Skip to content
Permalink
Browse files

Use Library setting for MS SQL as well, and provide available ADO pro…

…viders in the drop down. Also show a security warning dialog when there is just the old SQLOLEDB provider. Related to #237
  • Loading branch information...
ansgarbecker committed Jul 28, 2019
1 parent 33f2bdf commit 74961f4c3dad6b424e86b0898124be24f28fc80b
Showing with 53 additions and 40 deletions.
  1. +7 −1 out/locale/en/LC_MESSAGES/default.po
  2. +23 −12 source/connections.pas
  3. +23 −27 source/dbconnection.pas
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: HeidiSQL\n"
"POT-Creation-Date: 2012-11-05 21:40\n"
"PO-Revision-Date: 2019-07-28 10:55+0200\n"
"PO-Revision-Date: 2019-07-28 12:11+0200\n"
"Last-Translator: Ansgar Becker <anse@heidisql.com>\n"
"Language-Team: English (http://www.transifex.com/projects/p/heidisql/language/en/)\n"
"MIME-Version: 1.0\n"
@@ -6404,3 +6404,9 @@ msgstr "Tabs won't be stored in this session."

msgid "Installing %s might help. Please download from %s"
msgstr "Installing %s might help. Please download from %s"

msgid "Security issue: Using %s %s with insecure %s."
msgstr "Security issue: Using %s %s with insecure %s."

msgid "You should install %s from %s"
msgstr "You should install %s from %s"
@@ -11,7 +11,7 @@ interface
uses
Windows, SysUtils, Classes, Controls, Forms, Dialogs, StdCtrls, ExtCtrls, ComCtrls,
VirtualTrees, Menus, Graphics, Generics.Collections, ActiveX, extra_controls, Messages,
dbconnection, gnugettext, SynRegExpr, System.Types, System.IOUtils, Vcl.GraphUtil;
dbconnection, gnugettext, SynRegExpr, System.Types, System.IOUtils, Vcl.GraphUtil, ADODB;

type
Tconnform = class(TExtForm)
@@ -392,7 +392,7 @@ procedure Tconnform.btnSaveClick(Sender: TObject);
Sess.LocalTimeZone := chkLocalTimeZone.Checked;
Sess.FullTableStatus := chkFullTableStatus.Checked;
Sess.SessionColor := ColorBoxBackgroundColor.Selected;
Sess.LibraryFile := comboLibrary.Text;
Sess.LibraryOrProvider := comboLibrary.Text;
Sess.AllDatabasesStr := editDatabases.Text;
Sess.Comment := memoComment.Text;
Sess.StartupScriptFilename := editStartupScript.Text;
@@ -587,7 +587,7 @@ function Tconnform.CurrentParams: TConnectionParameters;
else
Result.Port := 0;
Result.AllDatabasesStr := editDatabases.Text;
Result.LibraryFile := comboLibrary.Text;
Result.LibraryOrProvider := comboLibrary.Text;
Result.Comment := memoComment.Text;
Result.SSHHost := editSSHHost.Text;
Result.SSHPort := MakeInt(editSSHPort.Text);
@@ -856,7 +856,7 @@ procedure Tconnform.ListSessionsFocusChanged(Sender: TBaseVirtualTree;
ColorBoxBackgroundColor.Selected := Sess.SessionColor;
editDatabases.Text := Sess.AllDatabasesStr;
RefreshLibraries(Sess^);
comboLibrary.ItemIndex := comboLibrary.Items.IndexOf(Sess.LibraryFile);
comboLibrary.ItemIndex := comboLibrary.Items.IndexOf(Sess.LibraryOrProvider);
if (comboLibrary.ItemIndex = -1) and (comboLibrary.Items.Count > 0) then begin
comboLibrary.ItemIndex := 0;
end;
@@ -902,6 +902,8 @@ procedure Tconnform.RefreshLibraries(Sess: TConnectionParameters);
rx: TRegExpr;
Libs: TStringDynArray;
LibPath, LibFile: String;
Providers: TStringList;
Provider: String;
begin
// Detect existing dll files in app folder
comboLibrary.Clear;
@@ -910,15 +912,25 @@ procedure Tconnform.RefreshLibraries(Sess: TConnectionParameters);
rx.ModifierI := True;
case Sess.NetTypeGroup of
ngMySQL: rx.Expression := '^lib(mysql|mariadb).*\.dll$';
ngMSSQL: rx.Expression := '^$';
ngMSSQL: rx.Expression := '^(MSOLEDBSQL|SQLOLEDB)$';
ngPgSQL: rx.Expression := '^libpq.*\.dll$';
end;

Libs := TDirectory.GetFiles(ExtractFilePath(ParamStr(0)), '*.dll');
for LibPath in Libs do begin
LibFile := ExtractFileName(LibPath);
if rx.Exec(LibFile) then begin
comboLibrary.Items.Add(LibFile);
if Sess.NetTypeGroup in [ngMySQL, ngPgSQL] then begin
Libs := TDirectory.GetFiles(ExtractFilePath(ParamStr(0)), '*.dll');
for LibPath in Libs do begin
LibFile := ExtractFileName(LibPath);
if rx.Exec(LibFile) then begin
comboLibrary.Items.Add(LibFile);
end;
end;
end else begin
Providers := TStringList.Create;
GetProviderNames(Providers);
for Provider in Providers do begin
if rx.Exec(Provider) then begin
comboLibrary.Items.Add(Provider);
end;
end;
end;
end;
@@ -1177,7 +1189,7 @@ procedure Tconnform.Modification(Sender: TObject);
or (Sess.SessionColor <> ColorBoxBackgroundColor.Selected)
or (Sess.NetType <> TNetType(comboNetType.ItemIndex))
or (Sess.StartupScriptFilename <> editStartupScript.Text)
or (Sess.LibraryFile <> comboLibrary.Text)
or (Sess.LibraryOrProvider <> comboLibrary.Text)
or (Sess.AllDatabasesStr <> editDatabases.Text)
or (Sess.Comment <> memoComment.Text)
or (Sess.SSHHost <> editSSHHost.Text)
@@ -1255,7 +1267,6 @@ procedure Tconnform.ValidateControls;
lblPort.Enabled := Params.NetType in [ntMySQL_TCPIP, ntMySQL_SSHtunnel, ntMSSQL_TCPIP, ntPgSQL_TCPIP, ntPgSQL_SSHtunnel];
editPort.Enabled := lblPort.Enabled;
updownPort.Enabled := lblPort.Enabled;
comboLibrary.Enabled := Params.NetTypeGroup in [ngMySQL, ngPgSQL];
if Params.NetTypeGroup = ngPgSQL then
lblDatabase.Caption := _('Database')+':'
else
@@ -206,7 +206,7 @@ TPlink = class(TObject)
TConnectionParameters = class(TObject)
strict private
FNetType: TNetType;
FHostname, FUsername, FPassword, FAllDatabases, FLibraryFile, FComment, FStartupScriptFilename,
FHostname, FUsername, FPassword, FAllDatabases, FLibraryOrProvider, FComment, FStartupScriptFilename,
FSessionPath, FSSLPrivateKey, FSSLCertificate, FSSLCACertificate, FSSLCipher, FServerVersion,
FSSHHost, FSSHUser, FSSHPassword, FSSHPlinkExe, FSSHPrivateKey: String;
FPort, FSSHPort, FSSHLocalPort, FSSHTimeout, FCounter, FQueryTimeout, FKeepAlive: Integer;
@@ -257,7 +257,7 @@ TConnectionParameters = class(TObject)
property WindowsAuth: Boolean read FWindowsAuth write FWindowsAuth;
property CleartextPluginEnabled: Boolean read FCleartextPluginEnabled write FCleartextPluginEnabled;
property AllDatabasesStr: String read FAllDatabases write FAllDatabases;
property LibraryFile: String read FLibraryFile write FLibraryFile;
property LibraryOrProvider: String read FLibraryOrProvider write FLibraryOrProvider;
property Comment: String read FComment write FComment;
property StartupScriptFilename: String read FStartupScriptFilename write FStartupScriptFilename;
property QueryTimeout: Integer read FQueryTimeout write FQueryTimeout;
@@ -1077,7 +1077,7 @@ constructor TConnectionParameters.Create;
FPort := DefaultPort;
FCompressed := AppSettings.GetDefaultBool(asCompressed);
FAllDatabases := AppSettings.GetDefaultString(asDatabases);
FLibraryFile := DefaultLibrary;
FLibraryOrProvider := DefaultLibrary;
FComment := AppSettings.GetDefaultString(asComment);

FSSHHost := AppSettings.GetDefaultString(asSSHtunnelHost);
@@ -1144,7 +1144,7 @@ constructor TConnectionParameters.Create(SessionRegPath: String);
FPort := MakeInt(AppSettings.ReadString(asPort));
FCompressed := AppSettings.ReadBool(asCompressed);
FAllDatabases := AppSettings.ReadString(asDatabases);
FLibraryFile := AppSettings.ReadString(asLibrary);
FLibraryOrProvider := AppSettings.ReadString(asLibrary);
FComment := AppSettings.ReadString(asComment);

FSSHHost := AppSettings.ReadString(asSSHtunnelHost);
@@ -1209,7 +1209,7 @@ procedure TConnectionParameters.SaveToRegistry;
AppSettings.WriteInt(asKeepAlive, FKeepAlive);
AppSettings.WriteBool(asFullTableStatus, FFullTableStatus);
AppSettings.WriteString(asDatabases, FAllDatabases);
AppSettings.WriteString(asLibrary, FLibraryFile);
AppSettings.WriteString(asLibrary, FLibraryOrProvider);
AppSettings.WriteString(asComment, FComment);
AppSettings.WriteString(asStartupScriptFilename, FStartupScriptFilename);
AppSettings.WriteInt(asTreeBackground, FSessionColor);
@@ -1444,7 +1444,7 @@ function TConnectionParameters.DefaultLibrary: String;
begin
case NetTypeGroup of
ngMySQL: Result := 'libmariadb.dll';
ngMSSQL: Result := '';
ngMSSQL: Result := 'MSOLEDBSQL'; // Prefer MSOLEDBSQL provider on newer systems
ngPgSQL: Result := 'libpq.dll';
else Result := '';
end;
@@ -1884,11 +1884,10 @@ procedure TMySQLConnection.SetActive( Value: Boolean );

procedure TAdoDBConnection.SetActive(Value: Boolean);
var
tmpdb, Error, Provider, NetLib, DataSource, QuotedPassword, ServerVersion: String;
tmpdb, Error, NetLib, DataSource, QuotedPassword, ServerVersion: String;
rx: TRegExpr;
i: Integer;
Providers: TStringList;
HasNewProvider: Boolean;
IsOldProvider: Boolean;
begin
if Value then begin
DoBeforeConnect;
@@ -1905,17 +1904,14 @@ procedure TAdoDBConnection.SetActive(Value: Boolean);
'> sh winetricks native_mdac');
end;

// Prefer MSOLEDBSQL provider on newer systems
Providers := TStringList.Create;
GetProviderNames(Providers);
HasNewProvider := Providers.IndexOf('MSOLEDBSQL') >= 0;
Providers.Free;
if HasNewProvider then begin
Provider := 'MSOLEDBSQL';
end else begin
Provider := 'SQLOLEDB';
Log(lcInfo, 'Security issue: Using '+Provider+' ADO provider with insecure TLS 1.0. '+
'You should install Microsoft OLE DB Driver from https://www.microsoft.com/en-us/download/confirmation.aspx?id=56730');
IsOldProvider := Parameters.LibraryOrProvider = 'SQLOLEDB';
if IsOldProvider then begin
MessageDialog(
f_('Security issue: Using %s %s with insecure %s.',
[Parameters.LibraryOrProvider, 'ADO provider', 'TLS 1.0']) +
f_('You should install %s from %s',
['Microsoft OLE DB Driver', 'https://www.microsoft.com/en-us/download/confirmation.aspx?id=56730']),
mtWarning, [mbOK]);
end;

NetLib := '';
@@ -1939,7 +1935,7 @@ procedure TAdoDBConnection.SetActive(Value: Boolean);
else
QuotedPassword := '"'+Parameters.Password+'"';

FAdoHandle.ConnectionString := 'Provider='+Provider+';'+
FAdoHandle.ConnectionString := 'Provider='+Parameters.LibraryOrProvider+';'+
'Password='+QuotedPassword+';'+
'Persist Security Info=True;'+
'User ID='+Parameters.Username+';'+
@@ -1953,10 +1949,10 @@ procedure TAdoDBConnection.SetActive(Value: Boolean);
FAdoHandle.ConnectionString := FAdoHandle.ConnectionString + 'Database='+Parameters.AllDatabasesStr+';';

if Parameters.WindowsAuth then begin
if HasNewProvider then
FAdoHandle.ConnectionString := FAdoHandle.ConnectionString + 'Trusted_Connection=yes;'
else
if IsOldProvider then
FAdoHandle.ConnectionString := FAdoHandle.ConnectionString + 'Integrated Security=SSPI;'
else
FAdoHandle.ConnectionString := FAdoHandle.ConnectionString + 'Trusted_Connection=yes;'
end;

try
@@ -2220,7 +2216,7 @@ procedure TMySQLConnection.DoBeforeConnect;
LibraryPath: String;
begin
// Init libmysql before actually connecting.
LibraryPath := ExtractFilePath(ParamStr(0)) + Parameters.LibraryFile;
LibraryPath := ExtractFilePath(ParamStr(0)) + Parameters.LibraryOrProvider;
Log(lcDebug, f_('Loading library file %s ...', [LibraryPath]));
// Throws EDbError on any failure:
FLib := TMySQLLib.Create(LibraryPath);
@@ -2235,7 +2231,7 @@ procedure TPgConnection.DoBeforeConnect;
msg: String;
begin
// Init lib before actually connecting.
LibraryPath := ExtractFilePath(ParamStr(0)) + Parameters.LibraryFile;
LibraryPath := ExtractFilePath(ParamStr(0)) + Parameters.LibraryOrProvider;
Log(lcDebug, f_('Loading library file %s ...', [LibraryPath]));
try
FLib := TPostgreSQLLib.Create(LibraryPath);
@@ -3327,7 +3323,7 @@ function TMySQLConnection.GetLastErrorMsg: String;

if SynRegExpr.ExecRegExpr('(Unknown SSL error|SSL connection error)', Msg) then begin
// Find specific strings in error message and provide helpful message
Additional := f_('Please select a different library in your session settings. (Current: "%s")', [FParameters.LibraryFile]);
Additional := f_('Please select a different library in your session settings. (Current: "%s")', [FParameters.LibraryOrProvider]);
end else begin
// Find "(errno: 123)" in message and add more meaningful message from perror.exe
rx := TRegExpr.Create;

0 comments on commit 74961f4

Please sign in to comment.
You can’t perform that action at this time.