diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObject.netcore.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObject.netcore.cs index 86409c3b3b..9111a19eec 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObject.netcore.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObject.netcore.cs @@ -11,7 +11,6 @@ using System.Threading.Tasks; using Microsoft.Data.Common; using Microsoft.Data.ProviderBase; -using Microsoft.Data.SqlClient.ManagedSni; namespace Microsoft.Data.SqlClient { @@ -57,10 +56,6 @@ protected TdsParserStateObject(TdsParser parser, TdsParserStateObject physicalCo // General methods // ///////////////////// - internal abstract uint EnableSsl(ref uint info, bool tlsFirst, string serverCertificateFilename); - - internal abstract uint CheckConnection(); - internal int DecrementPendingCallbacks(bool release) { int remaining = Interlocked.Decrement(ref _pendingCallbacks); @@ -215,8 +210,10 @@ private uint GetSniPacket(PacketHandle packet, ref uint dataSize) return SniPacketGetData(packet, _inBuff, ref dataSize); } - private void SetBufferSecureStrings() + private bool TrySetBufferSecureStrings() { + bool mustClearBuffer = false; + if (_securePasswords != null) { for (int i = 0; i < _securePasswords.Length; i++) @@ -240,6 +237,8 @@ private void SetBufferSecureStrings() } TdsParserStaticMethods.ObfuscatePassword(data); data.CopyTo(_outBuff, _securePasswordOffsetsInBuffer[i]); + + mustClearBuffer = true; } finally { @@ -248,6 +247,8 @@ private void SetBufferSecureStrings() } } } + + return mustClearBuffer; } public void ReadAsyncCallback(PacketHandle packet, uint error) => @@ -561,13 +562,7 @@ private Task SNIWritePacket(PacketHandle packet, out uint sniError, bool canAccu } // Async operation completion may be delayed (success pending). - try - { - } - finally - { - sniError = WritePacket(packet, sync); - } + sniError = WritePacket(packet, sync); if (sniError == TdsEnums.SNI_SUCCESS_IO_PENDING) { @@ -730,17 +725,17 @@ internal void SendAttention(bool mustTakeWriteLock = false, bool asyncClose = fa } } - internal abstract PacketHandle CreateAndSetAttentionPacket(); - - internal abstract void SetPacketData(PacketHandle packet, byte[] buffer, int bytesUsed); - private Task WriteSni(bool canAccumulate) { // Prepare packet, and write to packet. PacketHandle packet = GetResetWritePacket(_outBytesUsed); + bool mustClearBuffer = TrySetBufferSecureStrings(); - SetBufferSecureStrings(); SetPacketData(packet, _outBuff, _outBytesUsed); + if (mustClearBuffer) + { + _outBuff.AsSpan(0, _outBytesUsed).Clear(); + } Debug.Assert(Parser.Connection._parserLock.ThreadMayHaveLock(), "Thread is writing without taking the connection lock"); Task task = SNIWritePacket(packet, out _, canAccumulate, callerHasConnectionLock: true); diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs index bf7c4aebb7..a553b43dde 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs @@ -8,7 +8,6 @@ using System.Net; using System.Runtime.InteropServices; using System.Security.Authentication; -using System.Text; using System.Threading.Tasks; using Interop.Windows.Sni; using Microsoft.Data.Common; @@ -308,10 +307,9 @@ internal override PacketHandle ReadSyncOverAsync(int timeoutRemaining, out uint internal override PacketHandle CreateAndSetAttentionPacket() { - SNIHandle handle = Handle; - SNIPacket attnPacket = new SNIPacket(handle); + SNIPacket attnPacket = new SNIPacket(Handle); _sniAsyncAttnPacket = attnPacket; - SetPacketData(PacketHandle.FromNativePacket(attnPacket), SQL.AttentionHeader, TdsEnums.HEADER_LEN); + SniNativeWrapper.SniPacketSetData(attnPacket, SQL.AttentionHeader, TdsEnums.HEADER_LEN); return PacketHandle.FromNativePacket(attnPacket); } @@ -399,28 +397,20 @@ internal override uint PostReadAsyncForMars(TdsParserStateObject physicalStateOb PacketHandle temp = default; uint error = TdsEnums.SNI_SUCCESS; -#if NETFRAMEWORK - RuntimeHelpers.PrepareConstrainedRegions(); -#endif - try - { } - finally - { - IncrementPendingCallbacks(); - SessionHandle handle = SessionHandle; - // we do not need to consider partial packets when making this read because we - // expect this read to pend. a partial packet should not exist at setup of the - // parser - Debug.Assert(physicalStateObject.PartialPacket == null); - temp = ReadAsync(handle, out error); + IncrementPendingCallbacks(); + SessionHandle handle = SessionHandle; + // we do not need to consider partial packets when making this read because we + // expect this read to pend. a partial packet should not exist at setup of the + // parser + Debug.Assert(physicalStateObject.PartialPacket == null); + temp = ReadAsync(handle, out error); - Debug.Assert(temp.Type == PacketHandle.NativePointerType, "unexpected packet type when requiring NativePointer"); + Debug.Assert(temp.Type == PacketHandle.NativePointerType, "unexpected packet type when requiring NativePointer"); - if (temp.NativePointer != IntPtr.Zero) - { - // Be sure to release packet, otherwise it will be leaked by native. - ReleasePacket(temp); - } + if (temp.NativePointer != IntPtr.Zero) + { + // Be sure to release packet, otherwise it will be leaked by native. + ReleasePacket(temp); } Debug.Assert(IntPtr.Zero == temp.NativePointer, "unexpected syncReadPacket without corresponding SNIPacketRelease"); diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs index 670ed07dac..804cda30dd 100644 --- a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs +++ b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs @@ -942,19 +942,8 @@ private void EnableSsl(uint info, SqlConnectionEncryptOption encrypt, bool integ info |= TdsEnums.SNI_SSL_IGNORE_CHANNEL_BINDINGS; } - // Add SSL (Encryption) SNI provider. - AuthProviderInfo authInfo = new AuthProviderInfo(); - authInfo.flags = info; - authInfo.tlsFirst = encrypt == SqlConnectionEncryptOption.Strict; - authInfo.certId = null; - authInfo.certHash = false; - authInfo.clientCertificateCallbackContext = IntPtr.Zero; - authInfo.clientCertificateCallback = null; - authInfo.serverCertFileName = string.IsNullOrEmpty(serverCertificateFilename) ? null : serverCertificateFilename; - Debug.Assert((_encryptionOption & EncryptionOptions.CLIENT_CERT) == 0, "Client certificate authentication support has been removed"); - - error = SniNativeWrapper.SniAddProvider(_physicalStateObj.Handle, Provider.SSL_PROV, authInfo); + error = _physicalStateObj.EnableSsl(ref info, encrypt == SqlConnectionEncryptOption.Strict, serverCertificateFilename); if (error != TdsEnums.SNI_SUCCESS) { diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObject.netfx.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObject.netfx.cs index 276eabce8c..194beaca5f 100644 --- a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObject.netfx.cs +++ b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObject.netfx.cs @@ -4,15 +4,11 @@ using System; using System.Buffers.Binary; -using System.Collections.Generic; using System.Diagnostics; -using System.Runtime.CompilerServices; -using System.Runtime.ConstrainedExecution; using System.Runtime.InteropServices; using System.Security; using System.Threading; using System.Threading.Tasks; -using Interop.Windows.Sni; using Microsoft.Data.Common; using Microsoft.Data.ProviderBase; @@ -20,12 +16,6 @@ namespace Microsoft.Data.SqlClient { internal partial class TdsParserStateObject { - protected SNIHandle _sessionHandle = null; // the SNI handle we're to work on - - // SNI variables // multiple resultsets in one batch. - protected SNIPacket _sniPacket = null; // Will have to re-vamp this for MARS - internal SNIPacket _sniAsyncAttnPacket = null; // Packet to use to send Attn - // Used for blanking out password in trace. internal int _tracePasswordOffset = 0; internal int _tracePasswordLength = 0; @@ -68,23 +58,10 @@ protected TdsParserStateObject(TdsParser parser, TdsParserStateObject physicalCo _lastSuccessfulIOTimer = parser._physicalStateObj._lastSuccessfulIOTimer; } - //////////////// - // Properties // - //////////////// - internal SNIHandle Handle - { - get - { - return _sessionHandle; - } - } - ///////////////////// // General methods // ///////////////////// - internal uint CheckConnection() => SniNativeWrapper.SniCheckConnection(Handle); - internal int DecrementPendingCallbacks(bool release) { int remaining = Interlocked.Decrement(ref _pendingCallbacks); @@ -94,7 +71,7 @@ internal int DecrementPendingCallbacks(bool release) // NOTE: TdsParserSessionPool may call DecrementPendingCallbacks on a TdsParserStateObject which is already disposed // This is not dangerous (since the stateObj is no longer in use), but we need to add a workaround in the assert for it - Debug.Assert((remaining == -1 && _sessionHandle == null) || (0 <= remaining && remaining < 3), $"_pendingCallbacks values is invalid after decrementing: {remaining}"); + Debug.Assert((remaining == -1 && SessionHandle.IsNull) || (0 <= remaining && remaining < 3), $"_pendingCallbacks values is invalid after decrementing: {remaining}"); return remaining; } @@ -121,11 +98,7 @@ internal bool ValidateSNIConnection() try { Interlocked.Increment(ref _readingCount); - SNIHandle handle = Handle; - if (handle != null) - { - error = SniNativeWrapper.SniCheckConnection(handle); - } + error = CheckConnection(); } finally { @@ -243,6 +216,47 @@ private uint GetSniPacket(PacketHandle packet, ref uint dataSize) return SniPacketGetData(packet, _inBuff, ref dataSize); } + private bool TrySetBufferSecureStrings() + { + bool mustClearBuffer = false; + + if (_securePasswords != null) + { + for (int i = 0; i < _securePasswords.Length; i++) + { + if (_securePasswords[i] != null) + { + IntPtr str = IntPtr.Zero; + try + { + str = Marshal.SecureStringToBSTR(_securePasswords[i]); + byte[] data = new byte[_securePasswords[i].Length * 2]; + Marshal.Copy(str, data, 0, _securePasswords[i].Length * 2); + if (!BitConverter.IsLittleEndian) + { + Span span = data.AsSpan(); + for (int ii = 0; ii < _securePasswords[i].Length * 2; ii += 2) + { + short value = BinaryPrimitives.ReadInt16LittleEndian(span.Slice(ii)); + BinaryPrimitives.WriteInt16BigEndian(span.Slice(ii), value); + } + } + TdsParserStaticMethods.ObfuscatePassword(data); + data.CopyTo(_outBuff, _securePasswordOffsetsInBuffer[i]); + + mustClearBuffer = true; + } + finally + { + Marshal.ZeroFreeBSTR(str); + } + } + } + } + + return mustClearBuffer; + } + public void ReadAsyncCallback(IntPtr key, PacketHandle packet, uint error) { // Key never used. @@ -717,20 +731,17 @@ internal void SendAttention(bool mustTakeWriteLock = false, bool asyncClose = fa } } - internal PacketHandle CreateAndSetAttentionPacket() - { - SNIPacket attnPacket = new SNIPacket(Handle); - _sniAsyncAttnPacket = attnPacket; - SniNativeWrapper.SniPacketSetData(attnPacket, SQL.AttentionHeader, TdsEnums.HEADER_LEN, null, null); - return PacketHandle.FromNativePacket(attnPacket); - } - private Task WriteSni(bool canAccumulate) { // Prepare packet, and write to packet. PacketHandle packet = GetResetWritePacket(_outBytesUsed); - SNIPacket nativePacket = packet.NativePacket; - SniNativeWrapper.SniPacketSetData(nativePacket, _outBuff, _outBytesUsed, _securePasswords, _securePasswordOffsetsInBuffer); + bool mustClearBuffer = TrySetBufferSecureStrings(); + + SetPacketData(packet, _outBuff, _outBytesUsed); + if (mustClearBuffer) + { + _outBuff.AsSpan(0, _outBytesUsed).Clear(); + } Debug.Assert(Parser.Connection._parserLock.ThreadMayHaveLock(), "Thread is writing without taking the connection lock"); Task task = SNIWritePacket(packet, out _, canAccumulate, callerHasConnectionLock: true); diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs index 9ffd372742..cb85e2b9b1 100644 --- a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs +++ b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs @@ -6,8 +6,6 @@ using System.Collections.Generic; using System.Diagnostics; using System.Net; -using System.Runtime.CompilerServices; -using System.Runtime.ConstrainedExecution; using System.Runtime.InteropServices; using System.Security.Authentication; using System.Threading.Tasks; @@ -19,6 +17,10 @@ namespace Microsoft.Data.SqlClient { internal class TdsParserStateObjectNative : TdsParserStateObject { + private SNIHandle _sessionHandle = null; // the SNI handle we're to work on + + private SNIPacket _sniPacket = null; // Will have to re-vamp this for MARS + internal SNIPacket _sniAsyncAttnPacket = null; // Packet to use to send Attn private readonly WritePacketCache _writePacketCache = new WritePacketCache(); // Store write packets that are ready to be re-used private GCHandle _gcHandle; // keeps this object alive until we're closed. @@ -37,6 +39,8 @@ internal TdsParserStateObjectNative(TdsParser parser) #region Properties + internal SNIHandle Handle => _sessionHandle; + internal override uint Status => _sessionHandle != null ? _sessionHandle.Status : TdsEnums.SNI_UNINITIALIZED; internal override SessionHandle SessionHandle => SessionHandle.FromNativeHandle(_sessionHandle); @@ -245,7 +249,6 @@ internal override void Dispose() DisposePacketCache(); } - [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] protected override void FreeGcHandle(int remaining, bool release) { if ((0 == remaining || release) && _gcHandle.IsAllocated) @@ -269,6 +272,12 @@ internal override void ReleasePacket(PacketHandle syncReadPacket) SniNativeWrapper.SniPacketRelease(syncReadPacket.NativePointer); } + internal override uint CheckConnection() + { + SNIHandle handle = Handle; + return handle == null ? TdsEnums.SNI_SUCCESS : SniNativeWrapper.SniCheckConnection(handle); + } + internal override PacketHandle ReadAsync(SessionHandle handle, out uint error) { IntPtr readPacketPtr = IntPtr.Zero; @@ -284,6 +293,14 @@ internal override PacketHandle ReadSyncOverAsync(int timeoutRemaining, out uint return PacketHandle.FromNativePointer(readPacketPtr); } + internal override PacketHandle CreateAndSetAttentionPacket() + { + SNIPacket attnPacket = new SNIPacket(Handle); + _sniAsyncAttnPacket = attnPacket; + SniNativeWrapper.SniPacketSetData(attnPacket, SQL.AttentionHeader, TdsEnums.HEADER_LEN); + return PacketHandle.FromNativePacket(attnPacket); + } + internal override uint WritePacket(PacketHandle packet, bool sync) { Debug.Assert(packet.Type == PacketHandle.NativePacketType, "unexpected packet type when requiring NativePacket"); @@ -344,6 +361,12 @@ internal override void ClearAllWritePackets() } } + internal override void SetPacketData(PacketHandle packet, byte[] buffer, int bytesUsed) + { + Debug.Assert(packet.Type == PacketHandle.NativePacketType, "unexpected packet type when requiring NativePacket"); + SniNativeWrapper.SniPacketSetData(packet.NativePacket, buffer, bytesUsed); + } + internal override uint SniGetConnectionId(ref Guid clientConnectionId) => SniNativeWrapper.SniGetConnectionId(Handle, ref clientConnectionId); @@ -362,34 +385,41 @@ internal override uint PostReadAsyncForMars(TdsParserStateObject physicalStateOb PacketHandle temp = default; uint error = TdsEnums.SNI_SUCCESS; -#if NETFRAMEWORK - RuntimeHelpers.PrepareConstrainedRegions(); -#endif - try - { } - finally - { - IncrementPendingCallbacks(); - SessionHandle handle = SessionHandle; - // we do not need to consider partial packets when making this read because we - // expect this read to pend. a partial packet should not exist at setup of the - // parser - Debug.Assert(physicalStateObject.PartialPacket == null); - temp = ReadAsync(handle, out error); + IncrementPendingCallbacks(); + SessionHandle handle = SessionHandle; + // we do not need to consider partial packets when making this read because we + // expect this read to pend. a partial packet should not exist at setup of the + // parser + Debug.Assert(physicalStateObject.PartialPacket == null); + temp = ReadAsync(handle, out error); - Debug.Assert(temp.Type == PacketHandle.NativePointerType, "unexpected packet type when requiring NativePointer"); + Debug.Assert(temp.Type == PacketHandle.NativePointerType, "unexpected packet type when requiring NativePointer"); - if (temp.NativePointer != IntPtr.Zero) - { - // Be sure to release packet, otherwise it will be leaked by native. - ReleasePacket(temp); - } + if (temp.NativePointer != IntPtr.Zero) + { + // Be sure to release packet, otherwise it will be leaked by native. + ReleasePacket(temp); } Debug.Assert(IntPtr.Zero == temp.NativePointer, "unexpected syncReadPacket without corresponding SNIPacketRelease"); return error; } + internal override uint EnableSsl(ref uint info, bool tlsFirst, string serverCertificateFilename) + { + AuthProviderInfo authInfo = new AuthProviderInfo(); + authInfo.flags = info; + authInfo.tlsFirst = tlsFirst; + authInfo.certId = null; + authInfo.certHash = false; + authInfo.clientCertificateCallbackContext = IntPtr.Zero; + authInfo.clientCertificateCallback = null; + authInfo.serverCertFileName = string.IsNullOrEmpty(serverCertificateFilename) ? null : serverCertificateFilename; + + // Add SSL (Encryption) SNI provider. + return SniNativeWrapper.SniAddProvider(Handle, Provider.SSL_PROV, ref authInfo); + } + internal override uint SetConnectionBufferSize(ref uint unsignedPacketSize) => SniNativeWrapper.SniSetInfo(Handle, QueryType.SNI_QUERY_CONN_BUFSIZE, ref unsignedPacketSize); diff --git a/src/Microsoft.Data.SqlClient/src/Interop/Windows/Sni/SniNativeWrapper.cs b/src/Microsoft.Data.SqlClient/src/Interop/Windows/Sni/SniNativeWrapper.cs index 4f90fe3518..6dc01dc31e 100644 --- a/src/Microsoft.Data.SqlClient/src/Interop/Windows/Sni/SniNativeWrapper.cs +++ b/src/Microsoft.Data.SqlClient/src/Interop/Windows/Sni/SniNativeWrapper.cs @@ -305,115 +305,6 @@ internal static unsafe void SniPacketSetData(SNIPacket packet, byte[] data, int } } - #if NETFRAMEWORK - // Notes on SecureString: Writing out security sensitive information to managed buffer - // should be avoided as these can be moved around by GC. There are two set of - // information which falls into this category: passwords and new changed password which - // are passed in as SecureString by a user. Writing out clear passwords information is - // delayed until this layer to ensure that the information is written out to buffer - // which is pinned in this method already. This also ensures that processing a clear - // password is done right before it is written out to SNI_Packet where gets encrypted - // properly. TdsParserStaticMethods.EncryptPassword operation is also done here to - // minimize the time the clear password is held in memory. Any time loose encryption - // algorithms are changed it should be done in both in this method and - // TdsParserStaticMethods.EncryptPassword. - // Up to current release, it is also guaranteed that both password and new change - // password will fit into a single login packet whose size is fixed to 4096 So, no - // splitting logic is needed. - internal static void SniPacketSetData( - SNIPacket packet, - byte[] data, - int length, - SecureString[] passwords, // pointer to the passwords which need to be written out to SNI Packet - int[] passwordOffsets) // Offset into data buffer where the password to be written out to - { - Debug.Assert(passwords is null || (passwordOffsets is not null && passwords.Length == passwordOffsets.Length), "The number of passwords does not match the number of password offsets"); - - bool mustRelease = false; - bool mustClearBuffer = false; - IntPtr clearPassword = IntPtr.Zero; - - try - { - unsafe - { - if (passwords != null) - { - // Process SecureString - for (int i = 0; i < passwords.Length; ++i) - { - // SecureString is used - if (passwords[i] != null) - { - try - { - // ============================================================ - // Get the clear text of secure string without converting it - // to string type - // ============================================================ - clearPassword = Marshal.SecureStringToCoTaskMemUnicode(passwords[i]); - - // ============================================================ - // Loosely encrypt the clear text - The encryption algorithm - // should exactly match the TdsParserStaticMethods.EncryptPassword - // ============================================================ - char* pwChar = (char*)clearPassword.ToPointer(); - byte* pByte = (byte*)clearPassword.ToPointer(); - - int passwordsLength = passwords[i].Length; - for (int j = 0; j < passwordsLength; ++j) - { - int s = *pwChar; - byte bLo = (byte)(s & 0xff); - byte bHi = (byte)((s >> 8) & 0xff); - *(pByte++) = (byte)((((bLo & 0x0f) << 4) | (bLo >> 4)) ^ 0xa5); - *(pByte++) = (byte)((((bHi & 0x0f) << 4) | (bHi >> 4)) ^ 0xa5); - ++pwChar; - } - - // ============================================================ - // Write out the loosely encrypted passwords to data buffer - // ============================================================ - mustClearBuffer = true; - Marshal.Copy(clearPassword, data, passwordOffsets[i], passwordsLength * 2); - } - finally - { - // Make sure that we clear the security sensitive information - if (clearPassword != IntPtr.Zero) - { - Marshal.ZeroFreeCoTaskMemUnicode(clearPassword); - } - } - } - } - } - - packet.DangerousAddRef(ref mustRelease); - Debug.Assert(mustRelease, "AddRef Failed!"); - - SniPacketSetData(packet, data, length); - } - } - finally - { - if (mustRelease) - { - packet.DangerousRelease(); - } - - // Make sure that we clear the security sensitive information - if (mustClearBuffer) - { - for (int i = 0; i < data.Length; ++i) - { - data[i] = 0; - } - } - } - } - #endif - internal static void SniPacketReset(SNIHandle pConn, IoType ioType, SNIPacket pPacket, ConsumerNumber consNum) => s_nativeMethods.SniPacketReset(pConn, ioType, pPacket, consNum); diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/NativeSspiContextProvider.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/NativeSspiContextProvider.cs index 1cc4af3e9c..7f57fccd54 100644 --- a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/NativeSspiContextProvider.cs +++ b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/NativeSspiContextProvider.cs @@ -51,12 +51,10 @@ private void LoadSSPILibrary() protected override bool GenerateContext(ReadOnlySpan incomingBlob, IBufferWriter outgoingBlobWriter, SspiAuthenticationParameters authParams) { -#if NETFRAMEWORK - SNIHandle handle = _physicalStateObj.Handle; -#else +#if NET Debug.Assert(_physicalStateObj.SessionHandle.Type == SessionHandle.NativeHandleType); - SNIHandle handle = _physicalStateObj.SessionHandle.NativeHandle; #endif + SNIHandle handle = _physicalStateObj.SessionHandle.NativeHandle; // This must start as the length of the input, but will be updated by the call to SNISecGenClientContext to the written length var sendLength = s_maxSSPILength; diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParserStateObject.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParserStateObject.cs index b72e38631f..cac03827ab 100644 --- a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParserStateObject.cs +++ b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParserStateObject.cs @@ -532,10 +532,18 @@ internal abstract void CreatePhysicalSNIHandle( string hostNameInCertificate = "", string serverCertificateFilename = ""); + internal abstract uint EnableSsl(ref uint info, bool tlsFirst, string serverCertificateFilename); + + internal abstract uint CheckConnection(); + internal abstract PacketHandle GetResetWritePacket(int dataSize); + internal abstract PacketHandle CreateAndSetAttentionPacket(); + protected abstract uint SniPacketGetData(PacketHandle packet, byte[] _inBuff, ref uint dataSize); + internal abstract void SetPacketData(PacketHandle packet, byte[] buffer, int bytesUsed); + protected abstract bool CheckPacket(PacketHandle packet, TaskCompletionSource source); internal abstract void Dispose();