-
Notifications
You must be signed in to change notification settings - Fork 281
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix | Don't validate server certificate when using Authentication option but not encrypting #2224
Conversation
…ion but not encrypting
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #2224 +/- ##
==========================================
+ Coverage 68.46% 72.36% +3.90%
==========================================
Files 309 309
Lines 62181 62196 +15
==========================================
+ Hits 42570 45008 +2438
+ Misses 19611 17188 -2423
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks reasonably good to me :)
Could we have a unit test to cover this case if already there isn't one? |
The test ADIntegratedUsingSSPI (renamed in this PR from the inaccurate ADInteractiveUsingSSPI) was exercising this bad path in our Kerberos pipelines but the old ones are configured with TrustServerCertificate=true to avoid this issue. The new Kerberos pipeline wasn't using TrustServerCertificate=true, so it was hitting this issue. I added another test to specifically / force Authentication=SqlPassword and TrustServerCertificate=false to help ensure this doesn't regress in localhost pipelines. |
When using the authentication option (Authentication=SqlPassword or other value), the netfx code would try to validate the server certificate regardless of whether or not encryption was negotiated. This resulted in the requirement to set TrustServerCertificate=true, even if client and server encryption was off, in order for connections to succeed when the server doesn't have a public certificate provisioned. This also manifests in the same manner when using Authentication=ActiveDirectoryIntegrated. In a Kerberos flow, that option behaves like IntegratedSecurty=true.