Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot connect to MSSQL server #676

Open
BlueHtml opened this issue Nov 7, 2024 · 6 comments
Open

Cannot connect to MSSQL server #676

BlueHtml opened this issue Nov 7, 2024 · 6 comments
Labels
bug Something isn't working

Comments

@BlueHtml
Copy link

BlueHtml commented Nov 7, 2024

Hello, I cannot connect to the MSSQL server in the production environment (previously I was connecting to the local server).

database_url: mssql://user:password@ip:1433/DB

Error: [2024-11-07T03:43:56.138Z WARN sqlpage::webserver::database::connect] Failed to connect to the database: error communicating with database: tls handshake eof. Retrying in 5 seconds.

Could this be an issue with the SSL certificate?

Version information

  • OS: windows 10 Simplified Chinese zh-CN
  • Database: MSSQL 2012
  • SQLPage Version: sqlpage 0.30.1
@BlueHtml BlueHtml added the bug Something isn't working label Nov 7, 2024
@lovasoa
Copy link
Collaborator

lovasoa commented Nov 7, 2024

Interesting. Can you please send the full verbose logs here? You can collect logs by launching SQLPage from your terminal with

set RUST_LOG=trace && path\to\sqlpage.exe

Can you also check the encryption setting of your database server and return the logs from the server from the time of the error of you have them?

@BlueHtml
Copy link
Author

BlueHtml commented Nov 7, 2024

@lovasoa Logs (please help me check for any sensitive information):


[2024-11-07T07:56:12.384Z DEBUG sqlpage::webserver::database::connect] Connecting to a Mssql database on mssql://xxx
[2024-11-07T07:56:12.385Z INFO  sqlpage::webserver::database::connect] Connecting to database: mssql://xxx
[2024-11-07T07:56:12.385Z DEBUG sqlpage::webserver::database::connect] Not creating a custom SQL database connection handler because "\\\\?\\D:\\code\\tmp\\sqlpage\\sqlpage\\on_connect.sql" does not exist
[2024-11-07T07:56:12.389Z TRACE mio::poll] registering event source with poller: token=Token(1408712486144), interests=READABLE | WRITABLE
[2024-11-07T07:56:12.415Z DEBUG sqlx_core_oldapi::mssql::connection::establish] Sending T-SQL PRELOGIN with encryption: On
[2024-11-07T07:56:12.443Z TRACE sqlx_core_oldapi::mssql::connection::tls_prelogin_stream_wrapper] Handshake starting
[2024-11-07T07:56:12.444Z DEBUG rustls::client::hs] No cached session for IpAddress(V4(Ipv4Addr([x, x, x, x])))
[2024-11-07T07:56:12.445Z DEBUG rustls::client::hs] Not resuming any session
[2024-11-07T07:56:12.446Z TRACE rustls::client::hs] Sending ClientHello Message {
        version: TLSv1_0,
        payload: Handshake {
            parsed: HandshakeMessagePayload {
                typ: ClientHello,
                payload: ClientHello(
                    ClientHelloPayload {
                        client_version: TLSv1_2,
                        random: dc8621d0e137bbc3827ff58229db6e790e0aa886897acd65fa9ef31d8153c4bd,
                        session_id: 4c8ab0419b5f8d0655204678103f304f6598bf5651135e10a39c99a7e14ac9df,
                        cipher_suites: [
                            TLS13_AES_256_GCM_SHA384,
                            TLS13_AES_128_GCM_SHA256,
                            TLS13_CHACHA20_POLY1305_SHA256,
                            TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
                            TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
                            TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
                            TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
                            TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                            TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
                            TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
                        ],
                        compression_methods: [
                            Null,
                        ],
                        extensions: [
                            SupportedVersions(
                                [
                                    TLSv1_3,
                                    TLSv1_2,
                                ],
                            ),
                            EcPointFormats(
                                [
                                    Uncompressed,
                                ],
                            ),
                            NamedGroups(
                                [
                                    X25519,
                                    secp256r1,
                                    secp384r1,
                                ],
                            ),
                            SignatureAlgorithms(
                                [
                                    RSA_PKCS1_SHA1,
                                    ECDSA_SHA1_Legacy,
                                    RSA_PKCS1_SHA256,
                                    ECDSA_NISTP256_SHA256,
                                    RSA_PKCS1_SHA384,
                                    ECDSA_NISTP384_SHA384,
                                    RSA_PKCS1_SHA512,
                                    ECDSA_NISTP521_SHA512,
                                    RSA_PSS_SHA256,
                                    RSA_PSS_SHA384,
                                    RSA_PSS_SHA512,
                                    ED25519,
                                    ED448,
                                ],
                            ),
                            ExtendedMasterSecretRequest,
                            CertificateStatusRequest(
                                Ocsp(
                                    OcspCertificateStatusRequest {
                                        responder_ids: [],
                                        extensions: ,
                                    },
                                ),
                            ),
                            KeyShare(
                                [
                                    KeyShareEntry {
                                        group: X25519,
                                        payload: ae367c4b99c735d73ea01f153b8aae8577b817de71895fcfbfd2ed9d5455cf1e,
                                    },
                                ],
                            ),
                            PresharedKeyModes(
                                [
                                    PSK_DHE_KE,
                                ],
                            ),
                            SessionTicket(
                                Request,
                            ),
                        ],
                    },
                ),
            },
            encoded: 010000d90303dc8621d0e137bbc3827ff58229db6e790e0aa886897acd65fa9ef31d8153c4bd204c8ab0419b5f8d0655204678103f304f6598bf5651135e10a39c99a7e14ac9df0014130213011303c02cc02bcca9c030c02fcca800ff0100007c002b00050403040303000b00020100000a00080006001d00170018000d001c001a020102030401040305010503060106030804080508060807080800170000000500050100000000003300260024001d0020ae367c4b99c735d73ea01f153b8aae8577b817de71895fcfbfd2ed9d5455cf1e002d0002010100230000,
        },
    }
[2024-11-07T07:56:12.460Z TRACE sqlx_core_oldapi::mssql::connection::tls_prelogin_stream_wrapper] Writing 234 bytes of TLS handshake
[2024-11-07T07:56:12.484Z TRACE mio::poll] deregistering event source from poller
[2024-11-07T07:56:12.484Z WARN  sqlpage::webserver::database::connect] Failed to connect to the database: error communicating with database: tls handshake eof. Retrying in 5 seconds.

@lovasoa
Copy link
Collaborator

lovasoa commented Nov 7, 2024

Thank you. Maybe the database does not support encrypted connections? Can you try connecting with encryption disabled, and report the same logs?

You can disable encryption by adding ?encrypt=false to the connection string.

@BlueHtml
Copy link
Author

BlueHtml commented Nov 7, 2024

@lovasoa Yes, you are right. It works fine after adding ?encrypt=false.

I couldn't find this option in the configuration.md. Can we include it?

@lovasoa
Copy link
Collaborator

lovasoa commented Nov 7, 2024

Yes, I'll add a reference to supported connection string parameters.

Even better, we should be able to make it just work by default. We currently support both fully encrypted and fully cleartext connections, but I suspect your database expects sql server's third mode, that is partially encrypted connections where only the password is encrypted. We should add support for that too.

@BlueHtml
Copy link
Author

BlueHtml commented Nov 7, 2024

Alright, we can give it a try.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants