Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[5.0.1] Microsoft.Data.Sqlite: Don't force decryption when password unset #23290

Merged
merged 1 commit into from
Nov 19, 2020
Merged

[5.0.1] Microsoft.Data.Sqlite: Don't force decryption when password unset #23290

merged 1 commit into from
Nov 19, 2020

Conversation

bricelam
Copy link
Contributor

@bricelam bricelam commented Nov 12, 2020
edited
Loading

Fixes #23250

Description

In Microsoft.Data.Sqlite 5.0 we updated the connection to throw when the database is encrypted, but not key (aka password) was provided in the connection string.

While this improved the experience for users who forgot to supply a key, it broke others who were supplying the key immediately after opening the connection.

The fix in this PR reverts to the 3.1 behavior.

Customer Impact

Without this fix, anyone supplying a key after opening the connection would need to update their app to supply it in the connection string instead.

// Change this...
connection.Open();
connection.Execute("PRAGMA key = 'password'");

// ...to this
connection.ConnectionString = "" + new SqliteConnectionStringBuilder(connection.ConnectionString)
{
    Password = "password"
};
connection.Open();

How found

Customer reported

Test coverage

We had tests asserting the behavior introduced in 5.0. They have been updated to reflect the new behavior.

Regression?

Yes

Risk

Very low. This is the same behavior we had in 3.1

@bricelam bricelam requested a review from a team November 12, 2020 18:52
@bricelam bricelam force-pushed the password branch 2 times, most recently from d139dcc to ebd9ce2 Compare November 12, 2020 19:24
@ajcvickers
Copy link
Member

@bricelam Agree we should patch. Can you complete the template?

@bricelam
Copy link
Contributor Author

Updated. Included an example using Dapper because ain't nobody wanna write ADO.NET. 😉

@bricelam bricelam added this to the 5.0.x milestone Nov 13, 2020
@bricelam bricelam changed the title [release/5.0] Microsoft.Data.Sqlite: Don't force decryption when password unset [5.0.1] Microsoft.Data.Sqlite: Don't force decryption when password unset Nov 13, 2020
@ajcvickers ajcvickers modified the milestones: 5.0.x, 5.0.1 Nov 16, 2020
@ajcvickers
Copy link
Member

Approved by Tactics for 5.0.1.

@ghost
Copy link

ghost commented Nov 18, 2020

Hello @bricelam!

Because this pull request has the auto-merge label, I will be glad to assist with helping to merge this pull request once all check-in policies pass.

p.s. you can customize the way I help with merging this pull request, such as holding this pull request until a specific person approves. Simply @mention me (@msftbot) and give me an instruction to get started! Learn more here.

@ghost
Copy link

ghost commented Nov 18, 2020

Apologies, while this PR appears ready to be merged, I've been configured to only merge when all checks have explicitly passed. The following integrations have not reported any progress on their checks and are blocking auto-merge:

  1. Azure Pipelines

These integrations are possibly never going to report a check, and unblocking auto-merge likely requires a human being to update my configuration to exempt these integrations from requiring a passing check.

Give feedback on this
From the bot dev team

We've tried to tune the bot such that it posts a comment like this only when auto-merge is blocked for exceptional, non-intuitive reasons. When the bot's auto-merge capability is properly configured, auto-merge should operate as you would intuitively expect and you should not see any spurious comments.

Please reach out to us at fabricbotservices@microsoft.com to provide feedback if you believe you're seeing this comment appear spuriously. Please note that we usually are unable to update your bot configuration on your team's behalf, but we're happy to help you identify your bot admin.

@ghost
Copy link

ghost commented Nov 18, 2020

Apologies, while this PR appears ready to be merged, it looks like release/5.0 is a protected branch and I have not been granted permission to perform the merge.

@bricelam bricelam merged commit a987c6a into dotnet:release/5.0 Nov 19, 2020
@bricelam bricelam deleted the password branch November 19, 2020 00:19
@ajcvickers ajcvickers mentioned this pull request Nov 20, 2020
Closed
@ajcvickers ajcvickers removed this from the 5.0.1 milestone Dec 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smitpatel smitpatel smitpatel approved these changes

Assignees
No one assigned
Labels
auto-merge Servicing-approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bricelam @ajcvickers @smitpatel