[Using TLS1.3 with uniGUI]

23 minutes ago, Farshad Mohajeri said:

We use the official version from Indy's official repository.

It can be the problem because there is no indication that it is a finished  and working TLS 1.3 port.

Fyi, could you please check

https://github.com/mezen/Indy/tree/NewOpenSSL_PR

This is from Mezen who provided the pull request for the new openssl IO handler.

 

 

[Using TLS1.3 with uniGUI]

Yes I already use this information (cipherlist), thank you. The problem is that the 'old' openSSL dll's (1.0.2u) get 'red' flagged at some of my customers. It would be nice if we would know when TLS1.3 support would be added or if we could add it ourselves using for example YuOpenSSL or alternatives.

[Using TLS1.3 with uniGUI]

Regularly I get the question from my customers to support TLS1.3. Is there any news regarding this item. would it be possible to use YuOpenSSL with uniGUI? Any other ways to add TL1.3 to uniGUI?

Regards,

Pascal

[Using TLS 1.3]

4 minutes ago, irigsoft said:

it's not a problem for my time, I want to help you and for everyone's sake afterwards, but I can't give you a ready-to-use solution.

I am not sure what is your purpose:

you want to block the use of SSL3 (like your example: https://stackoverflow.com/questions/44767903/delphi-indy-ssl-parameters),

or something else because error message is exact that: https://appuals.com/how-to-fix-ssl_error_no_cypher_overlap/

Due to a vulnerability-scan at one of my customers we got the request to add an option for a customized cipher list. We got a couple of ciphers they would like to use and that is when I started getting this error message. I'll try further and let you know the result.

[Using TLS 1.3]

1 minute ago, irigsoft said:

You have to check, but I think so.

Ok, sorry for your time, I had to tell you this in the beginning. Thank you very much for all your information on the forum regarding security. Much appreciated.

[Using TLS 1.3]

2 minutes ago, irigsoft said:

can you try with another/external IP (not 127.0.0.1) ?

Same error message:

An error occurred during a connection to 10.211.55.8:8077. Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP

[Using TLS 1.3]

FYI, this one works 'from your example code':

cCIPHER_LIST_4: WideString = 'AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA';

 

(Stupid) question, I'm using a Self Signed certificate, could this be the issue? 

 

[Using TLS 1.3]

It only works when RSA+AESGCM or RSA+AES is in the list. 

Firefox information about the encryption used.

 

FYI, Same issue with Chrome:

127.0.0.1 uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

 

[Using TLS 1.3]

14 minutes ago, irigsoft said:

Hello,

Did you try this solution: https://kinsta.com/blog/ssl_error_no_cypher_overlap/#2-reset-your-tls-and-ssl3-settings

please share part of your code how exactly you use it.

For example:

SSL.SSLOptions.SSLVersions := [sslvTLSv1_2];

SSL.SSLOptions.CipherList := 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL:!MD5:!DSS ';

It seems to work when I add older ciphers like:  

SSL.SSLOptions.CipherList := 'RSA+AESGCM:RSA+AES';

I tried the different solutions from the link, did not help.

(Thank you for your reply)

[Using TLS 1.3]

Hi,

I'm using 1.0.2u OpenSSL dll's from Indy and uniGUI 1.90.0.1563

I must be something wrong trying to implement this. So I'm setting SSL.SSLOptions.CipherList to a desired list of ciphers: 

ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256

When trying to connect to my uniGUI webserver (testing it as application and as service) I get the following error message from Firefox:

 

Quote

Secure Connection Failed

An error occurred during a connection to 127.0.0.1:8077. Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP

Only when I add the following (old) ciphers, then it works: 

AES128-SHA
AES256-SHA

Any idea what I'm doing wrong.

Regards,

Pascal

[TUniMemo Scrollbars, scrollTo bottom]

Thank you, works just fine.

[TUniMemo Scrollbars, scrollTo bottom]

Hi,

I'm trying to scrolldown to the end of my UniMemo using the following code but this doesn't seem to work.

mmRunTimeLog.JSInterface.JSCall('inputEl.scrollTo', ['bottom']);

Any idea what I could be doing wrong? Using uniGUI v1.90.0.1551

Regards,

Pascal

[Vulnerability reported by the IKARE Tool through the tcp port 8077]

ok I enabled 'soDontLoadJQueryLib' and everything still seems to work so now I'm a bit confused. Which components use the JQuery Lib?

[Vulnerability reported by the IKARE Tool through the tcp port 8077]

 

Also at the moment, you can try disabling jQuery

And 'everything' should still work or which part not?

 

[Vulnerability reported by the IKARE Tool through the tcp port 8077]

No, it's a UniGUI service connecting to a TCP socket and displaying information to the user. Quite simple until the customer used this IKERA tool ..

[Vulnerability reported by the IKARE Tool through the tcp port 8077]

Standalone (as Service)

[Vulnerability reported by the IKARE Tool through the tcp port 8077]

Hi,

One of my users mailed me the following information:

Quote

 

The vulnerability is still reported by the IKARE Tool through the tcp port 8077 .

This is the description of the vulnerability :

« Summary: The installed version of jQuery on the remote host has reached the End of Life (EOL) and should not be used anymore.

Impact: An EOL version of jQuery is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host »

 

Any idea when the jQuery part in uniGUI will get an update?

Using uniGUI 1.90.0.1542

Regards,

Pascal

 

[TUniGaugeSeries]

Hello,

I'm having an issue with the Gauge chart. It seemq I can't to find a way to get it like in the picture. Would like to use the gauge as a kind of circular progressbar. I would like to know how to get a 180° circle Gauge. Any idea what I'm doing wrong. Already tried so many options ..

Thank you,

Pascal

 

[TUniSyntaxEdit Events]

Hi All,

TUniSyntaxEdit does not have events like 'On Change' or 'OnKeyDown' like TUniMemo has. Is it possible to catch those events in the TUniSyntaxEdit component.

Regards,

Pascal

[Progressbar Color]

Thank You!

[Progressbar Color]

Question, is it possible to change the color of a progressbar. It seems that it depends on the theme now ..

I've three progressbars and they all should have a different color.

Thank you

Pascal 

[Font size buttons uniGui v.1.70]

Quote

Sorry for the frustrations but I can not build serious web applications and after each update, wait to see what I see or should change. My application only
has 120 forms  and i'm not willing to modify them after update

Having the same issue here. Had to update all my forms after switching to 1.5. I'm afraid what will happen if I install 1.7.

But .. UniGui is a great product :-)

[RadioGroup Items vertical spacing]

Yes, this works! Thanks DD

[RadioGroup Items vertical spacing]

Hi DD,

 

Now I get the message 'Loading ...'. The page does not show anymore.

 

Regards,

Pascal

[RadioGroup Items vertical spacing]

Ok now I understand. The je..@te....be was the account I used before I bought a License. So I swapped to my 'official' account now (I will remove the other one).

 

 

It can only be changed by changing height of the radiogroup control.

 

Changing the height does not change the spacing between the radio items..