Difference between revisions of "ICS Download"

ICS is available as source code only. You need Delphi to build the sample programs and create your own application.

ICS versions available:

• ICS-V9 for Delphi 7 to Delphi 12 / C++ Builder 10.2 to 12, FireMonkey cross platform support for POSIX/MacOS (long term support release, 32 and 64-bit).
• ICS-V8 for Delphi 7 to Delphi 11 (stable release, no new development, please upgrade to V9).
• ICS-V7 for Delphi 7 / C++ Builder 2006 to Delphi / C++ Builder XE3 (discontinued and obsolete, please upgrade to V9).
• ICS-V6 for Delphi 7 / C++ Builder 2006 to Delphi / C++ Builder 2007 (discontinued and obsolete, please upgrade to V9 if you do not have to support Windows versions < W2K).
• ICS-V5 for Delphi / BCB 1 to Delphi / C++ Builder 2007 and Delphi .NET (discontinued and obsolete, please upgrade to V9).

ICS News

Major Changes in ICS V9.1:

Although ICS V9.1 does not contain any new components, there are many other SSL/TLS changes that will affect existing applications, but make ICS easier to use and support for the future.

1. Delphi 10.4 and later now use the same install groups and packages, IcsInstallFmx, IcsInstallVcl and IcsInstallVclFmx, making support a lot easier. Version specific groups remain for Delphi 10.3 and earlier, with new groups D(X)InstallVcl for VCL only replacing the old OverbyteIcs(X) groups, again to simplify support. Dozens of old packages have been removed for this release, so please delete all old groups and packages before installing V9.1, to avoid a mix of old and new packages. Only C++ 10.4 and later are now supported, but untested.
2. The old samples directory has gone and many of the older and little used samples have been archived to a separate download. The active samples used to test and demonstrate all ICS components are now split into the following paths, in the ICS root directory: All these samples can now be built for Win32 and Win64 platforms.
   1. demos-delphi-vcl - 45 VCL samples for Windows.
   2. demos-delphi-extra - four VCL samples that need third party components to build.
   3. demos-delphi-fmx - seven FMX samples for Windows, not yet tested on MacOS.
   4. demos-cpp-vcl - all old C++ samples that have not been tested for 10 years, need help.
   5. demos-data - data files for samples, such as web pages.
3. To ease development, linking and future support, some new units have been added by splitting existing units with multiple components, unfortunately this means many existing projects will need one or more of the new units adding to their uses section. Apologies for the pain, but this should have been done a long time ago. The main change is splitting out much of the SSL/TLS related code from the massive OverbyteIcsWSocket unit to a new unit OverbyteIcsSslBase.
4. Distribution of the ICS OpenSSL files has changed. Earlier ICS versions required the OpenSSL DLLs to be distributed with applications, and a root CA bundle file to verify SSL/TLS connections, and these needed to be loaded using code. There was little standardisation over where the OpenSSL DLLs were located, applications tended to keep their own copies alongside other executables, leading to multiple DLL copies and needing the public variable GSSL_DLL_DIR set to a specific directory before OpenSSL was loaded. Likewise, root CA bundle directories had to be distributed with applications and loaded with code. ICS V9.1 allows five different ways of loading OpenSSL: Which method ICS uses to load OpenSSL depends upon several defines in the .\Source\Include\OverbyteIcsDefs.inc file, please see the readme9.txt file for details. ICS currently includes resource files for three different OpenSSL releases, 3.0`13. 3.1.5 and 3.2.1, which version is linked is controlled by a define. If the OpenSSL DLLs are linked into the application, they are extracted to a version subdirectory, ie C:\ProgramData\ICS-OpenSSL\3012\ so different applications can use different OpenSSL versions. This happens only once if the files have not already been extracted. When updating existing projects without using any new defines, the ICS old behaviour of methods 3, 4 and 5 above remain with no changes needed.
   1. DLLs linked into application as resource files
   2. DLLs loaded from common directory C:\ProgramData\ICS-OpenSSL\
   3. OpenSSL DCU linked into application using commercial YuOpenSSL
   4. DLLs loaded from location specified in public variable GSSL_DLL_DIR
   5. DLLs loaded according to path, may be found anywhere on PC
5. A common IcsSslRootCAStore component is now created at application start-up, to avoid different components needing their own CA stores to verify SSL/TLS certificates, and for applications to load those stores. The three different CA stores included with ICS are now supplied as resource files, with a define determining which is linked into applications.Another define causes OpenSSL and this store to be loaded at application startup, so OpenSSL is available for allcomponents, without it needing to be loaded again, perhaps repeatedly. Without new defines, a CA Store can be loaded manually into IcsSslRootCAStore. The ICS servers use CA Stores now use IcsSslRootCAStore and no longer load any files specified.
6. All SSL/TLS servers need a certificate and private key to start, even when testing. Previously ICS supplied some self signed certificates for testing, and also created such certificates automatically if they were missing or if the server was about to order a Let's Encrypt certificate. Accessing such servers for testing using browsers raised various warnings.ICS now has it's own SSL root certificate 'ICS Root CA' and two intermediates, 'ICS Intermediate' and 'ICS Intermediate Short', the last of which includes a private key so can be used to automatically sign new certificates by ICS server applications, rather than just self signed certificates as before. If the 'ICS Root CA' certificate is installed in the Window Store and browser stores, it should stop certificate warnings appearing. ICS applications automatically trust the ICS root, so will give no warnings. The short intermediate has a maximum 100 day expiry, so new versions will be issued regularly. There is a single function CreateSelfSignCertEx that created signed certificates, and another IcsInstallIcsRoot that installs the ICS root into the Windows Store, so easy to use. It is possible to replace the ICS root with your own private root certificate and have servers create their own certificates against that root, for internal networks.
7. The TSslHttpRest component now allows TRestParams to be created as content type 'Form-Data Body' to create MIME multipart/form-data parameters that may include new TParamType of RPTypeFile that specifies a file name whose binary content will be added to the parameters as a file upload, allowing multiple files and extra parameters. TRestParams are now built into a TStream rather than a string to allow larger parameter sizes, tested up to 8GB. The ICS web server samples have improved MIME decoding to accept massive uploads.
8. Several client and server components have a new property NoSSL which if set will prevent those components using SSL/TLS for HTTPS or FTPS, even if the application is linked with OpenSSL code. Beware the IcsSslRootCAStore component must not be initialised by the application.

Full release notes are at More detailed release notes are at ICS 9.1 Release Notes

More detailed instructions for updating to V9.1 are at [[Updating_projects_to_V9.1 | pdating projects to V9.1]

Major Changes in ICS V9.0 include:

New samples

Samples/Delphi/SslInternet/OverbyteIcsSnippets - Small samples of codes for FTP, HTTP, sockets and email.

Samples/Delphi/OtherDemos/OverbyteIcsNetMon - Internet Packet Monitoring Components, display packets and traffic using Npcap and raw sockets.

Samples/Delphi/OtherDemos/OverbyteIcsNetTools - Network Tools Demo, uses all the main IP Helper functions, also TTIcsNeighbDevices, TIcsDomainNameCache, IcsDnsQueuy, TDnsQueryHttps, TIcsWhoisCli, TIcsIpChanges, TPing and TPingThread.

Samples/Delphi/PlatformDemos/IcsHttpRestTstFmx - FMX HTTPS REST and OAuth, Send SMS and DNS over HTTPS functions demo.

Samples/Delphi/PlatformDemos/IcsSslMultiWebServ - FMX Advanced multi host web server demo.

Samples/Delphi/SslInternet/OverbyteIcsMQTTst - MQ Telemetry Transport message queuing service.

Major sample updates for new components

Samples/Delphi/SslInternet/OverbyteIcsHttpRestTst1 - Uses TSslWebSocketCli for WebSocket Client, New embedded TOAuthLoginForm window using TOAuthBrowser for OAuth2 logins. Select client SSL certificate from the Windows Certificate Store.

Samples/Delphi/SslInternet/OverbyteIcsSslMultiWebServ.dpr, OverbyteIcsDDWebService - Uses THttpWSSrvConn for WebSocket Server. IcsHosts can use server SSL certificate from the Windows Certificate Store. IcsHosts can now request a SSL certificate from the remote client. WebSocket server support. Uses TIcsDomainNameCache for multiple reverse DNS lookups.

Samples/Delphi/SslInternet/OverbyteIcsPemTool - Can now export an SSL certificate from the Windows Certificate Store with its private key.

Samples/delphi/OtherDemos/OverbyteIcsBatchDnsLookup - Uses TIcsDomainNameCache for multiple lookups.

Samples/Delphi/SslInternet/OverbyteIcsSslMailSnd, OverbyteIcsSslMailRcv, OverbyteIcsMailQuTst - New embedded TOAuthLoginForm window using TOAuthBrowser for OAuth2 logins.

Samples/delphi/OtherDemos/OverbyteIcsNsLookup - Uses single or multiple DNS servers, including built-in list of public servers, also sync requests.

New Components

TIcsDomainNameCache and TIcsDomNameCacheHttps - cache forward and reverse DNS lookup requests, using several methods.

TIcsMonSocket - Internet monitoring using raw sockets.

TIcsMonPcap - Internet monitoring using Npcap NDIS driver.

TIcsIpChanges - Monitors IP address changes dynamically.

TIcsNeighbDevices - Builds historic LAN MAC device and IPv4 and IPv6 address table using ARP, neighbourhood and IP range scanning with reverse host lookup.

TOAuthBrowser - OAuth authentication browser window VCL/FMX form.

TSslWebSocketCli - WebSocket client protocol.

TIcsMQTTServer and TIcsMQTTClient - MQ Telemetry Transport message queuing service, client and server.

Major Component Upgrades

TDnsQuery - Add synchronous methods and more response properties. Check multiple DNS server hosts including public DNS lists.

TSslWSocketServer - IcsHosts can use server SSL certificate from the Windows Certificate Store. IcsHosts can now request a SSL certificate from the remote client.

TIcsFtpMulti - Send NOOP command periodically during multi hour transfers so connections are not closed accidentally.

New classes and Functions

THttpWSSrvConn - WebSocket server protocol.

Internet Helper Functions - Unit OverbyteIcsIpHlpApi.pas includes IpHlpConnsTable, IpHlpAdaptersInfo, IpHlpAdaptersAddr, IpHlpIpAddrTable, IpHlpIpNeighbTable, IpHlpIPForwardTable, IpHlpIpPathTable, IpHlpGetDnsServers, IpHlpIfTable2,

IpHlpIPStatistics, IpHlpUDPStatistics and many other functions.

TIcsMonFilterClass - Filter network traffic on protocols or IP addresses.

TIcsTrafficClass - Maintains network traffic statistics by protocols and IP addresses.

More detailed release notes are at ICS 9.0 Release Notes

Major Changes in ICS V8.70 include:

1. V8.70 has various minor improvements providing better compatibility with modern compilers such as more unicode overloads to avoid ANSI string warnings and casts, and more use of TBytes to avoid ANSI strings. Updated various samples to use TIcsRestEmail to support OAuth2 authentication for GMail and Outlook that no longer allow old authentication protocols.
2. The TIcsFileCopy, TIcsFtpMulti and TIcsHttpMulti file transfer components now support file zipping and unzipping using System.Zip in recent Delphi compilers, instead of the obsolete VclZip which is no longer available. Before a file copy or FTP upload, files may be automatically zipped, useful for large log files, after a file copy, FTP or HTTP download, files may be unzipped in various ways.
3. Added support to TIcsFileCopy to copy file names longer than 259 characters by adding \\?\ to the start of long names passed to Windows APIs, if supported by the disk file system, unicode APIs only. Fixed a problem deleting empty directories after copying. Fixed a problem with BuildDirList2 with COMPILER16_UP.
4. The OverbyteIcsXferTst sample has a new tabs, 'Single File Copy' to test the CopyOneFile method and 'Zip/Unzipping Files' to test zipping and unzipping that has always been supported by the components but not this demo.
5. Allow content compression for HTTP and FTP using System.Zlib in newer versions of Delphi instead of the OverbyteIcsZLibObj unit to avoid duplication. Only Delphi 11.1 and later have the same ZLIB 1.2.12 as ICS, so will automatically used System.Zip. Beware a new version of OverbyteIcsDefs.inc is required to allow ZLIB to work correctly, otherwise it will default to using the DLL which is unlikely to be available, it is not in the distribution. So either install the new inc file and customise it, or copy the ZLIB changes to your own inc file.
6. In TWsocket, added ReceiveTB(var Data : TBytes; MaxLen : Integer = -1): Integer; where MaxLen is optional, to receive TCP data into a TBytes dynamic array of bytes. Also ReceiveFromTB and ReceiveFrom6TB for UDP datagrams. The last release added similar SendTB functions, so buffer pointers and ANSI strings can now be avoided.
7. Added UTF-8 support to TIcsIpStrmLog, to convert received lines from UTF-8 to Unicode with unicode compilers (as String) and converts sent data to UTF-8. Changed FRxBuffer to TBytes, use SendTB and ReceiveTB methods with TBytes.
8. Updated OpenSSL to 3.0.7 and 1.1.1s. OpenSSL 3.0.6 was withdrawn shortly after release, we never distributed it.
9. In OverbyteIcsSslHttpOAuth, added an OAuth2 and Rest Email Microsoft User Authority property to access different user authorities, defaults to 'consumers' but can be changed to 'common' or an Azure Active Directory tenant GUID for corporate accounts.
10. Added TIcsRestEmail to support OAuth2 authentication to the OverbyteIcsSslMultiWebServ, OverbyteIcsSslMultiFtpServ and OverbyteIcsDDWebService samples, since GMail and Outlook that no longer allow old authentication protocols.
11. In the TIcsInetAlive component, added a new method AliveMethEither so internet alive checking works if either ping or HTTP works, instead of one or the other.

More detailed release notes are at ICS 8.70 Release Notes

Overbyte Website

There are four options to obtain the source code.

Download from Overbyte web site

ICS-V9 is the long term development version and needed for RAD Studio XE4 and later, it supports Delphi 7 and later.

Latest Stable Version ICS V9.1 - recommended

This is the latest recommended version, which has been tested and used for various published ICS application. It is updated for new releases of RAD Studio and major changes. V9.1 is the version displayed when RAD Studio starts and by the main unit OverbyteIcsWSocket. Note these versions include the latest version of the OpenSSL DLLs at the time of release.

From XE8 onwards, Delphi includes a new GetIt tool that offers a catalog of third party components, and allows them to be automatically downloaded and installed. The same stable ICS versions listed above should be available from GetIt.

Zipped Daily Snapshots

This is the easiest way to get the latest version. These packages are built from the version control repositories automatically when they change and are refreshed once a day. To use the latest OpenSSL version, download this snapshot. Note the snapshot includes the latest version of the OpenSSL DLLs.

Archives

Version Control System

Using the version control repository is the best choice if you want to get live access to current development files. Overbyte uses a Subversion server and you need to use a Subversion client such as TortoiseSVN or your favorite browser. The URLs are as follows:

Use username = ics and password = ics for read access. Write access is only available to TeamICS.

Download OpenSSL Binaries

The OpenSSL binaries are required for all ICS SSL-enabled components.

The 64-bit DLLs are only for use with Delphi applications compiled for the 64-bit platform, the 32-bit DLLs work on both 32-bit and 64-bit Windows with 32-bit applications.

Please note older versions of the ICS source code had an internal check to only allow loading of the latest OpenSSL it was tested with, so you could not use new DLLs with an old application without recompiling with the latest version of ICS first.

OpenSSL 1.0.2 and later were only supported by ICS v8, v7 is no longer updated for new OpenSSL versions. This was a long term support version for which free support ceased at the end of 2019 unless you have an OpenSSL Premium Level Support contract for $50,000/year. ICS V8.65 was the last version to support 1.0.2.

OpenSSL 1.1.0 is obsolete and no longer supported. ICS V8.65 is the last version to support 1.1.0.

OpenSSL 1.1.1 was a long term support version and added support for TLSv1.3 RFC8446 and various new cryptographic private key and hash digest types. Delphi applications require ICS V8.57 or later. ICS V8.57 and later include the Win32 and Win64 OpenSSL 1.1.1 files. Support ceased in September 2023 unless you have an OpenSSL Premium Level Support contract for $50,000/year. OpenSSL 1.1.1 only supports Windows Vista and later, not XP. ICS V9.0 was the last version to support 1.1.1.

OpenSSL 3.0 is a major new release, primarily a lot of internal changes to ease long term support. ICS 8.67 is required to support 3.0. There is an optional FIPS module with 3.0 but not available here since our DLLs are not built to standards required for certification. The old engines for special extensions are replaced by new more versatile providers of which the FIPS module is one, a provider legacy.dll contained in the distribution has obsolete ciphers and hash digests that most applications no longer need and which needs to loaded by the application. This version will be supported until September 2026.

OpenSSL 3.1 is a minor new release, primarily FIPS improvements. ICS 8.67 is required to support 3.1. This version will be supported until March 2025.

OpenSSL 3.2 is a minor new release with QUIC client support for HTTP/3 and many other improvements. ICS 8.67 is required to support 3.2. This version will be supported until November 2025.

OpenSSL 3.3 is a minor new release, minor QUIC and other features. ICS 8.67 is required to support 3.3. This version will be supported until April 2026.

Please note that ICS does not use any of the new features in OpenSSL 3.1, 3.2 or 3.3 at present, so continuing to use the latest patch version of 3.0 with security fixes is generally fine.

The OpenSSL DLLs and EXE files included in the zips above are digitally code signed 'Magenta Systems Ltd', one of the organisations that maintains ICS. The Magenta Systems Code Signing Trust and Certificate Check component may be used to check the correctly signed DLLs are being used by ICS, with this functionality included in ICS V8.38 and later. Beware that Windows needs recent root certificates to check newly signed code, and may give an error if the root store has not been kept current by Windows Update, particularly on older versions of Windows such as XP, Vista and 7.

Download OpenSSL Binaries (alternative)

OpenSSL website also links to Win32OpenSSL website providing another build of Win32 DLL binaries. Note note that unlike the builds above builds on that site may have dependencies on Visual C++ 2008 Redistributables (to keep dll files smaller) so make sure you include all the required (and correct) redistributable files in your software installation. You probably don't have to care about that if you use binaries above at the cost of slightly larger DLLs. Also note that site does not keep archives of older versions so you may want to watch their page if you prefer their binaries.