Merge branch 'main' of https://github.com/dotnet/SqlClient into MSqlS…

…erverSep

# Conflicts:
#	src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/Server/sqlser.cs

BUILDGUIDE.md

@@ -319,6 +319,12 @@ TLS 1.3 has been excluded due to the fact that the driver lacks full support. To
 
 `Switch.Microsoft.Data.SqlClient.EnableSecureProtocolsByOS`
 
+## Suppressing TLS security warning
+
+When connecting to a server, if a protocol lower than TLS 1.2 is negotiated, a security warning is output to the console. This warning can be suppressed on SQL connections with `Encrypt = false` by enabling the following AppContext switch on application startup:
+
+`Switch.Microsoft.Data.SqlClient.SuppressInsecureTLSWarning`
+
 ## Debugging SqlClient on Linux from Windows
 
 For enhanced developer experience, we support debugging SqlClient on Linux from Windows, using the project "**Microsoft.Data.SqlClient.DockerLinuxTest**" that requires "Container Tools" to be enabled in Visual Studio. You may import configuration: [VS19Components.vsconfig](./tools/vsconfig/VS19Components.vsconfig) if not enabled already.

CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
+## [Stable release 4.0.1] - 2022-01-17
+
+### Added
+
+Added AppContext switch `SuppressInsecureTLSWarning` to allow suppression of TLS security warning when using `Encrypt=false` in the connection string. [#1457](https://github.com/dotnet/SqlClient/pull/1457) 
+
+### Fixed
+
+- Fixed Kerberos authentication failure when using .NET 6. [#1411](https://github.com/dotnet/SqlClient/pull/1411)
+- Fixed connection failure when using `SqlLocalDB` instance pipe name. [#1433](https://github.com/dotnet/SqlClient/pull/1433)
+- Fixed a failure when executing concurrent queries requiring enclaves. [#1451](https://github.com/dotnet/SqlClient/pull/1451)
+- Updated obsolete API calls targeting .NET 6. [#1401](https://github.com/dotnet/SqlClient/pull/1401)
 
 ## [Stable Release 4.0.0] - 2021-11-18
 

doc/snippets/Microsoft.Data.SqlClient/SqlConnectionStringBuilder.xml

@@ -408,7 +408,7 @@ If the value of the **Network** key is specified, the prefixes "tcp:" and "np:"
         </EnclaveAttestationUrl>
         <Encrypt>
             <summary>Gets or sets a Boolean value that indicates whether SQL Server uses SSL encryption for all data sent between the client and server if the server has a certificate installed.</summary>
-            <value>The value of the <see cref="P:Microsoft.Data.SqlClient.SqlConnectionStringBuilder.Encrypt" /> property, or <see langword="false" /> if none has been supplied.</value>
+            <value>The value of the <see cref="P:Microsoft.Data.SqlClient.SqlConnectionStringBuilder.Encrypt" /> property, or <see langword="true" /> if none has been supplied.</value>
             <remarks>
             <format type="text/markdown"><![CDATA[  
   
@@ -417,6 +417,9 @@ If the value of the **Network** key is specified, the prefixes "tcp:" and "np:"
   
 When `TrustServerCertificate` is false and `Encrypt` is true, the server name (or IP address) in a SQL Server SSL certificate must exactly match the server name (or IP address) specified in the connection string. Otherwise, the connection attempt will fail. For information about support for certificates whose subject starts with a wildcard character (*), see [Enable encrypted connections to the Database Engine](/sql/database-engine/configure-windows/enable-encrypted-connections-to-the-database-engine#certificate-requirements).  
 
+> [!NOTE]
+> Starting from **version 4.0**, the default value of the property `Encrypt` is set to `true`.
+
  ]]></format>
             </remarks>
             <related type="Article" href="https://msdn.microsoft.com/library/745c5f95-2f02-4674-b378-6d51a7ec2490">Working with Connection Strings</related>

doc/snippets/Microsoft.Data.SqlClient/SqlDataReader.xml

@@ -532,7 +532,7 @@
             <format type="text/markdown"><![CDATA[  
   
 ## Remarks  
- For the <xref:Microsoft.Data.SqlClient.SqlDataReader.GetSchemaTable%2A> method returns metadata about each column in the following order:  
+ The <xref:Microsoft.Data.SqlClient.SqlDataReader.GetSchemaTable%2A> method returns the following metadata about each column:  
   
 |DataReader column|Description|  
 |-----------------------|-----------------|  

release-notes/4.0/4.0.1.md

@@ -0,0 +1,83 @@
+# Release Notes
+
+## Microsoft.Data.SqlClient 4.0.1 released 17 January 2022
+
+This update brings the below changes over the previous preview release:
+
+### Added
+
+- Added AppContext switch `SuppressInsecureTLSWarning` to allow suppression of TLS security warning when using `Encrypt=false` in the connection string. [#1457](https://github.com/dotnet/SqlClient/pull/1457) [Read more](#suppress-tls-security-warnings)
+
+### Fixed
+
+- Fixed Kerberos authentication failure when using .NET 6. [#1411](https://github.com/dotnet/SqlClient/pull/1411)
+- Fixed connection failure when using `SqlLocalDB` instance pipe name. [#1433](https://github.com/dotnet/SqlClient/pull/1433)
+- Fixed a failure when executing concurrent queries requiring enclaves. [#1451](https://github.com/dotnet/SqlClient/pull/1451)
+- Updated obsolete API calls targeting .NET 6. [#1401](https://github.com/dotnet/SqlClient/pull/1401)
+
+### Suppress TLS security warnings
+
+When connecting to a SQL Server, if a protocol lower than TLS 1.2 is negotiated, a security warning is printed out to the console. This warning can be suppressed by enabling the following `AppContext` switch on the application startup while `Encrypt` is set to `false` on connection string.
+
+`Switch.Microsoft.Data.SqlClient.SuppressInsecureTLSWarning`
+
+## Target Platform Support
+
+- .NET Framework 4.6.1+ (Windows x86, Windows x64)
+- .NET Core 3.1+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)
+- .NET Standard 2.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)
+
+### Dependencies
+
+#### .NET Framework
+
+- Microsoft.Data.SqlClient.SNI 4.0.0
+- Azure.Identity 1.3.0
+- Microsoft.Identity.Client 4.22.0
+- Microsoft.IdentityModel.JsonWebTokens 6.8.0
+- Microsoft.IdentityModel.Protocols.OpenIdConnect 6.8.0
+- System.Buffers 4.5.1
+- System.Configuration.ConfigurationManager 5.0.0
+- System.IO 4.3.0
+- System.Runtime.InteropServices.RuntimeInformation 4.3.0
+- System.Security.Cryptography.Algorithms 4.3.1
+- System.Security.Cryptography.Primitives 4.3.0
+- System.Text.Encodings.Web 4.7.2
+
+#### .NET Core
+
+- Microsoft.Data.SqlClient.SNI.runtime 4.0.0
+- Azure.Identity 1.3.0
+- Microsoft.Identity.Client 4.22.0
+- Microsoft.IdentityModel.Protocols.OpenIdConnect 6.8.0
+- Microsoft.IdentityModel.JsonWebTokens 6.8.0
+- Microsoft.Win32.Registry 5.0.0
+- System.Buffers 4.5.1
+- System.Configuration.ConfigurationManager 5.0.0
+- System.Diagnostics.DiagnosticSource 5.0.0
+- System.IO 4.3.0
+- System.Runtime.Caching 5.0.0
+- System.Text.Encoding.CodePages 5.0.0
+- System.Text.Encodings.Web 4.7.2
+- System.Resources.ResourceManager 4.3.0
+- System.Security.Cryptography.Cng 5.0.0
+- System.Security.Principal.Windows 5.0.0
+
+#### .NET Standard
+
+- Microsoft.Data.SqlClient.SNI.runtime 4.0.0
+- Azure.Identity 1.3.0
+- Microsoft.Identity.Client 4.22.0
+- Microsoft.IdentityModel.Protocols.OpenIdConnect 6.8.0
+- Microsoft.IdentityModel.JsonWebTokens 6.8.0
+- Microsoft.Win32.Registry 5.0.0
+- System.Buffers 4.5.1
+- System.Configuration.ConfigurationManager 5.0.0
+- System.IO 4.3.0
+- System.Runtime.Caching 5.0.0
+- System.Text.Encoding.CodePages 5.0.0
+- System.Text.Encodings.Web 4.7.2
+- System.Resources.ResourceManager 4.3.0
+- System.Runtime.Loader 4.3.0
+- System.Security.Cryptography.Cng 5.0.0
+- System.Security.Principal.Windows 5.0.0

release-notes/4.0/4.0.md

@@ -4,6 +4,7 @@ The following Microsoft.Data.SqlClient 4.0 stable releases have been shipped:
 
 | Release Date | Version | Notes |
 | :-- | :-- | :--: |
+| 2022/01/17 | 4.0.1 | [release notes](4.0.1.md) |
 | 2021/11/18 | 4.0.0 | [release notes](4.0.0.md) |
 
 The following Microsoft.Data.SqlClient 4.0 preview releases have been shipped:

release-notes/4.0/README.md

@@ -4,6 +4,7 @@ The following Microsoft.Data.SqlClient 4.0 stable releases have been shipped:
 
 | Release Date | Version | Notes |
 | :-- | :-- | :--: |
+| 2022/01/17 | 4.0.1 | [release notes](4.0.1.md) |
 | 2021/11/18 | 4.0.0 | [release notes](4.0.0.md) |
 
 The following Microsoft.Data.SqlClient 4.0 preview releases have been shipped:

src/Microsoft.Data.SqlClient/netcore/src/.editorconfig

@@ -0,0 +1,12 @@
+# editorconfig.org
+
+# top-most EditorConfig file
+root = false
+
+[*.cs]
+
+# IDE0090: Use 'new(...)'
+csharp_style_implicit_object_creation_when_type_is_apparent = false
+
+# IDE0063: Use simple 'using' statement
+csharp_prefer_simple_using_statement = false

src/Microsoft.Data.SqlClient/netcore/src/Common/src/Interop/Unix/System.Net.Security.Native/Interop.NetSecurityNative.cs

@@ -11,49 +11,52 @@ internal static partial class Interop
 {
     internal static partial class NetSecurityNative
     {
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_ReleaseGssBuffer")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_ReleaseGssBuffer")]
         internal static extern void ReleaseGssBuffer(
             IntPtr bufferPtr,
             ulong length);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_DisplayMinorStatus")]
+        [DllImport(Interop.Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_EnsureGssInitialized")]
+        private static extern int EnsureGssInitialized();
+
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_DisplayMinorStatus")]
         internal static extern Status DisplayMinorStatus(
             out Status minorStatus,
             Status statusValue,
             ref GssBuffer buffer);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_DisplayMajorStatus")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_DisplayMajorStatus")]
         internal static extern Status DisplayMajorStatus(
             out Status minorStatus,
             Status statusValue,
             ref GssBuffer buffer);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_ImportUserName")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_ImportUserName")]
         internal static extern Status ImportUserName(
             out Status minorStatus,
             string inputName,
             int inputNameByteCount,
             out SafeGssNameHandle outputName);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_ImportPrincipalName")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_ImportPrincipalName")]
         internal static extern Status ImportPrincipalName(
             out Status minorStatus,
             string inputName,
             int inputNameByteCount,
             out SafeGssNameHandle outputName);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_ReleaseName")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_ReleaseName")]
         internal static extern Status ReleaseName(
             out Status minorStatus,
             ref IntPtr inputName);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_InitiateCredSpNego")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_InitiateCredSpNego")]
         internal static extern Status InitiateCredSpNego(
             out Status minorStatus,
             SafeGssNameHandle desiredName,
             out SafeGssCredHandle outputCredHandle);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_InitiateCredWithPassword")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_InitiateCredWithPassword")]
         internal static extern Status InitiateCredWithPassword(
             out Status minorStatus,
             bool isNtlm,
@@ -62,12 +65,12 @@ internal static extern Status InitiateCredWithPassword(
             int passwordLen,
             out SafeGssCredHandle outputCredHandle);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_ReleaseCred")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_ReleaseCred")]
         internal static extern Status ReleaseCred(
             out Status minorStatus,
             ref IntPtr credHandle);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_InitSecContext")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_InitSecContext")]
         internal static extern Status InitSecContext(
             out Status minorStatus,
             SafeGssCredHandle initiatorCredHandle,
@@ -81,7 +84,7 @@ internal static extern Status InitSecContext(
             out uint retFlags,
             out int isNtlmUsed);
 
-        [DllImport(Libraries.NetSecurityNative, EntryPoint="NetSecurityNative_DeleteSecContext")]
+        [DllImport(Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_DeleteSecContext")]
         internal static extern Status DeleteSecContext(
             out Status minorStatus,
             ref IntPtr contextHandle);
@@ -109,5 +112,17 @@ internal enum GssFlags : uint
             GSS_C_EXTENDED_ERROR_FLAG = 0x4000,
             GSS_C_DELEG_POLICY_FLAG = 0x8000
         }
+
+        // This constructor is added to address the issue with net6 regarding 
+        // Shim gss api on Linux to delay loading libgssapi_krb5.so
+        // issue https://github.com/dotnet/SqlClient/issues/1390
+        // dotnet runtime issue https://github.com/dotnet/runtime/pull/55037
+        static NetSecurityNative()
+        {
+            if (Environment.Version.Major >= 6)
+            {
+                EnsureGssInitialized();
+            }
+        }
     }
 }

src/Microsoft.Data.SqlClient/netcore/src/Microsoft.Data.SqlClient.csproj

@@ -364,6 +364,9 @@
     <Compile Include="..\..\src\Microsoft\Data\SqlClient\Server\ValueUtilsSmi.cs">
       <Link>Microsoft\Data\SqlClient\Server\ValueUtilsSmi.cs</Link>
     </Compile>
+    <Compile Include="..\..\src\Microsoft\Data\SqlClient\Server\SqlSer.cs">
+      <Link>Microsoft\Data\SqlClient\Server\SqlSer.cs</Link>
+    </Compile>
     <Compile Include="..\..\src\Microsoft\Data\SqlClient\SignatureVerificationCache.cs">
       <Link>Microsoft\Data\SqlClient\SignatureVerificationCache.cs</Link>
     </Compile>
@@ -488,6 +491,9 @@
     <Compile Include="..\..\src\Microsoft\Data\SqlClient\VirtualSecureModeEnclaveProvider.cs">
       <Link>Microsoft\Data\SqlClient\VirtualSecureModeEnclaveProvider.cs</Link>
     </Compile>
+    <Compile Include="..\..\src\Microsoft\Data\SqlClient\NoneAttestationEnclaveProvider.cs">
+      <Link>Microsoft\Data\SqlClient\NoneAttestationEnclaveProvider.cs</Link>
+    </Compile>
     <Compile Include="..\..\src\Microsoft\Data\SqlClient\VirtualSecureModeEnclaveProviderBase.cs">
       <Link>Microsoft\Data\SqlClient\VirtualSecureModeEnclaveProviderBase.cs</Link>
     </Compile>
@@ -507,9 +513,6 @@
     <Compile Include="Microsoft\Data\SqlClient\SqlDependencyUtils.AssemblyLoadContext.cs" />
     <Compile Include="Microsoft\Data\SqlClient\SNI\SNIStreams.ValueTask.cs" />
   </ItemGroup>
-  <ItemGroup Condition="'$(OSGroup)' != 'AnyOS' AND '$(TargetFramework)' != 'netstandard2.0' AND '$(BuildSimulator)' == 'true'">
-    <Compile Include="Microsoft\Data\SqlClient\SimulatorEnclaveProvider.NetCoreApp.cs" />
-  </ItemGroup>
   <ItemGroup Condition="'$(OSGroup)' != 'AnyOS'">
     <Compile Include="Resources\StringsHelper.cs">
       <Link>Resources\StringsHelper.NetCore.cs</Link>
@@ -559,7 +562,6 @@
     </Compile>
     <Compile Include="Microsoft\Data\SqlClient\SqlAuthenticationProviderManager.cs" />
 
-    <Compile Include="Microsoft\Data\SqlClient\Server\SqlSer.cs" />
     <Compile Include="Microsoft\Data\SqlClient\LocalDBAPI.cs" />
     <Compile Include="Microsoft\Data\SqlClient\SqlBuffer.cs" />
     <Compile Include="Microsoft\Data\SqlClient\SqlBulkCopy.cs" />

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/LocalDBAPI.Windows.cs

@@ -22,14 +22,13 @@ private static IntPtr UserInstanceDLLHandle
                         if (s_userInstanceDLLHandle == IntPtr.Zero)
                         {
                             SNINativeMethodWrapper.SNIQueryInfo(SNINativeMethodWrapper.QTypes.SNI_QUERY_LOCALDB_HMODULE, ref s_userInstanceDLLHandle);
-                            if(s_userInstanceDLLHandle != IntPtr.Zero)
+                            if (s_userInstanceDLLHandle != IntPtr.Zero)
                             {
                                 SqlClientEventSource.Log.TryTraceEvent("LocalDBAPI.UserInstanceDLLHandle | LocalDB - handle obtained");
                             }
                             else
                             {
-                                SNINativeMethodWrapper.SNI_Error sniError;
-                                SNINativeMethodWrapper.SNIGetLastError(out sniError);
+                                SNINativeMethodWrapper.SNIGetLastError(out SNINativeMethodWrapper.SNI_Error sniError);
                                 throw CreateLocalDBException(errorMessage: StringsHelper.GetString("LocalDB_FailedGetDLLHandle"), sniError: (int)sniError.sniError);
                             }
                         }

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/LocalDBAPI.cs

@@ -10,25 +10,37 @@ namespace Microsoft.Data
 {
     internal static partial class LocalDBAPI
     {
-        private const string const_localDbPrefix = @"(localdb)\";
+        private const string LocalDbPrefix = @"(localdb)\";
+        private const string LocalDbPrefix_NP = @"np:\\.\pipe\LOCALDB#";
 
 
         [UnmanagedFunctionPointer(CallingConvention.Cdecl, CharSet = CharSet.Unicode)]
         private delegate int LocalDBFormatMessageDelegate(int hrLocalDB, uint dwFlags, uint dwLanguageId, StringBuilder buffer, ref uint buflen);
 
         // check if name is in format (localdb)\<InstanceName - not empty> and return instance name if it is
+        // localDB can also have a format of np:\\.\pipe\LOCALDB#<some number>\tsql\query
         internal static string GetLocalDbInstanceNameFromServerName(string serverName)
         {
-            if (serverName == null)
-                return null;
-            serverName = serverName.TrimStart(); // it can start with spaces if specified in quotes
-            if (!serverName.StartsWith(const_localDbPrefix, StringComparison.OrdinalIgnoreCase))
-                return null;
-            string instanceName = serverName.Substring(const_localDbPrefix.Length).Trim();
-            if (instanceName.Length == 0)
-                return null;
-            else
-                return instanceName;
+            if (serverName is not null)
+            {
+                // it can start with spaces if specified in quotes
+                // Memory allocation is reduced by using ReadOnlySpan
+                ReadOnlySpan<char> input = serverName.AsSpan().Trim();
+                if (input.StartsWith(LocalDbPrefix.AsSpan(), StringComparison.OrdinalIgnoreCase))
+                {
+                    input = input.Slice(LocalDbPrefix.Length);
+                    if (!input.IsEmpty)
+                    {
+                        return input.ToString();
+                    }
+                }
+                else if (input.StartsWith(LocalDbPrefix_NP.AsSpan(), StringComparison.OrdinalIgnoreCase))
+                {
+                    return input.ToString();
+                }
+
+            }
+            return null;
         }
     }
 }