search

risoflora / brookframework

Microframework which helps to develop web Pascal applications.
https://risoflora.github.io/brookframework
GNU Lesser General Public License v2.1
239 stars 54 forks source link

Unable to prevent browsers from connecting with less security than TLS 1.2 #35

Closed KevinLeeMorris closed 2 years ago

KevinLeeMorris commented 3 years ago

Without this, some browsers will disallow connection to your website. They will report your website as a security risk.

Steps to reproduce:

In your Brook Framework project, create an TBrookHTTPServer.OnRequest event. Add the code shown below. Run the app and start the TBrookHTTPServer. Start your browser and make a request from your Brook app. A SEGSEV error is displayed at the line indicated below.

`procedure TfrmMain.brk_svrRequest(ASender: TObject; ARequest: TBrookHTTPRequest; AResponse: TBrookHTTPResponse); var idx: Integer; pth, fnm: String; begin // Attempt to clamp down on TLS 1.0 and 1.1 if Assigned(ARequest.TLSSession) then begin gnutls_set_default_priority(ARequest.TLSSession); // <-- SIGSEV here end;

brk_rtr.Route(ASender, ARequest, AResponse); end; `

Environment:

Windows Server 2016, Lazarus 2.0.10 FBC 3.2.0,, Brook 5 Framework 5.5.0.0, libsagui 3.3.3.0, gnutils 3.6.15

silvioprog commented 2 years ago

Fixed by https://github.com/risoflora/brookframework/commit/6e89ec30e7fe64c0f8489003c127f13143aabe7d. Thanks a lot for reporting!