A native Microsoft SQL Server (TDS) client for Rust.
| Version | Support level | Notes |
|---|---|---|
| 2019 | Tested on CI | |
| 2017 | Tested on CI | |
| 2016 | Should work | |
| 2014 | Should work | |
| 2012 | Should work | |
| 2008 | Should work | |
| 2005 | Should work | With feature flag tds73 disabled. |
The system should work with the Docker and Azure versions of SQL Server without trouble. For installing with Windows systems, please don't forget the following things:
| Flag | Description | Default |
|---|---|---|
tls |
Enables TLS support. | enabled |
tds73 |
Support for new date and time types in TDS version 7.3. Disable if using version 7.2. | enabled |
rust_decimal |
Read and write numeric/decimal values using rust_decimal's Decimal. |
disabled |
sql-browser-async-std |
SQL Browser implementation for the TcpStream of async-std. |
disabled |
sql-browser-tokio |
SQL Browser implementation for the TcpStream of Tokio. |
disabled |
Tiberius does not rely on any protocol when connecting to an SQL Server instance. Instead the Client takes a socket that implements the AsyncRead and AsyncWrite traits from the futures-rs crate.
Currently there are good async implementations for TCP in the async-std, Tokio and Smol projects. To be able to use them together with Tiberius on Windows platforms with SQL Server, the TCP should be enabled in the server settings (disabled by default). In the offficial Docker image TCP is is enabled by default.
To use named pipes, Miow provides the NamedPipe that implements sync Read and Write traits. With some extra work one could write a crate that implements the AsyncRead and AsyncWrite traits to it. When this happens, Tiberius will support named pipes without any changes to the crate code.
The shared memory protocol is not documented and seems there is no Rust crates implementing it.
Make sure the certificate your using is trusted by your local machine. To create a self-signed certificate that is trusted you can use the following powershell:
$cert = New-SelfSignedCertificate -DnsName $serverName,localhost -CertStoreLocation cert:\LocalMachine\My
$rootStore = Get-Item cert:\LocalMachine\Root
$rootStore.Open("ReadWrite")
$rootStore.Add($cert)
$rootStore.Close();You also have to change the certificate in the SQL Server settings.
In a production setting you likely want to use a certificate that is issued by a
CA.
b) Disable certificate validation by using TrustServerCertificate=true in your connection string (requires 0.2.2)
For a connection to localhost, which will never leave your machine, it's safe to disable encryption. Currently this is only possible by doing someting like the following in your cargo.toml:
tiberius = { version = "0.X", default-features=false, features=["chrono"] }This will disable encryption for your ENTIRE crate
If you have a security issue to report, please contact us at [email protected]