[Lazarus] Email sending program using Indy stopped working - seems to be an SSL problem
Tony Whyman
tony.whyman at mccallumwhyman.com
Mon Jan 15 11:51:12 CET 2024
The default for SSLVersions is sslvTLSv1, so it looks like your mail
server stopped accepting TLS v1.x (which it should do as older versions
are now deprecated). I assume that you are using the out of date Openssl
1.0.2 library or earlier, given that TIdSSLIOHandlerSocketOpenSSL does
not work with later versions.
The underlying problem here is that the current Indy version does not
support OpenSSL beyond 1.0.2. The next problem that you will hit is that
your OS deprecates this version and you have to build and install
Openssl 1.0.2 yourself (including any unfixed bugs).
This is already true in the Linux world where Debian 12 only provides
OpenSSL 3.2. I am still using Mint 20.3 on my desktop, but that has also
discontinued 1.0.2 with 1.1.1 being the provided version. I am not sure
what is the status under Windows.
As I reported in my post to this thread on 13th, there is a proposed
patch available to support OpenSSL 1.1.1 with a hint that the author is
working on a patch for OpenSSL 3.2. It would be a good idea if all
affected users could keep pushing, on the github issues list for Indy,
in order to get this patch done as without it Indy is effectively end of
life.
On 15/01/2024 07:32, Bo Berglund via lazarus wrote:
> FINALLY:
> --------
> After I posted on the Atozed forum I received a reply where a by me previously
> unknown configuration item for TIdSSLIOHandlerSocketOpenSSL was suggested:
>
> constructor TSvnMessage.Create;
> begin
> FSvnUsers := TSvnUsers.Create;
> FSubscription := TStringList.Create;
> FSMTP := TIdSMTP.Create(nil);
>
> FSSLHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
> //Add this to set the scope of SSL versions allowed:
> FSSLHandler.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
>
> FMailMessage := TIdMessage.Create(nil);
> end;
>
> This single line in the code for my mailer made it resume operations toward the
> changed mail server!
>
> Posting here in case someone wonders in the future about how to fix it.
>
> Issue closed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lazarus-ide.org/pipermail/lazarus/attachments/20240115/71ca6dd6/attachment.htm>
More information about the lazarus
mailing list