[wix-devs] Discussion on fix Issue SqlExtension Incompatible with TLS 1.2 #5543

Rajeev Bansal (WSSC) rajeev.bansal at microsoft.com
Mon Mar 12 20:06:25 PDT 2018


SQLNCI_CLSID is defined in the SQL Server Native Client header file (sqlncli.h).
The SQL Server Native Client header and library files are installed with SQL Server in the following location: %PROGRAM FILES%\Microsoft SQL Server\110\SDK
Link for ref: https://docs.microsoft.com/en-us/sql/relational-databases/native-client/applications/using-the-sql-server-native-client-header-and-library-files

Is there any process to follow to use the SQL Server Native Client header file (sqlncli.h) in the WiXToolset code at Github?

-----Original Message-----
From: Rob Mensching <rob at firegiant.com> 
Sent: Monday, March 12, 2018 11:37 PM
To: WiX Toolset Developer Mailing List <wix-devs at lists.wixtoolset.org>
Cc: Rajeev Bansal (WSSC) <Rajeev.Bansal at microsoft.com>
Subject: RE: Discussion on fix Issue SqlExtension Incompatible with TLS 1.2 #5543

Seems like a reasonable way to solve the problem simply.

How often is the SQLNCI_CLSID already registered on a machine?


-----Original Message-----
From: wix-devs <wix-devs-bounces at lists.wixtoolset.org> On Behalf Of Rajeev Bansal (WSSC) via wix-devs
Sent: Wednesday, March 7, 2018 7:45 PM
To: wix-devs at lists.wixtoolset.org
Cc: Rajeev Bansal (WSSC) <rajeev.bansal at microsoft.com>
Subject: Re: [wix-devs] Discussion on fix Issue SqlExtension Incompatible with TLS 1.2 #5543

I posted this yesterday, but seems blocked due to size.
Trying without attachment.

Thanks,
Rajeev

From: Rajeev Bansal (WSSC)
Sent: Wednesday, March 7, 2018 9:48 AM
To: 'wix-devs at lists.wixtoolset.org' <wix-devs at lists.wixtoolset.org>
Subject: Discussion on fix Issue SqlExtension Incompatible with TLS 1.2 #5543

Hi,

For the issue: https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fwixtoolset%2Fissues%2Fissues%2F5543&data=04%7C01%7Crajeev.bansal%40microsoft.com%7C0db74f7023ea43f5a29a08d588440d92%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636564748228412104%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-1&sdata=dHLRiSKUJkgbnW2O7ENa1fVKi6vpL8aAoGoXJERBnW4%3D&reserved=0   SqlExtension Incompatible with TLS 1.2 #5543
Here is the overview of how I am planning to fix it.

Root Cause and Fix
SQLOLEDB does not have TLS1.2 support, so need to use SQL native Client for it.


In the SqlConnectDatabase() API in file ..\wix3\src\libs\dutil\sqlutil.cpp

CoCreateInstance is being called with CLSID_SQLOLEDB as the first argument.
                                hr = ::CoCreateInstance(CLSID_SQLOLEDB, NULL, CLSCTX_INPROC_SERVER,  IID_IDBInitialize, (LPVOID*)&pidbInitialize);

Fix would be to call it with SQLNCLI_CLSID and if that fails, then as a fallback call with CLSID_SQLOLEDB.

OLD CODE:
                //obtain access to the SQLOLEDB provider
                hr = ::CoCreateInstance(SQLNCLI_CLSID, NULL, CLSCTX_INPROC_SERVER,
                                IID_IDBInitialize, (LPVOID*)&pidbInitialize);
                ExitOnFailure(hr, "failed to create IID_IDBInitialize object");

NEW CODE:
                //obtain access to the SQLOLEDB provider
                hr = ::CoCreateInstance(SQLNCLI_CLSID, NULL, CLSCTX_INPROC_SERVER,
                                IID_IDBInitialize, (LPVOID*)&pidbInitialize);

                if (FAILED(hr))
                {
                hr = ::CoCreateInstance(CLSID_SQLOLEDB, NULL, CLSCTX_INPROC_SERVER,
                                                IID_IDBInitialize, (LPVOID*)&pidbInitialize);
                }
                ExitOnFailure(hr, "failed to create IID_IDBInitialize object");


Other related changes:
1. SQLNCLI.h file has to be copied to ...\wix3\src\libs\dutil\inc folder 2. SQLNCLI.h has to be included in the ....\wix3\src\libs\dutil\dutil.vcxproj
3. SQLNCLI.h has to be included in the ....\wix3\src\ext\ca\serverca\scasched\precomp.h
4. SQLNCLI.h has to be included in the ....\wix3\src\libs\dutil\inc\sqlutil.h
5. #define _SQLNCLI_OLEDB_IGNORE_DEPRECATION_WARNING_ needs to be defined in file ..\wix3\src\libs\dutil\sqlutil.cpp

                Attached is the header file that needs to be added to project.

Please let me know your thoughts on it.

Thanks,
Rajeev

____________________________________________________________________
WiX Toolset Developer Mailing List provided by FireGiant https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.firegiant.com%2F&data=04%7C01%7Crajeev.bansal%40microsoft.com%7C0db74f7023ea43f5a29a08d588440d92%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636564748228412104%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-1&sdata=BsP6gLYU7xfnYIwkwVa7KZ3jauS4iIdOvjIQRTYPxb0%3D&reserved=0


More information about the wix-devs mailing list