From 81b7cd2612259f7a89d477ca0b070366b914a0b6 Mon Sep 17 00:00:00 2001
From: Cheena Malhotra <13396919+cheenamalhotra@users.noreply.github.com>
Date: Wed, 25 Jan 2023 17:09:28 -0800
Subject: [PATCH] Introduce mssql connection property 'host name in
certificate' (#21064)
---
extensions/cms/package.json | 14 ++++++++++++++
extensions/cms/package.nls.json | 2 ++
extensions/mssql/package.json | 14 ++++++++++++++
extensions/mssql/package.nls.json | 2 ++
extensions/sql-bindings/src/test/testUtils.ts | 1 +
.../src/models/connections/connectionService.ts | 1 +
.../src/test/dialogs/testUtils.ts | 1 +
extensions/types/vscode-mssql.d.ts | 5 +++++
resources/xlf/en/cms.xlf | 8 +++++++-
resources/xlf/en/mssql.xlf | 8 +++++++-
10 files changed, 54 insertions(+), 2 deletions(-)
diff --git a/extensions/cms/package.json b/extensions/cms/package.json
index 4c910b8faa..4b3fed45d8 100644
--- a/extensions/cms/package.json
+++ b/extensions/cms/package.json
@@ -245,6 +245,20 @@
"isRequired": false,
"isArray": false
},
+ {
+ "specialValueType": null,
+ "isIdentity": false,
+ "name": "hostNameInCertificate",
+ "displayName": "%cms.connectionOptions.hostNameInCertificate.displayName%",
+ "description": "%cms.connectionOptions.hostNameInCertificate.description%",
+ "groupName": "%cms.connectionOptions.groupName.security%",
+ "valueType": "string",
+ "defaultValue": null,
+ "objectType": null,
+ "categoryValues": null,
+ "isRequired": false,
+ "isArray": false
+ },
{
"specialValueType": null,
"isIdentity": false,
diff --git a/extensions/cms/package.nls.json b/extensions/cms/package.nls.json
index a94ae0d678..56dc5a601b 100644
--- a/extensions/cms/package.nls.json
+++ b/extensions/cms/package.nls.json
@@ -70,6 +70,8 @@
"cms.connectionOptions.encrypt.description": "When true, SQL Server uses SSL encryption for all data sent between the client and server if the server has a certificate installed",
"cms.connectionOptions.persistSecurityInfo.displayName": "Persist security info",
"cms.connectionOptions.persistSecurityInfo.description": "When false, security-sensitive information, such as the password, is not returned as part of the connection",
+ "cms.connectionOptions.hostNameInCertificate.displayName": "Host name in certificate",
+ "cms.connectionOptions.hostNameInCertificate.description": "Indicates the host name specified in TLS certificate that will be used by SQL Server to validate server certificate. When not specified, the server name is used by default for certificate validation.",
"cms.connectionOptions.trustServerCertificate.displayName": "Trust server certificate",
"cms.connectionOptions.trustServerCertificate.description": "When true (and encrypt=true), SQL Server uses SSL encryption for all data sent between the client and server without validating the server certificate",
"cms.connectionOptions.attachedDBFileName.displayName": "Attached DB file name",
diff --git a/extensions/mssql/package.json b/extensions/mssql/package.json
index 7f82ee8878..3523735ee6 100644
--- a/extensions/mssql/package.json
+++ b/extensions/mssql/package.json
@@ -849,6 +849,20 @@
"isRequired": false,
"isArray": false
},
+ {
+ "specialValueType": null,
+ "isIdentity": false,
+ "name": "hostNameInCertificate",
+ "displayName": "%mssql.connectionOptions.hostNameInCertificate.displayName%",
+ "description": "%mssql.connectionOptions.hostNameInCertificate.description%",
+ "groupName": "%mssql.connectionOptions.groupName.security%",
+ "valueType": "string",
+ "defaultValue": null,
+ "objectType": null,
+ "categoryValues": null,
+ "isRequired": false,
+ "isArray": false
+ },
{
"specialValueType": null,
"isIdentity": false,
diff --git a/extensions/mssql/package.nls.json b/extensions/mssql/package.nls.json
index 2e770666a9..8d1f15063f 100644
--- a/extensions/mssql/package.nls.json
+++ b/extensions/mssql/package.nls.json
@@ -119,6 +119,8 @@
"mssql.connectionOptions.encrypt.description": "When true, SQL Server uses SSL encryption for all data sent between the client and server if the server has a certificate installed",
"mssql.connectionOptions.persistSecurityInfo.displayName": "Persist security info",
"mssql.connectionOptions.persistSecurityInfo.description": "When false, security-sensitive information, such as the password, is not returned as part of the connection",
+ "mssql.connectionOptions.hostNameInCertificate.displayName": "Host name in certificate",
+ "mssql.connectionOptions.hostNameInCertificate.description": "Indicates the host name specified in TLS certificate that will be used by SQL Server to validate server certificate. When not specified, the server name is used by default for certificate validation.",
"mssql.connectionOptions.trustServerCertificate.displayName": "Trust server certificate",
"mssql.connectionOptions.trustServerCertificate.description": "When true (and encrypt=true), SQL Server uses SSL encryption for all data sent between the client and server without validating the server certificate",
"mssql.connectionOptions.attachedDBFileName.displayName": "Attached DB file name",
diff --git a/extensions/sql-bindings/src/test/testUtils.ts b/extensions/sql-bindings/src/test/testUtils.ts
index c0093a65c9..f64a27556e 100644
--- a/extensions/sql-bindings/src/test/testUtils.ts
+++ b/extensions/sql-bindings/src/test/testUtils.ts
@@ -93,6 +93,7 @@ export function createTestCredentials(): vscodeMssql.IConnectionInfo {
expiresOn: 0,
encrypt: false,
trustServerCertificate: false,
+ hostNameInCertificate: '',
persistSecurityInfo: false,
connectTimeout: 15,
connectRetryCount: 0,
diff --git a/extensions/sql-database-projects/src/models/connections/connectionService.ts b/extensions/sql-database-projects/src/models/connections/connectionService.ts
index c56e234167..a6c72b8281 100644
--- a/extensions/sql-database-projects/src/models/connections/connectionService.ts
+++ b/extensions/sql-database-projects/src/models/connections/connectionService.ts
@@ -79,6 +79,7 @@ export class ConnectionService {
multipleActiveResultSets: undefined,
packetSize: undefined,
persistSecurityInfo: undefined,
+ hostNameInCertificate: undefined,
pooling: undefined,
replication: undefined,
trustServerCertificate: undefined,
diff --git a/extensions/sql-database-projects/src/test/dialogs/testUtils.ts b/extensions/sql-database-projects/src/test/dialogs/testUtils.ts
index 1bbd62e1e6..5b82100159 100644
--- a/extensions/sql-database-projects/src/test/dialogs/testUtils.ts
+++ b/extensions/sql-database-projects/src/test/dialogs/testUtils.ts
@@ -75,6 +75,7 @@ export const mockConnectionInfo: vscodeMssql.IConnectionInfo = {
expiresOn: 0,
encrypt: false,
trustServerCertificate: false,
+ hostNameInCertificate: '',
persistSecurityInfo: false,
connectTimeout: 15,
connectRetryCount: 0,
diff --git a/extensions/types/vscode-mssql.d.ts b/extensions/types/vscode-mssql.d.ts
index 3a9a83e538..b346d06884 100644
--- a/extensions/types/vscode-mssql.d.ts
+++ b/extensions/types/vscode-mssql.d.ts
@@ -295,6 +295,11 @@ declare module 'vscode-mssql' {
*/
trustServerCertificate: boolean | undefined;
+ /**
+ * Indicates the host name specified in TLS certificate that will be used by SQL Server to validate server certificate. When not specified, the server name is used by default for certificate validation.
+ */
+ hostNameInCertificate: string | undefined;
+
/**
* Gets or sets a Boolean value that indicates if security-sensitive information, such as the password, is not returned as part of the connection
* if the connection is open or has ever been in an open state.
diff --git a/resources/xlf/en/cms.xlf b/resources/xlf/en/cms.xlf
index 1c2b603857..b1d5d3510a 100644
--- a/resources/xlf/en/cms.xlf
+++ b/resources/xlf/en/cms.xlf
@@ -269,6 +269,12 @@
Server
+
+ Indicates the host name specified in TLS certificate that will be used by SQL Server to validate server certificate. When not specified, the server name is used by default for certificate validation.
+
+
+ Host name in certificate
+ When true (and encrypt=true), SQL Server uses SSL encryption for all data sent between the client and server without validating the server certificate
@@ -396,4 +402,4 @@
Version
-
\ No newline at end of file
+
diff --git a/resources/xlf/en/mssql.xlf b/resources/xlf/en/mssql.xlf
index e69c0bff37..470adfb641 100644
--- a/resources/xlf/en/mssql.xlf
+++ b/resources/xlf/en/mssql.xlf
@@ -352,6 +352,12 @@