SSL/TLS Plugin Architecture

Synapse rel. 36 introducing new model for handling SSL/TLS protocols based on plugin architecture. This new model is not fully compatible with your old project sources, but needed changes are minimal.

SSL/TLS implementation is not integrated in TTCPBlockSocket class as in previous versions, all SSL/TLS code is separated to new plugin class. This plugin class will be created totally automaticly for each TCP class. Do not create this plugin class explicitly! Plugin class metods and properties are accessible by TTCPBlockSock.SSL propety.

Changes In Your Sources

First you must explicitly select what plugin you wish to use. You can do it simply by adding unit with SSL plugin to your project sources. You can add only one from SSL plugins in one project! When you wish to use OpenSSL, then add /ssl_openssl/ to your project uses, for example.

:!: When you not select any plugin, your application will be compiled totally without SSL/TLS support!

When you try to compile your project now, you maybe got some 'not found' error mesages. Check this:

  • some properties with prefix SSL* exists under new SSL property. For example, try to change property name SSLCertificateFile to SSL.CertificateFile.
  • some properties no longer exists, exist lot of new properties under TTCPBlockSocket.SSL instead.
  • Do not use SSLEnabled property for enable or disable SSL/TLS mode! Use SSLDoConnect, SSLDoShutdown and SSLDoAcceptConnection instead.

:!: Old SSLPassword cannot be converted to SSL.Password! Please, convert your SSLPassword to SSL.KeyPassword instead. SSL.Password is used for protocols what need authorization by username and password instead keys now. (Like SSH.)

Existing Plugins

With Synapse are distributed four plugins:

  • default dummy plugin
  • ssl_openssl for OpenSSL
  • ssl_cryptlib for CryptLib
  • ssl_streamsec for StreamSecII or OpenStreamSecII

Each plugin have another set of capabilities. Here are major compare of this plugin. More details you can found in documentation for each plugin.

ssl_openssl ssl_cryptlib ssl_streamsec
protocols SSL, TLS SSL, TLS, SSHv2 SSL, TLS
dependency OpenSSL DLLs CryptLib DLL native Delphi Sources
compilers D3+, Kylix, Freepascal D3+, Kylix D4+, BCB6+, Kylix3+
cert and key PEM, DER, PFX limited limited
highlights best support by Synapse free SSHv2 implementation not need external library
public/howto/sslplugin.txt · Last modified: 2011/07/12 14:47 by daemon_x
Driven by DokuWiki Recent changes RSS feed