tags:

views:

620

answers:

7

Hi,

We use Indy and we need SSL eMail support in our app., however we need to have our application in a single .Exe.

We know that the default Indy handler requires to have the dlls in the path. Extracting the Dlls from one of the EXE's resources would be the last resort.

Any better ideas?

+5  A: 

Try SSLBlackBox.

TOndrej
+1  A: 

Is the "Single EXE" requirement for distribution purposes or must it also be a single .EXE file when running on the client's machine?

If it's only for distribution purposes, you can append the DLL files to the end of your .EXE file and then - when the program starts - extract them from the .EXE file and store them locally as .DLL files, something like this:

VAR F,O : FILE;
VAR BUF : ARRAY[1..<MaxSizeOfDLLs>] OF BYTE;
ASSIGN(F,ParamStr(0)); RESET(F,1);
SEEK(F,<OriginalExeSize>);
BLOCKREAD(F,BUF,<FirstDllSize>);
ASSIGN(O,<NameOfFirstDLL>); REWRITE(O,1);
BLOCKWRITE(O,BUF,<FirstDllSize>); CLOSE(O);
BLOCKREAD(F,BUF,<SecondDllSize>);
ASSIGN(O,<NameOfSecondDLL>); REWRITE(O,1);
BLOCKWRITE(O,BUF,<SecondDllSize>); CLOSE(O);
SEEK(F,<OriginalExeSize>); TRUNCATE(F); CLOSE(F)

Quick'n'Dirty, not properly formatted, etc., but should give you the basic idea.

HeartWare
I think your shift key got stuck pretty bad...
Robert Giesecke
Maybe he used to be a COBOL programmer and caps make him feel more at home...
Mick
A seasoned COBOL programmer can write a COBOL program in any language. ;-)
TOndrej
Embedding the SSL code makes more difficult to intercept calls. Using DLLs someome may write a proxy DLL and intercept calls. That's not a problem if the application runs in a controlled environment (i.e. a web server), but it could be in uncontrolled environments.
ldsandon
A: 
Ravaut123
CDO requires all sorts of DLLs to be installed on the end-user machine. If earlier versions of Outlook are installed then these are automatically present, but MS stopped installing the CDO files with Outlook 2007 and later, and so provide a redist for CDO.
_J_
+2  A: 

Be aware: if you add SSL/TLS support inside your executable, it might become restricted for export. If you're in the USA, this could mean that your application cannot be sold or given to people outside the USA. This is why these DLL's aren't part of Indy or Delphi themselves.

The libraries that Delphi uses are actually compiled DLL's from the OpenSSL project. But if you have a good knowledge of C then you should be able to compile the source to .obj files and link them with your Delphi code instead. You would probably need to modify part of the Indy code for this too. Of course, others could have done this too, but that makes the export of those Indy components (or even Delphi itself) more complex, because of those export restrictions.

Funnily enough, source code is protected by the first amendment which basically allows you to print the code in a book and then send it to some rogue nation. While if you'd send it in digital form (compiled or not) then you're committing a federal offence and probably will have to be careful when picking up the soap in the shower for at least a year... No one claimed that laws make sense. They can just be a pain in the [beep]...

Other SSL solutions don't work together with the Indy components, which would mean you'd have to rewrite part of your code to support those other solutions.


This link tells how you can load a DLL from memory, so you don't need to have it on disk. It's an alternate solution which I haven't tried. I don't think it will work, since the two DLL's depend on each other, but it might be worth a try...

Workshop Alex
Unless his plan is to have the customer go download the DLLs separately, he'd be subject to the export restrictions anyway since he'd be distributing the program and the requisite DLLs together.
Rob Kennedy
AFAIK some export restriction has been lifted - for example now Apache offers SSL-enabled downloads.
ldsandon
The export restriction is mostly when exporting from the USA, although other countries do have similar restrictions. Ignoring this restriction is at your own risk, although I don't expect the risk to be real big. The OpenSSL library contains quite a lot of encryption technologies, thus this library is restricted. Apache-SSL is based on OpenSSL but is hosted by an organisation in the UK, thus other restrictions apply to them.
Workshop Alex
+2  A: 

TOndrey gave you a good answer. I use SecureBlackBox as well. You may consider some other third party components:

Mihaela
+1  A: 

I use Microsoft's CAPICOM for SSl3 and it solved my needs... It's freely redistributable but discontinued

If you try other components maybe you should look to SYNAPSE(at http://synapse.ararat.cz/) (I also use) it can work with StreamSec(and others) to send emails over ssl. Its free and easy to work.

Guy
A: 

It is possible to include these DLLs into the program's executable as resources and either export them to files when used or even use them without exporting them first by relocating the code and searching the entry points in memory. I have got code somewhere for doing the latter....

dummzeuch