TTMSMQTTClient and Delphi 10.4

I am using last version of Delphi 10.4 and TTMSMQTTClient.1.2.0.0 and OpenSSL ddls from VCLUI
I noticed that SSL connectivity does not works any more.
Just drop the component to a form and use SSL to connect to test.mosquitto.org with port 8883, no user/pass needed.
That does not happen with compiled exes with Delphi 10.3.2
Did somebody else has the same problem?

We're not aware of issues with this.
Do you use the same openssl DLLs with 10.4 as with 10.3?
Do you see a specific error message?

I am using the Openssl dlls that comes with last version of VCLUI but the same happens with other versions too.
I do not see a specific error message. I had problems with debugging with 10.4 and this is reported but as far I can see from Delphi team is a more wide problem.

I followed the hotfix from here to be able to use Delphi 10.4 : https://quality.embarcadero.com/browse/RSP-29136

I am using the following source:

unit Unit1;

interface

uses
  Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
  Vcl.Controls, Vcl.Forms, Vcl.Dialogs, TMS.MQTT.Global, Vcl.StdCtrls,
  TMS.MQTT.Logging, TMS.MQTT.Client;

type
  TForm1 = class(TForm)
    TMSMQTTClient1: TTMSMQTTClient;
    TMSMQTTLogger1: TTMSMQTTLogger;
    Memo1: TMemo;
    Button1: TButton;
    Button2: TButton;
    Button3: TButton;
    Button4: TButton;
    Edit1: TEdit;
    Edit2: TEdit;
    procedure TMSMQTTLogger1Log(Sender: TObject; ALevel: TTMSMQTTLogLevel;
      AMessage: string);
    procedure Button1Click(Sender: TObject);
    procedure Button2Click(Sender: TObject);
    procedure Button3Click(Sender: TObject);
    procedure Button4Click(Sender: TObject);
    procedure TMSMQTTClient1PublishReceived(ASender: TObject; APacketID: Word;
      ATopic: string; APayload: TArray<System.Byte>);
    procedure FormClose(Sender: TObject; var Action: TCloseAction);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation
uses idsslopenssl;
{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);
begin
with TIdSSLIOHandlerSocketOpenSSL(TMSMQTTClient1.Connection.SSLIOHandler).SSLOptions do begin
SSLVersions:=[sslvTLSv1_2];
Method:=sslvTLSv1_2;
RootCertFile:='C:\Users\dcoun\Documents\Embarcadero\Studio\Projects\tmsmqtttest\Win32\Debug\mosquitto.org.crt';
end;
TMSMQTTClient1.Connect(true);
end;

procedure TForm1.Button2Click(Sender: TObject);
begin
TMSMQTTClient1.Disconnect;
end;

procedure TForm1.Button3Click(Sender: TObject);
begin
TMSMQTTClient1.Subscribe(edit1.Text);
end;

procedure TForm1.Button4Click(Sender: TObject);
begin
TMSMQTTClient1.Publish(edit1.Text,edit2.Text);
end;

procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin if TMSMQTTClient1.IsConnected then TMSMQTTClient1.Disconnect;
TMSMQTTClient1.Logger:=nil;
end;

procedure TForm1.TMSMQTTClient1PublishReceived(ASender: TObject;
  APacketID: Word; ATopic: string; APayload: TArray<System.Byte>);
begin
memo1.Lines.Add(atopic+':'+TEncoding.UTF8.GetString(apayload));
end;

procedure TForm1.TMSMQTTLogger1Log(Sender: TObject; ALevel: TTMSMQTTLogLevel;
  AMessage: string);
begin
memo1.Lines.Add(AMessage);
end;

end.

  object TMSMQTTClient1: TTMSMQTTClient
    ClientID = 'testacc'
    BrokerHostName = 'test.mosquitto.org'
    BrokerPort = 8883
    UseSSL = True
    KeepAliveSettings.AutoReconnect = True
    OnPublishReceived = TMSMQTTClient1PublishReceived
    Logger = TMSMQTTLogger1
    Version = '1.1.0.3'
    Left = 16
    Top = 80
  end

Was it possible to reproduce it? Do you need something more from me?

My problem still exists. Do you expect something more from me?
Does TMS MQTT support SSL in Delphi 10.4 ?

We followed up via email.

We changed the code to setup SSL here to:

procedure TForm1.Button1Click(Sender: TObject);
begin
  with TIdSSLIOHandlerSocketOpenSSL(TMSMQTTClient1.Connection.SSLIOHandler).SSLOptions do
  begin
    Method := sslvTLSv1_2;
    Mode:= sslmClient;
    RootCertFile:='.\mosquitto.org.crt';
  end;
  TMSMQTTClient1.Connect(true);
end;

and with this change, the connection was working fine.

Thank you for the reply. But even with copy-paste the above code, it does not work for me using port 8883.
Can you please send me your executable, to see if it has to do with my internet connection.
I am using Indy components that come with Delphi 10.4 and the OpenSSL dlls from the TMS VCLUI
Do you propose something to find the problem. I have sent you the project I am using.
Thank you in advance

Today I created the same project for FMX. There I get again the following error:
'Socket Error # 10054 Connection reset by peer.'.

CLIENT- Connecting ---------------------------
Thread Started
Initializing Indy TCP Client
Connecting Indy TCP Client
Socket allocated ...
TIdSSLIOHandlerSocketOpenSSL - resolving...
TIdSSLIOHandlerSocketOpenSSL - connecting...
Connection opened
TIdTCPClient - connected...
CLIENT- Handeling Outgoing Packet ---------------------------
Thread Started
Thread Started
CLIENT- Sending packet to WriterThread ---------------------------
CLIENT- Packet added to queue ---------------------------
OUT - Packet Qos:0 - SENDING --- 00010000 00010011 00000000 00000100 01001101 01010001 01010100 01010100 00000100 00000010 00000000 01111000 00000000 00000111 01110100 01100101 01110011 01110100 01110100 01101101 01110011
Disconnecting Indy TCP Client
TIdTCPClient - disconnecting...
TIdTCPClient - disconnected .. .
Connection closed by remote host
CLIENT- Disconnecting ---------------------------

Using the mosquitto broker in a linux machine, (that SSL connections worked with Delphi 10.3.3), when connection, in server logs I get the following when trying to connect:
2020-06-30T13:51:19: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
The server is configured with tls_version tlsv1.2 and clients compiled in the past with Delphi 10.3.3 and SSL continue to connect and to work.

I can understand that this can be a Indy problem but I bought this component for the SSL connection.

I tried today's update of the TMS MQTT component hoping my problem will be solved
Nothing. My problem still exists. No SSL based connection is possible with any server using the OpenSSL dll libraries you provide with TMS VCLUI. Neither in VCL nor in FMX. Today, I tested also through 3G connection from an other ISP, with no success.
Not a response to my request to have your executable of the my sample project that works for you, to check if it is a network problem of my ISP.
Still waiting.

There must be changes in Indy between 10.3.3 and 10.4.
We found so far no official information about changes of Indy.
We could not get information from Embarcadero or the Indy team so far.

Maybe, meanwhile you can try an update OpenSSL library
https://indy.fulgan.com/SSL/Archive/Experimental/

No results with an update of OpenSSL library.
Today I install again the Delphi 10.3.3 in a VM. The project I sent to you, works ok with same OpenSSL dlls in Delphi 10.3.3 but not in Delphi 10.4.
As far as I can understand, TMS MQTT can not support SSL connections with Delphi 10.4
I try to see sources differences between Delphi versions for indy stack and there are many.
The main message from server side is: 2020-06-30T13:51:19: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number

So, how we proceed?

It is something broken by Indy / Embarcadero

We'll investigate if we can add a fix at MQTT code level to workaround this.

Can you try

procedure TForm1.Button1Click(Sender: TObject);
begin
  with TIdSSLIOHandlerSocketOpenSSL(TMSMQTTClient1.Connection.SSLIOHandler).SSLOptions do
  begin
    Method := sslvTLSv1_2;
    SSLVersions := [sslvTLSv1_2];
    Mode:= sslmClient;
    RootCertFile:='.\mosquitto.org.crt';
  end;
  TMSMQTTClient1.Connect(true);
end;

it does not work

Clearly Embarcadero / Indy team did break things here.
So, until we got a decent answer from Embarcadero / Indy team
I suggest to use Delphi 10.3.x

Thank you very much for the suggestion
Looking the diffrences between 10.3.3 and 10.4 indy sources I noticed the following difference in \Indy10\Protocols\IdSSLOpenSSLHeaders_static.pas

function TLSv1_1_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_1_method';
function TLSv1_1_server_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_1_server_method';
function TLSv1_1_client_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_1_client_method';
function TLSv1_2_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_2_method';
function TLSv1_2_server_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_2_server_method';
function TLSv1_2_client_method_func: PSSL_METHOD cdecl; external SSL_LIB_NAME name 'TLSv1_2_client_method';

The above declarations are commented in previous version. Does Delphi 10.4 uses openssl.dll?

An interesting comment by Marco Cantu:

"Indy is a third party project and the SSL library distribution is not supported by Embarcadero in any way and not recommended. If you are making HTTPS calls, we recommend using the HTTP client library instead."

https://quality.embarcadero.com/browse/RSP-28381?focusedCommentId=80779&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-80779

MQTT is not using HTTP(s), hence, this comment from Marco Cantu is irrelevant.