feat(plugin-oracle): native network encryption, redirect following, clearer listener errors (#483)#1482
feat(plugin-oracle): native network encryption, redirect following, clearer listener errors (#483)#1482datlechin wants to merge 3 commits into
Conversation
…learer listener errors (#483)
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 19cc2393db
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if let code = refused.code { | ||
| return String( | ||
| format: String(localized: "The Oracle listener refused the connection (ORA-%d)."), | ||
| code | ||
| ) |
There was a problem hiding this comment.
For listener-refused failures such as ORA-12514, ORA-12516, or ACL/policy refusals, the listener's text distinguishes very different fixes (unknown service vs no handler vs filtered by ACL). This new branch formats only the numeric code and discards the refused error's own message/description, so the connection dialog still won't show the “actual reason” this change is meant to surface; include the listener text alongside the ORA code instead of replacing it with this generic sentence.
Useful? React with 👍 / 👎.
…nnect error classification
1 participant
Fixes the remaining Oracle connection failures in #483, where servers that work in SQL Developer and DBeaver fail in TablePro with
uncleanShutdown. The 0.46.0 fixes covered the version causes (11g, 10g auth); these are the config causes.What changed
Three distinct server behaviours all surfaced as the same opaque
uncleanShutdown. The protocol work lives in the oracle-nio fork (TableProApp/oracle-nio#2); this PR bumps the pin and updates the plugin's error handling.SQLNET.ENCRYPTION_SERVERorSQLNET.CRYPTO_CHECKSUM_SERVERset to REQUIRED now connect. TablePro negotiates AES encryption with a SHA crypto-checksum, the same as SQL Developer and DBeaver.The Connection Dropped diagnostic no longer claims encryption cannot be negotiated, since it now can; it points at firewalls, VPNs, TLS-only endpoints, and proxies instead.
Pin
Bumps
oracle-nioto18ee714(tablepro-main after TableProApp/oracle-nio#2) and adds the attaswift/BigInt dependency it pulls in for Diffie-Hellman.Validation
The fork is validated against Oracle 23ai with NNE REQUIRED: connects, runs a query, and the session negotiates AES256 + SHA256. No regression with encryption off. No PluginKit ABI bump (the driver protocol is unchanged).
Closes #483