[Release/2.0] Fix | Fix Enclave Session Cache Issue with Azure Database #628
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ErikEJ
reviewed
Jun 26, 2020
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/EnclaveSessionCache.cs
Show resolved
Hide resolved
cheenamalhotra
changed the title
Member
|
cc @Xtrimmer |
doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml
Outdated
Show resolved
Hide resolved
doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/EnclaveDelegate.NetCoreApp.cs
Outdated
Show resolved
Hide resolved
...Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/EnclaveDelegate.NetStandard.cs
Outdated
Show resolved
Hide resolved
...Client/netcore/src/Microsoft/Data/SqlClient/SqlColumnEncryptionEnclaveProvider.NetCoreApp.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/EnclaveAzureDatabaseTests.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/EnclaveAzureDatabaseTests.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/EnclaveAzureDatabaseTests.cs
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/DataCommon/DataTestUtility.cs
Outdated
Show resolved
Hide resolved
…ent/SqlColumnEncryptionEnclaveProvider.NetCoreApp.cs Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
…t/SimulatorEnclaveProvider.cs Extended parameter description Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
…ent/EnclaveDelegate.NetStandard.cs Extended parameter description Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
…ent/EnclaveDelegate.NetCoreApp.cs Updated parameter description Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
…veProvider.xml Updated parameter description Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
…veProvider.xml Updated parameter description Co-authored-by: Cheena Malhotra <v-chmalh@microsoft.com>
Xtrimmer
reviewed
Jul 8, 2020
...rosoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/EnclaveSessionCache.NetCoreApp.cs
Outdated
Show resolved
Hide resolved
Xtrimmer
reviewed
Jul 8, 2020
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/EnclaveSessionCache.cs
Outdated
Show resolved
Hide resolved
cheenamalhotra
changed the title
ErikEJ
reviewed
Jul 9, 2020
...rosoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/EnclaveSessionCache.NetCoreApp.cs
Show resolved
Hide resolved
Xtrimmer
approved these changes
Jul 11, 2020
doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/EnclaveDelegate.NetCoreApp.cs
Outdated
Show resolved
Hide resolved
...t.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.NetCoreApp.cs
Outdated
Show resolved
Hide resolved
| /// <param name="enclaveType">enclave type</param> | ||
| /// <param name="serverName">server name</param> | ||
| /// <param name="enclaveAttestationUrl">url for attestation endpoint</param> | ||
| /// <param name="database">The database that SqlClient contacts to.</param> |
| /// <param name="enclaveType">enclave type</param> | ||
| /// <param name="serverName">servername</param> | ||
| /// <param name="attestationUrl">attestation url for attestation service endpoint</param> | ||
| /// <param name="database">The database that SqlClient contacts to.</param> |
cheenamalhotra
approved these changes
Jul 17, 2020
JRahnama
approved these changes
Jul 17, 2020
johnnypham
approved these changes
Jul 21, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is to fix the issue when connecting to Azure SQL databases with secure enclaves.
The initial enclave session cache key only contains the enclave attestation URL and the server name. It works well with on-prem SQL Servers if we switch between various databases under the same server. However, this will fail for Azure SQL. Sharing the same enclave session among different databases under the same logic Azure server will cause the Azure attestation to fail.
To fix this issue, the database name is also added to the enclave session cache key.