Skip to content

Commit

Permalink
Fix | Fixes issue in Integrated Security auth on Windows (Managed SNI) (
Browse files Browse the repository at this point in the history
  • Loading branch information
cheenamalhotra authored Nov 5, 2020
1 parent 30f2a4d commit 63b79e3
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,14 @@ internal static int QueryMaxTokenSize(string package)
// This value is not used on Unix
return 0;
}


internal static SecurityStatusPal CompleteAuthToken(
ref SafeDeleteContext securityContext,
SecurityBuffer[] inSecurityBufferArray)
{
return new SecurityStatusPal(SecurityStatusPalErrorCode.OK);
}

internal static SafeFreeCredentials AcquireDefaultCredential(string package, bool isServer)
{
return AcquireCredentialsHandle(package, isServer, new NetworkCredential(string.Empty, string.Empty, string.Empty));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ internal class SNIProxy
private const int DefaultSqlServerPort = 1433;
private const int DefaultSqlServerDacPort = 1434;
private const string SqlServerSpnHeader = "MSSQLSvc";
private const int MaxTokenSize = 0;

internal class SspiClientContextResult
{
Expand Down Expand Up @@ -96,7 +95,8 @@ internal void GenSspiClientContext(SspiClientContextStatus sspiClientContextStat
inSecurityBufferArray = Array.Empty<SecurityBuffer>();
}

int tokenSize = MaxTokenSize;
int tokenSize = NegotiateStreamPal.QueryMaxTokenSize(securityPackage);

SecurityBuffer outSecurityBuffer = new SecurityBuffer(tokenSize, SecurityBufferType.SECBUFFER_TOKEN);

ContextFlagsPal requestedContextFlags = ContextFlagsPal.Connection
Expand All @@ -119,7 +119,7 @@ internal void GenSspiClientContext(SspiClientContextStatus sspiClientContextStat
statusCode.ErrorCode == SecurityStatusPalErrorCode.CompAndContinue)
{
inSecurityBufferArray = new SecurityBuffer[] { outSecurityBuffer };
statusCode = new SecurityStatusPal(SecurityStatusPalErrorCode.OK);
statusCode = NegotiateStreamPal.CompleteAuthToken(ref securityContext, inSecurityBufferArray);
outSecurityBuffer.token = null;
}

Expand Down Expand Up @@ -372,7 +372,7 @@ private static byte[] GetSqlServerSPN(string hostNameOrAddress, string portOrIns
/// <returns>SNITCPHandle</returns>
private SNITCPHandle CreateTcpHandle(DataSource details, long timerExpire, object callbackObject, bool parallel, string cachedFQDN, ref SQLDNSInfo pendingDNSInfo)
{
// TCP Format:
// TCP Format:
// tcp:<host name>\<instance name>
// tcp:<host name>,<TCP/IP port number>

Expand Down Expand Up @@ -474,7 +474,7 @@ internal SNIError GetLastError()
}

/// <summary>
/// Gets the Local db Named pipe data source if the input is a localDB server.
/// Gets the Local db Named pipe data source if the input is a localDB server.
/// </summary>
/// <param name="fullServerName">The data source</param>
/// <param name="error">Set true when an error occurred while getting LocalDB up</param>
Expand Down Expand Up @@ -529,7 +529,7 @@ internal enum Protocol { TCP, NP, None, Admin };
internal Protocol _connectionProtocol = Protocol.None;

/// <summary>
/// Provides the HostName of the server to connect to for TCP protocol.
/// Provides the HostName of the server to connect to for TCP protocol.
/// This information is also used for finding the SPN of SqlServer
/// </summary>
internal string ServerName { get; private set; }
Expand Down Expand Up @@ -733,7 +733,7 @@ private bool InferConnectionDetails()
// Instance Name Handling. Only if we found a '\' and we did not find a port in the Data Source
else if (backSlashIndex > -1)
{
// This means that there will not be any part separated by comma.
// This means that there will not be any part separated by comma.
InstanceName = tokensByCommaAndSlash[1].Trim();

if (string.IsNullOrWhiteSpace(InstanceName))
Expand Down Expand Up @@ -781,7 +781,7 @@ private bool InferNamedPipesInformation()
string[] tokensByBackSlash = _dataSourceAfterTrimmingProtocol.Split(BackSlashCharacter);

// The datasource is of the format \\host\pipe\sql\query [0]\[1]\[2]\[3]\[4]\[5]
// It would at least have 6 parts.
// It would at least have 6 parts.
// Another valid Sql named pipe for an named instance is \\.\pipe\MSSQL$MYINSTANCE\sql\query
if (tokensByBackSlash.Length < 6)
{
Expand Down

0 comments on commit 63b79e3

Please sign in to comment.