 16 | +2. IdSSLOpenSSLSocket including TIdSSLSocket, TIdSSLContext and TIdSSLCipher classes and supporting types. |
| 17 | + |
| 18 | +3. IdSSLOpenSSLOptions including TIdSSLOptions and supporting types. |
| 19 | + |
| 20 | +4. IdSSLOpenSSLX509 including TIdX509, TIdX509SigInfo, TIdX509Fingerprints, TIdX509Info and TIdX509Name classes and supporting types. |
| 21 | + |
| 22 | +5. IdSSLOpenSSLUtils: miscellaneous support functions. |
| 23 | + |
| 24 | +6. IdSSLwincrypt: contains a (limited) interface to wincrypt32.dll for use on MS Windows when loading the Windows cert store. |
| 25 | + |
| 26 | +Detailed Changes that may be externally visible |
| 27 | +=============================================== |
| 28 | + |
| 29 | +1. procedures LoadOpenSSLLibrary and UnLoadOpenSSLLibrary have been moved to IdSSLOpenSSLSocket. Generally, you will not be needing to use these functions as the OpenSSL library is automatically loaded on first use and unloaded at program end. |
| 30 | + |
| 31 | +2. TCallbackExEvent: changed type definition from |
| 32 | + |
| 33 | +TCallbackExEvent = procedure(ASender : TObject; const AsslSocket: PSSL; |
| 34 | + const AWhere, Aret: TIdC_INT; const AType, AMsg : String ) of object; |
| 35 | + |
| 36 | +to |
| 37 | + |
| 38 | +TCallbackExEvent = procedure(ASender : TObject; const aSSLSocket: TIdSSLSocket; |
| 39 | + const AWhere, Aret: TIdC_INT; const AType, AMsg : String ) of object; |
| 40 | + |
| 41 | +TIdSSLSocket now has a new public method: |
| 42 | + |
| 43 | +function GetSSL: PSSL; |
| 44 | + |
| 45 | +which gives access to the underlying SSL structure if needed by TCallbackExEvent. The PSSL type is defined in IdOpenSSLHeaders_ossl_typ.pas. |
| 46 | + |
| 47 | +3. IIdSSLOpenSSLCallbackHelper has been moved to IdSSLOpenSSLSocket and revised. This is an internal interface meant for polymorphic access to TIdSSLIOHandlerSocketOpenSSL and TIdServerIOHandlerSSLOpenSSL by IdSSLOpenSSLSocket and callbacks. It is not intended for external use, but is externally visible. The interface has been revised to increase isolation between provider and user, to some extent necessitated by the movement of IdSSLOpenSSLSocket and callbacks to a separate unit. |
| 48 | + |
| 49 | +Test Programs |
| 50 | +============= |
| 51 | + |
| 52 | +The OpenSSL test programs have been updated to demonstrate use of the OnStatusInfo callback for both client and server. This is primarily a debuging aid reporting on the TLS protocol operation. |
| 53 | + |
| 54 | + |
0 commit comments