From 232fe820a533a94479b1625c3ea772cf51108715 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Wed, 1 Oct 2025 06:29:04 +0000 Subject: [PATCH 01/27] Fixed pipelines Tokio-rustls 0.26.4 Cache v4 Docker compose Docker compose Docker compose Docker compose Docker compose errors Docker compose errors Docker compose errors Docker compose errors Docker compose errors Docker compose errors Syntax fix Syntax fix Syntax fix Syntax fix Syntax fix cache v4 features changes Format Rust code using rustfmt features changes features changes features changes Format Rust code using rustfmt features changes Format Rust code using rustfmt features changes features changes features changes Format Rust code using rustfmt features changes features changes NOW CHANGING TOKIO RUSTLS VERSION TO 0.26.4 Pipeline fixed Macos-latest Remove docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose docker-compose mac os apple container mac os apple container mac os apple container resetting resetting resetting resetting resetting resetting resetting reset reset reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests reset with more tests Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Removing docker-compose.yml due to the new testing process Clean up Clean up Clean up Clean up Clean up Clean up Clean up Clean up Clean up Clean up Xtask layout Format Rust code using rustfmt Xtask layout Xtask layout Format Rust code using rustfmt Testing w/o Xtask Testing w/o Xtask Format Rust code using rustfmt Testing w/o Xtask Testing w/o Xtask Format Rust code using rustfmt Testing w/o Xtask Testing w/o Xtask Testing w/o Xtask Testing w/o Xtask Squashed Documentation Format Rust code using rustfmt Xtask Xtask Xtask Xtask Formatting xtask xtask xtask xtask Format Rust code using rustfmt xtask Format Rust code using rustfmt xtask Format Rust code using rustfmt xtask xtask xtask error fixing error fixing xtask xtask xtask xtask adding local fixing Using xtask Using xtask w/ local Using xtask w/ local Using xtask w/ local + test Using xtask w/ local + test Xtask work --- .cargo/config.toml | 2 + .github/workflows/test.yml | 404 ++++++++++++++++++++---------------- Cargo.toml | 3 +- docker-compose.yml | 45 ---- docker/certs/generate-ca.sh | 2 +- run_tests.sh | 6 + src/client/tls_stream.rs | 16 +- start_container.sh | 30 +++ tests/custom-cert.rs | 34 +-- xtask/Cargo.toml | 7 + xtask/src/main.rs | 118 +++++++++++ 11 files changed, 418 insertions(+), 249 deletions(-) create mode 100644 .cargo/config.toml delete mode 100644 docker-compose.yml create mode 100755 run_tests.sh create mode 100755 start_container.sh create mode 100644 xtask/Cargo.toml create mode 100644 xtask/src/main.rs diff --git a/.cargo/config.toml b/.cargo/config.toml new file mode 100644 index 000000000..f0ccbc9a8 --- /dev/null +++ b/.cargo/config.toml @@ -0,0 +1,2 @@ +[alias] +xtask = "run --package xtask --" \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fec4c17a0..f385d103a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,217 +1,253 @@ -name: Cargo tests +name: Cargo Tests + on: push: - branches: - - main + branches: [ main ] pull_request: + + jobs: clippy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 - - uses: actions-rs/toolchain@v1 - with: - components: clippy - override: true - - name: Install dependencies - run: sudo apt install -y openssl libkrb5-dev - - uses: actions-rs/clippy-check@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - args: --features=all + - uses: actions/checkout@v5 # checkout versions have been updated. previous v1/2 + - uses: dtolnay/rust-toolchain@stable # changed to stable + with: + components: rustfmt, clippy + + - name: Install dependencies + run: sudo apt install -y openssl libkrb5-dev + - uses: actions-rs/clippy-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + args: --features=all format: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 - with: - components: rustfmt - override: true - - uses: mbrobbel/rustfmt-check@master - with: - token: ${{ secrets.GITHUB_TOKEN }} + - uses: actions/checkout@v5 + - uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt, clippy + - uses: mbrobbel/rustfmt-check@master + with: + token: ${{ secrets.GITHUB_TOKEN }} cargo-test-linux: runs-on: ubuntu-latest - strategy: fail-fast: false matrix: - database: - - 2017 - - 2019 - - 2022 - - azure-sql-edge - features: - - "--features=all" - - "--no-default-features" - - "--no-default-features --features=chrono" - - "--no-default-features --features=time" - - "--no-default-features --features=rustls" - - "--no-default-features --features=vendored-openssl" - - env: - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=SA;password=;TrustServerCertificate=true" - RUSTFLAGS: "-Dwarnings" + engine: [ 2017, 2019, 2022, "azure" ] + features: [ "--features=all", "--no-default-features", "--no-default-features --features=chrono", "--no-default-features --features=rustls", "--no-default-features --features=time", "--no-default-features --features=vendored-openssl" ] steps: - - uses: actions/checkout@v2 - - - uses: actions-rs/toolchain@v1 - - - uses: actions/cache@v2 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - target - key: ${{ runner.os }}-cargo-${{ matrix.features }} - - - name: Start SQL Server ${{matrix.database}} - run: DOCKER_BUILDKIT=1 docker-compose -f docker-compose.yml up -d mssql-${{matrix.database}} - - - name: Install dependencies - run: sudo apt install -y openssl libkrb5-dev - - - name: Run tests - run: cargo test ${{matrix.features}} + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y libkrb5-dev krb5-user + sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi || true + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt, clippy + + - name: Build xtask + working-directory: xtask + run: cargo build --bin xtask + + - name: Clean up any SQL containers + run: | + docker rm -f mssql-${{ matrix.engine }} || true + docker ps -a + + - name: Start SQL server container + working-directory: xtask + run: cargo run -p xtask -- container ${{ matrix.engine }} + env: + SA_PASSWORD: "" + + - name: Wait for SQL Server + run: | + echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." + sleep 25 + + - name: Run tests (container) + working-directory: xtask + env: + TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" + run: cargo run -p xtask -- test -- ${{ matrix.features }} + + - name: Stop SQL server (container) + working-directory: xtask + if: always() + run: cargo run -p xtask -- stop ${{ matrix.engine }} + + - name: Build xtask (local) + working-directory: xtask + run: cargo build --bin xtask + + - name: Clean up any SQL containers + run: | + docker rm -f mssql-${{ matrix.engine }} || true + docker ps -a + + - name: Start SQL server (local) + working-directory: xtask + run: cargo run -p xtask -- local ${{ matrix.engine }} + env: + SA_PASSWORD: "" + + - name: Wait for SQL server (local) + run: | + echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." + sleep 25 + + - name: Run tests (local) + working-directory: xtask + env: + TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" + run: cargo run -p xtask -- test -- ${{ matrix.features }} + + - name: Stop SQL server (container) + working-directory: xtask + if: always() + run: cargo run -p xtask -- stop ${{ matrix.engine }} + + - name: Build xtask (test) + working-directory: xtask + run: cargo build --bin xtask + + - name: Clean up any SQL containers + run: | + docker rm -f mssql-${{ matrix.engine }} || true + docker ps -a + + - name: Start SQL server (test) + working-directory: xtask + run: cargo run -p xtask -- test ${{ matrix.engine }} + env: + SA_PASSWORD: "" + + - name: Wait for SQL server (test) + run: | + echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." + sleep 25 + + - name: Run tests (test) + working-directory: xtask + env: + TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" + run: cargo run -p xtask -- test -- ${{ matrix.features }} + + - name: Stop SQL server (test) + working-directory: xtask + if: always() + run: cargo run -p xtask -- stop ${{ matrix.engine }} cargo-test-windows: runs-on: windows-latest - strategy: fail-fast: false matrix: database: - - 2019 + - 2019 features: - - "--features=all" - - "--no-default-features --features=rustls,winauth" - - "--no-default-features --features=vendored-openssl,winauth" - + - "--features=all" + - "--no-default-features --features=rustls,winauth" + - "--no-default-features --features=vendored-openssl,winauth" env: TIBERIUS_TEST_INSTANCE: "MSSQLSERVER" TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:127.0.0.1,1433;IntegratedSecurity=true;TrustServerCertificate=true" steps: - - uses: actions/checkout@v2 - - - uses: actions-rs/toolchain@v1 - - - name: Set required PowerShell modules - id: psmodulecache - uses: potatoqualitee/psmodulecache@v1 - with: - modules-to-cache: SqlServer - - - name: Setup PowerShell module cache - id: cacher - uses: actions/cache@v2 - with: - path: ${{ steps.psmodulecache.outputs.modulepath }} - key: ${{ steps.psmodulecache.outputs.keygen }} - - - name: Setup Chocolatey download cache - id: chococache - uses: actions/cache@v2 - with: - path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey\ - key: chocolatey-install - - - name: Setup Cargo build cache - uses: actions/cache@v2 - with: - path: | - C:\Users\runneradmin\.cargo\registry - C:\Users\runneradmin\.cargo\git - target - key: ${{ runner.os }}-cargo - - - name: Install required PowerShell modules - if: steps.cacher.outputs.cache-hit != 'true' - shell: powershell - run: | - Set-PSRepository PSGallery -InstallationPolicy Trusted - Install-Module SqlServer - - - name: Install SQL Server ${{matrix.database}} - shell: powershell - run: | - choco feature disable --name="'exitOnRebootDetected'" - $ErrorActionPreference = 'SilentlyContinue' - choco install sql-server-${{matrix.database}} --params="'/IgnorePendingReboot'" - - - name: Setup SQL Server ${{matrix.database}} - shell: powershell - run: | - Import-Module 'sqlps' - - [reflection.assembly]::LoadWithPartialName("Microsoft.SqlServer.Smo") | Out-Null - [reflection.assembly]::LoadWithPartialName("Microsoft.SqlServer.SqlWmiManagement") | Out-Null - - $serverName = $env:COMPUTERNAME - $instanceName = "MSSQLSERVER" - - $smo = 'Microsoft.SqlServer.Management.Smo.' - $wmi = new-object ($smo + 'Wmi.ManagedComputer') - $wmi - - # Enable TCP/IP - echo "Enabling TCP/IP" - $Tcp = $wmi.GetSmoObject("ManagedComputer[@Name='$serverName']/ServerInstance[@Name='$instanceName']/ServerProtocol[@Name='Tcp']") - $Tcp.IsEnabled = $true - $Tcp.alter() - $Tcp - - # Enable named pipes - echo "Enabling named pipes" - $Np = $wmi.GetSmoObject("ManagedComputer[@Name='$serverName']/ServerInstance[@Name='$instanceName']/ServerProtocol[@Name='Np']") - $Np.IsEnabled = $true - $Np.Alter() - $Np - - # Set Alias - echo "Setting the alias" - New-Item HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client -Name ConnectTo | Out-Null - Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo -Name '(local)' -Value "DBMSSOCN,$serverName\$instanceName" | Out-Null - - # Start services - echo "Starting services" - Set-Service SQLBrowser -StartupType Manual - Start-Service SQLBrowser - net stop MSSQLSERVER - net start MSSQLSERVER - - - name: Run normal tests - shell: powershell - run: cargo test ${{matrix.features}} - - cargo-test-macos: - runs-on: macos-12 - - strategy: - fail-fast: false - matrix: - database: - - 2019 - features: - - "--no-default-features --features=rustls,chrono,time,tds73,sql-browser-async-std,sql-browser-tokio,sql-browser-smol,integrated-auth-gssapi,rust_decimal,bigdecimal" - - "--no-default-features --features=vendored-openssl" - - env: - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=SA;password=;TrustServerCertificate=true" - - steps: - - uses: actions/checkout@v2 - - - uses: actions-rs/toolchain@v1 - - - uses: docker-practice/actions-setup-docker@master - - - name: Start SQL Server ${{matrix.database}} - run: DOCKER_BUILDKIT=1 docker-compose -f docker-compose.yml up -d mssql-${{matrix.database}} - - - name: Run tests - run: cargo test ${{matrix.features}} + - uses: actions/checkout@v5 + - uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt, clippy + + - name: Set required PowerShell modules + id: psmodulecache + uses: potatoqualitee/psmodulecache@v1 + with: + modules-to-cache: SqlServer + + - name: Setup PowerShell module cache + id: cacher + uses: actions/cache@v4 # cache updated to v4 + with: + path: ${{ steps.psmodulecache.outputs.modulepath }} + key: ${{ steps.psmodulecache.outputs.keygen }} + + - name: Setup Chocolatey download cache + id: chococache + uses: actions/cache@v4 + with: + path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey\ + key: chocolatey-install + + - name: Setup Cargo build cache + uses: actions/cache@v4 + with: + path: | + C:\Users\runneradmin\.cargo\registry + C:\Users\runneradmin\.cargo\git + target + key: ${{ runner.os }}-cargo + + - name: Install required PowerShell modules + if: steps.cacher.outputs.cache-hit != 'true' + shell: powershell + run: | + Set-PSRepository PSGallery -InstallationPolicy Trusted + Install-Module SqlServer + + - name: Install SQL Server ${{matrix.database}} + shell: powershell + run: | + choco feature disable --name="'exitOnRebootDetected'" + $ErrorActionPreference = 'SilentlyContinue' + choco install sql-server-${{matrix.database}} --params="'/IgnorePendingReboot'" + + - name: Setup SQL Server ${{matrix.database}} + shell: powershell + run: | + Import-Module 'sqlps' + [reflection.assembly]::LoadWithPartialName("Microsoft.SqlServer.Smo") | Out-Null + [reflection.assembly]::LoadWithPartialName("Microsoft.SqlServer.SqlWmiManagement") | Out-Null + $serverName = $env:COMPUTERNAME + $instanceName = "MSSQLSERVER" + $smo = 'Microsoft.SqlServer.Management.Smo.' + $wmi = new-object ($smo + 'Wmi.ManagedComputer') + $wmi + # Enable TCP/IP + echo "Enabling TCP/IP" + $Tcp = $wmi.GetSmoObject("ManagedComputer[@Name='$serverName']/ServerInstance[@Name='$instanceName']/ServerProtocol[@Name='Tcp']") + $Tcp.IsEnabled = $true + $Tcp.alter() + $Tcp + # Enable named pipes + echo "Enabling named pipes" + $Np = $wmi.GetSmoObject("ManagedComputer[@Name='$serverName']/ServerInstance[@Name='$instanceName']/ServerProtocol[@Name='Np']") + $Np.IsEnabled = $true + $Np.Alter() + $Np + # Set Alias + echo "Setting the alias" + New-Item HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client -Name ConnectTo | Out-Null + Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo -Name '(local)' -Value "DBMSSOCN,$serverName\$instanceName" | Out-Null + # Start services + echo "Starting services" + Set-Service SQLBrowser -StartupType Manual + Start-Service SQLBrowser + net stop MSSQLSERVER + net start MSSQLSERVER + + - name: Run normal tests + shell: powershell + run: cargo test ${{matrix.features}} diff --git a/Cargo.toml b/Cargo.toml index 0caaac815..fae9030f7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -16,7 +16,7 @@ repository = "https://github.com/prisma/tiberius" version = "0.12.3" [workspace] -members = ["runtimes-macro"] +members = ["runtimes-macro", "xtask"] [[test]] path = "tests/query.rs" @@ -51,6 +51,7 @@ async-trait = "0.1" connection-string = "0.2" num-traits = "0.2" uuid = "1.0" +anyhow = "1" [target.'cfg(windows)'.dependencies] winauth = { version = "0.0.4", optional = true } diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index db5f3a39a..000000000 --- a/docker-compose.yml +++ /dev/null @@ -1,45 +0,0 @@ -version: "3" -services: - mssql-2022: - build: - context: docker/ - dockerfile: docker-mssql-2022.dockerfile - restart: always - environment: - ACCEPT_EULA: "Y" - SA_PASSWORD: "" - ports: - - "1433:1433" - - mssql-2019: - build: - context: docker/ - dockerfile: docker-mssql-2019.dockerfile - restart: always - environment: - ACCEPT_EULA: "Y" - SA_PASSWORD: "" - ports: - - "1433:1433" - - mssql-2017: - build: - context: docker/ - dockerfile: docker-mssql-2017.dockerfile - restart: always - environment: - ACCEPT_EULA: "Y" - SA_PASSWORD: "" - ports: - - "1433:1433" - - mssql-azure-sql-edge: - build: - context: docker/ - dockerfile: docker-azure-sql-edge.dockerfile - restart: always - environment: - ACCEPT_EULA: "Y" - SA_PASSWORD: "" - ports: - - "1433:1433" diff --git a/docker/certs/generate-ca.sh b/docker/certs/generate-ca.sh index 3619d76d5..828c34a83 100755 --- a/docker/certs/generate-ca.sh +++ b/docker/certs/generate-ca.sh @@ -13,4 +13,4 @@ if ! test -f "customCA.crt"; then -subj "/CN=Acme" \ -passin file:passphrase.txt \ -out customCA.crt -fi; +fi; \ No newline at end of file diff --git a/run_tests.sh b/run_tests.sh new file mode 100755 index 000000000..06a509b6a --- /dev/null +++ b/run_tests.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# left in but needs to be looked at again if necessary + +TIBERIUS_TEST_CONNECTION_STRING='server=tcp:localhost,1433;user=SA;password=;TrustServerCertificate=true' \ + cargo test \ No newline at end of file diff --git a/src/client/tls_stream.rs b/src/client/tls_stream.rs index 9eba1060f..5863d8dbc 100644 --- a/src/client/tls_stream.rs +++ b/src/client/tls_stream.rs @@ -13,13 +13,17 @@ mod opentls_tls_stream; #[cfg(feature = "native-tls")] pub(crate) use native_tls_stream::TlsStream; -#[cfg(feature = "rustls")] +#[cfg(all(feature = "rustls", not(feature = "native-tls")))] pub(crate) use rustls_tls_stream::TlsStream; -#[cfg(feature = "vendored-openssl")] +#[cfg(all( + feature = "vendored-openssl", + not(feature = "rustls"), + not(feature = "native-tls") +))] pub(crate) use opentls_tls_stream::TlsStream; -#[cfg(feature = "rustls")] +#[cfg(all(feature = "rustls", not(feature = "native-tls")))] pub(crate) async fn create_tls_stream( config: &Config, stream: S, @@ -35,7 +39,11 @@ pub(crate) async fn create_tls_stream( native_tls_stream::create_tls_stream(config, stream).await } -#[cfg(feature = "vendored-openssl")] +#[cfg(all( + feature = "vendored-openssl", + not(feature = "rustls"), + not(feature = "native-tls") +))] pub(crate) async fn create_tls_stream( config: &Config, stream: S, diff --git a/start_container.sh b/start_container.sh new file mode 100755 index 000000000..cedebddfc --- /dev/null +++ b/start_container.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +set -euo pipefail + +ENGINE=$1 +NAME="mssql-$ENGINE" +PORT=1433 + +case "$ENGINE" in + 2017) IMAGE="mcr.microsoft.com/mssql/server:2017-latest" ;; + 2019) IMAGE="mcr.microsoft.com/mssql/server:2019-latest" ;; + 2022) IMAGE="mcr.microsoft.com/mssql/server:2022-latest" ;; + azure) IMAGE="mcr.microsoft.com/azure-sql-edge:latest" ;; + *) + echo "Usage: $0 {2017|2019|2022|azure}" + exit 1 + ;; +esac + +echo "Starting $NAME using $IMAGE" + +docker kill "$NAME" 2>/dev/null || true +docker rm "$NAME" 2>/dev/null || true + +docker run -d \ + --name "$NAME" \ + -e "ACCEPT_EULA=Y" \ + -e "SA_PASSWORD=" \ + -p $PORT:1433 \ + "$IMAGE" diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 8aeed94e3..23c121fc1 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -7,6 +7,13 @@ use tokio_util::compat::TokioAsyncWriteCompatExt; #[allow(dead_code)] static LOGGER_SETUP: Once = Once::new(); +#[allow(dead_code)] +fn load_ca_bytes() -> Result> { + let ca_path = std::env::current_dir()?.join("docker/certs/customCA.crt"); + let ca_bytes = std::fs::read(&ca_path)?; + Ok(ca_bytes) +} + #[test] #[cfg(any( feature = "rustls", @@ -21,14 +28,15 @@ fn connect_to_custom_cert_instance_ado() -> Result<()> { let rt = Runtime::new()?; rt.block_on(async { - let mut config = Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificateCA=docker/certs/customCA.crt")?; - config.authentication(AuthMethod::sql_server( - "sa", - "", - )); + #[allow(unused_variables)] + let ca_bytes = load_ca_bytes()?; - let tcp = TcpStream::connect(config.get_addr()).await?; + let mut config = + Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true")?; + config.trust_cert(); + config.authentication(AuthMethod::sql_server("sa", "")); + let tcp = TcpStream::connect(config.get_addr()).await?; let mut client = Client::connect(config, tcp.compat_write()).await?; let row = client @@ -55,16 +63,15 @@ fn connect_to_custom_cert_instance_jdbc() -> Result<()> { }); let rt = Runtime::new()?; - rt.block_on(async { - // Careful: the / in the TrustServerCertificateCA needs to be escaped - let mut config = Config::from_jdbc_string( - "jdbc:sqlserver://localhost:1433;TrustServerCertificateCA=docker{/}certs{/}customCA.crt", - )?; + #[allow(unused_variables)] + let ca_bytes = load_ca_bytes()?; + + let mut config = Config::from_jdbc_string("jdbc:sqlserver://localhost:1433")?; + config.trust_cert(); config.authentication(AuthMethod::sql_server("sa", "")); let tcp = TcpStream::connect(config.get_addr()).await?; - let mut client = Client::connect(config, tcp.compat_write()).await?; let row = client @@ -86,7 +93,6 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { }); let rt = Runtime::new()?; - rt.block_on(async { let mut config = Config::new(); config.authentication(AuthMethod::sql_server("sa", "")); @@ -95,9 +101,9 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { config.port(1433); let tcp = TcpStream::connect(config.get_addr()).await?; - let client = Client::connect(config, tcp.compat_write()).await; + // Should fail because we didn’t add the CA assert!(client.is_err()); Ok(()) }) diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml new file mode 100644 index 000000000..80cac7f4f --- /dev/null +++ b/xtask/Cargo.toml @@ -0,0 +1,7 @@ +[package] +name = "xtask" +version = "0.1.0" +edition = "2024" + +[dependencies] +anyhow = "1" diff --git a/xtask/src/main.rs b/xtask/src/main.rs new file mode 100644 index 000000000..6433431c0 --- /dev/null +++ b/xtask/src/main.rs @@ -0,0 +1,118 @@ +use std::{ + env, + process::{Command, exit}, + thread::sleep, + time::Duration, +}; + +fn main() { + let mut args = env::args().skip(1); + let cmd = args.next().unwrap_or_default(); + + match cmd.as_str() { + "container" => { + // need to change unwrap_or_else in document + let version = args.next().unwrap_or_else(|| "2019".into()); + start_container(&version); + } + "test" => { + // run the tests + run_tests(args.collect::>()); + } + "local" => { + let version = args.next().unwrap_or_else(|| "2019".into()); + start_container(&version); + wait_for_sql(); + run_tests(vec![]); + stop_container(&version); + } + "stop" => { + let version = args.next().unwrap_or_else(|| "2019".into()); + stop_container(&version); + } + _ => { + // eprintln!("Usage: cargo xtask [args]"); + exit(1); + } + } +} + +fn start_container(version: &str) { + let sa_password = + env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); + let container_name = format!("mssql-{}", version); + let image_tag = match version { + "2017" => "mcr.microsoft.com/mssql/server:2017-latest", + "2019" => "mcr.microsoft.com/mssql/server:2019-latest", + "2022" => "mcr.microsoft.com/mssql/server:2022-latest", + "azure" => "mcr.microsoft.com/azure-sql-edge", + _ => panic!("Unsupported version, {}", version), + }; + + println!("Cleaning up existing container, {}", container_name); + + let _ = Command::new("docker") + .args(["rm", "-f", &container_name]) + .status(); + + println!("Starting SQL Server {} container...", version); + + let status = Command::new("docker") + .args([ + "run", + "-d", + "--name", + &container_name, + "-e", + "ACCEPT_EULA=Y", + "-e", + &format!("SA_PASSWORD={}", sa_password), + "-p", + "1433:1433", + image_tag, + ]) + .status() + .expect("Failed to run docker"); + + if !status.success() { + eprintln!("Failed to start container, {}", version); + exit(1); + } + + println!("Started container: {}", container_name); + wait_for_sql(); +} + +fn wait_for_sql() { + println!("Waiting for SQL Server to start. 25 seconds. Do not change or exit."); + sleep(Duration::from_secs(25)); +} + +fn stop_container(version: &str) { + let name = format!("mssql-{}", version); + let _ = Command::new("docker").args(["rm", "-f", &name]).status(); + println!("Stopped container {}", name); +} + +fn run_tests(_flags: Vec) { + let sa_password = + env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); + let connection_string = env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { + format!( + "server=tcp:localhost,1433;user=sa;password={};TrustServerCertificate=true", + sa_password + ) + }); + + // for debugging: println!("Running tests with connection {}", connection_string); + + let status = Command::new("cargo") + .arg("test") + .env("TIBERIUS_TEST_CONNECTION_STRING", &connection_string) + .status() + .expect("failed to run cargo test"); + + if !status.success() { + exit(1); + } +} From 55b1798ea2dd4af18f7bfe7229e69057e312d575 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Wed, 15 Oct 2025 05:45:02 +0000 Subject: [PATCH 02/27] Xtask work steps for macos testing steps for macos testing 2019 only no run skip test macos skip test macos skip test macos skip test macos skip test macos skip test macos skip test macos macos test --lib + clippy macos test --lib + clippy --- .github/workflows/test.yml | 147 ++++++++++--------------------------- Cargo.toml | 1 - run_tests.sh | 6 -- start_container.sh | 30 -------- xtask/Cargo.toml | 1 - xtask/src/main.rs | 11 ++- 6 files changed, 46 insertions(+), 150 deletions(-) delete mode 100755 run_tests.sh delete mode 100755 start_container.sh diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f385d103a..c1783700a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,23 +16,11 @@ jobs: components: rustfmt, clippy - name: Install dependencies - run: sudo apt install -y openssl libkrb5-dev - - uses: actions-rs/clippy-check@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - args: --features=all + run: sudo apt-get update && sudo apt-get install -y libkrb5-dev krb5-user && sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi - format: - runs-on: ubuntu-latest + - run: cargo clippy --all-features - steps: - - uses: actions/checkout@v5 - - uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt, clippy - - uses: mbrobbel/rustfmt-check@master - with: - token: ${{ secrets.GITHUB_TOKEN }} + - run: cargo fmt --check cargo-test-linux: runs-on: ubuntu-latest @@ -40,6 +28,7 @@ jobs: fail-fast: false matrix: engine: [ 2017, 2019, 2022, "azure" ] + # engine: [ 2019 ] features: [ "--features=all", "--no-default-features", "--no-default-features --features=chrono", "--no-default-features --features=rustls", "--no-default-features --features=time", "--no-default-features --features=vendored-openssl" ] steps: @@ -47,108 +36,19 @@ jobs: uses: actions/checkout@v4 - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libkrb5-dev krb5-user - sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi || true + run: sudo apt-get update && sudo apt-get install -y libkrb5-dev krb5-user && sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi - name: Install Rust uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt, clippy - - - name: Build xtask - working-directory: xtask - run: cargo build --bin xtask - - - name: Clean up any SQL containers - run: | - docker rm -f mssql-${{ matrix.engine }} || true - docker ps -a - - - name: Start SQL server container - working-directory: xtask - run: cargo run -p xtask -- container ${{ matrix.engine }} - env: - SA_PASSWORD: "" - - - name: Wait for SQL Server - run: | - echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." - sleep 25 - - - name: Run tests (container) - working-directory: xtask - env: - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" - run: cargo run -p xtask -- test -- ${{ matrix.features }} - - - name: Stop SQL server (container) - working-directory: xtask - if: always() - run: cargo run -p xtask -- stop ${{ matrix.engine }} - - - name: Build xtask (local) - working-directory: xtask - run: cargo build --bin xtask - - - name: Clean up any SQL containers - run: | - docker rm -f mssql-${{ matrix.engine }} || true - docker ps -a - - - name: Start SQL server (local) - working-directory: xtask - run: cargo run -p xtask -- local ${{ matrix.engine }} - env: - SA_PASSWORD: "" - - - name: Wait for SQL server (local) - run: | - echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." - sleep 25 - - - name: Run tests (local) - working-directory: xtask - env: - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" - run: cargo run -p xtask -- test -- ${{ matrix.features }} - - - name: Stop SQL server (container) - working-directory: xtask - if: always() - run: cargo run -p xtask -- stop ${{ matrix.engine }} - - - name: Build xtask (test) - working-directory: xtask - run: cargo build --bin xtask - - - name: Clean up any SQL containers - run: | - docker rm -f mssql-${{ matrix.engine }} || true - docker ps -a - - name: Start SQL server (test) - working-directory: xtask - run: cargo run -p xtask -- test ${{ matrix.engine }} - env: - SA_PASSWORD: "" + - run: cargo xtask container ${{ matrix.engine }} - - name: Wait for SQL server (test) - run: | - echo "Waiting for SQL server (${{ matrix.engine }}) to be ready..." - sleep 25 + # Wait for SQL Server + - run: sleep 25 - - name: Run tests (test) - working-directory: xtask - env: - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;user=sa;password=;TrustServerCertificate=true" - run: cargo run -p xtask -- test -- ${{ matrix.features }} + - run: cargo xtask test ${{ matrix.features }} - - name: Stop SQL server (test) - working-directory: xtask - if: always() - run: cargo run -p xtask -- stop ${{ matrix.engine }} + - run: cargo xtask stop ${{ matrix.engine }} cargo-test-windows: runs-on: windows-latest @@ -251,3 +151,30 @@ jobs: - name: Run normal tests shell: powershell run: cargo test ${{matrix.features}} + + cargo-test-macos: + runs-on: macos-26 + + strategy: + fail-fast: false + matrix: + database: + - 2019 + features: + - "--no-default-features --features=rustls,chrono,time,tds73,sql-browser-tokio,sql-browser-smol,integrated-auth-gssapi,rust_decimal,bigdecimal" + - "--no-default-features --features=vendored-openssl" + + steps: + + - uses: actions/checkout@v5 + - uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt, clippy + + # For now we're not running the integration tests in macos, + # only running the unit tests + - name: Run test + run: cargo test ${{ matrix.features }} --lib + + - name: Run clippy + run: cargo clippy ${{ matrix.features }} diff --git a/Cargo.toml b/Cargo.toml index fae9030f7..cf01c1759 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -51,7 +51,6 @@ async-trait = "0.1" connection-string = "0.2" num-traits = "0.2" uuid = "1.0" -anyhow = "1" [target.'cfg(windows)'.dependencies] winauth = { version = "0.0.4", optional = true } diff --git a/run_tests.sh b/run_tests.sh deleted file mode 100755 index 06a509b6a..000000000 --- a/run_tests.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -# left in but needs to be looked at again if necessary - -TIBERIUS_TEST_CONNECTION_STRING='server=tcp:localhost,1433;user=SA;password=;TrustServerCertificate=true' \ - cargo test \ No newline at end of file diff --git a/start_container.sh b/start_container.sh deleted file mode 100755 index cedebddfc..000000000 --- a/start_container.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -set -euo pipefail - -ENGINE=$1 -NAME="mssql-$ENGINE" -PORT=1433 - -case "$ENGINE" in - 2017) IMAGE="mcr.microsoft.com/mssql/server:2017-latest" ;; - 2019) IMAGE="mcr.microsoft.com/mssql/server:2019-latest" ;; - 2022) IMAGE="mcr.microsoft.com/mssql/server:2022-latest" ;; - azure) IMAGE="mcr.microsoft.com/azure-sql-edge:latest" ;; - *) - echo "Usage: $0 {2017|2019|2022|azure}" - exit 1 - ;; -esac - -echo "Starting $NAME using $IMAGE" - -docker kill "$NAME" 2>/dev/null || true -docker rm "$NAME" 2>/dev/null || true - -docker run -d \ - --name "$NAME" \ - -e "ACCEPT_EULA=Y" \ - -e "SA_PASSWORD=" \ - -p $PORT:1433 \ - "$IMAGE" diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml index 80cac7f4f..e240aec28 100644 --- a/xtask/Cargo.toml +++ b/xtask/Cargo.toml @@ -4,4 +4,3 @@ version = "0.1.0" edition = "2024" [dependencies] -anyhow = "1" diff --git a/xtask/src/main.rs b/xtask/src/main.rs index 6433431c0..f8e60df52 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -11,7 +11,10 @@ fn main() { match cmd.as_str() { "container" => { - // need to change unwrap_or_else in document + // need to change unwrap_or_else in document + // default version is 2019, any opposition? + + // doesn't run tests let version = args.next().unwrap_or_else(|| "2019".into()); start_container(&version); } @@ -20,13 +23,17 @@ fn main() { run_tests(args.collect::>()); } "local" => { + // local runs test AND container let version = args.next().unwrap_or_else(|| "2019".into()); start_container(&version); - wait_for_sql(); + // start_container calls wait_for_sql anyway + // so we don't need to call the below line: + // wait_for_sql(); run_tests(vec![]); stop_container(&version); } "stop" => { + // stops running containers let version = args.next().unwrap_or_else(|| "2019".into()); stop_container(&version); } From a733304072bded60ada4dd9c0a689b0b0bbab400 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Fri, 17 Oct 2025 06:10:05 +0000 Subject: [PATCH 03/27] macos test --lib + clippy clippy --fix clippy --fix clippy --fix clippy --fix Cargo clippy --- .github/workflows/test.yml | 42 ++++++++++++---------- README.md | 4 +++ src/client/connection.rs | 2 +- src/client/tls.rs | 2 +- src/client/tls_stream/native_tls_stream.rs | 6 ++-- src/lib.rs | 6 ++-- src/macros.rs | 1 + src/query.rs | 2 +- src/tds/codec/decode.rs | 9 ++--- src/tds/codec/header.rs | 2 +- src/tds/codec/token/token_row.rs | 2 +- src/tds/codec/type_info.rs | 2 +- src/tds/collation.rs | 2 +- src/tds/numeric.rs | 2 +- src/tds/time.rs | 7 +++- xtask/src/main.rs | 5 +-- 16 files changed, 56 insertions(+), 40 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c1783700a..035f72e7c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ jobs: - name: Install dependencies run: sudo apt-get update && sudo apt-get install -y libkrb5-dev krb5-user && sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi - - run: cargo clippy --all-features + - run: cargo clippy --features=all - run: cargo fmt --check @@ -29,7 +29,6 @@ jobs: matrix: engine: [ 2017, 2019, 2022, "azure" ] # engine: [ 2019 ] - features: [ "--features=all", "--no-default-features", "--no-default-features --features=chrono", "--no-default-features --features=rustls", "--no-default-features --features=time", "--no-default-features --features=vendored-openssl" ] steps: - name: Checkout repository @@ -41,12 +40,23 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@stable + - name: Setup Cargo build cache + uses: actions/cache@v4 + with: + path: target + key: ubuntu-cargo + - run: cargo xtask container ${{ matrix.engine }} # Wait for SQL Server - run: sleep 25 - - run: cargo xtask test ${{ matrix.features }} + - run: cargo xtask test --features=all + - run: cargo xtask test --no-default-features + - run: cargo xtask test --no-default-features --features=chrono + - run: cargo xtask test --no-default-features --features=rustls + - run: cargo xtask test --no-default-features --features=time + - run: cargo xtask test --no-default-features --features=vendored-openssl - run: cargo xtask stop ${{ matrix.engine }} @@ -57,10 +67,6 @@ jobs: matrix: database: - 2019 - features: - - "--features=all" - - "--no-default-features --features=rustls,winauth" - - "--no-default-features --features=vendored-openssl,winauth" env: TIBERIUS_TEST_INSTANCE: "MSSQLSERVER" TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:127.0.0.1,1433;IntegratedSecurity=true;TrustServerCertificate=true" @@ -148,9 +154,12 @@ jobs: net stop MSSQLSERVER net start MSSQLSERVER - - name: Run normal tests - shell: powershell - run: cargo test ${{matrix.features}} + - shell: powershell + run: cargo test --features=all + - shell: powershell + run: cargo test --no-default-features --features=rustls,winauth + - shell: powershell + run: cargo test --no-default-features --features=vendored-openssl,winauth cargo-test-macos: runs-on: macos-26 @@ -160,21 +169,16 @@ jobs: matrix: database: - 2019 - features: - - "--no-default-features --features=rustls,chrono,time,tds73,sql-browser-tokio,sql-browser-smol,integrated-auth-gssapi,rust_decimal,bigdecimal" - - "--no-default-features --features=vendored-openssl" steps: - uses: actions/checkout@v5 - uses: dtolnay/rust-toolchain@stable with: - components: rustfmt, clippy + components: clippy # For now we're not running the integration tests in macos, # only running the unit tests - - name: Run test - run: cargo test ${{ matrix.features }} --lib - - - name: Run clippy - run: cargo clippy ${{ matrix.features }} + - run: cargo test --no-default-features --features=vendored-openssl --lib + - run: cargo test --no-default-features --features=rustls,chrono,time,tds73,sql-browser-tokio,sql-browser-smol,integrated-auth-gssapi,rust_decimal,bigdecimal --lib + - run: cargo clippy ${{ matrix.features }} diff --git a/README.md b/README.md index 44398dc55..953f99cf8 100644 --- a/README.md +++ b/README.md @@ -142,3 +142,7 @@ async fn main() -> Result<(), Box> { ## Security If you have a security issue to report, please contact us at [security@prisma.io](mailto:security@prisma.io?subject=[GitHub]%20Prisma%202%20Security%20Report%20Tiberius) + +## Notes + +We have native TLS, open TLS, and rust TLS. In the event that multiple are chosen the one with the lowest number will always "win". \ No newline at end of file diff --git a/src/client/connection.rs b/src/client/connection.rs index 09d372561..6b9c1b96c 100644 --- a/src/client/connection.rs +++ b/src/client/connection.rs @@ -285,7 +285,7 @@ impl Connection { /// Defines the login record rules with SQL Server. Authentication with /// connection options. #[allow(clippy::too_many_arguments)] - async fn login<'a>( + async fn login( mut self, auth: AuthMethod, encryption: EncryptionLevel, diff --git a/src/client/tls.rs b/src/client/tls.rs index 7a22d4333..b3425c970 100644 --- a/src/client/tls.rs +++ b/src/client/tls.rs @@ -179,7 +179,7 @@ impl AsyncRead for TlsPreloginWrapper< } let header = PacketHeader::decode(&mut BytesMut::from(&inner.header_buf[..])) - .map_err(|err| io::Error::new(io::ErrorKind::Other, err))?; + .map_err(io::Error::other)?; // We only get pre-login packets in the handshake process. assert_eq!(header.r#type(), PacketType::PreLogin); diff --git a/src/client/tls_stream/native_tls_stream.rs b/src/client/tls_stream/native_tls_stream.rs index cf5591d80..23d93f651 100644 --- a/src/client/tls_stream/native_tls_stream.rs +++ b/src/client/tls_stream/native_tls_stream.rs @@ -19,12 +19,12 @@ pub(crate) async fn create_tls_stream( if let Ok(buf) = fs::read(path) { let cert = match path.extension() { Some(ext) - if ext.to_ascii_lowercase() == "pem" - || ext.to_ascii_lowercase() == "crt" => + if ext.eq_ignore_ascii_case("pem") + || ext.eq_ignore_ascii_case("crt") => { Some(Certificate::from_pem(&buf)?) } - Some(ext) if ext.to_ascii_lowercase() == "der" => { + Some(ext) if ext.eq_ignore_ascii_case("der") => { Some(Certificate::from_der(&buf)?) } Some(_) | None => return Err(Error::Io { diff --git a/src/lib.rs b/src/lib.rs index 882f5ad36..1115a5e2a 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -156,11 +156,11 @@ //! Tiberius supports different [ways of authentication] to the SQL Server: //! //! - SQL Server authentication uses the facilities of the database to -//! authenticate the user. +//! authenticate the user. //! - On Windows, you can authenticate using the currently logged in user or -//! specified Windows credentials. +//! specified Windows credentials. //! - If enabling the `integrated-auth-gssapi` feature, it is possible to login -//! with the currently active Kerberos credentials. +//! with the currently active Kerberos credentials. //! //! ## AAD(Azure Active Directory) Authentication //! diff --git a/src/macros.rs b/src/macros.rs index 35f24228f..dd38287eb 100644 --- a/src/macros.rs +++ b/src/macros.rs @@ -17,6 +17,7 @@ macro_rules! uint_enum { impl ::std::convert::TryFrom for $ty { type Error = (); + #[allow(clippy::cast_enum_truncation,reason="todo, investigate")] fn try_from(n: u8) -> ::std::result::Result<$ty, ()> { match n { $( x if x == $ty::$variant as u8 => Ok($ty::$variant), )* diff --git a/src/query.rs b/src/query.rs index 86e949996..790052b4d 100644 --- a/src/query.rs +++ b/src/query.rs @@ -69,7 +69,7 @@ impl<'a> Query<'a> { /// [`ToSql`]: trait.ToSql.html /// [`FromSql`]: trait.FromSql.html /// [`Client#execute`]: struct.Client.html#method.execute - pub async fn execute<'b, S>(self, client: &'b mut Client) -> crate::Result + pub async fn execute(self, client: &mut Client) -> crate::Result where S: AsyncRead + AsyncWrite + Unpin + Send, { diff --git a/src/tds/codec/decode.rs b/src/tds/codec/decode.rs index d19fec0c9..9b3943d6c 100644 --- a/src/tds/codec/decode.rs +++ b/src/tds/codec/decode.rs @@ -53,10 +53,11 @@ impl Decoder for PacketCodec { if buf.is_empty() { Ok(None) } else { - Err( - std::io::Error::new(std::io::ErrorKind::Other, "bytes remaining on stream") - .into(), - ) + // Err( + // std::io::Error::other("bytes remaining on stream") + // .into(), + // ) + Err(std::io::Error::other("bytes remaining on stream").into()) } } } diff --git a/src/tds/codec/header.rs b/src/tds/codec/header.rs index 719fc158b..2a84f6bc5 100644 --- a/src/tds/codec/header.rs +++ b/src/tds/codec/header.rs @@ -57,7 +57,7 @@ pub(crate) struct PacketHeader { impl PacketHeader { pub fn new(length: usize, id: u8) -> PacketHeader { - assert!(length <= u16::max_value() as usize); + assert!(length <= u16::MAX as usize); PacketHeader { ty: PacketType::TDSv7Login, status: PacketStatus::ResetConnection, diff --git a/src/tds/codec/token/token_row.rs b/src/tds/codec/token/token_row.rs index b1ff16b6c..d83692c08 100644 --- a/src/tds/codec/token/token_row.rs +++ b/src/tds/codec/token/token_row.rs @@ -177,7 +177,7 @@ impl RowBitmap { where R: SqlReadBytes + Unpin, { - let size = (columns + 8 - 1) / 8; + let size = columns.div_ceil(8); let mut data = vec![0; size]; src.read_exact(&mut data[0..size]).await?; diff --git a/src/tds/codec/type_info.rs b/src/tds/codec/type_info.rs index 20647d70a..4e67a179b 100644 --- a/src/tds/codec/type_info.rs +++ b/src/tds/codec/type_info.rs @@ -2,7 +2,7 @@ use asynchronous_codec::BytesMut; use bytes::BufMut; use crate::{tds::Collation, xml::XmlSchema, Error, SqlReadBytes}; -use std::{convert::TryFrom, sync::Arc, usize}; +use std::{convert::TryFrom, sync::Arc}; use super::Encode; diff --git a/src/tds/collation.rs b/src/tds/collation.rs index 20367728a..7da0bc04d 100644 --- a/src/tds/collation.rs +++ b/src/tds/collation.rs @@ -74,7 +74,7 @@ impl fmt::Display for Collation { /// 1. (regex)replace: (.*?)\((.*?),(.*?)\) with $2 => $3 /// 2. replace: Encoding.CP(.*?) with encoding::all::WINDOWS_$1 /// 3. replace: Encoding.UNICODE with encoding::all::UTF16_LE -// +/// /// the unimplemented!() one's are not supported by rust-encoding pub fn lcid_to_encoding(locale: u16) -> Option<&'static Encoding> { match locale { diff --git a/src/tds/numeric.rs b/src/tds/numeric.rs index 4f856bebb..e4eff9ceb 100644 --- a/src/tds/numeric.rs +++ b/src/tds/numeric.rs @@ -112,7 +112,7 @@ impl Numeric { #[cfg(target_endian = "big")] let (low_part, high_part) = (high_part, low_part); - let high_part = high_part * (u64::max_value() as u128 + 1); + let high_part = high_part * (u64::MAX as u128 + 1); low_part + high_part } diff --git a/src/tds/time.rs b/src/tds/time.rs index 05a1c053c..92c6476a4 100644 --- a/src/tds/time.rs +++ b/src/tds/time.rs @@ -25,6 +25,11 @@ #[cfg_attr(feature = "docs", doc(cfg(feature = "chrono")))] pub mod chrono; +//#[allow(clippy::module_inception,reason="tbd rename tds::time or this module")] +#[allow( + clippy::module_inception, + reason = "tbd rename tds::time or this module" +)] #[cfg(feature = "time")] #[cfg_attr(feature = "docs", doc(cfg(feature = "time")))] pub mod time; @@ -163,7 +168,7 @@ impl Date { /// Construct a new `Date` /// /// # Panics - /// max value of 3 bytes (`u32::max_value() > 8`) + /// max value of 3 bytes (`u32::MAX > 8`) pub fn new(days: u32) -> Date { assert_eq!(days >> 24, 0); Date(days) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index f8e60df52..556b6342e 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -29,7 +29,7 @@ fn main() { // start_container calls wait_for_sql anyway // so we don't need to call the below line: // wait_for_sql(); - run_tests(vec![]); + run_tests(args.collect::>()); stop_container(&version); } "stop" => { @@ -101,7 +101,7 @@ fn stop_container(version: &str) { println!("Stopped container {}", name); } -fn run_tests(_flags: Vec) { +fn run_tests(flags: Vec) { let sa_password = env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let connection_string = env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { @@ -116,6 +116,7 @@ fn run_tests(_flags: Vec) { let status = Command::new("cargo") .arg("test") .env("TIBERIUS_TEST_CONNECTION_STRING", &connection_string) + .args(&flags) .status() .expect("failed to run cargo test"); From 0905769824b2a697c42287fe3137fea19ca8fede Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 21 Oct 2025 00:37:24 +0000 Subject: [PATCH 04/27] Cargo clippy Cargo cached rerun No chocolatey No chocolatey + cargo cache --- .github/workflows/test.yml | 36 +++++++++++++++++++++++------------- src/tds/codec/decode.rs | 4 ---- src/tds/time.rs | 1 - 3 files changed, 23 insertions(+), 18 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 035f72e7c..c30df0b0a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,7 +28,6 @@ jobs: fail-fast: false matrix: engine: [ 2017, 2019, 2022, "azure" ] - # engine: [ 2019 ] steps: - name: Checkout repository @@ -90,21 +89,32 @@ jobs: path: ${{ steps.psmodulecache.outputs.modulepath }} key: ${{ steps.psmodulecache.outputs.keygen }} - - name: Setup Chocolatey download cache - id: chococache - uses: actions/cache@v4 - with: - path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey\ - key: chocolatey-install - - - name: Setup Cargo build cache - uses: actions/cache@v4 + # - name: Setup Chocolatey download cache + # id: chococache + # uses: actions/cache@v4 + # with: + # path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey\ + # key: chocolatey-install + + # - name: Setup Cargo build cache + # uses: actions/cache@v4 + # with: + # path: | + # C:\Users\runneradmin\.cargo\registry + # C:\Users\runneradmin\.cargo\git + # target + # key: ${{ runner.os }}-cargo + + - name: Cache Cargo build cache + uses: actions/cache@v4 # cache command, updated to v4 with: path: | - C:\Users\runneradmin\.cargo\registry - C:\Users\runneradmin\.cargo\git + ~/.cargo/registry + ~/.cargo/git target - key: ${{ runner.os }}-cargo + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo- - name: Install required PowerShell modules if: steps.cacher.outputs.cache-hit != 'true' diff --git a/src/tds/codec/decode.rs b/src/tds/codec/decode.rs index 9b3943d6c..b97766833 100644 --- a/src/tds/codec/decode.rs +++ b/src/tds/codec/decode.rs @@ -53,10 +53,6 @@ impl Decoder for PacketCodec { if buf.is_empty() { Ok(None) } else { - // Err( - // std::io::Error::other("bytes remaining on stream") - // .into(), - // ) Err(std::io::Error::other("bytes remaining on stream").into()) } } diff --git a/src/tds/time.rs b/src/tds/time.rs index 92c6476a4..6b2c2cb74 100644 --- a/src/tds/time.rs +++ b/src/tds/time.rs @@ -25,7 +25,6 @@ #[cfg_attr(feature = "docs", doc(cfg(feature = "chrono")))] pub mod chrono; -//#[allow(clippy::module_inception,reason="tbd rename tds::time or this module")] #[allow( clippy::module_inception, reason = "tbd rename tds::time or this module" From 35d431cf825a98a84e21c5312547639a50dd81be Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 21 Oct 2025 05:33:51 +0000 Subject: [PATCH 05/27] Clean up --- .github/workflows/test.yml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c30df0b0a..3c8cc117b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -89,22 +89,6 @@ jobs: path: ${{ steps.psmodulecache.outputs.modulepath }} key: ${{ steps.psmodulecache.outputs.keygen }} - # - name: Setup Chocolatey download cache - # id: chococache - # uses: actions/cache@v4 - # with: - # path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey\ - # key: chocolatey-install - - # - name: Setup Cargo build cache - # uses: actions/cache@v4 - # with: - # path: | - # C:\Users\runneradmin\.cargo\registry - # C:\Users\runneradmin\.cargo\git - # target - # key: ${{ runner.os }}-cargo - - name: Cache Cargo build cache uses: actions/cache@v4 # cache command, updated to v4 with: From d79bf699d5c447c46d73f286d45c4728a68df2c4 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 21 Oct 2025 05:45:14 +0000 Subject: [PATCH 06/27] Clean up --- .github/workflows/test.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3c8cc117b..4ed6c68be 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Install dependencies run: sudo apt-get update && sudo apt-get install -y libkrb5-dev krb5-user && sudo ln -s /usr/include/krb5/gssapi /usr/include/gssapi @@ -39,6 +39,8 @@ jobs: - name: Install Rust uses: dtolnay/rust-toolchain@stable + # we use the same cache key irrespective of the + # SQL server version - name: Setup Cargo build cache uses: actions/cache@v4 with: @@ -96,9 +98,9 @@ jobs: ~/.cargo/registry ~/.cargo/git target - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo- + key: $windows-cargo-${{ hashFiles('**/Cargo.lock') }} + # restore-keys: | + # ${{ runner.os }}-cargo- - name: Install required PowerShell modules if: steps.cacher.outputs.cache-hit != 'true' From 71900c796cbe739679b887ad6d35e9a36d5be5c1 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Thu, 23 Oct 2025 23:33:10 +0000 Subject: [PATCH 07/27] Fixes based on comments --- .github/workflows/test.yml | 6 +++++- README.md | 6 +++++- tests/custom-cert.rs | 17 ++--------------- 3 files changed, 12 insertions(+), 17 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4ed6c68be..2a3185c83 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -98,7 +98,7 @@ jobs: ~/.cargo/registry ~/.cargo/git target - key: $windows-cargo-${{ hashFiles('**/Cargo.lock') }} + key: windows-cargo-${{ hashFiles('**/Cargo.lock') }} # restore-keys: | # ${{ runner.os }}-cargo- @@ -173,6 +173,10 @@ jobs: with: components: clippy + #rust tls + # .. tls + # vendored tls + # For now we're not running the integration tests in macos, # only running the unit tests - run: cargo test --no-default-features --features=vendored-openssl --lib diff --git a/README.md b/README.md index 953f99cf8..11998e5d6 100644 --- a/README.md +++ b/README.md @@ -145,4 +145,8 @@ If you have a security issue to report, please contact us at [security@prisma.io ## Notes -We have native TLS, open TLS, and rust TLS. In the event that multiple are chosen the one with the lowest number will always "win". \ No newline at end of file +We have native TLS, open TLS, and rust TLS. In the event that multiple are chosen the one with the lowest number will always "win". + +1. Rust TLS +2. Native TLS +3. Open TLS \ No newline at end of file diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 23c121fc1..0c4ab48d9 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -7,13 +7,6 @@ use tokio_util::compat::TokioAsyncWriteCompatExt; #[allow(dead_code)] static LOGGER_SETUP: Once = Once::new(); -#[allow(dead_code)] -fn load_ca_bytes() -> Result> { - let ca_path = std::env::current_dir()?.join("docker/certs/customCA.crt"); - let ca_bytes = std::fs::read(&ca_path)?; - Ok(ca_bytes) -} - #[test] #[cfg(any( feature = "rustls", @@ -28,12 +21,9 @@ fn connect_to_custom_cert_instance_ado() -> Result<()> { let rt = Runtime::new()?; rt.block_on(async { - #[allow(unused_variables)] - let ca_bytes = load_ca_bytes()?; - let mut config = Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true")?; - config.trust_cert(); + config.trust_cert_ca("docker/certs/customCA.crt"); config.authentication(AuthMethod::sql_server("sa", "")); let tcp = TcpStream::connect(config.get_addr()).await?; @@ -64,11 +54,8 @@ fn connect_to_custom_cert_instance_jdbc() -> Result<()> { let rt = Runtime::new()?; rt.block_on(async { - #[allow(unused_variables)] - let ca_bytes = load_ca_bytes()?; - let mut config = Config::from_jdbc_string("jdbc:sqlserver://localhost:1433")?; - config.trust_cert(); + config.trust_cert_ca("docker/certs/customCA.crt"); config.authentication(AuthMethod::sql_server("sa", "")); let tcp = TcpStream::connect(config.get_addr()).await?; From 9cf0f787b94b135d8751665587e8e17397ab4ce1 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 00:10:26 +0000 Subject: [PATCH 08/27] Testing --- .github/workflows/test.yml | 6 -- tests/custom-cert.rs | 6 ++ xtask/src/main.rs | 43 +++++++++--- xtask/src/main3.rs | 137 +++++++++++++++++++++++++++++++++++++ 4 files changed, 178 insertions(+), 14 deletions(-) create mode 100644 xtask/src/main3.rs diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2a3185c83..3d9160ebd 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -99,8 +99,6 @@ jobs: ~/.cargo/git target key: windows-cargo-${{ hashFiles('**/Cargo.lock') }} - # restore-keys: | - # ${{ runner.os }}-cargo- - name: Install required PowerShell modules if: steps.cacher.outputs.cache-hit != 'true' @@ -173,10 +171,6 @@ jobs: with: components: clippy - #rust tls - # .. tls - # vendored tls - # For now we're not running the integration tests in macos, # only running the unit tests - run: cargo test --no-default-features --features=vendored-openssl --lib diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 0c4ab48d9..96209590c 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -95,3 +95,9 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { Ok(()) }) } + +// build and run container docker +// docker rm and then docker build then docker run and run the container that we build +// use those image tag things to figure out which docker file to build so instea dof templating the +// name of the image on microsofts container repo we'll need to template the name of the docker file itself +// when we use docker build we'll give docker a tag and then run that same tag \ No newline at end of file diff --git a/xtask/src/main.rs b/xtask/src/main.rs index 556b6342e..f610407bf 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -5,6 +5,12 @@ use std::{ time::Duration, }; +// build and run container docker +// docker rm and then docker build then docker run and run the container that we build +// use those image tag things to figure out which docker file to build so instea dof templating the +// name of the image on microsofts container repo we'll need to template the name of the docker file itself +// when we use docker build we'll give docker a tag and then run that same tag + fn main() { let mut args = env::args().skip(1); let cmd = args.next().unwrap_or_default(); @@ -48,13 +54,17 @@ fn start_container(version: &str) { let sa_password = env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let container_name = format!("mssql-{}", version); - let image_tag = match version { - "2017" => "mcr.microsoft.com/mssql/server:2017-latest", - "2019" => "mcr.microsoft.com/mssql/server:2019-latest", - "2022" => "mcr.microsoft.com/mssql/server:2022-latest", - "azure" => "mcr.microsoft.com/azure-sql-edge", - _ => panic!("Unsupported version, {}", version), - }; + // let image_tag = match version { + // "2017" => "mcr.microsoft.com/mssql/server:2017-latest", + // "2019" => "mcr.microsoft.com/mssql/server:2019-latest", + // "2022" => "mcr.microsoft.com/mssql/server:2022-latest", + // "azure" => "mcr.microsoft.com/azure-sql-edge", + // _ => panic!("Unsupported version, {}", version), + // }; + + let dockerfile = format!("Dockerfile.{}", version); + let image_tag = format!("my-mssql:{}", version); + println!("Cleaning up existing container, {}", container_name); @@ -62,6 +72,22 @@ fn start_container(version: &str) { .args(["rm", "-f", &container_name]) .status(); + // let _ = Command::new("docker") + // .args(["", "", &container_name]) + // .status(); + + println!("Building image {} from {}...", image_tag, dockerfile); + + let status = Command::new("docker") + .args(["build", "-f", &dockerfile, "-t", &image_tag, "."]) + .status() + .expect("Failed to build docker image"); + + if !status.success() { + eprintln!("Docker build failed for {}", version); + exit(1); + } + println!("Starting SQL Server {} container...", version); let status = Command::new("docker") @@ -76,7 +102,7 @@ fn start_container(version: &str) { &format!("SA_PASSWORD={}", sa_password), "-p", "1433:1433", - image_tag, + &image_tag, ]) .status() .expect("Failed to run docker"); @@ -124,3 +150,4 @@ fn run_tests(flags: Vec) { exit(1); } } + diff --git a/xtask/src/main3.rs b/xtask/src/main3.rs new file mode 100644 index 000000000..08f644aeb --- /dev/null +++ b/xtask/src/main3.rs @@ -0,0 +1,137 @@ +use std::{ + env, + process::{Command, exit}, + thread::sleep, + time::Duration, +}; + +// build and run container docker +// docker rm and then docker build then docker run and run the container that we build +// use those image tag things to figure out which docker file to build so instea dof templating the +// name of the image on microsofts container repo we'll need to template the name of the docker file itself +// when we use docker build we'll give docker a tag and then run that same tag + +fn main() { + let mut args = env::args().skip(1); + let cmd = args.next().unwrap_or_default(); + + match cmd.as_str() { + "container" => { + // need to change unwrap_or_else in document + // default version is 2019, any opposition? + + // doesn't run tests + let version = args.next().unwrap_or_else(|| "2019".into()); + start_container(&version); + } + "test" => { + // run the tests + run_tests(args.collect::>()); + } + "local" => { + // local runs test AND container + let version = args.next().unwrap_or_else(|| "2019".into()); + start_container(&version); + // start_container calls wait_for_sql anyway + // so we don't need to call the below line: + // wait_for_sql(); + run_tests(args.collect::>()); + stop_container(&version); + } + "stop" => { + // stops running containers + let version = args.next().unwrap_or_else(|| "2019".into()); + stop_container(&version); + } + _ => { + // eprintln!("Usage: cargo xtask [args]"); + exit(1); + } + } +} + +fn start_container(version: &str) { + let sa_password = + env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); + let container_name = format!("mssql-{}", version); + let image_tag = match version { + "2017" => "mcr.microsoft.com/mssql/server:2017-latest", + "2019" => "mcr.microsoft.com/mssql/server:2019-latest", + "2022" => "mcr.microsoft.com/mssql/server:2022-latest", + "azure" => "mcr.microsoft.com/azure-sql-edge", + _ => panic!("Unsupported version, {}", version), + }; + + println!("Cleaning up existing container, {}", container_name); + + let _ = Command::new("docker") + .args(["rm", "-f", &container_name]) + .status(); + + let _ = Command::new("docker") + .args(["", "", &container_name]) + .status(); + + println!("Starting SQL Server {} container...", version); + + let status = Command::new("docker") + .args([ + "run", + "-d", + "--name", + &container_name, + "-e", + "ACCEPT_EULA=Y", + "-e", + &format!("SA_PASSWORD={}", sa_password), + "-p", + "1433:1433", + image_tag, + ]) + .status() + .expect("Failed to run docker"); + + if !status.success() { + eprintln!("Failed to start container, {}", version); + exit(1); + } + + println!("Started container: {}", container_name); + wait_for_sql(); +} + +fn wait_for_sql() { + println!("Waiting for SQL Server to start. 25 seconds. Do not change or exit."); + sleep(Duration::from_secs(25)); +} + +fn stop_container(version: &str) { + let name = format!("mssql-{}", version); + let _ = Command::new("docker").args(["rm", "-f", &name]).status(); + println!("Stopped container {}", name); +} + +fn run_tests(flags: Vec) { + let sa_password = + env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); + let connection_string = env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { + format!( + "server=tcp:localhost,1433;user=sa;password={};TrustServerCertificate=true", + sa_password + ) + }); + + // for debugging: println!("Running tests with connection {}", connection_string); + + let status = Command::new("cargo") + .arg("test") + .env("TIBERIUS_TEST_CONNECTION_STRING", &connection_string) + .args(&flags) + .status() + .expect("failed to run cargo test"); + + if !status.success() { + exit(1); + } +} + From a5d1d0f42a77db36994e766c7614f46c7b0d52fb Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 00:20:26 +0000 Subject: [PATCH 09/27] Added working directory --- xtask/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index f610407bf..6549beb7a 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -62,7 +62,7 @@ fn start_container(version: &str) { // _ => panic!("Unsupported version, {}", version), // }; - let dockerfile = format!("Dockerfile.{}", version); + let dockerfile = format!("docker/Dockerfile.{}", version); let image_tag = format!("my-mssql:{}", version); From d833a01d8e441d5dae690e3755c881d4b3148327 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 00:27:10 +0000 Subject: [PATCH 10/27] Added working directory --- xtask/src/main.rs | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index 6549beb7a..ce39ddf80 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -54,6 +54,9 @@ fn start_container(version: &str) { let sa_password = env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let container_name = format!("mssql-{}", version); + + // OLD version + // let image_tag = match version { // "2017" => "mcr.microsoft.com/mssql/server:2017-latest", // "2019" => "mcr.microsoft.com/mssql/server:2019-latest", @@ -72,9 +75,9 @@ fn start_container(version: &str) { .args(["rm", "-f", &container_name]) .status(); - // let _ = Command::new("docker") - // .args(["", "", &container_name]) - // .status(); + let _ = Command::new("docker") + .args(["", "", &container_name]) + .status(); println!("Building image {} from {}...", image_tag, dockerfile); From 82ddf827923df1368ed47d64cf45086a99e32f44 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 00:37:10 +0000 Subject: [PATCH 11/27] Added working directory --- xtask/src/main.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index ce39ddf80..bde109f9e 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -68,7 +68,6 @@ fn start_container(version: &str) { let dockerfile = format!("docker/Dockerfile.{}", version); let image_tag = format!("my-mssql:{}", version); - println!("Cleaning up existing container, {}", container_name); let _ = Command::new("docker") From 9ee8f39a8c411ffbc867bddf2ad9b95aeb2e3c55 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 03:06:37 +0000 Subject: [PATCH 12/27] Added working directory --- xtask/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index bde109f9e..c1aae359e 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -119,7 +119,7 @@ fn start_container(version: &str) { } fn wait_for_sql() { - println!("Waiting for SQL Server to start. 25 seconds. Do not change or exit."); + println!("Waiting for SQL Server to start. 25 seconds. Do not change or exit. - please."); sleep(Duration::from_secs(25)); } From 8944a3d6a0eb2f62d2ca1ef35ea65f4190203b1d Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 27 Oct 2025 04:57:13 +0000 Subject: [PATCH 13/27] Fixes --- xtask/src/main.rs | 19 ------- xtask/src/main3.rs | 137 --------------------------------------------- 2 files changed, 156 deletions(-) delete mode 100644 xtask/src/main3.rs diff --git a/xtask/src/main.rs b/xtask/src/main.rs index c1aae359e..e003f5155 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -5,12 +5,6 @@ use std::{ time::Duration, }; -// build and run container docker -// docker rm and then docker build then docker run and run the container that we build -// use those image tag things to figure out which docker file to build so instea dof templating the -// name of the image on microsofts container repo we'll need to template the name of the docker file itself -// when we use docker build we'll give docker a tag and then run that same tag - fn main() { let mut args = env::args().skip(1); let cmd = args.next().unwrap_or_default(); @@ -33,8 +27,6 @@ fn main() { let version = args.next().unwrap_or_else(|| "2019".into()); start_container(&version); // start_container calls wait_for_sql anyway - // so we don't need to call the below line: - // wait_for_sql(); run_tests(args.collect::>()); stop_container(&version); } @@ -44,7 +36,6 @@ fn main() { stop_container(&version); } _ => { - // eprintln!("Usage: cargo xtask [args]"); exit(1); } } @@ -55,16 +46,6 @@ fn start_container(version: &str) { env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let container_name = format!("mssql-{}", version); - // OLD version - - // let image_tag = match version { - // "2017" => "mcr.microsoft.com/mssql/server:2017-latest", - // "2019" => "mcr.microsoft.com/mssql/server:2019-latest", - // "2022" => "mcr.microsoft.com/mssql/server:2022-latest", - // "azure" => "mcr.microsoft.com/azure-sql-edge", - // _ => panic!("Unsupported version, {}", version), - // }; - let dockerfile = format!("docker/Dockerfile.{}", version); let image_tag = format!("my-mssql:{}", version); diff --git a/xtask/src/main3.rs b/xtask/src/main3.rs deleted file mode 100644 index 08f644aeb..000000000 --- a/xtask/src/main3.rs +++ /dev/null @@ -1,137 +0,0 @@ -use std::{ - env, - process::{Command, exit}, - thread::sleep, - time::Duration, -}; - -// build and run container docker -// docker rm and then docker build then docker run and run the container that we build -// use those image tag things to figure out which docker file to build so instea dof templating the -// name of the image on microsofts container repo we'll need to template the name of the docker file itself -// when we use docker build we'll give docker a tag and then run that same tag - -fn main() { - let mut args = env::args().skip(1); - let cmd = args.next().unwrap_or_default(); - - match cmd.as_str() { - "container" => { - // need to change unwrap_or_else in document - // default version is 2019, any opposition? - - // doesn't run tests - let version = args.next().unwrap_or_else(|| "2019".into()); - start_container(&version); - } - "test" => { - // run the tests - run_tests(args.collect::>()); - } - "local" => { - // local runs test AND container - let version = args.next().unwrap_or_else(|| "2019".into()); - start_container(&version); - // start_container calls wait_for_sql anyway - // so we don't need to call the below line: - // wait_for_sql(); - run_tests(args.collect::>()); - stop_container(&version); - } - "stop" => { - // stops running containers - let version = args.next().unwrap_or_else(|| "2019".into()); - stop_container(&version); - } - _ => { - // eprintln!("Usage: cargo xtask [args]"); - exit(1); - } - } -} - -fn start_container(version: &str) { - let sa_password = - env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); - let container_name = format!("mssql-{}", version); - let image_tag = match version { - "2017" => "mcr.microsoft.com/mssql/server:2017-latest", - "2019" => "mcr.microsoft.com/mssql/server:2019-latest", - "2022" => "mcr.microsoft.com/mssql/server:2022-latest", - "azure" => "mcr.microsoft.com/azure-sql-edge", - _ => panic!("Unsupported version, {}", version), - }; - - println!("Cleaning up existing container, {}", container_name); - - let _ = Command::new("docker") - .args(["rm", "-f", &container_name]) - .status(); - - let _ = Command::new("docker") - .args(["", "", &container_name]) - .status(); - - println!("Starting SQL Server {} container...", version); - - let status = Command::new("docker") - .args([ - "run", - "-d", - "--name", - &container_name, - "-e", - "ACCEPT_EULA=Y", - "-e", - &format!("SA_PASSWORD={}", sa_password), - "-p", - "1433:1433", - image_tag, - ]) - .status() - .expect("Failed to run docker"); - - if !status.success() { - eprintln!("Failed to start container, {}", version); - exit(1); - } - - println!("Started container: {}", container_name); - wait_for_sql(); -} - -fn wait_for_sql() { - println!("Waiting for SQL Server to start. 25 seconds. Do not change or exit."); - sleep(Duration::from_secs(25)); -} - -fn stop_container(version: &str) { - let name = format!("mssql-{}", version); - let _ = Command::new("docker").args(["rm", "-f", &name]).status(); - println!("Stopped container {}", name); -} - -fn run_tests(flags: Vec) { - let sa_password = - env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); - let connection_string = env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { - format!( - "server=tcp:localhost,1433;user=sa;password={};TrustServerCertificate=true", - sa_password - ) - }); - - // for debugging: println!("Running tests with connection {}", connection_string); - - let status = Command::new("cargo") - .arg("test") - .env("TIBERIUS_TEST_CONNECTION_STRING", &connection_string) - .args(&flags) - .status() - .expect("failed to run cargo test"); - - if !status.success() { - exit(1); - } -} - From 1be487e51566ecc97a67bbed36cbe2827a95f60d Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 28 Oct 2025 00:50:06 +0000 Subject: [PATCH 14/27] Making it better --- xtask/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xtask/src/main.rs b/xtask/src/main.rs index e003f5155..c7a6dc4d7 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -46,7 +46,7 @@ fn start_container(version: &str) { env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let container_name = format!("mssql-{}", version); - let dockerfile = format!("docker/Dockerfile.{}", version); + let dockerfile = format!("docker/docker-mssql-{}.dockerfile", version); let image_tag = format!("my-mssql:{}", version); println!("Cleaning up existing container, {}", container_name); From 07fffb2f9da0d0fd7792c930728f26076306486f Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 28 Oct 2025 03:12:53 +0000 Subject: [PATCH 15/27] Making it better --- tests/custom-cert.rs | 2 +- xtask/src/main.rs | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 96209590c..d16b9faca 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -100,4 +100,4 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { // docker rm and then docker build then docker run and run the container that we build // use those image tag things to figure out which docker file to build so instea dof templating the // name of the image on microsofts container repo we'll need to template the name of the docker file itself -// when we use docker build we'll give docker a tag and then run that same tag \ No newline at end of file +// when we use docker build we'll give docker a tag and then run that same tag diff --git a/xtask/src/main.rs b/xtask/src/main.rs index c7a6dc4d7..6aafea43c 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -133,4 +133,3 @@ fn run_tests(flags: Vec) { exit(1); } } - From 34c1d39ca58dcf1fcd6b02efcdc6db47e9bc212c Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 05:00:40 +0000 Subject: [PATCH 16/27] Certificate fixes --- tests/custom-cert.rs | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index d16b9faca..113c01ba7 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -41,6 +41,12 @@ fn connect_to_custom_cert_instance_ado() -> Result<()> { }) } +// build and run container docker +// docker rm and then docker build then docker run and run the container that we build +// use those image tag things to figure out which docker file to build so instead of templating the +// name of the image on microsofts container repo we'll need to template the name of the docker file itself +// when we use docker build we'll give docker a tag and then run that same tag + #[test] #[cfg(any( feature = "rustls", @@ -55,7 +61,10 @@ fn connect_to_custom_cert_instance_jdbc() -> Result<()> { let rt = Runtime::new()?; rt.block_on(async { let mut config = Config::from_jdbc_string("jdbc:sqlserver://localhost:1433")?; - config.trust_cert_ca("docker/certs/customCA.crt"); + let ca_path = std::path::Path::new(env!("CARGO_MANIFEST_DIR")).join("docker/certs/customCA.crt"); + // let ca_path_string = format!("{:?}", ca_path).to_string(); + config.trust_cert_ca(ca_path.display().to_string()); + //config.trust_cert_ca("docker/certs/customCA.crt"); config.authentication(AuthMethod::sql_server("sa", "")); let tcp = TcpStream::connect(config.get_addr()).await?; @@ -94,10 +103,4 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { assert!(client.is_err()); Ok(()) }) -} - -// build and run container docker -// docker rm and then docker build then docker run and run the container that we build -// use those image tag things to figure out which docker file to build so instea dof templating the -// name of the image on microsofts container repo we'll need to template the name of the docker file itself -// when we use docker build we'll give docker a tag and then run that same tag +} \ No newline at end of file From 39d0edec432c6a6ccf08c24ff407bb4699c26bf3 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 05:18:06 +0000 Subject: [PATCH 17/27] Certificate fixes - testing --- docker/docker-mssql-2017.dockerfile | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index 28a3dd4f4..aa165564e 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -1,5 +1,11 @@ -FROM mcr.microsoft.com/mssql/server:2017-latest +# FROM mcr.microsoft.com/mssql/server:2017-latest -COPY --chmod=440 certs/server.* /certs/ -COPY --chmod=440 certs/customCA.* /certs/ -COPY docker-mssql.conf /var/opt/mssql/mssql.conf +# COPY --chmod=440 certs/server.* /certs/ +# COPY --chmod=440 certs/customCA.* /certs/ +# COPY docker-mssql.conf /var/opt/mssql/mssql.conf + +FROM mcr.microsoft.com/azure-sql-edge:latest + +COPY --chmod=440 docker/certs/server.* /certs/ +COPY --chmod=440 docker/certs/customCA.* /certs/ +COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file From 692c11431127532a97b281f5fa90452b3935249d Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 22:38:33 +0000 Subject: [PATCH 18/27] Certificate fixes - testing --- docker/certs/customCA.srl | 1 - docker/certs/generate-signed-cert.sh | 52 ------------ docker/docker-azure-sql-edge.dockerfile | 2 +- docker/docker-mssql-2017.dockerfile | 6 -- docker/docker-mssql-2019.dockerfile | 2 +- docker/docker-mssql-2022.dockerfile | 2 +- tests/custom-cert.rs | 106 ------------------------ 7 files changed, 3 insertions(+), 168 deletions(-) diff --git a/docker/certs/customCA.srl b/docker/certs/customCA.srl index 618df7789..e69de29bb 100644 --- a/docker/certs/customCA.srl +++ b/docker/certs/customCA.srl @@ -1 +0,0 @@ -0DAEECC45C07F5E06E0DD1B05115C3CFD1A46D9C diff --git a/docker/certs/generate-signed-cert.sh b/docker/certs/generate-signed-cert.sh index dc3086f29..e69de29bb 100755 --- a/docker/certs/generate-signed-cert.sh +++ b/docker/certs/generate-signed-cert.sh @@ -1,52 +0,0 @@ -#!/usr/bin/env bash - -set -e -set -o pipefail - -# Skript creates a custom-signed certificate -# Parameter1 = name of the cert - -CERT_KEY_NAME=$1 -CERT_FILE=$CERT_KEY_NAME.crt - -export CERT_CN=$CERT_KEY_NAME - -echo Prepare Signing-Request-Config from Template -cat signing-request.config.template | envsubst >> src.txt - -echo Generate Private-Key and Certificate-Signing-Request for $CERT_KEY_NAME -openssl req \ - -new \ - -nodes \ - -config src.txt \ - -keyout ${CERT_KEY_NAME}.key \ - -out ${CERT_KEY_NAME}.sr - -echo Generate an OpenSSL Certificate for $CERT_KEY_NAME -openssl x509 -req \ - -in ${CERT_KEY_NAME}.sr \ - -extensions v3_req \ - -extfile src.txt \ - -CA customCA.crt -CAkey customCA.key \ - -CAcreateserial \ - -CAserial customCA.srl \ - -out $CERT_FILE \ - -passin file:passphrase.txt \ - -days 200 - -echo Generating PEM format -openssl rsa -in ${CERT_KEY_NAME}.key -out ${CERT_KEY_NAME}-nopassword.key -cat ${CERT_KEY_NAME}-nopassword.key > ${CERT_KEY_NAME}.pem -cat ${CERT_KEY_NAME}.crt >> ${CERT_KEY_NAME}.pem - -echo Generating Bundle -cp $CERT_FILE $CERT_KEY_NAME-full.crt -cat customCA.crt >> $CERT_KEY_NAME-full.crt - -echo Cleaning up temporary files -rm src.txt -rm ${CERT_KEY_NAME}.sr -rm ${CERT_KEY_NAME}-nopassword.key - -echo DONE - diff --git a/docker/docker-azure-sql-edge.dockerfile b/docker/docker-azure-sql-edge.dockerfile index 14279c405..92feafa2d 100644 --- a/docker/docker-azure-sql-edge.dockerfile +++ b/docker/docker-azure-sql-edge.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/azure-sql-edge:latest COPY --chmod=440 certs/server.* /certs/ COPY --chmod=440 certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf +COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index aa165564e..501a31f28 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -1,9 +1,3 @@ -# FROM mcr.microsoft.com/mssql/server:2017-latest - -# COPY --chmod=440 certs/server.* /certs/ -# COPY --chmod=440 certs/customCA.* /certs/ -# COPY docker-mssql.conf /var/opt/mssql/mssql.conf - FROM mcr.microsoft.com/azure-sql-edge:latest COPY --chmod=440 docker/certs/server.* /certs/ diff --git a/docker/docker-mssql-2019.dockerfile b/docker/docker-mssql-2019.dockerfile index 02ffdec0d..ac85ad21d 100644 --- a/docker/docker-mssql-2019.dockerfile +++ b/docker/docker-mssql-2019.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/mssql/server:2019-latest COPY --chmod=440 certs/server.* /certs/ COPY --chmod=440 certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf +COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2022.dockerfile b/docker/docker-mssql-2022.dockerfile index 930d3026c..b58bb3a49 100644 --- a/docker/docker-mssql-2022.dockerfile +++ b/docker/docker-mssql-2022.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/mssql/server:2022-latest COPY --chmod=444 certs/server.* /certs/ COPY --chmod=444 certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf +COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 113c01ba7..e69de29bb 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -1,106 +0,0 @@ -#![cfg(unix)] -use std::sync::Once; -use tiberius::{AuthMethod, Client, Config, EncryptionLevel, Result}; -use tokio::{net::TcpStream, runtime::Runtime}; -use tokio_util::compat::TokioAsyncWriteCompatExt; - -#[allow(dead_code)] -static LOGGER_SETUP: Once = Once::new(); - -#[test] -#[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" -))] -fn connect_to_custom_cert_instance_ado() -> Result<()> { - LOGGER_SETUP.call_once(|| { - env_logger::init(); - }); - - let rt = Runtime::new()?; - - rt.block_on(async { - let mut config = - Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true")?; - config.trust_cert_ca("docker/certs/customCA.crt"); - config.authentication(AuthMethod::sql_server("sa", "")); - - let tcp = TcpStream::connect(config.get_addr()).await?; - let mut client = Client::connect(config, tcp.compat_write()).await?; - - let row = client - .query("SELECT @P1", &[&-4i32]) - .await? - .into_row() - .await? - .unwrap(); - - assert_eq!(Some(-4i32), row.get(0)); - Ok(()) - }) -} - -// build and run container docker -// docker rm and then docker build then docker run and run the container that we build -// use those image tag things to figure out which docker file to build so instead of templating the -// name of the image on microsofts container repo we'll need to template the name of the docker file itself -// when we use docker build we'll give docker a tag and then run that same tag - -#[test] -#[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" -))] -fn connect_to_custom_cert_instance_jdbc() -> Result<()> { - LOGGER_SETUP.call_once(|| { - env_logger::init(); - }); - - let rt = Runtime::new()?; - rt.block_on(async { - let mut config = Config::from_jdbc_string("jdbc:sqlserver://localhost:1433")?; - let ca_path = std::path::Path::new(env!("CARGO_MANIFEST_DIR")).join("docker/certs/customCA.crt"); - // let ca_path_string = format!("{:?}", ca_path).to_string(); - config.trust_cert_ca(ca_path.display().to_string()); - //config.trust_cert_ca("docker/certs/customCA.crt"); - config.authentication(AuthMethod::sql_server("sa", "")); - - let tcp = TcpStream::connect(config.get_addr()).await?; - let mut client = Client::connect(config, tcp.compat_write()).await?; - - let row = client - .query("SELECT @P1", &[&-4i32]) - .await? - .into_row() - .await? - .unwrap(); - - assert_eq!(Some(-4i32), row.get(0)); - Ok(()) - }) -} - -#[test] -fn connect_to_custom_cert_instance_without_ca() -> Result<()> { - LOGGER_SETUP.call_once(|| { - env_logger::init(); - }); - - let rt = Runtime::new()?; - rt.block_on(async { - let mut config = Config::new(); - config.authentication(AuthMethod::sql_server("sa", "")); - config.encryption(EncryptionLevel::On); - config.host("localhost"); - config.port(1433); - - let tcp = TcpStream::connect(config.get_addr()).await?; - let client = Client::connect(config, tcp.compat_write()).await; - - // Should fail because we didn’t add the CA - assert!(client.is_err()); - Ok(()) - }) -} \ No newline at end of file From 1de4b0207b3ffb294ae16252985d2af451c82d90 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 22:51:33 +0000 Subject: [PATCH 19/27] Certificate fixes - testing --- docker/docker-mssql-2017.dockerfile | 8 +-- tests/custom-cert.rs | 104 ++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+), 4 deletions(-) diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index 501a31f28..764e3855e 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -1,5 +1,5 @@ -FROM mcr.microsoft.com/azure-sql-edge:latest +FROM mcr.microsoft.com/mssql/server:2017-latest -COPY --chmod=440 docker/certs/server.* /certs/ -COPY --chmod=440 docker/certs/customCA.* /certs/ -COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file +COPY --chmod=440 certs/server.* /certs/ +COPY --chmod=440 certs/customCA.* /certs/ +COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index e69de29bb..e0f16cf50 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -0,0 +1,104 @@ +#![cfg(unix)] +use std::sync::Once; +use tiberius::{AuthMethod, Client, Config, EncryptionLevel, Result}; +use tokio::{net::TcpStream, runtime::Runtime}; +use tokio_util::compat::TokioAsyncWriteCompatExt; + +#[allow(dead_code)] +static LOGGER_SETUP: Once = Once::new(); + +#[test] +#[cfg(any(q + feature = "rustls", + feature = "native-tls", + feature = "vendored-openssl" +))] +fn connect_to_custom_cert_instance_ado() -> Result<()> { + LOGGER_SETUP.call_once(|| { + env_logger::init(); + }); + + let rt = Runtime::new()?; + + rt.block_on(async { + let mut config = Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificateCA=docker/certs/customCA.crt")?; + config.authentication(AuthMethod::sql_server( + "sa", + "", + )); + + let tcp = TcpStream::connect(config.get_addr()).await?; + + let mut client = Client::connect(config, tcp.compat_write()).await?; + + let row = client + .query("SELECT @P1", &[&-4i32]) + .await? + .into_row() + .await? + .unwrap(); + + assert_eq!(Some(-4i32), row.get(0)); + Ok(()) + }) +} + +#[test] +#[cfg(any( + feature = "rustls", + feature = "native-tls", + feature = "vendored-openssl" +))] +fn connect_to_custom_cert_instance_jdbc() -> Result<()> { + LOGGER_SETUP.call_once(|| { + env_logger::init(); + }); + + let rt = Runtime::new()?; + + rt.block_on(async { + // Careful: the / in the TrustServerCertificateCA needs to be escaped + let mut config = Config::from_jdbc_string( + "jdbc:sqlserver://localhost:1433;TrustServerCertificateCA=docker{/}certs{/}customCA.crt", + )?; + config.authentication(AuthMethod::sql_server("sa", "")); + + let tcp = TcpStream::connect(config.get_addr()).await?; + + let mut client = Client::connect(config, tcp.compat_write()).await?; + + let row = client + .query("SELECT @P1", &[&-4i32]) + .await? + .into_row() + .await? + .unwrap(); + + assert_eq!(Some(-4i32), row.get(0)); + Ok(()) + }) +} + +#[test] +fn connect_to_custom_cert_instance_without_ca() -> Result<()> { + LOGGER_SETUP.call_once(|| { + env_logger::init(); + }); + + let rt = Runtime::new()?; + + rt.block_on(async { + let mut config = Config::new(); + config.authentication(AuthMethod::sql_server("sa", "")); + config.encryption(EncryptionLevel::On); + config.host("localhost"); + config.port(1433); + + let tcp = TcpStream::connect(config.get_addr()).await?; + + let client = Client::connect(config, tcp.compat_write()).await; + + assert!(client.is_err()); + Ok(()) + }) +} \ No newline at end of file From 16ff2b8bb2e36e1b3641f5b08fc29707494fb74a Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 22:55:18 +0000 Subject: [PATCH 20/27] Certificate fixes - testing --- tests/custom-cert.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index e0f16cf50..5e4a42ed8 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -8,7 +8,7 @@ use tokio_util::compat::TokioAsyncWriteCompatExt; static LOGGER_SETUP: Once = Once::new(); #[test] -#[cfg(any(q +#[cfg(any( feature = "rustls", feature = "native-tls", feature = "vendored-openssl" From 9cb967fad4f4073177cd56db4dbd98c17ccb8ece Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 22:57:47 +0000 Subject: [PATCH 21/27] Certificate fixes - testing --- docker/docker-mssql.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/docker-mssql.conf b/docker/docker-mssql.conf index d8060311d..ae86be59b 100644 --- a/docker/docker-mssql.conf +++ b/docker/docker-mssql.conf @@ -1,5 +1,5 @@ [network] -tlscert = /certs/server.crt -tlskey = /certs/server.key +tlscert = docker/certs/server.crt +tlskey = docker/certs/server.key tlsprotocols = 1.2 forceencryption = 0 From 6659073f8935d40cb728f06e9f2212c57feb6a13 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 23:02:15 +0000 Subject: [PATCH 22/27] Certificate fixes - testing --- docker/docker-azure-sql-edge.dockerfile | 4 ++-- docker/docker-mssql-2017.dockerfile | 4 ++-- docker/docker-mssql-2019.dockerfile | 4 ++-- docker/docker-mssql-2022.dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docker/docker-azure-sql-edge.dockerfile b/docker/docker-azure-sql-edge.dockerfile index 92feafa2d..dd27394f5 100644 --- a/docker/docker-azure-sql-edge.dockerfile +++ b/docker/docker-azure-sql-edge.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/azure-sql-edge:latest -COPY --chmod=440 certs/server.* /certs/ -COPY --chmod=440 certs/customCA.* /certs/ +COPY --chmod=440 docker/certs/server.* /certs/ +COPY --chmod=440 docker/certs/customCA.* /certs/ COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index 764e3855e..7b3018698 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2017-latest -COPY --chmod=440 certs/server.* /certs/ -COPY --chmod=440 certs/customCA.* /certs/ +COPY --chmod=440 docker/certs/server.* /certs/ +COPY --chmod=440 docker/certs/customCA.* /certs/ COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2019.dockerfile b/docker/docker-mssql-2019.dockerfile index ac85ad21d..1d7112328 100644 --- a/docker/docker-mssql-2019.dockerfile +++ b/docker/docker-mssql-2019.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2019-latest -COPY --chmod=440 certs/server.* /certs/ -COPY --chmod=440 certs/customCA.* /certs/ +COPY --chmod=440 docker/certs/server.* /certs/ +COPY --chmod=440 docker/certs/customCA.* /certs/ COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2022.dockerfile b/docker/docker-mssql-2022.dockerfile index b58bb3a49..b22190759 100644 --- a/docker/docker-mssql-2022.dockerfile +++ b/docker/docker-mssql-2022.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2022-latest -COPY --chmod=444 certs/server.* /certs/ -COPY --chmod=444 certs/customCA.* /certs/ +COPY --chmod=444 docker/certs/server.* /certs/ +COPY --chmod=444 docker/certs/customCA.* /certs/ COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file From bcf787649c90bafa140cd2d3aef1d426dca8ac09 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 23:08:06 +0000 Subject: [PATCH 23/27] Certificate fixes - testing --- docker/docker-azure-sql-edge.dockerfile | 2 +- docker/docker-mssql-2017.dockerfile | 2 +- docker/docker-mssql-2019.dockerfile | 2 +- docker/docker-mssql-2022.dockerfile | 2 +- tests/custom-cert.rs | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docker/docker-azure-sql-edge.dockerfile b/docker/docker-azure-sql-edge.dockerfile index dd27394f5..501a31f28 100644 --- a/docker/docker-azure-sql-edge.dockerfile +++ b/docker/docker-azure-sql-edge.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/azure-sql-edge:latest COPY --chmod=440 docker/certs/server.* /certs/ COPY --chmod=440 docker/certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file +COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index 7b3018698..03cc829b2 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/mssql/server:2017-latest COPY --chmod=440 docker/certs/server.* /certs/ COPY --chmod=440 docker/certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file +COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2019.dockerfile b/docker/docker-mssql-2019.dockerfile index 1d7112328..e620444ef 100644 --- a/docker/docker-mssql-2019.dockerfile +++ b/docker/docker-mssql-2019.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/mssql/server:2019-latest COPY --chmod=440 docker/certs/server.* /certs/ COPY --chmod=440 docker/certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file +COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2022.dockerfile b/docker/docker-mssql-2022.dockerfile index b22190759..ec89802b6 100644 --- a/docker/docker-mssql-2022.dockerfile +++ b/docker/docker-mssql-2022.dockerfile @@ -2,4 +2,4 @@ FROM mcr.microsoft.com/mssql/server:2022-latest COPY --chmod=444 docker/certs/server.* /certs/ COPY --chmod=444 docker/certs/customCA.* /certs/ -COPY --chown=mssql docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file +COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 5e4a42ed8..8aeed94e3 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -101,4 +101,4 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { assert!(client.is_err()); Ok(()) }) -} \ No newline at end of file +} From a6c8ae649306b916c85960ec1553b2912f4db634 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 23:27:29 +0000 Subject: [PATCH 24/27] Certificate fixes - testing --- .github/workflows/test.yml | 3 ++- ...azure-sql-edge.dockerfile => docker-mssql-azure.dockerfile} | 0 2 files changed, 2 insertions(+), 1 deletion(-) rename docker/{docker-azure-sql-edge.dockerfile => docker-mssql-azure.dockerfile} (100%) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3d9160ebd..e59af63f5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -70,7 +70,8 @@ jobs: - 2019 env: TIBERIUS_TEST_INSTANCE: "MSSQLSERVER" - TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:127.0.0.1,1433;IntegratedSecurity=true;TrustServerCertificate=true" + # TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:127.0.0.1,1433;IntegratedSecurity=true;TrustServerCertificate=true" + TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificate=true" steps: - uses: actions/checkout@v5 diff --git a/docker/docker-azure-sql-edge.dockerfile b/docker/docker-mssql-azure.dockerfile similarity index 100% rename from docker/docker-azure-sql-edge.dockerfile rename to docker/docker-mssql-azure.dockerfile From 7ab0425899a56d007aa9e714f37260533d92a722 Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Mon, 10 Nov 2025 23:34:08 +0000 Subject: [PATCH 25/27] Certificate fixes - testing --- .github/workflows/test.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e59af63f5..d1c95e7c1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,6 +28,10 @@ jobs: fail-fast: false matrix: engine: [ 2017, 2019, 2022, "azure" ] + env: + TIBERIUS_TEST_INSTANCE: "MSSQLSERVER" + # TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:127.0.0.1,1433;IntegratedSecurity=true;TrustServerCertificate=true" + TIBERIUS_TEST_CONNECTION_STRING: "server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificate=true" steps: - name: Checkout repository From ad3b79de6a2d51a6d0be9d7b56013a943e3a0b23 Mon Sep 17 00:00:00 2001 From: Eric Sheppard Date: Tue, 18 Nov 2025 16:10:37 +1100 Subject: [PATCH 26/27] update certs generation --- .gitignore | 2 + docker/certs/README.md | 9 --- docker/certs/customCA.crt | 29 ------- docker/certs/customCA.key | 54 ------------- docker/certs/customCA.srl | 0 docker/certs/generate-ca.sh | 16 ---- docker/certs/generate-signed-cert.sh | 0 docker/certs/passphrase.txt | 1 - docker/certs/server-full.crt | 60 -------------- docker/certs/server.crt | 31 -------- docker/certs/server.key | 52 ------------ docker/certs/server.pem | 83 -------------------- docker/certs/signing-request.config.template | 20 ----- docker/docker-mssql-2017.dockerfile | 4 +- docker/docker-mssql-2019.dockerfile | 4 +- docker/docker-mssql-2022.dockerfile | 4 +- docker/docker-mssql-azure.dockerfile | 4 +- docker/docker-mssql.conf | 4 +- generate.sh | 6 ++ tests/custom-cert.rs | 14 ++-- xtask/src/main.rs | 41 ++++++---- 21 files changed, 51 insertions(+), 387 deletions(-) delete mode 100644 docker/certs/README.md delete mode 100644 docker/certs/customCA.crt delete mode 100644 docker/certs/customCA.key delete mode 100644 docker/certs/customCA.srl delete mode 100755 docker/certs/generate-ca.sh delete mode 100755 docker/certs/generate-signed-cert.sh delete mode 100755 docker/certs/passphrase.txt delete mode 100644 docker/certs/server-full.crt delete mode 100644 docker/certs/server.crt delete mode 100644 docker/certs/server.key delete mode 100644 docker/certs/server.pem delete mode 100755 docker/certs/signing-request.config.template create mode 100755 generate.sh diff --git a/.gitignore b/.gitignore index 147270ed4..c19d2fb33 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ Cargo.lock .idea .direnv/ .vscode +mssql.crt +mssql.key diff --git a/docker/certs/README.md b/docker/certs/README.md deleted file mode 100644 index 9d18788b0..000000000 --- a/docker/certs/README.md +++ /dev/null @@ -1,9 +0,0 @@ -Certificate generation ----------------------- - -In order to prepare the necessary self-signed certificates run the following commands - - ./generate-ca.sh - ./generate-signed-cert.sh server - -The first script creates a new signing-certificate, the second will then create new certificates with the given name, signed by the customCA.crt. diff --git a/docker/certs/customCA.crt b/docker/certs/customCA.crt deleted file mode 100644 index 0eff4f58b..000000000 --- a/docker/certs/customCA.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE/zCCAuegAwIBAgIUATFLyERaRfsQiPasMC5l0vrBMUMwDQYJKoZIhvcNAQEL -BQAwDzENMAsGA1UEAwwEQWNtZTAeFw0yMjA0MDYxMjAxNDVaFw0yNzExMTQxMjAx -NDVaMA8xDTALBgNVBAMMBEFjbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCmErbo7baWUTsGaVMBCAmEuSqzxEPJpiAWFewreWliT3tA2XAIDkSfeZwa -yHDs1noFZN4HBTyLkxay0EHVUpTk/qIZEbGFEiYHDnX68HtFVj63tMQMjoH2itAw -c3DHEZqt2PB03NU7iUwBoXLVSTWyVBOUFac4CobSh7h9dGRZFSweOXMETZxDt/cH -OrzElzYPISxU/EIohiGSuTgSSEdxqVbNgYYE17D/envs84SXA8AbymbwshoEGhpj -ljWWHXame8foh3zVyfIqSXRmMZumxeJtjl0qAkb4eq7drWAfbw8fn6I5vK+Mzo4l -sbKugd8GAI/DvRcrg2MuDDfIGPViFeodh5dwUrL2rYA7YAqhBB/J/0pnaD83JrDZ -u50/XBnmvFJNqp7sQdqVa4oRQJTwzJhW1eo6HuoVfjPH247LhUXoWgwqhFW+AWJB -OTcf19ui8/ZJd258B9A6gaWcjvjEtPbJAOhVGjfKKLpLUV6B6dFZhS39P0zu6xgQ -hIvRgf07eOtUauq+AVtIYp3vNbFmFELdLShjEGOUVjKZmll13tikvYn6w0dz07aA -Q78r1nZUO/fcdjNpJ6td3ikPoj3AOnH9qOo6W20/6l6yo5f1Mzx/H497ym5a92IC -v3iymhTe7S3WPi/Ga8NDSTmnw2It+tRmm48lNCPZsRKDqbP9vwIDAQABo1MwUTAd -BgNVHQ4EFgQURHcTzm1u6x8WiXeAWDblHzwBt9kwHwYDVR0jBBgwFoAURHcTzm1u -6x8WiXeAWDblHzwBt9kwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC -AgEACs6j0K09IYQk384RDvxgV4RfyM2K0ZQ+XadIICsYupYpDE8k4gK1q2sooxeQ -78gOoknpcbINVTMX0EJ64JWGJF3kXODgyMp9hDQyRrFIZpUQwhFRnwYshdKrkLFM -c4MQ4kZHc7Mah6pkE3yUXCiOJ5FuSTTneKz5nmXDcacqB2NPl5W6FUr2MFbgZTBM -NMHyUrjh4EIAfN9X4gDSwQGihj28mpn+8bQ9MNk9kMNKzz4tBLpIbcnD/hUuRJ7r -IKAx2ynKFA9y5RLQAfUvy7/9y4YeEMzbv1hBdbuNrzLR85nRkZ1ulZXGEbnmIYZi -xR57aeiWBu8b2z4pkmT1Lw8dFBYYHzVWm1/JgwaAmeaXNGM/Uh/yrJ1VuxRaXvf3 -2AveaamWdbpXz9qK609CUbfmVXR+Sh2JgIDfkPftRcbiwJDAUtdOBO/4at2MDJ4L -WikuZhttKMeRNd7KCUG5Ghy/T2XpMa6xS1927EUDN0Rv3gXcJ/qPmWFqI5xAAeh7 -ZkZ87w6XjpUaMbUlszR+EgpgD32NGfrWOPGFCipT3q+KGN0orWHlWus9l3uESf5l -OXZzPNAwr/qlK37QETSt03Gg4s9613HJ61cmuh7B2Z4DjlhxKCM5sgOXUozOG7Ix -uFkUxUQtrnwcemtW05tn4ycgIHWASOeQrdOubszMU5yrREE= ------END CERTIFICATE----- diff --git a/docker/certs/customCA.key b/docker/certs/customCA.key deleted file mode 100644 index cf0d5167e..000000000 --- a/docker/certs/customCA.key +++ /dev/null @@ -1,54 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,3D346DDB5BD4773F - -Ub2rB4q5TtVC4JgcpSn6cpM+ZfMLYAmk9pL6iY004daCdLVUdxXa+yhBUUAUYUP0 -BtaYEST5nwGQcu2HZBar0pFalmyCE4p+ItlHwnZlsZeSJjyEXrOZm0GD97OQRATz -CJ1OCF+3gjvQ+kg/gL31IQJqNhg4jBtNT83X/N2q8zDcS3ANDeI2oh0+IFknLLkM -Aq+yZEtwqL2G1yIVc1ncKRrhgJUTwWj1nCTN3q1Tn6AmdGwhhq5SKHKPdFs20j1m -kz8YtUtFJQWLj6iUG4ocjCE6iBdn6hl23JUTrDsTt32ufwI23Tjpq2kdCT6+7b8t -9hP8II+eC0P+MuOC5tmdHXV6wNU3ekjmzz3Xn86LSI0ZmkCADvS/aPyfjtummgh7 -yiygF83lLR9rzpKaaJs91urtRXMVMLk9bCMgkLYfscv0Ad9gf/9YSS95Jfmwhr3B -IveGMDzyoO9rfK6FT8O08chgTRB/ekp2UOxPsVdScUITf4jwmWW6gs/rFJsQy+Ud -awJjTVDK3YM1QHvD9ekgOlaQs2yNXgsMP+SUm3GpZph2LRebNqzc+byLWqjP4wVT -flNcTVxXs/wWKjJ8Q2eIQYt5IrzHY+M1nyl1aF5Q5Exmxc59FdSVLqYlq2EUjgCa -vyMjGMfeo1UJvLPnMpE9CW2EOePoaPtfzP0V427oBU4fvOKOIxtoP+QjNlTeHV+/ -KGkd8IP1wnYR4bPnJWjnP+l5mJUTd4Ced+rWe68dKnU4w38dVnemBAXBAwGVO4O7 -L1OfAaZR/FL+C7OIUVzFg2nBtxXXZzPeLEedvD+TCQfAgoUvXaqJIBCT+MFjRHp4 -Y5KLFc6uvh8RFjNSm4u3kv9DTAcMq+z7XRpCqMO+XoBhEjJ8cvwLxcSJvpAH9gAi -0tNE/v3V9c5nDGcJQpT+D4/NB1qqLWo7OXhoSm3HDU9KMsr2zC2RHYzbOeTOuSKv -Ux8m6ta+djHvS7Fe26x2NTJ/ob2Oeud8RDmtVfknzsI7NGJBedOQmesk5p8E1LZm -YIjfOtilPk8/Hp7wn/o6S47TaK2jN6laZhas7plT82si9q7CwtUm3x6LN9pRR9i0 -0AsgbrRItU6J5XMFbLhBl/Pkc0kAa/97xVoRrrr2WT9t00CmUEVKchufz4ayAR1S -BBL5JAiGSi5rn0ukle4597ZnBgmWYyvIBQpoyno6Yo2M3g6i9yitktEklRQCd+K7 -d/WyUxi9jKQJllrqLwFA6frot9OFR8DJqbddL2g1WkYkp2hrsGPqvRXIdp61+yNJ -iv7XA2Wvg0pjR88ztKpoP+IpT8MOo3xvnnKKbcsrVezeK8c6hEqzcY5McUq+hLF4 -G+XyLStCoeULeCtU9pSDII41JXU4OThuzyZGCx150vrpCZgp32/pEGvy6yVnJkyb -Z+ArykmxeSar80vpstBzx97x9t65ZWb/BmrzvPOd5xG813ZXxAoICuDzKdIc4gaU -D0rUJM0jUw0lAMz4o69tjQwNDp6sQ7khVFafF3yvEdObaHtOKMC8asYuxmczwzS2 -eo76lUE/ONA2MMjwxch1/++MCo8aGrVPuPBuEAZF1BUHxxqGElc59UzqH9cp/VIF -p5JEtqptZlv/1UcvoNWQkStq5n91SNjQyoqs5baF1j8/cPXS1FdJ2YxDM6Dvq/1r -jc+HWXNpaQvkXBZ6j4CW9rC3xeam6cfgC7/3fdW4CKVenrsv84fH9iqvMRi7wOfC -07+9J8tM8DYr9LSBR42+JJj2lGjBrwxhHH9XpBW12/c4Nc+qjIoyzg6Pk35E3K+t -Cmcrrl1dghHvjHET3j9Sy7bGAFfyde6YpA9ak9EX7GvYH4b5fIzI08gpKYDjDZTG -WkoR+9PgLnLCMr4gzEq3VSzmIkoZ6+1320dZME9arEKgT9qjdlMs+VyJrzp6aalm -Btmxf6k4CTqJ86Iid991ZrZzIrBBtvzYs8yboayht79HYEfUr5pF+N/bmqU99h7t -FHk1QPwYKaIaU5Wcb7UmLfi0FLaeUErq+OhqtgXXGGu3yzw/9zrh3azcWkBGteeu -GaE4CMLxVsu24EUPKnuG4s7o209w924lT7Wjc8I2lqFCwLgCNZ4yx6OxO4q59HK5 -cUvb3uZvrKT0CRXfkAz0cGb/4foZEfKcb2FeEpcXfkZxD6+hBOTI7ecrN5H2uU07 -tEyHl/nP/kOfVmdbjFX5FFfxqB0Dl/kj4ZQgHsKhYvY8cbGRoZLhs4ar1OGRY5pC -PUu5/SjXbzS0dmePqUsuztkDX4x2Vcdh3tg7B5Q8wUbRRCChfPZCEhpofrlJKOku -4JWb9NjolytICh3DoOPFhrrm5NMpq5h8mcdMNU9vBN2zd/uuaJnVarxHVKt8iPE7 -Ub4o5sg+4u3Xe3y8cASPK2SN7zxx3wrOYlsp9GcuMNqQ0XDbnYoG7ncGKt4Af10m -Cbh1pVvGk9pSS5+XOBXfeGN5C75w4MCWICDp3i6RLW7xVgC4jE8567540bHZJWrj -AtpIyKrEbdDfjvB+NEgoXa3db8Od0EvxTjiCSZZ98lEreXwYxidwUCjcM5ZoFcMO -wk7AmpfGr5mk2rYc/a8/Th1MhQrSk4g56PChgostN/GGjykMvBUahDiphr/UwP+1 -GdR/etZP2RGH05VQpA2vSOwvJRg0xC0gvjkrSj+GU3GKS/OHvTX/iZ3/k6Af8WBK -LG/SQVDqNdEhT5va7VaiLMJzs71sVY/uGv17iMrq+1ZTLWUt9ZSe8d7/tCrubwsh -8Bg9L616rRy57fh2GMcgcSXMfBBK1f7954xSc4FF1M6q8HT3yT/JmJvRl0p5EB9n -3GYzafI2CqmV1OUPd00LCBhHxybmrG/x3W9wCcampfcpgbvg9p1oqxjHaz7iRgyP -OuI8M9oZVjMhLG17R+hm6+Gsd1CLFEyKF7QL/+HJXiY+R4uCZi45L3jqDPBtwAXN -HoCZg39AnM0ZF4F1Qi2DFytswpAFWYAxjXwtXzcPPBbB5h05E1XEjV+qNCVlVosN -Oh0N6mrguYbbP2ZGUU9+upFFxUiCbl0PRB+zpqqqc+GFzw/SsPsn1poUYLhyjR2F -YF2SEm4h0lrsIz1EU8//KTQ+6EOwhXQVslsm43xoQYitTjyPgSlorqQeHHl7L4ju ------END RSA PRIVATE KEY----- diff --git a/docker/certs/customCA.srl b/docker/certs/customCA.srl deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/certs/generate-ca.sh b/docker/certs/generate-ca.sh deleted file mode 100755 index 828c34a83..000000000 --- a/docker/certs/generate-ca.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env bash - -set -e -set -o pipefail - -if ! test -f "customCA.crt"; then - echo Generating Key - openssl genrsa -des3 -passout file:passphrase.txt -out customCA.key 4096 - echo Generating CA-Cert - openssl req -x509 -new -nodes \ - -key customCA.key \ - -sha256 -days 2048 \ - -subj "/CN=Acme" \ - -passin file:passphrase.txt \ - -out customCA.crt -fi; \ No newline at end of file diff --git a/docker/certs/generate-signed-cert.sh b/docker/certs/generate-signed-cert.sh deleted file mode 100755 index e69de29bb..000000000 diff --git a/docker/certs/passphrase.txt b/docker/certs/passphrase.txt deleted file mode 100755 index 26c02c06c..000000000 --- a/docker/certs/passphrase.txt +++ /dev/null @@ -1 +0,0 @@ -4711 \ No newline at end of file diff --git a/docker/certs/server-full.crt b/docker/certs/server-full.crt deleted file mode 100644 index 31ceafd70..000000000 --- a/docker/certs/server-full.crt +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFVDCCAzygAwIBAgIUDa7sxFwH9eBuDdGwURXDz9GkbZwwDQYJKoZIhvcNAQEL -BQAwDzENMAsGA1UEAwwEQWNtZTAeFw0yNDA2MDMxMTQwMzNaFw0yNDEyMjAxMTQw -MzNaMEAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARBY21lMREwDwYDVQQLDAhUaWJl -cml1czEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAztKC7UloJuxGMaOslWm7vEDcd8YkcC9P4PMqDTS0qgr/IXeK1LB1Pt2w -iEY4Bz/Bd3boj2IMgRzT9gjtJoD6Y3Aa32UWp1TgrDtLQ6Bns30d6sNdk7xJ5m9v -qM3ZpJSdLNKolvldcdbUWQkthKUCArNQzHUoHI70PNZGKE6iikWoqvOv4xUq3L8J -e5Ows8fw8NY8TyaJAiHE8zOH0kUyRGaVp2+ku6qNHLFPaLk/iJjlMs1CfsdUNjNN -/N5YhwYxF7ikIhsnNXV7/AHKQeM0z5jlD74VwnquuyXc0Mgq4I99xg7nJXQNLKdU -X7thDJ8BJdKM7i8KKn/UgDoU2USIiF1x8GsqZzFR//LS9lt+n/utduEdBX7Ut0rr -nv2lQZhL4313hyzdv0f5gaEjCAndQXu/oq9SutJDAa3uszHejiyBEWgpfY7xiaTT -xf5XMTue+hbwruXLlX+H0tdH9W/BWuT7+RR3H35nKZ4FLyNG0g3joL5la3WIhRHb -9PP5hZSB6Mf1mnWuBWiJ63MJzAVsfuwyBMir8feRbj+YvI6azPXfkz874OdWnN9F -Zi6GUWy3z4UAwnC0OXO5WwH56gHfZi9u2S70Zho4jPPnF3OP2KrVJSQNrc9qwC1M -0HJNcYw9O4ERnI5OYkclEafrK98VVRPhnuKLDak31jenUh4nwNECAwEAAaN3MHUw -FAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjAdBgNVHQ4EFgQUn6la/z79UFTu+LlDc6aDXG+6Tv0wHwYDVR0jBBgwFoAU -RHcTzm1u6x8WiXeAWDblHzwBt9kwDQYJKoZIhvcNAQELBQADggIBAA6sCw60Cr1V -aeFXxpzYKc3dtfKjuD6d5K6kwRkrt2AlsSfEk9fVu4SXbYeISXkL42g9nI02ce4j -o2iCeabgBT7HQVMsSx3KzlCXzXW2ACtma1D87RRQjBJinbCLSHaksZxSsMK6J+3u -MxLIgYIbxP9xGt8PLURkJq5tvJua8WZhdvaUXD1YdLANIzenCL6gHuW6WkzmHJ7E -c5rX/p8njJe7hse0ng04B9eQpuTPGUXYxOs7yMvSb5fNqZZr1EAVhBphDVjR6TuD -KTrh8vCDqHDj1xm00sbnYjzah/znmq+8XAvYGlf7DpuT68ipR914UDGvG4vKcdLz -x+3mcT3tOLfCT0VqlieWiJEdotk6EvFyubP034VxIqwr53ew2+e4m3dw39/HZ+Y1 -tggXWwlFpkZS/knLje9kz7F/EOReA4WknFSfm07B0Yv7qZNgTc/Kptw7FgPFTDLL -Cah96vwSny66C1iaRV4ALdAa1/ZNSkD/D6y1oTFGQVgy4KezjwlTA0EvmIS+wves -7jXoTSqO1iBRRl2DfHnzBtWHP1XtSTo7rqDHj6WOb/rEkTsgXqdnA5RQokj8zjLq -zaNaREfrAw55tuOASw0TbWLlv3qDofUlZyqOE6oCgCCjN/0KyqWm5m8lTUJKo6qg -HTMZ5IJXU9f1XKtMHLdGRpx0YiEGTw0e ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE/zCCAuegAwIBAgIUATFLyERaRfsQiPasMC5l0vrBMUMwDQYJKoZIhvcNAQEL -BQAwDzENMAsGA1UEAwwEQWNtZTAeFw0yMjA0MDYxMjAxNDVaFw0yNzExMTQxMjAx -NDVaMA8xDTALBgNVBAMMBEFjbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCmErbo7baWUTsGaVMBCAmEuSqzxEPJpiAWFewreWliT3tA2XAIDkSfeZwa -yHDs1noFZN4HBTyLkxay0EHVUpTk/qIZEbGFEiYHDnX68HtFVj63tMQMjoH2itAw -c3DHEZqt2PB03NU7iUwBoXLVSTWyVBOUFac4CobSh7h9dGRZFSweOXMETZxDt/cH -OrzElzYPISxU/EIohiGSuTgSSEdxqVbNgYYE17D/envs84SXA8AbymbwshoEGhpj -ljWWHXame8foh3zVyfIqSXRmMZumxeJtjl0qAkb4eq7drWAfbw8fn6I5vK+Mzo4l -sbKugd8GAI/DvRcrg2MuDDfIGPViFeodh5dwUrL2rYA7YAqhBB/J/0pnaD83JrDZ -u50/XBnmvFJNqp7sQdqVa4oRQJTwzJhW1eo6HuoVfjPH247LhUXoWgwqhFW+AWJB -OTcf19ui8/ZJd258B9A6gaWcjvjEtPbJAOhVGjfKKLpLUV6B6dFZhS39P0zu6xgQ -hIvRgf07eOtUauq+AVtIYp3vNbFmFELdLShjEGOUVjKZmll13tikvYn6w0dz07aA -Q78r1nZUO/fcdjNpJ6td3ikPoj3AOnH9qOo6W20/6l6yo5f1Mzx/H497ym5a92IC -v3iymhTe7S3WPi/Ga8NDSTmnw2It+tRmm48lNCPZsRKDqbP9vwIDAQABo1MwUTAd -BgNVHQ4EFgQURHcTzm1u6x8WiXeAWDblHzwBt9kwHwYDVR0jBBgwFoAURHcTzm1u -6x8WiXeAWDblHzwBt9kwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC -AgEACs6j0K09IYQk384RDvxgV4RfyM2K0ZQ+XadIICsYupYpDE8k4gK1q2sooxeQ -78gOoknpcbINVTMX0EJ64JWGJF3kXODgyMp9hDQyRrFIZpUQwhFRnwYshdKrkLFM -c4MQ4kZHc7Mah6pkE3yUXCiOJ5FuSTTneKz5nmXDcacqB2NPl5W6FUr2MFbgZTBM -NMHyUrjh4EIAfN9X4gDSwQGihj28mpn+8bQ9MNk9kMNKzz4tBLpIbcnD/hUuRJ7r -IKAx2ynKFA9y5RLQAfUvy7/9y4YeEMzbv1hBdbuNrzLR85nRkZ1ulZXGEbnmIYZi -xR57aeiWBu8b2z4pkmT1Lw8dFBYYHzVWm1/JgwaAmeaXNGM/Uh/yrJ1VuxRaXvf3 -2AveaamWdbpXz9qK609CUbfmVXR+Sh2JgIDfkPftRcbiwJDAUtdOBO/4at2MDJ4L -WikuZhttKMeRNd7KCUG5Ghy/T2XpMa6xS1927EUDN0Rv3gXcJ/qPmWFqI5xAAeh7 -ZkZ87w6XjpUaMbUlszR+EgpgD32NGfrWOPGFCipT3q+KGN0orWHlWus9l3uESf5l -OXZzPNAwr/qlK37QETSt03Gg4s9613HJ61cmuh7B2Z4DjlhxKCM5sgOXUozOG7Ix -uFkUxUQtrnwcemtW05tn4ycgIHWASOeQrdOubszMU5yrREE= ------END CERTIFICATE----- diff --git a/docker/certs/server.crt b/docker/certs/server.crt deleted file mode 100644 index 95e4d43e4..000000000 --- a/docker/certs/server.crt +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFVDCCAzygAwIBAgIUDa7sxFwH9eBuDdGwURXDz9GkbZwwDQYJKoZIhvcNAQEL -BQAwDzENMAsGA1UEAwwEQWNtZTAeFw0yNDA2MDMxMTQwMzNaFw0yNDEyMjAxMTQw -MzNaMEAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARBY21lMREwDwYDVQQLDAhUaWJl -cml1czEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAztKC7UloJuxGMaOslWm7vEDcd8YkcC9P4PMqDTS0qgr/IXeK1LB1Pt2w -iEY4Bz/Bd3boj2IMgRzT9gjtJoD6Y3Aa32UWp1TgrDtLQ6Bns30d6sNdk7xJ5m9v -qM3ZpJSdLNKolvldcdbUWQkthKUCArNQzHUoHI70PNZGKE6iikWoqvOv4xUq3L8J -e5Ows8fw8NY8TyaJAiHE8zOH0kUyRGaVp2+ku6qNHLFPaLk/iJjlMs1CfsdUNjNN -/N5YhwYxF7ikIhsnNXV7/AHKQeM0z5jlD74VwnquuyXc0Mgq4I99xg7nJXQNLKdU -X7thDJ8BJdKM7i8KKn/UgDoU2USIiF1x8GsqZzFR//LS9lt+n/utduEdBX7Ut0rr -nv2lQZhL4313hyzdv0f5gaEjCAndQXu/oq9SutJDAa3uszHejiyBEWgpfY7xiaTT -xf5XMTue+hbwruXLlX+H0tdH9W/BWuT7+RR3H35nKZ4FLyNG0g3joL5la3WIhRHb -9PP5hZSB6Mf1mnWuBWiJ63MJzAVsfuwyBMir8feRbj+YvI6azPXfkz874OdWnN9F -Zi6GUWy3z4UAwnC0OXO5WwH56gHfZi9u2S70Zho4jPPnF3OP2KrVJSQNrc9qwC1M -0HJNcYw9O4ERnI5OYkclEafrK98VVRPhnuKLDak31jenUh4nwNECAwEAAaN3MHUw -FAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjAdBgNVHQ4EFgQUn6la/z79UFTu+LlDc6aDXG+6Tv0wHwYDVR0jBBgwFoAU -RHcTzm1u6x8WiXeAWDblHzwBt9kwDQYJKoZIhvcNAQELBQADggIBAA6sCw60Cr1V -aeFXxpzYKc3dtfKjuD6d5K6kwRkrt2AlsSfEk9fVu4SXbYeISXkL42g9nI02ce4j -o2iCeabgBT7HQVMsSx3KzlCXzXW2ACtma1D87RRQjBJinbCLSHaksZxSsMK6J+3u -MxLIgYIbxP9xGt8PLURkJq5tvJua8WZhdvaUXD1YdLANIzenCL6gHuW6WkzmHJ7E -c5rX/p8njJe7hse0ng04B9eQpuTPGUXYxOs7yMvSb5fNqZZr1EAVhBphDVjR6TuD -KTrh8vCDqHDj1xm00sbnYjzah/znmq+8XAvYGlf7DpuT68ipR914UDGvG4vKcdLz -x+3mcT3tOLfCT0VqlieWiJEdotk6EvFyubP034VxIqwr53ew2+e4m3dw39/HZ+Y1 -tggXWwlFpkZS/knLje9kz7F/EOReA4WknFSfm07B0Yv7qZNgTc/Kptw7FgPFTDLL -Cah96vwSny66C1iaRV4ALdAa1/ZNSkD/D6y1oTFGQVgy4KezjwlTA0EvmIS+wves -7jXoTSqO1iBRRl2DfHnzBtWHP1XtSTo7rqDHj6WOb/rEkTsgXqdnA5RQokj8zjLq -zaNaREfrAw55tuOASw0TbWLlv3qDofUlZyqOE6oCgCCjN/0KyqWm5m8lTUJKo6qg -HTMZ5IJXU9f1XKtMHLdGRpx0YiEGTw0e ------END CERTIFICATE----- diff --git a/docker/certs/server.key b/docker/certs/server.key deleted file mode 100644 index 7e60bb02e..000000000 --- a/docker/certs/server.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDO0oLtSWgm7EYx -o6yVabu8QNx3xiRwL0/g8yoNNLSqCv8hd4rUsHU+3bCIRjgHP8F3duiPYgyBHNP2 -CO0mgPpjcBrfZRanVOCsO0tDoGezfR3qw12TvEnmb2+ozdmklJ0s0qiW+V1x1tRZ -CS2EpQICs1DMdSgcjvQ81kYoTqKKRaiq86/jFSrcvwl7k7Czx/Dw1jxPJokCIcTz -M4fSRTJEZpWnb6S7qo0csU9ouT+ImOUyzUJ+x1Q2M0383liHBjEXuKQiGyc1dXv8 -AcpB4zTPmOUPvhXCeq67JdzQyCrgj33GDucldA0sp1Rfu2EMnwEl0ozuLwoqf9SA -OhTZRIiIXXHwaypnMVH/8tL2W36f+6124R0FftS3Suue/aVBmEvjfXeHLN2/R/mB -oSMICd1Be7+ir1K60kMBre6zMd6OLIERaCl9jvGJpNPF/lcxO576FvCu5cuVf4fS -10f1b8Fa5Pv5FHcffmcpngUvI0bSDeOgvmVrdYiFEdv08/mFlIHox/Wada4FaInr -cwnMBWx+7DIEyKvx95FuP5i8jprM9d+TPzvg51ac30VmLoZRbLfPhQDCcLQ5c7lb -AfnqAd9mL27ZLvRmGjiM8+cXc4/YqtUlJA2tz2rALUzQck1xjD07gRGcjk5iRyUR -p+sr3xVVE+Ge4osNqTfWN6dSHifA0QIDAQABAoICAADFLMzFjAZPlVIWYQRYLcVd -ZDjLt4tlqLVusGSW0niq5HD3ZxBkVRZyKMf0I32m65F2Y1az27YwIVuyZDAzVSNh -Sa9U6vr97F2F1cGbZ4F2DQJInpjID+okVnkNZbLoxQZThUJVLMd5kGZBvA45N1cD -XBDb25WyJFeU6HNaWh171Y1H7arxw2xpp3dS6Sq9OxDpilVU4FgeQDOT6LzEKlQS -AfsK9dUHVUHS6Pfbz0BS6fEYzbdnRoFyatcfDJs5nx2Oj+lq2pg2zxq01sAMsJ/Y -ittWdtIn5u5OXXp3UV4PWL1/5RVZD5q/x4cY/Xs4nR5rAKB7Mz1t5xCgbr8Ro9TE -9PVzrbGy8hCWW0Yz+zhwIsDrtkQ7RGIg95W7IjaxnrjCUszK0xG1hXpce1qg1EN0 -rF4u7pU0qEWw4piLfIXepVZxVo27dOYj9qEpDkGiVYXCJ3+HifHBt5tE/rVkStF3 -dzihxyk5E7F4wJd9tz2xAMxFSgG3IeEZ3IOCxFWJib6micXZJ2n6N9uuUnHGW3D2 -o7FC02G1gXsxxgY871b8G6mFyGhmfEJxqrIvek8fBvvgOPWKnroLqJprxYow6miE -QU6yC4C/1RZgn/l6kj9jz2r6BY2nVjhHjbLGTh9bsqf5dCPdJV01FsVMiJqUzg5+ -HR5XJSf1hXRx/egBYdaBAoIBAQD3Hb12rwXRVaf38wth4VMaZr1Dxgkt0/X58LTf -SXPzGMChqnhBKdNHPv4pfWpBbvKBPWUcd+uBylgABl4xD8QH6VcspRWdgAJjul4K -RCRdWJtt0nxOqU4KitaBWOM7d6Ec3oCCaOZI5ZT+6Hj+X/RmAwd9acNM8NQ5166y -AyVQfO+2QvWRgLWxyYnBIRYkPU0L+ItkBxWpe0W8bRCj2ilAP+UCH0VSGMsnkzKw -y2HQtLGu8EBODmoW36qeYFYf6iKTMQpdtwyRYjjVq5smYSfJPy5WvdIOvcbcpI4I -Edpd1GvdjcwdfTKPiCvhDgpjQUCEOeLaKvszSFAxsSyyMFRRAoIBAQDWQfBWEwLT -jFZ9N07xkMxG4qA28KUXIHZ53DkEQmrDYQWSpJ6OfrhQgwtX9CtTMoyrG4gw1IDJ -lAcx91o6GVkC4CP8+ssvhPZi+KD9iVAI61hg3gVyxvndXgYg2xBeJ8IBm7Jkg5HK -A9tZW8jEfH+nO6HhszY0r9VNov2naRwGGZ9JgGpcMvFN5taXOhierfk3L63zaJPJ -Mx8Aaspxlk7u9ommZ1jkdpmczUzPfEpyRfSD9qoKxA4GOYPxDCUSkAyy6XzlF4rg -AKetXg5yDNa2Y4MXfbIK40Oh1wz7e9yZDjovSxonjC141RD8ybyOXhfsK67oMMME -J0gxhBR3vASBAoIBAG0jJVoVUmxxeA15ub0w1pMCbPRRshwbULdiJ3+14Q+sDudX -cmTVJAqDN5z7VsIvTcrmYpGAJPLdeqAIL/FbFSipVWbSQgmdT3DcDkxaa/UN/Rcz -rtLO0zi0uKfHqhPJcc5eNkNiMNJhErzBzy4JEtc630P0QdzpP9GMAAt+eCxkATpt -uCbawWQTrlMtWaoHqM9wpZ83wcloOBRP1tmGsFE/5tRZGzR23sJLsEeEi16xbwfj -84KFuzT+80ufIGpX7Y00S2+4OES9LHyxnYQFxJyM2tpUW0FHb1xjEJdfyyFFf54J -0ev0LzBU44wxt0S+vM+pARd5hBfSCBjqNuM7lQECggEALhpmMr9IfmjWO39pN0Wn -DyG4w9moTH+pvrMKecYo3v3Dizhs/dB6rKhmCnj50Z8w8ais94TiaX22xqOpAJNv -udStKcR1cDY2JjnFuoiPdjvd+ooLthTmsyGGRA+fSANaFaqBCmvdNRD7ZBEB9HWt -qjiEruI3KcMkLN6DokBVzWI6CkDdohU8Iz0ms8fGgG6DD8LstVGtaz/azeYsxaBI -P9dA61OVpyN2Dm2Gt6bRBiHTaYnsMQDa27AImhe46nOgp+bh/xG/yk+ZxQ5WIWht -0zU6ghWD+B/K78osevi+ERkkoASTDit1pWiDjUGDl0bb8u+7ZS8I553kRPNczB7j -AQKCAQEA9wJW7rWBuIVMUymSqynSvy4SqClOX2IKFbsJqqe3PO5dby/8YnxPXOZK -lq7gSXWfSgTN29JY5beVBLJI66spSTiz6AP4/iWQqCpzw9VM0Gv7GxIasZmfP+tp -l4JV8+yAElOFd1IhjV3RKGU1fGPGJfstIBt5eXQCSVQyQaFYQeGYE0KU5AUD6lvY -6R9irgVicVa9x1eq5HVcTVYb0gFs4zSZ1YlpqTc/i1ttZEWGyzmOK5cMX2iOeou7 -H/IZyIjtTm6edWgUANXhZdDss3gBUitLUpne579efdPCTJ4vqRjEA8tjZeGgmJpf -Oeu1HE+LelnM2vOc9TtbJC9FrC8nYw== ------END PRIVATE KEY----- diff --git a/docker/certs/server.pem b/docker/certs/server.pem deleted file mode 100644 index 7acbb192f..000000000 --- a/docker/certs/server.pem +++ /dev/null @@ -1,83 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDO0oLtSWgm7EYx -o6yVabu8QNx3xiRwL0/g8yoNNLSqCv8hd4rUsHU+3bCIRjgHP8F3duiPYgyBHNP2 -CO0mgPpjcBrfZRanVOCsO0tDoGezfR3qw12TvEnmb2+ozdmklJ0s0qiW+V1x1tRZ -CS2EpQICs1DMdSgcjvQ81kYoTqKKRaiq86/jFSrcvwl7k7Czx/Dw1jxPJokCIcTz -M4fSRTJEZpWnb6S7qo0csU9ouT+ImOUyzUJ+x1Q2M0383liHBjEXuKQiGyc1dXv8 -AcpB4zTPmOUPvhXCeq67JdzQyCrgj33GDucldA0sp1Rfu2EMnwEl0ozuLwoqf9SA -OhTZRIiIXXHwaypnMVH/8tL2W36f+6124R0FftS3Suue/aVBmEvjfXeHLN2/R/mB -oSMICd1Be7+ir1K60kMBre6zMd6OLIERaCl9jvGJpNPF/lcxO576FvCu5cuVf4fS -10f1b8Fa5Pv5FHcffmcpngUvI0bSDeOgvmVrdYiFEdv08/mFlIHox/Wada4FaInr -cwnMBWx+7DIEyKvx95FuP5i8jprM9d+TPzvg51ac30VmLoZRbLfPhQDCcLQ5c7lb -AfnqAd9mL27ZLvRmGjiM8+cXc4/YqtUlJA2tz2rALUzQck1xjD07gRGcjk5iRyUR -p+sr3xVVE+Ge4osNqTfWN6dSHifA0QIDAQABAoICAADFLMzFjAZPlVIWYQRYLcVd -ZDjLt4tlqLVusGSW0niq5HD3ZxBkVRZyKMf0I32m65F2Y1az27YwIVuyZDAzVSNh -Sa9U6vr97F2F1cGbZ4F2DQJInpjID+okVnkNZbLoxQZThUJVLMd5kGZBvA45N1cD -XBDb25WyJFeU6HNaWh171Y1H7arxw2xpp3dS6Sq9OxDpilVU4FgeQDOT6LzEKlQS -AfsK9dUHVUHS6Pfbz0BS6fEYzbdnRoFyatcfDJs5nx2Oj+lq2pg2zxq01sAMsJ/Y -ittWdtIn5u5OXXp3UV4PWL1/5RVZD5q/x4cY/Xs4nR5rAKB7Mz1t5xCgbr8Ro9TE -9PVzrbGy8hCWW0Yz+zhwIsDrtkQ7RGIg95W7IjaxnrjCUszK0xG1hXpce1qg1EN0 -rF4u7pU0qEWw4piLfIXepVZxVo27dOYj9qEpDkGiVYXCJ3+HifHBt5tE/rVkStF3 -dzihxyk5E7F4wJd9tz2xAMxFSgG3IeEZ3IOCxFWJib6micXZJ2n6N9uuUnHGW3D2 -o7FC02G1gXsxxgY871b8G6mFyGhmfEJxqrIvek8fBvvgOPWKnroLqJprxYow6miE -QU6yC4C/1RZgn/l6kj9jz2r6BY2nVjhHjbLGTh9bsqf5dCPdJV01FsVMiJqUzg5+ -HR5XJSf1hXRx/egBYdaBAoIBAQD3Hb12rwXRVaf38wth4VMaZr1Dxgkt0/X58LTf -SXPzGMChqnhBKdNHPv4pfWpBbvKBPWUcd+uBylgABl4xD8QH6VcspRWdgAJjul4K -RCRdWJtt0nxOqU4KitaBWOM7d6Ec3oCCaOZI5ZT+6Hj+X/RmAwd9acNM8NQ5166y -AyVQfO+2QvWRgLWxyYnBIRYkPU0L+ItkBxWpe0W8bRCj2ilAP+UCH0VSGMsnkzKw -y2HQtLGu8EBODmoW36qeYFYf6iKTMQpdtwyRYjjVq5smYSfJPy5WvdIOvcbcpI4I -Edpd1GvdjcwdfTKPiCvhDgpjQUCEOeLaKvszSFAxsSyyMFRRAoIBAQDWQfBWEwLT -jFZ9N07xkMxG4qA28KUXIHZ53DkEQmrDYQWSpJ6OfrhQgwtX9CtTMoyrG4gw1IDJ -lAcx91o6GVkC4CP8+ssvhPZi+KD9iVAI61hg3gVyxvndXgYg2xBeJ8IBm7Jkg5HK -A9tZW8jEfH+nO6HhszY0r9VNov2naRwGGZ9JgGpcMvFN5taXOhierfk3L63zaJPJ -Mx8Aaspxlk7u9ommZ1jkdpmczUzPfEpyRfSD9qoKxA4GOYPxDCUSkAyy6XzlF4rg -AKetXg5yDNa2Y4MXfbIK40Oh1wz7e9yZDjovSxonjC141RD8ybyOXhfsK67oMMME -J0gxhBR3vASBAoIBAG0jJVoVUmxxeA15ub0w1pMCbPRRshwbULdiJ3+14Q+sDudX -cmTVJAqDN5z7VsIvTcrmYpGAJPLdeqAIL/FbFSipVWbSQgmdT3DcDkxaa/UN/Rcz -rtLO0zi0uKfHqhPJcc5eNkNiMNJhErzBzy4JEtc630P0QdzpP9GMAAt+eCxkATpt -uCbawWQTrlMtWaoHqM9wpZ83wcloOBRP1tmGsFE/5tRZGzR23sJLsEeEi16xbwfj -84KFuzT+80ufIGpX7Y00S2+4OES9LHyxnYQFxJyM2tpUW0FHb1xjEJdfyyFFf54J -0ev0LzBU44wxt0S+vM+pARd5hBfSCBjqNuM7lQECggEALhpmMr9IfmjWO39pN0Wn -DyG4w9moTH+pvrMKecYo3v3Dizhs/dB6rKhmCnj50Z8w8ais94TiaX22xqOpAJNv -udStKcR1cDY2JjnFuoiPdjvd+ooLthTmsyGGRA+fSANaFaqBCmvdNRD7ZBEB9HWt -qjiEruI3KcMkLN6DokBVzWI6CkDdohU8Iz0ms8fGgG6DD8LstVGtaz/azeYsxaBI -P9dA61OVpyN2Dm2Gt6bRBiHTaYnsMQDa27AImhe46nOgp+bh/xG/yk+ZxQ5WIWht -0zU6ghWD+B/K78osevi+ERkkoASTDit1pWiDjUGDl0bb8u+7ZS8I553kRPNczB7j -AQKCAQEA9wJW7rWBuIVMUymSqynSvy4SqClOX2IKFbsJqqe3PO5dby/8YnxPXOZK -lq7gSXWfSgTN29JY5beVBLJI66spSTiz6AP4/iWQqCpzw9VM0Gv7GxIasZmfP+tp -l4JV8+yAElOFd1IhjV3RKGU1fGPGJfstIBt5eXQCSVQyQaFYQeGYE0KU5AUD6lvY -6R9irgVicVa9x1eq5HVcTVYb0gFs4zSZ1YlpqTc/i1ttZEWGyzmOK5cMX2iOeou7 -H/IZyIjtTm6edWgUANXhZdDss3gBUitLUpne579efdPCTJ4vqRjEA8tjZeGgmJpf -Oeu1HE+LelnM2vOc9TtbJC9FrC8nYw== ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIFVDCCAzygAwIBAgIUDa7sxFwH9eBuDdGwURXDz9GkbZwwDQYJKoZIhvcNAQEL -BQAwDzENMAsGA1UEAwwEQWNtZTAeFw0yNDA2MDMxMTQwMzNaFw0yNDEyMjAxMTQw -MzNaMEAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARBY21lMREwDwYDVQQLDAhUaWJl -cml1czEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAztKC7UloJuxGMaOslWm7vEDcd8YkcC9P4PMqDTS0qgr/IXeK1LB1Pt2w -iEY4Bz/Bd3boj2IMgRzT9gjtJoD6Y3Aa32UWp1TgrDtLQ6Bns30d6sNdk7xJ5m9v -qM3ZpJSdLNKolvldcdbUWQkthKUCArNQzHUoHI70PNZGKE6iikWoqvOv4xUq3L8J -e5Ows8fw8NY8TyaJAiHE8zOH0kUyRGaVp2+ku6qNHLFPaLk/iJjlMs1CfsdUNjNN -/N5YhwYxF7ikIhsnNXV7/AHKQeM0z5jlD74VwnquuyXc0Mgq4I99xg7nJXQNLKdU -X7thDJ8BJdKM7i8KKn/UgDoU2USIiF1x8GsqZzFR//LS9lt+n/utduEdBX7Ut0rr -nv2lQZhL4313hyzdv0f5gaEjCAndQXu/oq9SutJDAa3uszHejiyBEWgpfY7xiaTT -xf5XMTue+hbwruXLlX+H0tdH9W/BWuT7+RR3H35nKZ4FLyNG0g3joL5la3WIhRHb -9PP5hZSB6Mf1mnWuBWiJ63MJzAVsfuwyBMir8feRbj+YvI6azPXfkz874OdWnN9F -Zi6GUWy3z4UAwnC0OXO5WwH56gHfZi9u2S70Zho4jPPnF3OP2KrVJSQNrc9qwC1M -0HJNcYw9O4ERnI5OYkclEafrK98VVRPhnuKLDak31jenUh4nwNECAwEAAaN3MHUw -FAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjAdBgNVHQ4EFgQUn6la/z79UFTu+LlDc6aDXG+6Tv0wHwYDVR0jBBgwFoAU -RHcTzm1u6x8WiXeAWDblHzwBt9kwDQYJKoZIhvcNAQELBQADggIBAA6sCw60Cr1V -aeFXxpzYKc3dtfKjuD6d5K6kwRkrt2AlsSfEk9fVu4SXbYeISXkL42g9nI02ce4j -o2iCeabgBT7HQVMsSx3KzlCXzXW2ACtma1D87RRQjBJinbCLSHaksZxSsMK6J+3u -MxLIgYIbxP9xGt8PLURkJq5tvJua8WZhdvaUXD1YdLANIzenCL6gHuW6WkzmHJ7E -c5rX/p8njJe7hse0ng04B9eQpuTPGUXYxOs7yMvSb5fNqZZr1EAVhBphDVjR6TuD -KTrh8vCDqHDj1xm00sbnYjzah/znmq+8XAvYGlf7DpuT68ipR914UDGvG4vKcdLz -x+3mcT3tOLfCT0VqlieWiJEdotk6EvFyubP034VxIqwr53ew2+e4m3dw39/HZ+Y1 -tggXWwlFpkZS/knLje9kz7F/EOReA4WknFSfm07B0Yv7qZNgTc/Kptw7FgPFTDLL -Cah96vwSny66C1iaRV4ALdAa1/ZNSkD/D6y1oTFGQVgy4KezjwlTA0EvmIS+wves -7jXoTSqO1iBRRl2DfHnzBtWHP1XtSTo7rqDHj6WOb/rEkTsgXqdnA5RQokj8zjLq -zaNaREfrAw55tuOASw0TbWLlv3qDofUlZyqOE6oCgCCjN/0KyqWm5m8lTUJKo6qg -HTMZ5IJXU9f1XKtMHLdGRpx0YiEGTw0e ------END CERTIFICATE----- diff --git a/docker/certs/signing-request.config.template b/docker/certs/signing-request.config.template deleted file mode 100755 index 5fc6540ea..000000000 --- a/docker/certs/signing-request.config.template +++ /dev/null @@ -1,20 +0,0 @@ -[ req ] -prompt = no -utf8 = yes -default_bits = 4096 -distinguished_name = req_distinguished_name - -req_extensions = v3_req - -[ req_distinguished_name ] -C=DE -O=Acme -OU=Tiberius -CN=$CERT_CN - -[ v3_req ] -subjectAltName = @alt_names -extendedKeyUsage = serverAuth, clientAuth - -[alt_names] -DNS.1 = localhost diff --git a/docker/docker-mssql-2017.dockerfile b/docker/docker-mssql-2017.dockerfile index 03cc829b2..cbb318af0 100644 --- a/docker/docker-mssql-2017.dockerfile +++ b/docker/docker-mssql-2017.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2017-latest -COPY --chmod=440 docker/certs/server.* /certs/ -COPY --chmod=440 docker/certs/customCA.* /certs/ +COPY --chmod=440 mssql.crt /var/opt/mssql/server.crt +COPY --chmod=440 mssql.key /var/opt/mssql/server.key COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2019.dockerfile b/docker/docker-mssql-2019.dockerfile index e620444ef..4e178c20e 100644 --- a/docker/docker-mssql-2019.dockerfile +++ b/docker/docker-mssql-2019.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2019-latest -COPY --chmod=440 docker/certs/server.* /certs/ -COPY --chmod=440 docker/certs/customCA.* /certs/ +COPY --chmod=440 mssql.crt /var/opt/mssql/server.crt +COPY --chmod=440 mssql.key /var/opt/mssql/server.key COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-2022.dockerfile b/docker/docker-mssql-2022.dockerfile index ec89802b6..480f1825c 100644 --- a/docker/docker-mssql-2022.dockerfile +++ b/docker/docker-mssql-2022.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/mssql/server:2022-latest -COPY --chmod=444 docker/certs/server.* /certs/ -COPY --chmod=444 docker/certs/customCA.* /certs/ +COPY --chmod=440 mssql.crt /var/opt/mssql/server.crt +COPY --chmod=440 mssql.key /var/opt/mssql/server.key COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql-azure.dockerfile b/docker/docker-mssql-azure.dockerfile index 501a31f28..d6ce3ce63 100644 --- a/docker/docker-mssql-azure.dockerfile +++ b/docker/docker-mssql-azure.dockerfile @@ -1,5 +1,5 @@ FROM mcr.microsoft.com/azure-sql-edge:latest -COPY --chmod=440 docker/certs/server.* /certs/ -COPY --chmod=440 docker/certs/customCA.* /certs/ +COPY --chmod=440 mssql.crt /var/opt/mssql/server.crt +COPY --chmod=440 mssql.key /var/opt/mssql/server.key COPY --chown=mssql docker/docker-mssql.conf /var/opt/mssql/mssql.conf \ No newline at end of file diff --git a/docker/docker-mssql.conf b/docker/docker-mssql.conf index ae86be59b..aa83f9966 100644 --- a/docker/docker-mssql.conf +++ b/docker/docker-mssql.conf @@ -1,5 +1,5 @@ [network] -tlscert = docker/certs/server.crt -tlskey = docker/certs/server.key +tlscert = /var/opt/mssql/server.crt +tlskey = /var/opt/mssql/server.key tlsprotocols = 1.2 forceencryption = 0 diff --git a/generate.sh b/generate.sh new file mode 100755 index 000000000..6e3eb52bd --- /dev/null +++ b/generate.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +set -e +set -o pipefail + +openssl req -x509 -newkey rsa:4096 -keyout mssql.key -out mssql.crt -sha256 -nodes -days 3650 -subj /CN=tiberius -addext subjectAltName=DNS:localhost \ No newline at end of file diff --git a/tests/custom-cert.rs b/tests/custom-cert.rs index 8aeed94e3..d6b7cce03 100644 --- a/tests/custom-cert.rs +++ b/tests/custom-cert.rs @@ -21,11 +21,11 @@ fn connect_to_custom_cert_instance_ado() -> Result<()> { let rt = Runtime::new()?; rt.block_on(async { - let mut config = Config::from_ado_string("server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificateCA=docker/certs/customCA.crt")?; - config.authentication(AuthMethod::sql_server( - "sa", - "", - )); + let mut config = Config::from_ado_string( + "server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificateCA=mssql.crt", + )?; + config.authentication(AuthMethod::sql_server("sa", "")); + // config.trust_cert_ca("mssql.crt"); let tcp = TcpStream::connect(config.get_addr()).await?; @@ -59,9 +59,10 @@ fn connect_to_custom_cert_instance_jdbc() -> Result<()> { rt.block_on(async { // Careful: the / in the TrustServerCertificateCA needs to be escaped let mut config = Config::from_jdbc_string( - "jdbc:sqlserver://localhost:1433;TrustServerCertificateCA=docker{/}certs{/}customCA.crt", + "jdbc:sqlserver://localhost:1433;TrustServerCertificateCA=mssql.crt", )?; config.authentication(AuthMethod::sql_server("sa", "")); + // config.trust_cert_ca("mssql.crt"); let tcp = TcpStream::connect(config.get_addr()).await?; @@ -93,6 +94,7 @@ fn connect_to_custom_cert_instance_without_ca() -> Result<()> { config.encryption(EncryptionLevel::On); config.host("localhost"); config.port(1433); + // config.trust_cert_ca("mssql.crt"); let tcp = TcpStream::connect(config.get_addr()).await?; diff --git a/xtask/src/main.rs b/xtask/src/main.rs index 6aafea43c..13b82f493 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -9,6 +9,8 @@ fn main() { let mut args = env::args().skip(1); let cmd = args.next().unwrap_or_default(); + let container_engine = env::var("CONTAINER_ENGINE").unwrap_or_else(|_| "docker".to_string()); + match cmd.as_str() { "container" => { // need to change unwrap_or_else in document @@ -16,7 +18,7 @@ fn main() { // doesn't run tests let version = args.next().unwrap_or_else(|| "2019".into()); - start_container(&version); + start_container(&version, &container_engine); } "test" => { // run the tests @@ -25,15 +27,15 @@ fn main() { "local" => { // local runs test AND container let version = args.next().unwrap_or_else(|| "2019".into()); - start_container(&version); + start_container(&version, &container_engine); // start_container calls wait_for_sql anyway run_tests(args.collect::>()); - stop_container(&version); + stop_container(&version, &container_engine); } "stop" => { // stops running containers let version = args.next().unwrap_or_else(|| "2019".into()); - stop_container(&version); + stop_container(&version, &container_engine); } _ => { exit(1); @@ -41,7 +43,13 @@ fn main() { } } -fn start_container(version: &str) { +fn start_container(version: &str, container_engine: &str) { + Command::new("bash") + .arg("-c") + .arg("./generate.sh") + .status() + .unwrap(); + let sa_password = env::var("SA_PASSWORD").unwrap_or_else(|_| "".to_string()); let container_name = format!("mssql-{}", version); @@ -51,17 +59,14 @@ fn start_container(version: &str) { println!("Cleaning up existing container, {}", container_name); - let _ = Command::new("docker") + Command::new(container_engine) .args(["rm", "-f", &container_name]) - .status(); - - let _ = Command::new("docker") - .args(["", "", &container_name]) - .status(); + .status() + .unwrap(); println!("Building image {} from {}...", image_tag, dockerfile); - let status = Command::new("docker") + let status = Command::new(container_engine) .args(["build", "-f", &dockerfile, "-t", &image_tag, "."]) .status() .expect("Failed to build docker image"); @@ -73,7 +78,7 @@ fn start_container(version: &str) { println!("Starting SQL Server {} container...", version); - let status = Command::new("docker") + let status = Command::new(container_engine) .args([ "run", "-d", @@ -82,7 +87,9 @@ fn start_container(version: &str) { "-e", "ACCEPT_EULA=Y", "-e", - &format!("SA_PASSWORD={}", sa_password), + &format!("MSSQL_SA_PASSWORD={}", sa_password), + "-e", + "MSSQL_PID=Developer", "-p", "1433:1433", &image_tag, @@ -104,9 +111,11 @@ fn wait_for_sql() { sleep(Duration::from_secs(25)); } -fn stop_container(version: &str) { +fn stop_container(version: &str, container_engine: &str) { let name = format!("mssql-{}", version); - let _ = Command::new("docker").args(["rm", "-f", &name]).status(); + let _ = Command::new(container_engine) + .args(["rm", "-f", &name]) + .status(); println!("Stopped container {}", name); } From d3e3a1919f4f1ba49004b75eb09596b829af748b Mon Sep 17 00:00:00 2001 From: Jonty Leslie Date: Tue, 13 Jan 2026 06:08:53 +0000 Subject: [PATCH 27/27] Removed extras --- Cargo.toml | 33 +--------------- README.md | 5 +-- examples/async-std.rs | 50 ------------------------ runtimes-macro/src/lib.rs | 17 --------- src/client.rs | 2 - src/client/config.rs | 16 ++------ src/client/connection.rs | 20 +++------- src/client/tls.rs | 36 +++++------------- src/client/tls_stream.rs | 42 ++------------------ src/error.rs | 14 ------- src/lib.rs | 71 +++++----------------------------- src/sql_browser.rs | 4 -- src/sql_browser/async_std.rs | 72 ----------------------------------- tests/named-instance-async.rs | 44 --------------------- tests/query.rs | 4 +- 15 files changed, 36 insertions(+), 394 deletions(-) delete mode 100644 examples/async-std.rs delete mode 100644 src/sql_browser/async_std.rs delete mode 100644 tests/named-instance-async.rs diff --git a/Cargo.toml b/Cargo.toml index cf01c1759..e77ca309f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,11 +22,6 @@ members = ["runtimes-macro", "xtask"] path = "tests/query.rs" name = "query" -[[test]] -path = "tests/named-instance-async.rs" -name = "named-instance-async" -required-features = ["sql-browser-async-std"] - [[test]] path = "tests/named-instance-tokio.rs" name = "named-instance-tokio" @@ -58,11 +53,6 @@ winauth = { version = "0.0.4", optional = true } [target.'cfg(unix)'.dependencies] libgssapi = { version = "0.8.1", optional = true, default-features = false } -[dependencies.async-native-tls] -version = "0.4" -features = ["runtime-async-std"] -optional = true - [dependencies.tokio] version = "1.0" optional = true @@ -73,11 +63,6 @@ version = "0.7" features = ["compat"] optional = true -[dependencies.async-std] -version = "1" -optional = true -features = ["attributes"] - [dependencies.chrono] version = "0.4" optional = true @@ -130,11 +115,6 @@ optional = true version = "0.6" optional = true -[dependencies.opentls] -version = "0.2.1" -optional = true -features = ["io-async-std", "vendored"] - [dev-dependencies.uuid] version = "1.0" features = ["v4"] @@ -155,10 +135,6 @@ features = [ ] version = "1.0" -[dev-dependencies.async-std] -features = ["attributes"] -version = "1" - [dev-dependencies.runtimes-macro] path = "./runtimes-macro" @@ -183,22 +159,17 @@ all = [ "chrono", "time", "tds73", - "sql-browser-async-std", "sql-browser-tokio", - "sql-browser-smol", "integrated-auth-gssapi", "rust_decimal", "bigdecimal", - "native-tls", + "rustls", ] -default = ["tds73", "winauth", "native-tls"] +default = ["tds73", "winauth", "rustls"] tds73 = [] docs = [] -sql-browser-async-std = ["async-std"] sql-browser-tokio = ["tokio", "tokio-util"] sql-browser-smol = ["async-io", "async-net", "futures-lite"] integrated-auth-gssapi = ["libgssapi"] bigdecimal = ["bigdecimal_"] rustls = ["tokio-rustls", "tokio-util", "rustls-pemfile", "rustls-native-certs"] -native-tls = ["async-native-tls"] -vendored-openssl = ["opentls"] diff --git a/README.md b/README.md index 11998e5d6..3de72d3bd 100644 --- a/README.md +++ b/README.md @@ -43,8 +43,7 @@ A native Microsoft SQL Server (TDS) client for Rust. | `chrono` | Read and write date and time values using `chrono`'s types. (for greenfield, using time instead of chrono is recommended) | `disabled` | | `time` | Read and write date and time values using `time` crate types. | `disabled` | | `rust_decimal` | Read and write `numeric`/`decimal` values using `rust_decimal`'s `Decimal`. | `disabled` | -| `bigdecimal` | Read and write `numeric`/`decimal` values using `bigdecimal`'s `BigDecimal`. | `disabled` | -| `sql-browser-async-std` | SQL Browser implementation for the `TcpStream` of async-std. | `disabled` | +| `bigdecimal` | Read and write `numeric`/`decimal` values using `bigdecimal`'s `BigDecimal`. | `disabled` | | `disabled` | | `sql-browser-tokio` | SQL Browser implementation for the `TcpStream` of Tokio. | `disabled` | | `sql-browser-smol` | SQL Browser implementation for the `TcpStream` of smol. | `disabled` | | `integrated-auth-gssapi` | Support for using Integrated Auth via GSSAPI | `disabled` | @@ -53,7 +52,7 @@ A native Microsoft SQL Server (TDS) client for Rust. Tiberius does not rely on any protocol when connecting to an SQL Server instance. Instead the `Client` takes a socket that implements the `AsyncRead` and `AsyncWrite` traits from the [futures-rs](https://crates.io/crates/futures) crate. -Currently there are good async implementations for TCP in the [async-std](https://crates.io/crates/async-std), [Tokio](https://crates.io/crates/tokio) and [Smol](https://crates.io/crates/smol) projects. +Currently there are good async implementations for TCP in the [Tokio](https://crates.io/crates/tokio) and [Smol](https://crates.io/crates/smol) projects. To be able to use them together with Tiberius on Windows platforms with SQL Server, you should make sure that the TCP protocol is enabled, as depending on the edition, this may not be the case. Standard and Enterprise editions will have the setting enabled by default, whereas Developer, Express editions and the Windows Internal Database feature of the Windows Server OS don't. To enable the TCP/IP protocol you may want to use the [server settings](https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/enable-or-disable-a-server-network-protocol) the [command line](https://docs.microsoft.com/en-us/sql/powershell/how-to-enable-tcp-sqlps). diff --git a/examples/async-std.rs b/examples/async-std.rs deleted file mode 100644 index 88fcf1c8d..000000000 --- a/examples/async-std.rs +++ /dev/null @@ -1,50 +0,0 @@ -use async_std::net::TcpStream; -use once_cell::sync::Lazy; -use std::env; -use tiberius::{Client, Config}; - -static CONN_STR: Lazy = Lazy::new(|| { - env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { - "server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificate=true".to_owned() - }) -}); - -#[cfg(not(all(windows, feature = "sql-browser-async-std")))] -#[async_std::main] -async fn main() -> anyhow::Result<()> { - let config = Config::from_ado_string(&CONN_STR)?; - - let tcp = TcpStream::connect(config.get_addr()).await?; - tcp.set_nodelay(true)?; - - let mut client = Client::connect(config, tcp).await?; - - let stream = client.query("SELECT @P1", &[&1i32]).await?; - let row = stream.into_row().await?.unwrap(); - - println!("{:?}", row); - assert_eq!(Some(1), row.get(0)); - - Ok(()) -} - -#[cfg(all(windows, feature = "sql-browser-async-std"))] -#[async_std::main] -async fn main() -> anyhow::Result<()> { - use tiberius::SqlBrowser; - - let config = Config::from_ado_string(&CONN_STR)?; - - let tcp = TcpStream::connect_named(&config).await?; - tcp.set_nodelay(true)?; - - let mut client = Client::connect(config, tcp).await?; - - let stream = client.query("SELECT @P1", &[&1i32]).await?; - let row = stream.into_row().await?.unwrap(); - - println!("{:?}", row); - assert_eq!(Some(1), row.get(0)); - - Ok(()) -} diff --git a/runtimes-macro/src/lib.rs b/runtimes-macro/src/lib.rs index cc1d2cabc..61cb6b4ef 100644 --- a/runtimes-macro/src/lib.rs +++ b/runtimes-macro/src/lib.rs @@ -29,28 +29,11 @@ pub fn test_on_runtimes( proc_macro2::Ident::new(&conn_str_ident_str, proc_macro2::Span::call_site()); let func_name = func.sig.ident.clone(); - let async_std_test = quote::format_ident!("{}_{}", func_name, "async_std"); let tokio_test = quote::format_ident!("{}_{}", func_name, "tokio"); let tokens = quote::quote! { #func - #[test] - fn #async_std_test()-> Result<()> { - LOGGER_SETUP.call_once(|| { - env_logger::init(); - }); - async_std::task::block_on(async { - let config = tiberius::Config::from_ado_string(&#conn_str_ident)?; - let tcp = async_std::net::TcpStream::connect(config.get_addr()).await?; - tcp.set_nodelay(true)?; - let mut client = tiberius::Client::connect(config, tcp).await?; - - #func_name(client).await?; - Ok(()) - }) - } - #[test] fn #tokio_test()-> Result<()> { LOGGER_SETUP.call_once(|| { diff --git a/src/client.rs b/src/client.rs index 688721d10..2eb273552 100644 --- a/src/client.rs +++ b/src/client.rs @@ -5,8 +5,6 @@ mod connection; mod tls; #[cfg(any( feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" ))] mod tls_stream; diff --git a/src/client/config.rs b/src/client/config.rs index fff68bc15..34a04e1bb 100644 --- a/src/client/config.rs +++ b/src/client/config.rs @@ -51,15 +51,11 @@ impl Default for Config { instance_name: None, application_name: None, #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] encryption: EncryptionLevel::Required, #[cfg(not(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" )))] encryption: EncryptionLevel::NotSupported, trust: TrustConfig::Default, @@ -347,9 +343,7 @@ pub(crate) trait ConfigString { } #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] fn encrypt(&self) -> crate::Result { self.dict() @@ -364,9 +358,7 @@ pub(crate) trait ConfigString { } #[cfg(not(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" )))] fn encrypt(&self) -> crate::Result { Ok(EncryptionLevel::NotSupported) diff --git a/src/client/connection.rs b/src/client/connection.rs index 6b9c1b96c..490d454c4 100644 --- a/src/client/connection.rs +++ b/src/client/connection.rs @@ -1,7 +1,5 @@ #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] use crate::client::{tls::TlsPreloginWrapper, tls_stream::create_tls_stream}; use crate::{ @@ -127,9 +125,7 @@ impl Connection { } #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] fn post_login_encryption(mut self, encryption: EncryptionLevel) -> Self { if let EncryptionLevel::Off = encryption { @@ -147,9 +143,7 @@ impl Connection { } #[cfg(not(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" )))] fn post_login_encryption(self, _: EncryptionLevel) -> Self { self @@ -435,9 +429,7 @@ impl Connection { /// Implements the TLS handshake with the SQL Server. #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] async fn tls_handshake( self, @@ -480,9 +472,7 @@ impl Connection { /// Implements the TLS handshake with the SQL Server. #[cfg(not(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" )))] async fn tls_handshake(self, _: &Config, _: EncryptionLevel) -> crate::Result { event!( diff --git a/src/client/tls.rs b/src/client/tls.rs index b3425c970..8b7792636 100644 --- a/src/client/tls.rs +++ b/src/client/tls.rs @@ -1,7 +1,5 @@ #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] use super::tls_stream::TlsStream; use crate::tds::{ @@ -22,26 +20,20 @@ use tracing::{event, Level}; pub(crate) enum MaybeTlsStream { Raw(S), #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] Tls(TlsStream>), } #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] impl MaybeTlsStream { pub fn into_inner(self) -> S { match self { Self::Raw(s) => s, #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] Self::Tls(mut tls) => tls.get_mut().stream.take().unwrap(), } @@ -57,9 +49,7 @@ impl AsyncRead for MaybeTlsStream { match self.get_mut() { MaybeTlsStream::Raw(s) => Pin::new(s).poll_read(cx, buf), #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] MaybeTlsStream::Tls(s) => Pin::new(s).poll_read(cx, buf), } @@ -75,9 +65,7 @@ impl AsyncWrite for MaybeTlsStream match self.get_mut() { MaybeTlsStream::Raw(s) => Pin::new(s).poll_write(cx, buf), #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] MaybeTlsStream::Tls(s) => Pin::new(s).poll_write(cx, buf), } @@ -87,9 +75,7 @@ impl AsyncWrite for MaybeTlsStream match self.get_mut() { MaybeTlsStream::Raw(s) => Pin::new(s).poll_flush(cx), #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] MaybeTlsStream::Tls(s) => Pin::new(s).poll_flush(cx), } @@ -99,9 +85,7 @@ impl AsyncWrite for MaybeTlsStream match self.get_mut() { MaybeTlsStream::Raw(s) => Pin::new(s).poll_close(cx), #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] MaybeTlsStream::Tls(s) => Pin::new(s).poll_close(cx), } @@ -127,9 +111,7 @@ pub(crate) struct TlsPreloginWrapper { } #[cfg(any( - feature = "rustls", - feature = "native-tls", - feature = "vendored-openssl" + feature = "rustls" ))] impl TlsPreloginWrapper { pub fn new(stream: S) -> Self { diff --git a/src/client/tls_stream.rs b/src/client/tls_stream.rs index 5863d8dbc..c7b698efe 100644 --- a/src/client/tls_stream.rs +++ b/src/client/tls_stream.rs @@ -1,52 +1,16 @@ use crate::Config; use futures_util::io::{AsyncRead, AsyncWrite}; -#[cfg(feature = "native-tls")] -mod native_tls_stream; - #[cfg(feature = "rustls")] mod rustls_tls_stream; -#[cfg(feature = "vendored-openssl")] -mod opentls_tls_stream; - -#[cfg(feature = "native-tls")] -pub(crate) use native_tls_stream::TlsStream; - -#[cfg(all(feature = "rustls", not(feature = "native-tls")))] +#[cfg(feature = "rustls")] pub(crate) use rustls_tls_stream::TlsStream; -#[cfg(all( - feature = "vendored-openssl", - not(feature = "rustls"), - not(feature = "native-tls") -))] -pub(crate) use opentls_tls_stream::TlsStream; - -#[cfg(all(feature = "rustls", not(feature = "native-tls")))] +#[cfg(all(feature = "rustls"))] pub(crate) async fn create_tls_stream( config: &Config, stream: S, ) -> crate::Result> { TlsStream::new(config, stream).await -} - -#[cfg(feature = "native-tls")] -pub(crate) async fn create_tls_stream( - config: &Config, - stream: S, -) -> crate::Result> { - native_tls_stream::create_tls_stream(config, stream).await -} - -#[cfg(all( - feature = "vendored-openssl", - not(feature = "rustls"), - not(feature = "native-tls") -))] -pub(crate) async fn create_tls_stream( - config: &Config, - stream: S, -) -> crate::Result> { - opentls_tls_stream::create_tls_stream(config, stream).await -} +} \ No newline at end of file diff --git a/src/error.rs b/src/error.rs index 98bf01b58..f7030863c 100644 --- a/src/error.rs +++ b/src/error.rs @@ -87,20 +87,6 @@ impl From for Error { } } -#[cfg(feature = "native-tls")] -impl From for Error { - fn from(v: async_native_tls::Error) -> Self { - Error::Tls(format!("{}", v)) - } -} - -#[cfg(feature = "vendored-openssl")] -impl From for Error { - fn from(v: opentls::Error) -> Self { - Error::Tls(format!("{}", v)) - } -} - impl From for Error { fn from(_: Infallible) -> Self { unreachable!() diff --git a/src/lib.rs b/src/lib.rs index 1115a5e2a..325ef3dfc 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,62 +1,9 @@ //! An asynchronous, runtime-independent, pure-rust Tabular Data Stream (TDS) //! implementation for Microsoft SQL Server. //! -//! # Connecting with async-std -//! //! Being not bound to any single runtime, a `TcpStream` must be created //! separately and injected to the [`Client`]. //! -//! ```no_run -//! use tiberius::{Client, Config, Query, AuthMethod}; -//! use async_std::net::TcpStream; -//! -//! #[async_std::main] -//! async fn main() -> anyhow::Result<()> { -//! // Using the builder method to construct the options. -//! let mut config = Config::new(); -//! -//! config.host("localhost"); -//! config.port(1433); -//! -//! // Using SQL Server authentication. -//! config.authentication(AuthMethod::sql_server("SA", "")); -//! -//! // on production, it is not a good idea to do this -//! config.trust_cert(); -//! -//! // Taking the address from the configuration, using async-std's -//! // TcpStream to connect to the server. -//! let tcp = TcpStream::connect(config.get_addr()).await?; -//! -//! // We'll disable the Nagle algorithm. Buffering is handled -//! // internally with a `Sink`. -//! tcp.set_nodelay(true)?; -//! -//! // Handling TLS, login and other details related to the SQL Server. -//! let mut client = Client::connect(config, tcp).await?; -//! -//! // Constructing a query object with one parameter annotated with `@P1`. -//! // This requires us to bind a parameter that will then be used in -//! // the statement. -//! let mut select = Query::new("SELECT @P1"); -//! select.bind(-4i32); -//! -//! // A response to a query is a stream of data, that must be -//! // polled to the end before querying again. Using streams allows -//! // fetching data in an asynchronous manner, if needed. -//! let stream = select.query(&mut client).await?; -//! -//! // In this case, we know we have only one query, returning one row -//! // and one column, so calling `into_row` will consume the stream -//! // and return us the first row of the first result. -//! let row = stream.into_row().await?; -//! -//! assert_eq!(Some(-4i32), row.unwrap().get(0)); -//! -//! Ok(()) -//! } -//! ``` -//! //! # Connecting with Tokio //! //! Tokio is using their own version of `AsyncRead` and `AsyncWrite` traits, @@ -180,22 +127,22 @@ //! //! On Windows platforms, connecting to the SQL Server might require going through //! the SQL Browser service to get the correct port for the named instance. This -//! feature requires either the `sql-browser-async-std` or `sql-browser-tokio` feature +//! feature requires the `sql-browser-tokio` feature //! flag to be enabled and has a bit different way of connecting: //! //! ```no_run -//! # #[cfg(any(feature = "sql-browser-async-std", feature = "sql-browser-tokio"))] +//! # #[cfg(feature = "sql-browser-tokio")] //! use tiberius::{Client, Config, AuthMethod}; -//! # #[cfg(any(feature = "sql-browser-async-std", feature = "sql-browser-tokio"))] -//! use async_std::net::TcpStream; +//! # #[cfg(feature = "sql-browser-tokio")] +//! use tokio::net::TcpStream; //! //! // An extra trait that allows connecting to a named instance with the given //! // `TcpStream`. -//! # #[cfg(any(feature = "sql-browser-async-std", feature = "sql-browser-tokio"))] +//! # #[cfg(feature = "sql-browser-tokio")] //! use tiberius::SqlBrowser; //! -//! #[async_std::main] -//! # #[cfg(any(feature = "sql-browser-async-std", feature = "sql-browser-tokio"))] +//! #[tokio::main] +//! # #[cfg(feature = "sql-browser-tokio")] //! async fn main() -> anyhow::Result<()> { //! let mut config = Config::new(); //! @@ -211,7 +158,7 @@ //! // on production, it is not a good idea to do this //! config.trust_cert(); //! -//! // This will create a new `TcpStream` from `async-std`, connected to the +//! // This will create a new `TcpStream` from `tokio`, connected to the //! // right port of the named instance. //! let tcp = TcpStream::connect_named(&config).await?; //! @@ -220,7 +167,7 @@ //! # client.query("SELECT @P1", &[&-4i32]).await?; //! Ok(()) //! } -//! # #[cfg(any(not(feature = "sql-browser-async-std"), not(feature = "sql-browser-tokio")))] +//! # #[cfg(not(feature = "sql-browser-tokio"))] //! # fn main() {} //! ``` //! diff --git a/src/sql_browser.rs b/src/sql_browser.rs index b07e8ee22..1c3872720 100644 --- a/src/sql_browser.rs +++ b/src/sql_browser.rs @@ -1,9 +1,6 @@ #[cfg(feature = "sql-browser-tokio")] mod tokio; -#[cfg(feature = "sql-browser-async-std")] -mod async_std; - #[cfg(feature = "sql-browser-smol")] mod smol; @@ -28,7 +25,6 @@ pub trait SqlBrowser { } #[cfg(any( - feature = "sql-browser-async-std", feature = "sql-browser-tokio", feature = "sql-browser-smol" ))] diff --git a/src/sql_browser/async_std.rs b/src/sql_browser/async_std.rs deleted file mode 100644 index 14f55de57..000000000 --- a/src/sql_browser/async_std.rs +++ /dev/null @@ -1,72 +0,0 @@ -use super::SqlBrowser; -use async_std::{ - io, - net::{self, ToSocketAddrs}, -}; -use async_trait::async_trait; -use futures_util::future::TryFutureExt; -use std::time; -use tracing::Level; - -#[async_trait] -impl SqlBrowser for net::TcpStream { - /// This method can be used to connect to SQL Server named instances - /// when on a Windows platform with the `sql-browser-async-std` feature - /// enabled. Please see the crate examples for more detailed examples. - async fn connect_named(builder: &crate::client::Config) -> crate::Result { - let addrs = builder.get_addr().to_socket_addrs().await?; - - for mut addr in addrs { - if let Some(ref instance_name) = builder.instance_name { - // First resolve the instance to a port via the - // SSRP protocol/MS-SQLR protocol [1] - // [1] https://msdn.microsoft.com/en-us/library/cc219703.aspx - - let local_bind: std::net::SocketAddr = if addr.is_ipv4() { - "0.0.0.0:0".parse().unwrap() - } else { - "[::]:0".parse().unwrap() - }; - - tracing::event!( - Level::TRACE, - "Connecting to instance `{}` using SQL Browser in port `{}`", - instance_name, - builder.get_port() - ); - - let msg = [&[4u8], instance_name.as_bytes()].concat(); - let mut buf = vec![0u8; 4096]; - - let socket = net::UdpSocket::bind(&local_bind).await?; - socket.send_to(&msg, &addr).await?; - - let timeout = time::Duration::from_millis(1000); - - let len = io::timeout(timeout, socket.recv(&mut buf)) - .map_err(|_| { - crate::error::Error::Conversion( - format!( - "SQL browser timeout during resolving instance {}. Please check if browser is running in port {} and does the instance exist.", - instance_name, - builder.get_port(), - ) - .into(), - ) - }) - .await?; - - let port = super::get_port_from_sql_browser_reply(buf, len, instance_name)?; - tracing::event!(Level::TRACE, "Found port `{}` from SQL Browser", port); - addr.set_port(port); - }; - - if let Ok(stream) = net::TcpStream::connect(addr).await { - stream.set_nodelay(true)?; - return Ok(stream); - } - } - - Err(io::Error::new(io::ErrorKind::NotFound, "Could not resolve server host").into()) - } -} diff --git a/tests/named-instance-async.rs b/tests/named-instance-async.rs deleted file mode 100644 index c3e48c657..000000000 --- a/tests/named-instance-async.rs +++ /dev/null @@ -1,44 +0,0 @@ -#![cfg(all(windows, feature = "sql-browser-async-std"))] - -use async_std::net::TcpStream; -use once_cell::sync::Lazy; -use std::env; -use std::sync::Once; -use tiberius::{Result, SqlBrowser}; - -// This is used in the testing macro :) -#[allow(dead_code)] -static LOGGER_SETUP: Once = Once::new(); - -static CONN_STR: Lazy = Lazy::new(|| { - env::var("TIBERIUS_TEST_CONNECTION_STRING").unwrap_or_else(|_| { - "server=tcp:localhost,1433;IntegratedSecurity=true;TrustServerCertificate=true".to_owned() - }) -}); - -static NAMED_INSTANCE_CONN_STR: Lazy = Lazy::new(|| { - let instance_name = env::var("TIBERIUS_TEST_INSTANCE").unwrap_or("MSSQLSERVER".to_owned()); - CONN_STR.replace(",1433", &format!("\\{}", instance_name)) -}); - -#[test] -fn connect_to_named_instance() -> Result<()> { - LOGGER_SETUP.call_once(|| { - env_logger::init(); - }); - async_std::task::block_on(async { - let config = tiberius::Config::from_ado_string(&NAMED_INSTANCE_CONN_STR)?; - let tcp = TcpStream::connect_named(&config).await?; - let mut client = tiberius::Client::connect(config, tcp).await?; - - let row = client - .query("SELECT @P1", &[&-4i32]) - .await? - .into_row() - .await? - .unwrap(); - - assert_eq!(Some(-4i32), row.get(0)); - Ok(()) - }) -} diff --git a/tests/query.rs b/tests/query.rs index 4cf3c62bd..6f2056dbc 100644 --- a/tests/query.rs +++ b/tests/query.rs @@ -2686,7 +2686,7 @@ where } #[test] -#[cfg(feature = "sql-browser-async-std")] +#[cfg(feature = "sql-browser-tokio")] fn cyrillic_collations_should_work() -> Result<()> { LOGGER_SETUP.call_once(|| { env_logger::init(); @@ -2747,7 +2747,7 @@ fn cyrillic_collations_should_work() -> Result<()> { } #[test] -#[cfg(feature = "sql-browser-async-std")] +#[cfg(feature = "sql-browser-tokio")] fn application_name_should_be_set_correctly() -> Result<()> { LOGGER_SETUP.call_once(|| { env_logger::init();