TDS8 - Enable retrieval of TLS 1.3 SSL Protocol from SNI on .NET Core (…

…#1821)

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs

@@ -519,8 +519,20 @@ internal void Connect(
                 // On Instance failure re-connect and flush SNI named instance cache.
                 _physicalStateObj.SniContext = SniContext.Snix_Connect;
 
-                _physicalStateObj.CreatePhysicalSNIHandle(serverInfo.ExtendedServerName, ignoreSniOpenTimeout, timerExpire, out instanceName, ref _sniSpnBuffer, true, true, fParallel,
-                                                _connHandler.ConnectionOptions.IPAddressPreference, FQDNforDNSCache, ref _connHandler.pendingSQLDNSObject, serverInfo.ServerSPN, integratedSecurity);
+                _physicalStateObj.CreatePhysicalSNIHandle(serverInfo.ExtendedServerName,
+                    ignoreSniOpenTimeout, 
+                    timerExpire, 
+                    out instanceName, 
+                    ref _sniSpnBuffer, 
+                    true, 
+                    true, fParallel,
+                    _connHandler.ConnectionOptions.IPAddressPreference, 
+                    FQDNforDNSCache, 
+                    ref _connHandler.pendingSQLDNSObject, 
+                    serverInfo.ServerSPN, 
+                    integratedSecurity,
+                    encrypt == SqlConnectionEncryptOption.Strict,
+                    hostNameInCertificate);
 
                 if (TdsEnums.SNI_SUCCESS != _physicalStateObj.Status)
                 {
@@ -552,6 +564,7 @@ internal void Connect(
                     throw SQL.InstanceFailure();
                 }
             }
+            SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect|SEC> Prelogin handshake successful");
 
             if (_fMARS && marsCapable)
             {
@@ -1010,6 +1023,7 @@ private PreLoginHandshakeStatus ConsumePreLoginHandshake(
                             uint info = (shouldValidateServerCert ? TdsEnums.SNI_SSL_VALIDATE_CERTIFICATE : 0)
                                 | (is2005OrLater ? TdsEnums.SNI_SSL_USE_SCHANNEL_CACHE : 0);
 
+
                             EnableSsl(info, encrypt, integratedSecurity);
                         }
 

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs

@@ -424,16 +424,17 @@ internal override uint WaitForSSLHandShakeToComplete(out int protocolVersion)
             uint returnValue = SNINativeMethodWrapper.SNIWaitForSSLHandshakeToComplete(Handle, GetTimeoutRemaining(), out uint nativeProtocolVersion);
             var nativeProtocol = (NativeProtocols)nativeProtocolVersion;
 
-            /* The SslProtocols.Tls13 is supported by netcoreapp3.1 and later
-             * This driver does not support this version yet!
-            if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_3_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_3_SERVER))
-            {
-                protocolVersion = (int)SslProtocols.Tls13;
-            }*/
             if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_2_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_2_SERVER))
             {
                 protocolVersion = (int)SslProtocols.Tls12;
             }
+#if NETCOREAPP
+            else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_3_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_3_SERVER))
+            {
+                /* The SslProtocols.Tls13 is supported by netcoreapp3.1 and later */
+                protocolVersion = (int)SslProtocols.Tls13;
+            }
+#endif
             else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_1_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_TLS1_1_SERVER))
             {
                 protocolVersion = (int)SslProtocols.Tls11;