/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the routing server
if (Arguments is RoutingTDSServerArguments)
{
// Cast to routing server arguments
RoutingTDSServerArguments ServerArguments = Arguments as RoutingTDSServerArguments;
// Check filter
if (ServerArguments.RequireReadOnly && (loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly))
{
// Log request
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Read-Only application intent is required for routing", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return a single message in the collection
return(new TDSMessageCollection(responseMessage));
}
}
// Delegate to the base class
return(base.OnLogin7Request(session, request));
}
/// <summary>
/// It is called when SQL batch request arrives
/// </summary>
/// <param name="message">TDS message recieved</param>
/// <returns>TDS message to respond with</returns>
public override TDSMessageCollection OnSQLBatchRequest(ITDSServerSession session, TDSMessage request)
{
// Delegate to the base class to produce the response first
TDSMessageCollection batchResponse = base.OnSQLBatchRequest(session, request);
// Check if arguments are of routing server
if (Arguments is RoutingTDSServerArguments)
{
// Cast to routing server arguments
RoutingTDSServerArguments ServerArguments = Arguments as RoutingTDSServerArguments;
// Check routing condition
if (ServerArguments.RouteOnPacket == TDSMessageType.SQLBatch)
{
// Construct routing token
TDSPacketToken routingToken = CreateRoutingToken();
// Log response
TDSUtilities.Log(Arguments.Log, "Response", routingToken);
// Insert the routing token at the beginning of the response
batchResponse[0].Insert(0, routingToken);
}
else
{
// Get the first response message
TDSMessage responseMessage = batchResponse[0];
// Reset the content of the first message
responseMessage.Clear();
// Prepare ERROR token with the denial details
responseMessage.Add(new TDSErrorToken(11111, 1, 14, "Client should have been routed by now", Arguments.ServerName));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", responseMessage[0]);
// Prepare DONE token
responseMessage.Add(new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", responseMessage[1]);
}
}
// Register only one message with the collection
return(batchResponse);
}
protected virtual TDSMessageCollection OnAuthenticationCompleted(ITDSServerSession session)
{
// Create new database environment change token
TDSEnvChangeToken envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Database, session.Database, "master");
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, envChange);
// Create information token on the change
TDSInfoToken infoToken = new TDSInfoToken(5701, 2, 0, string.Format("Changed database context to '{0}'", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new collation change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.SQLCollation, (session as GenericTDSServerSession).Collation);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create new language change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Language, LanguageString.ToString((session as GenericTDSServerSession).Language));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create information token on the change
infoToken = new TDSInfoToken(5703, 1, 0, string.Format("Changed language setting to {0}", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new packet size environment change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.PacketSize, Arguments.PacketSize.ToString(), Arguments.PacketSize.ToString());
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Update session packet size
session.PacketSize = (uint)Arguments.PacketSize;
// Create login acknowledgement packet
TDSLoginAckToken loginResponseToken = new TDSLoginAckToken(Arguments.ServerVersion, session.TDSVersion, TDSLogin7TypeFlagsSQL.SQL, "Microsoft SQL Server"); // Otherwise SNAC yields E_FAIL
// Log response
TDSUtilities.Log(Arguments.Log, "Response", loginResponseToken);
// Serialize the login token into the response packet
responseMessage.Add(loginResponseToken);
// Check if session recovery is enabled
if (session.IsSessionRecoveryEnabled)
{
// Create Feature extension Ack token
TDSFeatureExtAckToken featureExtActToken = new TDSFeatureExtAckToken(new TDSFeatureExtAckSessionStateOption((session as GenericTDSServerSession).Deflate()));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", featureExtActToken);
// Serialize feature extnesion token into the response
responseMessage.Add(featureExtActToken);
}
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Wrap a single message in a collection
return(new TDSMessageCollection(responseMessage));
}
/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the routing server
if (Arguments is RoutingTDSServerArguments)
{
// Cast to routing server arguments
RoutingTDSServerArguments ServerArguments = Arguments as RoutingTDSServerArguments;
// Check filter
if (ServerArguments.RequireReadOnly && (loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly))
{
// Log request
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Read-Only application intent is required for routing", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return a single message in the collection
return new TDSMessageCollection(responseMessage);
}
}
// Delegate to the base class
return base.OnLogin7Request(session, request);
}
/// <summary>
/// Advances one step in SSPI authentication sequence
/// </summary>
protected virtual TDSMessageCollection ContinueSSPIAuthentication(ITDSServerSession session, byte[] payload)
{
// Response to send to the client
SSPIResponse response;
try
{
// Check if we have an SSPI context
if (session.NTUserAuthenticationContext == null)
{
// This is the first step so we need to create a server context and initialize it
session.NTUserAuthenticationContext = SSPIContext.CreateServer();
// Run the first step of authentication
response = session.NTUserAuthenticationContext.StartServerAuthentication(payload);
}
else
{
// Process SSPI request from the client
response = session.NTUserAuthenticationContext.ContinueServerAuthentication(payload);
}
}
catch (Exception e)
{
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(12345, 1, 15, "Failed to accept security SSPI context", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseErrorMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(12345, 1, 15, e.Message, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseErrorMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseErrorMessage.Add(doneToken);
// Respond with a single message
return(new TDSMessageCollection(responseErrorMessage));
}
// Message collection to respond with
TDSMessageCollection responseMessages = new TDSMessageCollection();
// Check if there's a response
if (response != null)
{
// Check if there's a payload
if (response.Payload != null)
{
// Create SSPI token
TDSSSPIToken sspiToken = new TDSSSPIToken(response.Payload);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", sspiToken);
// Prepare response message with a single response token
responseMessages.Add(new TDSMessage(TDSMessageType.Response, sspiToken));
// Check if we can complete login
if (!response.IsFinal)
{
// Send the message to the client
return(responseMessages);
}
}
}
// Reset SQL user identifier since we're using NT authentication
session.SQLUserID = null;
// Append successfully authentication response
responseMessages.AddRange(OnAuthenticationCompleted(session));
// Return the message with SSPI token
return(responseMessages);
}
/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the authenticating TDS server
if (Arguments is AuthenticatingTDSServerArguments)
{
// Cast to authenticating TDS server arguments
AuthenticatingTDSServerArguments ServerArguments = Arguments as AuthenticatingTDSServerArguments;
// Check if we're still processing normal login
if (ServerArguments.ApplicationIntentFilter != ApplicationIntentFilterType.All)
{
// Check filter
if ((ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.ReadOnly && loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly) ||
(ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.None))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application intent filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return(new TDSMessageCollection(responseMessage));
}
}
// Check if we're still processing normal login and there's a filter to check
if (ServerArguments.ServerNameFilterType != ServerNameFilterType.None)
{
// Check each algorithm
if ((ServerArguments.ServerNameFilterType == ServerNameFilterType.Equals && string.Compare(ServerArguments.ServerNameFilter, loginRequest.ServerName, true) != 0) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.StartsWith && !loginRequest.ServerName.StartsWith(ServerArguments.ServerNameFilter)) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.EndsWith && !loginRequest.ServerName.EndsWith(ServerArguments.ServerNameFilter)) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.Contains && !loginRequest.ServerName.Contains(ServerArguments.ServerNameFilter)))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, string.Format("Received server name \"{0}\", expected \"{1}\" using \"{2}\" algorithm", loginRequest.ServerName, ServerArguments.ServerNameFilter, ServerArguments.ServerNameFilterType), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by server name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return(new TDSMessageCollection(responseMessage));
}
}
// Check if packet size filter is applied
if (ServerArguments.PacketSizeFilter != null)
{
// Check if requested packet size is the same as the filter specified
if (loginRequest.PacketSize != ServerArguments.PacketSizeFilter.Value)
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(1919, 1, 14, string.Format("Received packet size \"{0}\", expected \"{1}\"", loginRequest.PacketSize, ServerArguments.PacketSizeFilter.Value), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(1919, 1, 14, "Connection is denied by packet size filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return(new TDSMessageCollection(responseMessage));
}
}
// If we have an application name filter
if (ServerArguments.ApplicationNameFilter != null)
{
// If we are supposed to block this connection attempt
if (loginRequest.ApplicationName.Equals(ServerArguments.ApplicationNameFilter, System.StringComparison.OrdinalIgnoreCase))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application name: " + loginRequest.ApplicationName, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return(new TDSMessageCollection(responseMessage));
}
}
}
// Return login response from the base class
return(base.OnLogin7Request(session, request));
}
/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the authenticating TDS server
if (Arguments is AuthenticatingTDSServerArguments)
{
// Cast to authenticating TDS server arguments
AuthenticatingTDSServerArguments ServerArguments = Arguments as AuthenticatingTDSServerArguments;
// Check if we're still processing normal login
if (ServerArguments.ApplicationIntentFilter != ApplicationIntentFilterType.All)
{
// Check filter
if ((ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.ReadOnly && loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly)
|| (ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.None))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application intent filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return new TDSMessageCollection(responseMessage);
}
}
// Check if we're still processing normal login and there's a filter to check
if (ServerArguments.ServerNameFilterType != ServerNameFilterType.None)
{
// Check each algorithm
if ((ServerArguments.ServerNameFilterType == ServerNameFilterType.Equals && string.Compare(ServerArguments.ServerNameFilter, loginRequest.ServerName, true) != 0)
|| (ServerArguments.ServerNameFilterType == ServerNameFilterType.StartsWith && !loginRequest.ServerName.StartsWith(ServerArguments.ServerNameFilter))
|| (ServerArguments.ServerNameFilterType == ServerNameFilterType.EndsWith && !loginRequest.ServerName.EndsWith(ServerArguments.ServerNameFilter))
|| (ServerArguments.ServerNameFilterType == ServerNameFilterType.Contains && !loginRequest.ServerName.Contains(ServerArguments.ServerNameFilter)))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, string.Format("Received server name \"{0}\", expected \"{1}\" using \"{2}\" algorithm", loginRequest.ServerName, ServerArguments.ServerNameFilter, ServerArguments.ServerNameFilterType), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by server name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return new TDSMessageCollection(responseMessage);
}
}
// Check if packet size filter is applied
if (ServerArguments.PacketSizeFilter != null)
{
// Check if requested packet size is the same as the filter specified
if (loginRequest.PacketSize != ServerArguments.PacketSizeFilter.Value)
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(1919, 1, 14, string.Format("Received packet size \"{0}\", expected \"{1}\"", loginRequest.PacketSize, ServerArguments.PacketSizeFilter.Value), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(1919, 1, 14, "Connection is denied by packet size filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return new TDSMessageCollection(responseMessage);
}
}
// If we have an application name filter
if (ServerArguments.ApplicationNameFilter != null)
{
// If we are supposed to block this connection attempt
if (loginRequest.ApplicationName.Equals(ServerArguments.ApplicationNameFilter, System.StringComparison.OrdinalIgnoreCase))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application name: " + loginRequest.ApplicationName, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return new TDSMessageCollection(responseMessage);
}
}
}
// Return login response from the base class
return base.OnLogin7Request(session, request);
}
protected virtual TDSMessageCollection OnAuthenticationCompleted(ITDSServerSession session)
{
// Create new database environment change token
TDSEnvChangeToken envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Database, session.Database, "master");
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, envChange);
// Create information token on the change
TDSInfoToken infoToken = new TDSInfoToken(5701, 2, 0, string.Format("Changed database context to '{0}'", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new collation change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.SQLCollation, (session as GenericTDSServerSession).Collation);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create new language change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Language, LanguageString.ToString((session as GenericTDSServerSession).Language));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create information token on the change
infoToken = new TDSInfoToken(5703, 1, 0, string.Format("Changed language setting to {0}", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new packet size environment change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.PacketSize, Arguments.PacketSize.ToString(), Arguments.PacketSize.ToString());
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Update session packet size
session.PacketSize = (uint)Arguments.PacketSize;
// Create login acknowledgnment packet
TDSLoginAckToken loginResponseToken = new TDSLoginAckToken(Arguments.ServerVersion, session.TDSVersion, TDSLogin7TypeFlagsSQL.SQL, "Microsoft SQL Server"); // Otherwise SNAC yields E_FAIL
// Log response
TDSUtilities.Log(Arguments.Log, "Response", loginResponseToken);
// Serialize the login token into the response packet
responseMessage.Add(loginResponseToken);
// Check if session recovery is enabled
if (session.IsSessionRecoveryEnabled)
{
// Create Feature extension Ack token
TDSFeatureExtAckToken featureExtActToken = new TDSFeatureExtAckToken(new TDSFeatureExtAckSessionStateOption((session as GenericTDSServerSession).Deflate()));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", featureExtActToken);
// Serialize feature extnesion token into the response
responseMessage.Add(featureExtActToken);
}
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Wrap a single message in a collection
return new TDSMessageCollection(responseMessage);
}
/// <summary>
/// Advances one step in SSPI authentication sequence
/// </summary>
protected virtual TDSMessageCollection ContinueSSPIAuthentication(ITDSServerSession session, byte[] payload)
{
// Response to send to the client
SSPIResponse response;
try
{
// Check if we have an SSPI context
if (session.NTUserAuthenticationContext == null)
{
// This is the first step so we need to create a server context and initialize it
session.NTUserAuthenticationContext = SSPIContext.CreateServer();
// Run the first step of authentication
response = session.NTUserAuthenticationContext.StartServerAuthentication(payload);
}
else
{
// Process SSPI request from the client
response = session.NTUserAuthenticationContext.ContinueServerAuthentication(payload);
}
}
catch (Exception e)
{
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(12345, 1, 15, "Failed to accept security SSPI context", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseErrorMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(12345, 1, 15, e.Message, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseErrorMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseErrorMessage.Add(doneToken);
// Respond with a single message
return new TDSMessageCollection(responseErrorMessage);
}
// Message collection to respond with
TDSMessageCollection responseMessages = new TDSMessageCollection();
// Check if there's a response
if (response != null)
{
// Check if there's a payload
if (response.Payload != null)
{
// Create SSPI token
TDSSSPIToken sspiToken = new TDSSSPIToken(response.Payload);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", sspiToken);
// Prepare response message with a single response token
responseMessages.Add(new TDSMessage(TDSMessageType.Response, sspiToken));
// Check if we can complete login
if (!response.IsFinal)
{
// Send the message to the client
return responseMessages;
}
}
}
// Reset SQL user identifier since we're using NT authentication
session.SQLUserID = null;
// Append successfully authentication response
responseMessages.AddRange(OnAuthenticationCompleted(session));
// Return the message with SSPI token
return responseMessages;
}
/// <summary>
/// Execute the query and produce a response
/// </summary>
public TDSMessageCollection ExecuteBatch(ITDSServerSession session, TDSMessage request)
{
// Get the batch from the tokens
TDSSQLBatchToken batchRequest = request[0] as TDSSQLBatchToken;
// Log request
TDSUtilities.Log(Log, "Request", batchRequest);
// Increase the counter of connection reset requests if the message contains the proper flags
if (request.IsResetConnectionRequestSet || request.IsResetConnectionSkipTransactionRequestSet)
{
session.ConnectionResetRequestCount++;
}
// Prepare response message
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response);
// Prepare query text
string lowerBatchText = batchRequest.Text.ToLowerInvariant();
// Check query
if (lowerBatchText.Contains("serverproperty('servername')")) // SELECT convert(nvarchar(256), ServerProperty('ServerName'))
{
// Delegate to server name query
responseMessage = _PrepareServerNameResponse(session);
}
if (lowerBatchText.Contains("serverproperty('machinename')")) // SELECT convert(nvarchar(256), ServerProperty('MachineName'))
{
// Delegate to server name query
responseMessage = _PrepareMachineNameResponse(session);
}
else if (lowerBatchText.Contains("serverproperty('instancename')")) // SELECT convert(nvarchar(256), ServerProperty('InstanceName'))
{
// Delegate to instance name query
responseMessage = _PrepareInstanceNameResponse(session);
}
else if (lowerBatchText.Contains("serverproperty('ishadrenabled')")) // SELECT convert(bit, ServerProperty('IsHADREnabled'))
{
// Delegate to HADRon query
responseMessage = _PrepareIsHADRResponse(session);
}
else if (lowerBatchText.Contains("serverproperty('engineedition')")) // SELECT convert(int, ServerProperty('EngineEdition'))
{
// Delegate to Azure query
responseMessage = _PrepareIsAzure(session);
}
else if (lowerBatchText.Contains("serverproperty('islocaldb')")) // SELECT convert(bit, ServerProperty('IsLocalDB'))
{
// Delegate to Local DB query
responseMessage = _PrepareIsLocalDB(session);
}
else if (lowerBatchText.Contains("serverproperty('istestsqlserver')")) // SELECT convert(bit, ServerProperty('IsTestSQLServer'))
{
// Delegate to test SQL Server query response
responseMessage = _PrepareIsTestSQLServerResponse(session);
}
else if (lowerBatchText.Contains("serverproperty('testsqlserverclass')")) // SELECT convert(nvarchar(256), ServerProperty('TestSQLServerClass'))
{
// Delegate to test SQL Server class response
responseMessage = _PrepareTestSQLServerClassResponse(session);
}
else if (lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("login_name")
&& lowerBatchText.Contains("nt_domain")
&& lowerBatchText.Contains("nt_user_name")
&& lowerBatchText.Contains("session_id")) // SELECT login_name, nt_domain, nt_user_name FROM sys.dm_exec_sessions WHERE session_id = @@spid
{
// Delegate to session user query
responseMessage = _PrepareSessionUserResponse(session);
}
else if (lowerBatchText.Contains("sp_oledb_ro_usrname")) // exec [sys].sp_oledb_ro_usrname
{
// Delegate to OLE DB query
responseMessage = _PrepareOleDbReadOnlyUserName(session);
}
else if (lowerBatchText.Contains("physical_net_transport")
&& lowerBatchText.Contains("local_net_address")
&& lowerBatchText.Contains("local_tcp_port")) // SELECT convert(nvarchar(40), ConnectionProperty('physical_net_transport')), convert(varchar(48), ConnectionProperty('local_net_address')), convert(int, ConnectionProperty('local_tcp_port'))
{
// Delegate to connection information query
responseMessage = _PrepareConnectionInfoResponse(session);
}
else if (lowerBatchText.Contains("dm_exec_connections")
&& lowerBatchText.Contains("encrypt_option")
&& lowerBatchText.Contains("session_id")) // SELECT TOP (1) [encrypt_option] FROM [sys].[dm_exec_connections] WHERE [session_id] = @@SPID
{
// Delegate to encryption information query
responseMessage = _PrepareEncryptionInfoResponse(session);
}
else if (lowerBatchText.Contains("select 1")) // SELECT 1
{
// Delegate to server ping response
responseMessage = _PreparePingResponse(session);
}
else if (lowerBatchText.Contains("name")
&& lowerBatchText.Contains("state")
&& lowerBatchText.Contains("databases")
&& lowerBatchText.Contains("db_name")) // SELECT [name], [state] FROM [sys].[databases] WHERE [name] = db_name()
{
// Delegate to current database response
responseMessage = _PrepareDatabaseResponse(session);
}
else if (lowerBatchText.Contains("dbcc")
&& lowerBatchText.Contains("tracestatus")) // dbcc tracestatus()
{
// Delegate to current configuration response
responseMessage = _PrepareConfigurationResponse(session);
}
else if (lowerBatchText.Contains("connectionproperty('sp_reset_connection_count')")) // select CONNECTIONPROPERTY('sp_reset_connection_count')
{
// Delegate to reset connection request response
responseMessage = _PrepareConnectionResetRequestCountResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("convert")
&& lowerBatchText.Contains("nvarchar(128)")
&& lowerBatchText.Contains("@@spid")) // SELECT convert(nvarchar(128), @@SPID)
{
// Delegate to reset connection request response
responseMessage = _PrepareSPIDResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("auth_scheme")
&& lowerBatchText.Contains("dm_exec_connections")) //select top (1) [auth_scheme] from [sys].[dm_exec_connections] where [session_id] = @@spid
{
// Delegate to reset connection request response
responseMessage = _PrepareAuthSchemeResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("ansi_defaults")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [ansi_defaults] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareAnsiDefaultsResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("ansi_null_dflt_on")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [ansi_null_dflt_on] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareAnsiNullDefaultOnResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("ansi_nulls")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [ansi_nulls] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareAnsiNullsResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("ansi_padding")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [ansi_padding] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareAnsiPaddingResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("ansi_warnings")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [ansi_warnings] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareAnsiWarningsResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("arithabort")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [arithabort] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareArithAbortResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("concat_null_yields_null")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [concat_null_yields_null] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareConcatNullYieldsNullResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("date_first")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [date_first] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareDateFirstResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("date_format")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [date_format] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareDateFormatResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("deadlock_priority")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [deadlock_priority] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareDeadlockPriorityResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("language")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [language] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareLanguageResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("lock_timeout")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [lock_timeout] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareLockTimeoutResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("quoted_identifier")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [quoted_identifier] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareQuotedIdentifierResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("text_size")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [text_size] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareTextSizeResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("transaction_isolation_level")
&& lowerBatchText.Contains("dm_exec_sessions")
&& lowerBatchText.Contains("session_id")
&& lowerBatchText.Contains("@@spid")) // SELECT TOP (1) [transaction_isolation_level] FROM [sys].[dm_exec_sessions] WHERE [session_id] = @@SPID
{
// Delegate session property query
responseMessage = _PrepareTransactionIsolationLevelResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("@@options")) // SELECT @@OPTIONS
{
// Delegate session property query
responseMessage = _PrepareOptionsResponse(session);
}
else if (lowerBatchText.Contains("select")
&& lowerBatchText.Contains("context_info()")) // SELECT CONTEXT_INFO()
{
// Delegate session property query
responseMessage = _PrepareContextInfoResponse(session);
}
else
{
// Create an info token that contains the query received
TDSInfoToken infoToken = new TDSInfoToken(2012, 2, 0, lowerBatchText);
// Log response
TDSUtilities.Log(Log, "Response", infoToken);
// Serialize DONE token into the response packet
responseMessage.Add(infoToken);
// Create an info token to let client know that we don't recognize this query
infoToken = new TDSInfoToken(2012, 2, 0, "Received query is not recognized by the query engine. Please ask a very specific question.");
// Log response
TDSUtilities.Log(Log, "Response", infoToken);
// Serialize DONE token into the response packet
responseMessage.Add(infoToken);
// Create generic DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final);
// Log response
TDSUtilities.Log(Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
}
// Response collection will contain only one message
return new TDSMessageCollection(responseMessage);
}