Thomas wrote:


For the record, here is what Google says about it:

http://developer.android.com/about/versions/marshmallow/android-6.0-changes.html#boringSSL


Considering that BoringSSL is just a fork of OpenSSL to make it "a much lighter-weight
version of OpenSSL that strips out many of the application programing interfaces
(APIs) and application binary interfaces (ABIs) found in the latter", and
for Google to apply their own internal patches to without applying them to
OpenSSL, I wonder how much work it would be to make Indy compatible with
BoringSSL. As long as the remaining APIs are the same, maybe it is just
a matter of making Indy look for different library filenames at runtime.
I hope it does not mean having to write a completely new IOHandler for BoringSSL,
that could be a lot of work.


What does Indy's WhichFailedToLoad() function return when that happens?
Is it failing to load the library files themselves? Or is it failing to find
particular SSL functions?


You would have to distribute the OpenSSL binaries (libssl.so and libcrypto.so)
with your Android app and then call the IdOpenSSLSetLibPath() function at
app startup to tell Indy where to find them.


For iOS, Indy statically links to OpenSSL at compile time, it does not dynamically
load OpenSSL at runtime (due to Apple restrictions at the time, which may
have since been lifted in recent iOS versions, but Indy has not been updated
to support that yet).


Not from Indy, no. You will have to find third-party .so files, or compile
OpenSSL yourself.

--
Remy Lebeau (TeamB)

Doug wrote:


That was addressed in an update to Indy a few weeks ago:

OpenSSL changes
http://www.indyproject.org/sockets/blogs/changelog/20150907.aspx


There is not, actually. Some distributions of OpenSSL have disabled SSLv2
altogether.


If you cannot find an OpenSSL distribution that does not disable SSLv2, then
you will have to update your Indy installation to an up-to-date version.

--
Remy Lebeau (TeamB)

It doesn't work either with TLS1_2. libssl.so, libcrypto.so aren't present.

I tried to add them to the lib\armeabi via deployement and force IdOpenSSLSetLibPath(). no sucess

  FSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
  FSSL.SSLOptions.Method := sslvTLSv1_2;
  FSSL.SSLOptions.Mode := sslmClient;
 
  FTCP := TIdTCPClient.Create(nil);
  FTCP.IOHandler := FSSL;
  FTCP.Host := 'google.com';
  FTCP.Port := 443;
 
  FTCP.Connect;

it gives you 'Could not load SSL library' error. only on Android 6.0

i tried to deploy libssl.so and libcrypto.so to library\lib\armeabi\ or library\lib\armeabi-v7a\

still no sucess.

Edited by: David Drouin on Nov 4, 2015 3:15 PM - typos

Everything you said is totally right.

Here is a snippet of what I tried a couple days ago and doesnt work.

program NoGoSSL;
 
{$R *.dres}
 
uses
  {$IFDEF ANDROID}
    IdSSLOpenSSL;
  {$endif}
  //.....
 
{$R *.res}
 
begin
  {$IFDEF ANDROID}
    IdOpenSSLSetLibPath('library\lib\armeabi\');
  {$ENDIF}
  //...
  Application.Run;
end.

I also went to the project deployment and add both libcrypto.so and libssl.so to library\lib\armeabi\

I also tried with libcrypto.a and libssl.a with the same path.

I also tried the two stated above with this path -> library\lib\armeabi-v7a\

Any ideas are welcome.

Thanks again.

I did all that.

used Es File Explorer to check if the files exists : Yes.

used code inside the app to check if the exists : Yes

modified line 19400 from IdSSLOpenSSLHeaders unit to add 1.0.2 // not sure if that helps or not.

SSLDLLVers : array [0..8] of string = ('','.10','1.0.2','.1.0.1','.1.0.0','0.9.9','.0.9.8','.0.9.7','0.9.6');

Still getting the same error. 'Could not load SSL library'

WhichFailedToLoad() gives me "Failed to load /data/user/0/myapp/files/libcrypto."

Here are the 4 files related to openssl in /data/user/0/myapp/files/

libcrypto.a
libcrypto.so
libssl.a
libssl.so

did Google rename them, no.

under /system/lib/ you can find

libcrypto.so
libssl.so

WhichFailedToLoad() gives me the following when i don't set IdOpenSSLSetLibPath()

https://imgur.com/Ejm5nfS

I just tried TscSSLClient from SecureBridge( it doesnt rely on indy)

it works fine. only problem is that i will need to rewrite the whole unit that uses indy stuff.

Where are you obtaining the .so files from, or are you compiling them yourself? I'm having the same issue with SSL on Android 6.

I know how to deploy; possibly just have the wrong binaries.

--
Dave Nottage [TeamB]
Delphi Worlds blog: http://delphi.radsoft.com.au/blog

Dave wrote:


As long as you deploy standard OpenSSL .so files, I think Indy would work,
if you tell it to load your deployed .so files and not the system naative
.so files. If that is not working, then I need to know what is still failing.

--
Remy Lebeau (TeamB)

I'm tring with Delphi Berlin and DataSnap TCP with SSL on Android 6.01 device. i can't work fine ( Samsung S6 edge )

my code:
IdOpenSSLSetLibPath('assets/internal/');

in deployment option:
libssl.so and libcrypto.so to remote_path = assets\internal\

i have tried rename libssl.so and libcrypto.so to mylibssl.so and mylibcrypto.so and update IdSSLOpenSSLHeaders source file but i can't work

Any hint ?

update:

i have change my code to:
IdOpenSSLSetLibPath(System.IOUtils.TPath.GetDocumentsPath);

in deployment option:
libssl.so and libcrypto.so to remote_path = assets\internal

Download SSL files ( OpenSSL 1.0.2g Android.zip )
http://www.delphipraxis.net/188736-kompilierte-openssl-bibliotheken-fuer-android.html

compiled.. and work fine on my Samsung S6 Edge 6.0.1

i have uploaded and published on Google play store, APK Correct , no Google warning. all ok.

i have downloaded from others smartphone ( android 6.0 ) my app from store and work fine.

Am 11.05.2016 um 20:32 schrieb Remy Lebeau (TeamB):

And where's the problem with registering?
It's free, it might be just German language on the registration screen.
If you need help with that ask and we'll find a way

Greetings

Markus

I just did it.
https://forums.embarcadero.com/thread.jspa?messageID=824565&#824565
Marco

Edited by: Marco Cirinei on May 12, 2016 9:24 AM

Am 12.05.2016 um 20:04 schrieb Remy Lebeau (TeamB):

Did you already make anything out of the Android files yet?

Greetings

Markus

Hard to say without knowing what you have actually read and tried so far.

--
Remy Lebeau (TeamB)

David wrote:


I am the primary developer of Indy.

--
Remy Lebeau (TeamB)

Chris wrote:


When an update is made (still in progress), an announcement will be more
appropriately posted in the 3rd Party forum instead. As well as on Indy's
own forum server (http://forums2.atozed.com) and Indy's changelog blog (http://www.indyproject.org/Sockets/Blogs/ChangeLog/).

--
Remy Lebeau (TeamB)

Andreas wrote:


That only applies to iOS, not to Android.


The latest OpenSSL libs for Indy are available at https://indy.fulgan.com/SSL/

--
Remy Lebeau (TeamB)

Thank you so much Remy for all the prompt replies. I'm all clear now

https://dltutuapp.com/apk/ https://tutuappx.com/download-tutu-helper-app/

Edited by: Hareesh Reddy on Jan 1, 2018 1:58 AM