Fix AKV keyword test for AE v2 behaviour (#1061)
* Master (#936) 5.6.0 RTW * 5.6.1 hotfix (#959) * Updated links and versions (#987) * Fixed AKV keyword tests for AE v2 * Added comment * Free proc cache before starting test * Fixed comment
This commit is contained in:
parent
b41135a850
commit
48b048830d
|
@ -48,6 +48,26 @@ $dataTypes = array("char(".SHORT_STRSIZE.")", "varchar(".SHORT_STRSIZE.")", "nva
|
||||||
|
|
||||||
$tableName = "akv_comparison_table";
|
$tableName = "akv_comparison_table";
|
||||||
|
|
||||||
|
// First determine if the server is AE v2 enabled
|
||||||
|
$isEnclaveEnabled = false;
|
||||||
|
$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";
|
||||||
|
|
||||||
|
$conn = new PDO($connectionOptions, $uid, $pwd);
|
||||||
|
if (!$conn) {
|
||||||
|
fatalError("Initial connection failed\n");
|
||||||
|
} else {
|
||||||
|
$query = "SELECT [name], [value], [value_in_use] FROM sys.configurations WHERE [name] = 'column encryption enclave type';";
|
||||||
|
$stmt = $conn->query($query);
|
||||||
|
$info = $stmt->fetch();
|
||||||
|
if ($info['value'] == 1 and $info['value_in_use'] == 1) {
|
||||||
|
$isEnclaveEnabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
$conn->query("DBCC FREEPROCCACHE");
|
||||||
|
}
|
||||||
|
|
||||||
|
unset($conn);
|
||||||
|
|
||||||
// Test every combination of the keywords above.
|
// Test every combination of the keywords above.
|
||||||
// Leave out good credentials to ensure that caching does not influence the
|
// Leave out good credentials to ensure that caching does not influence the
|
||||||
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
|
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
|
||||||
|
@ -117,8 +137,11 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
|
||||||
unset($stmt);
|
unset($stmt);
|
||||||
} else {
|
} else {
|
||||||
// The INSERT query succeeded with bad credentials, which
|
// The INSERT query succeeded with bad credentials, which
|
||||||
// should only happen when encryption is not enabled.
|
// should only happen when 1. encryption is not enabled or
|
||||||
if (isColEncrypted()) {
|
// 2. when ColumnEncryption is set to something other than
|
||||||
|
// enabled or disabled (i.e. $i == 2), and the server is
|
||||||
|
// not enclave-enabled
|
||||||
|
if (!(!isColEncrypted() or ($i == 2 and !$isEnclaveEnabled))) {
|
||||||
fatalError("Successful insertion with bad credentials\n");
|
fatalError("Successful insertion with bad credentials\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -135,6 +158,7 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
|
||||||
$errors,
|
$errors,
|
||||||
array('CE258', '0'),
|
array('CE258', '0'),
|
||||||
array('CE275', '0'),
|
array('CE275', '0'),
|
||||||
|
array('CE400', '0'),
|
||||||
array('IMSSP', '-85'),
|
array('IMSSP', '-85'),
|
||||||
array('IMSSP', '-86'),
|
array('IMSSP', '-86'),
|
||||||
array('IMSSP', '-87'),
|
array('IMSSP', '-87'),
|
||||||
|
@ -147,6 +171,7 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
|
||||||
$errors,
|
$errors,
|
||||||
array('CE258', '0'),
|
array('CE258', '0'),
|
||||||
array('CE275', '0'),
|
array('CE275', '0'),
|
||||||
|
array('CE400', '0'),
|
||||||
array('IMSSP', '-85'),
|
array('IMSSP', '-85'),
|
||||||
array('IMSSP', '-86'),
|
array('IMSSP', '-86'),
|
||||||
array('IMSSP', '-87'),
|
array('IMSSP', '-87'),
|
||||||
|
|
|
@ -47,6 +47,30 @@ $dataTypes = array("char(".SHORT_STRSIZE.")", "varchar(".SHORT_STRSIZE.")", "nva
|
||||||
|
|
||||||
$tableName = "akv_comparison_table";
|
$tableName = "akv_comparison_table";
|
||||||
|
|
||||||
|
// First determine if the server is AE v2 enabled
|
||||||
|
$isEnclaveEnabled = false;
|
||||||
|
$connectionOptions = array("CharacterSet"=>"UTF-8",
|
||||||
|
"database"=>$databaseName,
|
||||||
|
"uid"=>$uid,
|
||||||
|
"pwd"=>$pwd,
|
||||||
|
"ConnectionPooling"=>0);
|
||||||
|
|
||||||
|
$conn = sqlsrv_connect($server, $connectionOptions);
|
||||||
|
if (!$conn) {
|
||||||
|
fatalError("Initial connection failed\n");
|
||||||
|
} else {
|
||||||
|
$query = "SELECT [name], [value], [value_in_use] FROM sys.configurations WHERE [name] = 'column encryption enclave type';";
|
||||||
|
$stmt = sqlsrv_query($conn, $query);
|
||||||
|
$info = sqlsrv_fetch_array($stmt);
|
||||||
|
if ($info['value'] == 1 and $info['value_in_use'] == 1) {
|
||||||
|
$isEnclaveEnabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
sqlsrv_query($conn, "DBCC FREEPROCCACHE");
|
||||||
|
}
|
||||||
|
|
||||||
|
unset($conn);
|
||||||
|
|
||||||
// Test every combination of the keywords above.
|
// Test every combination of the keywords above.
|
||||||
// Leave out good credentials to ensure that caching does not influence the
|
// Leave out good credentials to ensure that caching does not influence the
|
||||||
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
|
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
|
||||||
|
@ -96,7 +120,8 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
|
||||||
array('IMSSP','-110'),
|
array('IMSSP','-110'),
|
||||||
array('IMSSP','-111'),
|
array('IMSSP','-111'),
|
||||||
array('IMSSP','-112'),
|
array('IMSSP','-112'),
|
||||||
array('IMSSP','-113')
|
array('IMSSP','-113'),
|
||||||
|
array('CE400','0')
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
$columns = array();
|
$columns = array();
|
||||||
|
@ -148,8 +173,11 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
|
||||||
sqlsrv_free_stmt($stmt);
|
sqlsrv_free_stmt($stmt);
|
||||||
} else {
|
} else {
|
||||||
// The INSERT query succeeded with bad credentials, which
|
// The INSERT query succeeded with bad credentials, which
|
||||||
// should only happen when encryption is not enabled.
|
// should only happen when 1. encryption is not enabled or
|
||||||
if (AE\isDataEncrypted()) {
|
// 2. when ColumnEncryption is set to something other than
|
||||||
|
// enabled or disabled (i.e. $i == 2), and the server is
|
||||||
|
// not enclave-enabled
|
||||||
|
if (!(!AE\isDataEncrypted() or ($i == 2 and !$isEnclaveEnabled))) {
|
||||||
fatalError("Successful insertion with bad credentials\n");
|
fatalError("Successful insertion with bad credentials\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue