Hello Daniel,

from what I can tell the default build on Windows uses zlib by dynamically loading it. It checks for a file named zLib1.dll. Please try to place the pre-compiled zLib dll in the application or system32 folder. Be sure to use an up to date version of zlib (1.2.5).

By the way: the default feature set for Linux is a bit different.

As alternative you can rebuild the package yourself easily, there are no Indy-specific patches required anymore:

Use Perl (e.g. Strawberry Perl) and Mingw32/gcc and execute the following steps in the extracted OpenSSL source folder:
“perl configure mingw zlib”
“ms\mingw32″

This will generate x32 DLLs which include zLib statically. It might be needed to have the zLib sources in a include directory, I haven’t tried that recently.

Test the DLLs using
“cd out”
“..\ms\test”

When using mingw don’t forget to rename the libssl32.dll output dll to ssleay32.dll (to fit Indy’s naming scheme).

Cheers,
Arvid

I am wondering whether your pre-built OpenSSL binary does also support OpenSSL’s built-in ZLib compression in tls1 mode. I tried to run “openssl s_client -tls1 …” and “openssl s_server -tls1 …”, and apparently it does not compress. The same OpenSSL version, self-built on Linux (Ubuntu Lucid), as well as the version coming with Lucid (0.9.8k) apparently both do support compression.

Is there any “magic” I missed to get compression running, e.g. a specific zlib dll in the right folder? Or do I have to re-build the package myself? In the latter case, do you have experiences building it with MinGW (flags, etc., maybe Indy-specific patches)?

Many thanks,
Daniel

While the program is not required in your software distributions, it is strongly recommended that you include it. We recommend that you include this executable with your program’s distribution because it provides some certificate functions that may be required such as managing a Certificate Authority (CA) including issuing creating Certificate Revocation Lists (CRL’s) and
Generating Certificates or Certificate Signing Requests (CSR’s).

You can not know how what the user may require for their public key infrastructure (PKI). PKI is described in Wikipedia at http://en.wikipedia.org/wiki/Public_key_infrastructure and SSL is really one application of PKI.

There are numerous commands and options that are documented at http://www.openssl.org/docs/apps/openssl.html .

@Xepol

The only reason is that the OpenSSL build chain for other compilers is not working flawlessly – using the PDSK with cl of 2008 works fine, thus the requirement with x64.

By the way: We are seeking feedback especially from FPC x64 Win users about the combination together with the latest Indy SVN.

Cheers,
Arvid