search

prisma / tiberius

TDS 7.2+ (Microsoft SQL Server) driver for Rust
Apache License 2.0
311 stars 113 forks source link

Program hangs when trying to connect using Kerberos/Integrated GSSAPI auth #339

Closed shajia-deshaw closed 3 months ago

shajia-deshaw commented 3 months ago

I'm following the examples given in the examples/ folder to try to authenticate to a MSSQL server via Kerberos/Integrated GSSAPI auth. But the program gets hung forever until it exits by a "connection reset by peer" error Error: An error occured during the attempt of performing I/O: An error occured during the attempt of performing I/O: Connection reset by peer (os error 104)

Config:

Config { host: Some("xx"), port: Some(1433), database: Some("xx"), instance_name: None, application_name: None, encryption: Off, trust: TrustAll, auth: Integrated }

Attaching the trace log for more information.

[2024-04-25T09:35:34Z TRACE tiberius::client::connection] Sending a packet (41 bytes)
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=6, ev=Event { key: 0, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE async_io::driver] sleep until notification
[2024-04-25T09:35:34Z TRACE polling::epoll] new events: epoll_fd=7, res=1
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=8, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE async_io::reactor] react: 1 ready wakers
[2024-04-25T09:35:34Z TRACE async_io::driver] main_loop: waiting on I/O
[2024-04-25T09:35:34Z TRACE async_io::reactor] process_timers: 0 ready wakers
[2024-04-25T09:35:34Z TRACE polling] Poller::wait(_, None)
[2024-04-25T09:35:34Z TRACE polling::epoll] wait: epoll_fd=7, timeout=None
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=9, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE tiberius::tds::codec::decode] Reading a TabularResult (37 bytes)
[2024-04-25T09:35:34Z INFO  tiberius::client::connection] Performing a TLS handshake
[2024-04-25T09:35:34Z WARN  tiberius::client::tls_stream::native_tls_stream] Trusting the server certificate without validation.
[2024-04-25T09:35:34Z TRACE tiberius::client::tls] Writing a packet of 525 bytes
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=6, ev=Event { key: 0, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE async_io::driver] sleep until notification
[2024-04-25T09:35:34Z TRACE blocking] shutting down due to lack of tasks
[2024-04-25T09:35:34Z TRACE tracing::span::active] <- blocking::main_loop;
[2024-04-25T09:35:34Z TRACE tracing::span] -- blocking::main_loop;
[2024-04-25T09:35:34Z TRACE polling::epoll] new events: epoll_fd=7, res=1
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=8, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE async_io::reactor] react: 1 ready wakers
[2024-04-25T09:35:34Z TRACE async_io::driver] main_loop: waiting on I/O
[2024-04-25T09:35:34Z TRACE async_io::reactor] process_timers: 0 ready wakers
[2024-04-25T09:35:34Z TRACE polling] Poller::wait(_, None)
[2024-04-25T09:35:34Z TRACE polling::epoll] wait: epoll_fd=7, timeout=None
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=9, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE tiberius::client::tls] Reading packet of 3334 bytes
[2024-04-25T09:35:34Z TRACE tiberius::client::tls] Writing a packet of 166 bytes
[2024-04-25T09:35:34Z TRACE polling::epoll] modify: epoll_fd=7, fd=6, ev=Event { key: 0, readable: true, writable: false }
[2024-04-25T09:35:34Z TRACE async_io::driver] sleep until notification
[2024-04-25T09:35:35Z TRACE polling::epoll] new events: epoll_fd=7, res=1
[2024-04-25T09:35:35Z TRACE polling::epoll] modify: epoll_fd=7, fd=8, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:35Z TRACE async_io::reactor] react: 1 ready wakers
[2024-04-25T09:35:35Z TRACE async_io::driver] main_loop: waiting on I/O
[2024-04-25T09:35:35Z TRACE async_io::reactor] process_timers: 0 ready wakers
[2024-04-25T09:35:35Z TRACE polling] Poller::wait(_, None)
[2024-04-25T09:35:35Z TRACE polling::epoll] wait: epoll_fd=7, timeout=None
[2024-04-25T09:35:35Z TRACE polling::epoll] modify: epoll_fd=7, fd=9, ev=Event { key: 18446744073709551615, readable: true, writable: false }
[2024-04-25T09:35:35Z TRACE tiberius::client::tls] Reading packet of 51 bytes
[2024-04-25T09:35:35Z INFO  tiberius::client::connection] TLS handshake successful
[2024-04-25T09:35:35Z TRACE tiberius::client::connection] Sending a packet (4096 bytes)
[2024-04-25T09:35:35Z TRACE tiberius::client::connection] Sending a packet (57 bytes)
[2024-04-25T09:35:35Z WARN  tiberius::client::connection] Turning TLS off after a login. All traffic from here on is not encrypted.
[2024-04-25T09:35:35Z TRACE polling::epoll] modify: epoll_fd=7, fd=6, ev=Event { key: 0, readable: true, writable: false }
[2024-04-25T09:35:35Z TRACE async_io::driver] sleep until notification

Seems to be getting stuck at Client::connect: https://github.com/prisma/tiberius/blob/main/examples/async-std.rs#L20

Environment:

OS: RHEL8 rustc version: 1.76.0

shajia-deshaw commented 3 months ago

Figured out the issue. If I set Encrypt=True in the connection string, it works. Probably a server restriction that's causing the connections to fail? Idk. But either way, it worked!

P.S. Thanks for this amazing library!