OpenSSL 1.0.1s and 1.0.2g

OpenSSL updates for 1.0.1 and 1.0.2

Again this post is a little late but the updates on the Fulgan Mirror are not 😉

Direct Links

https://indy.fulgan.com/SSL/openssl-1.0.2g-x64_86-win64.zip
https://indy.fulgan.com/SSL/openssl-1.0.2g-i386-win32.zip

https://indy.fulgan.com/SSL/openssl-1.0.1s-x64_86-win64.zip
https://indy.fulgan.com/SSL/openssl-1.0.1s-i386-win32.zip

Recommended Version (1.0.2g) highlighted.

End of Lifetime notice
0.9.8 branch support already ceased.
Support for the 1.0.1 branch will cease on 12/31/2016, too. Users of the 1.0.1 branch are advised to upgrade within this period.

See the official OpenSSL Release Strategy.

LinkLibs
For those interested in the Link Libs and Definitions have a look at the new directory on the mirror where you find the files created while building the above libraries: http://indy.fulgan.com/SSL/LinkLibs/.

IMPORTANT EDIT: See comments, Indy has problems loading the new libraries. I am going to inform the team, an Indy Update is likely going to be necessary. The libraries as is are working correctly. Hopefully they can help out in the mean time to fix this. As I am out of town my own Delphi tests will delay until the end of next week 😦 If urgently needed (as high security risks have been fixed), consider switching to SLProWeb OpenSSL releases in the meantime (but I can’t tell if they fail, too. And they require VC++ runtime DLLs, see their website)!

Turned out that this User didn’t update his Indy installation:

Important Note from the Indy Team
Our team member Remy LeBeau told me yesterday that if you use these libraries with Indy / Delphi, you must use one of the more recent Indy Versions, otherwise loading will fail with “EIdOSSLCouldNotLoadSSLLibrary”. Thanks Remy for clarification! All Versions after September 2015 should work. The current Indy Version is 10.6.2.5345. Versions like e.g. 10.6.0.5167 will fail. This is due to some changes in the OpenSSL headers which were required: SSLv2 is deprecated in the OpenSSL libraries now and old Indy Versions check if these functions exist. See: http://www.indyproject.org/Sockets/blogs/changelog/20150907.de.aspx

Cheers,
Frederik

Advertisements

7 thoughts on “OpenSSL 1.0.1s and 1.0.2g

  1. Trying openssl-1.0.2g-i386-win32 from fulgan mirror with Indy 10.6.0.5167 built with Delphi XE on Windows 7 64bit I always get a “EIdOSSLCouldNotLoadSSLLibrary: “Could not load SSL library.”” Exception. When I do a downgrade back to 1.0.2f, everything works.

    • Build process and test worked fine, as usual. But anyway, if it’s not working I’ll have a look into this! This will likely delay until next week, as I am out of town and have no access to the build vm.

      In the meantime: If it’s urgent switch to SLProWeb dlls if requirement of VC++ runtime is no problem. I’ll follow up with a test asap.

      I’ll notify the team about.

    • You’re welcome! And thanks for the hint that old versions will fail to load. This will likely help others running into this error message.

  2. It seems like 1.0.2g together with current Indy version (trunk) has problems to negotiate a common protocol version using sslvSSLv23 method if the server supports SSLv3 and TLSv1 only. Connecting with sslvSSLv3 or sslvTLSv1 methods works but sslvSSLv23 throws EIdOSSLConnectError-Exception “Error connecting with SSL. EOF was observed that violates the protocol”.

    I’m currently trying to figure out whether this is an OpenSSL or Indy bug.

    • Sorry for the late reply.. I am unaware of any issue but if you still encounter this problem, I can forward this to the Indy core team. – Frederik

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s