Check if server supports OOB check at connect (#419).

oracle · Nov 14, 2024 · e2edf72 · e2edf72
1 parent 368cbfb
commit e2edf72
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 2 deletions.
diff --git a/doc/src/release_notes.rst b/doc/src/release_notes.rst
@@ -20,6 +20,12 @@ Thin Mode Changes
 #)  Perform TLS server matching in python-oracledb instead of the Python SSL
     library to allow alternate names to be checked
     (`issue 415 <https://github.com/oracle/python-oracledb/issues/415>`__).
+#)  If the database states that an out-of-band break check should not take place
+    during connect (by setting the `DISABLE_OOB_AUTO
+    <https://www.oracle.com/pls/topic/lookup?ctx=dblatest&
+    id=GUID-490A0B3B-FEF3-425A-81B0-6FA29D4B8C0E>`__ parameter to TRUE),
+    python-oracledb no longer attempts to do so
+    (`issue 419 <https://github.com/oracle/python-oracledb/issues/419>`__).
 #)  Error ``DPY-6002: The distinguished name (DN) on the server certificate
     does not match the expected value: "{expected_dn}"`` now shows the expected
     value.

diff --git a/src/oracledb/impl/thin/capabilities.pyx b/src/oracledb/impl/thin/capabilities.pyx
@@ -41,6 +41,7 @@ cdef class Capabilities:
         uint32_t max_string_size
         bint supports_fast_auth
         bint supports_oob
+        bint supports_oob_check
         bint supports_end_of_response
         bint supports_pipelining
         uint32_t sdu
@@ -60,6 +61,8 @@ cdef class Capabilities:
         self.supports_oob = protocol_options & TNS_GSO_CAN_RECV_ATTENTION
         if flags & TNS_ACCEPT_FLAG_FAST_AUTH:
             self.supports_fast_auth = True
+        if flags & TNS_ACCEPT_FLAG_CHECK_OOB:
+            self.supports_oob_check = True
         if protocol_version >= TNS_VERSION_MIN_END_OF_RESPONSE:
             if flags & TNS_ACCEPT_FLAG_HAS_END_OF_RESPONSE:
                 self.compile_caps[TNS_CCAP_TTC4] |= TNS_CCAP_END_OF_RESPONSE

diff --git a/src/oracledb/impl/thin/constants.pxi b/src/oracledb/impl/thin/constants.pxi
@@ -762,6 +762,7 @@ cdef enum:
 
 # accept flags
 cdef enum:
+    TNS_ACCEPT_FLAG_CHECK_OOB = 0x00000001
     TNS_ACCEPT_FLAG_FAST_AUTH = 0x10000000
     TNS_ACCEPT_FLAG_HAS_END_OF_RESPONSE = 0x02000000
 

diff --git a/src/oracledb/impl/thin/protocol.pyx b/src/oracledb/impl/thin/protocol.pyx
@@ -289,8 +289,7 @@ cdef class Protocol(BaseProtocol):
 
         # if we can use OOB, send an urgent message now followed by a reset
         # marker to see if the server understands it
-        if self._caps.supports_oob \
-                and self._caps.protocol_version >= TNS_VERSION_MIN_OOB_CHECK:
+        if self._caps.supports_oob and self._caps.supports_oob_check:
             self._transport.send_oob_break()
             self._send_marker(self._write_buf, TNS_MARKER_TYPE_RESET)