Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

option --authentication-method=ActiveDirectoryServicePrincipal dose not seem to be working #562

Closed
NakagawaMakoto opened this issue Dec 13, 2024 · 2 comments

Comments

@NakagawaMakoto
Copy link

I am testing with v1.8.0. on Debian 12.8. The documentation says, Provide a user name in the form <service principal id>@<tenant id> and set AZURE_CLIENT_CERTIFICATE_PATH environment variable to the path of the certificate file. But it does not work.

$ echo "" | AZURE_CLIENT_CERTIFICATE_PATH=~/xcertificate4automation.pem ~/sqlcmd -S sql-devx.database.windows.net -d sqldb -U id@tenant --authentication-method=ActiveDirectoryServicePrincipal -i <(echo "print 'OK';")
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0xac5d02]

goroutine 1 [running]:
github.com/microsoft/go-mssqldb/azuread.(*azureFedAuthConfig).provideActiveDirectoryToken(0xc0000365a0, {0x114f0b0, 0x184eae0}, {0xc0004bcd40, 0x1d}, {0xc000041640?, 0xc00021c6a0?})
	/go/pkg/mod/github.com/microsoft/[email protected]/azuread/configuration.go:228 +0x742
github.com/microsoft/go-mssqldb/azuread.newConnectorConfig.func1({0x114f0b0?, 0x184eae0?}, {0xc0004bcd40?, 0xc000035cc0?}, {0xc000041640?, 0x0?})
	/go/pkg/mod/github.com/microsoft/[email protected]/azuread/driver.go:53 +0x45
github.com/microsoft/go-mssqldb.connect({_, _}, _, {_, _}, {0x0, {0xc0004e8959, 0x1d}, {0x0, 0x0}, ...})
	/go/pkg/mod/github.com/microsoft/[email protected]/tds.go:1356 +0x140a
github.com/microsoft/go-mssqldb.(*Driver).connect(_, {_, _}, _, {0x0, {0xc0004e8959, 0x1d}, {0x0, 0x0}, {0xc0004e8a0f, ...}, ...})
	/go/pkg/mod/github.com/microsoft/[email protected]/mssql.go:420 +0x9a
github.com/microsoft/go-mssqldb.(*Connector).Connect(0xc000378150?, {0x114f0b0, 0x184eae0})
	/go/pkg/mod/github.com/microsoft/[email protected]/mssql_go110.go:38 +0x7e
database/sql.(*DB).conn(0xc00032e0d0, {0x114f0b0, 0x184eae0}, 0x1)
	/usr/local/go/src/database/sql/sql.go:1415 +0x71e
database/sql.(*DB).Conn.func1(0x80?)
	/usr/local/go/src/database/sql/sql.go:1940 +0x3a
database/sql.(*DB).retry(0xc00058edd0?, 0xc00058eda0)
	/usr/local/go/src/database/sql/sql.go:1566 +0x42
database/sql.(*DB).Conn(0xc00032e0d0, {0x114f0b0?, 0x184eae0?})
	/usr/local/go/src/database/sql/sql.go:1939 +0x7b
github.com/microsoft/go-sqlcmd/pkg/sqlcmd.(*Sqlcmd).ConnectDb(0xc000000000, 0xc0003a9620?, 0x0?)
	/__w/1/s/go-sqlcmd/pkg/sqlcmd/sqlcmd.go:283 +0x7e5
github.com/microsoft/go-sqlcmd/cmd/sqlcmd.run(0xc000062650, 0x17ede60)
	/__w/1/s/go-sqlcmd/cmd/sqlcmd/sqlcmd.go:779 +0x626
github.com/microsoft/go-sqlcmd/cmd/sqlcmd.Execute.func2(0xc0004c2308, {0xc00013f050?, 0x4?, 0xdd7fdb?})
	/__w/1/s/go-sqlcmd/cmd/sqlcmd/sqlcmd.go:249 +0x427
github.com/spf13/cobra.(*Command).execute(0xc0004c2308, {0xc0004b7800, 0x9, 0x10})
	/go/pkg/mod/github.com/spf13/[email protected]/command.go:920 +0x867
github.com/spf13/cobra.(*Command).ExecuteC(0xc0004c2308)
	/go/pkg/mod/github.com/spf13/[email protected]/command.go:1044 +0x3a5
github.com/spf13/cobra.(*Command).Execute(...)
	/go/pkg/mod/github.com/spf13/[email protected]/command.go:968
github.com/microsoft/go-sqlcmd/cmd/sqlcmd.Execute({0x11421c4, 0x6})
	/__w/1/s/go-sqlcmd/cmd/sqlcmd/sqlcmd.go:273 +0x18e
main.main()
	/__w/1/s/go-sqlcmd/cmd/modern/main.go:52 +0x218

But the following works.

$ AZURE_CLIENT_ID=id AZURE_TENANT_ID=tenant AZURE_CLIENT_CERTIFICATE_PATH=~/xcertificate4automation.pem ~/sqlcmd -S sql-devx.database.windows.net -d sqldb -G -i <(echo "print 'OK';")
OK
@NakagawaMakoto NakagawaMakoto changed the title opention --authentication-method=ActiveDirectoryServicePrincipal dose not seem to be working option --authentication-method=ActiveDirectoryServicePrincipal dose not seem to be working Dec 13, 2024
@shueybubbles
Copy link
Collaborator

thx for opening an issue. Sadly, I can't test with a cert directly because we're not allowed to use cert-based auth in our environment.
Can you try it with 1.8.2? We picked up a new go-mssqldb driver version that had a fix in this area.

@NakagawaMakoto
Copy link
Author

I have verified that it works fine with 1.8.2. It is quite annoying to be prompted for password when you know you specify the right certificate, though.

echo "" | AZURE_CLIENT_CERTIFICATE_PATH=<(openssl pkcs12 -in ~/certificate4automation.pfx -passin "pass:${PFXPASS}" -noenc) ~/sqlcmd -S sql-lsi.database.windows.net -d db -U id@tenant--authentication-method=ActiveDirectoryServicePrincipal -i <(echo "print 'OK';")

Thank you for the fix anyway.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants