From 800c8bc36a2cf6802467affee1d3de5355da852e Mon Sep 17 00:00:00 2001
From: v-arellegue <v-arellegue@microsoft.com>
Date: Mon, 25 Mar 2024 13:35:36 -0700
Subject: [PATCH 1/5] Removed reference to deprecated Ssl2.

---
 .../src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs   | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
index 9a6ceb7054..fbb455f917 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
@@ -769,11 +769,6 @@ private static string ToFriendlyName(this SslProtocols protocol)
             {
                 name = "SSL 3.0";
             }
-            else if ((protocol & SslProtocols.Ssl2) == SslProtocols.Ssl2)
-#pragma warning restore CS0618 // Type or member is obsolete: SSL is depricated
-            {
-                name = "SSL 2.0";
-            }
             else
             {
                 name = protocol.ToString();

From b2ab93d6c4539967c9c190f10459a6229d1ecf44 Mon Sep 17 00:00:00 2001
From: v-arellegue <v-arellegue@microsoft.com>
Date: Mon, 25 Mar 2024 13:37:52 -0700
Subject: [PATCH 2/5] Removed more reference to deprecated Ssl2.

---
 .../src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
index fbb455f917..a758a74db5 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
@@ -786,7 +786,7 @@ public static string GetProtocolWarning(this SslProtocols protocol)
         {
             string message = string.Empty;
 #pragma warning disable CS0618 // Type or member is obsolete : SSL is depricated
-            if ((protocol & (SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None)
+            if ((protocol & (SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None)
 #pragma warning restore CS0618 // Type or member is obsolete : SSL is depricated
             {
                 message = StringsHelper.Format(Strings.SEC_ProtocolWarning, protocol.ToFriendlyName());

From 76b74f4f2bbbd9d0a15d5fe1adf4923a0d757956 Mon Sep 17 00:00:00 2001
From: v-arellegue <v-arellegue@microsoft.com>
Date: Mon, 25 Mar 2024 16:55:01 -0700
Subject: [PATCH 3/5] Add CodeQL suppression mechanism instead.

---
 .../src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
index a758a74db5..4065830799 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
@@ -769,6 +769,11 @@ private static string ToFriendlyName(this SslProtocols protocol)
             {
                 name = "SSL 3.0";
             }
+            else if ((protocol & SslProtocols.Ssl2) == SslProtocols.Ssl2) // CodeQL [SM00395] False Positive: Suppressing CodeQL warning as this is a legacy code
+#pragma warning restore CS0618 // Type or member is obsolete: SSL is depricated
+            {
+                name = "SSL 2.0";
+            }
             else
             {
                 name = protocol.ToString();
@@ -786,7 +791,7 @@ public static string GetProtocolWarning(this SslProtocols protocol)
         {
             string message = string.Empty;
 #pragma warning disable CS0618 // Type or member is obsolete : SSL is depricated
-            if ((protocol & (SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None)
+            if ((protocol & (SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None) // CodeQL [SM00395] False Positive: Suppressing CodeQL warning as this is a legacy code
 #pragma warning restore CS0618 // Type or member is obsolete : SSL is depricated
             {
                 message = StringsHelper.Format(Strings.SEC_ProtocolWarning, protocol.ToFriendlyName());

From c6c004390c5284b0014e0427984d23ccea451790 Mon Sep 17 00:00:00 2001
From: Davoud <v-deshtehari@microsoft.com>
Date: Thu, 28 Mar 2024 15:29:10 -0700
Subject: [PATCH 4/5] Supress CA5397

---
 .../Data/SqlClient/TdsParserHelperClasses.cs       | 14 ++++++++------
 .../Data/SqlClient/TdsParserStateObjectNative.cs   |  5 +++--
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
index 4065830799..b372a2a29b 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
@@ -764,13 +764,14 @@ private static string ToFriendlyName(this SslProtocols protocol)
             {
                 name = "TLS 1.0";
             }
-#pragma warning disable CS0618 // Type or member is obsolete: SSL is depricated
+// SSL 2.0 and 3.0 are provided for backward compatibility
+#pragma warning disable CS0618, CA5397
             else if ((protocol & SslProtocols.Ssl3) == SslProtocols.Ssl3)
             {
                 name = "SSL 3.0";
             }
-            else if ((protocol & SslProtocols.Ssl2) == SslProtocols.Ssl2) // CodeQL [SM00395] False Positive: Suppressing CodeQL warning as this is a legacy code
-#pragma warning restore CS0618 // Type or member is obsolete: SSL is depricated
+            else if ((protocol & SslProtocols.Ssl2) == SslProtocols.Ssl2)
+#pragma warning restore CS0618, CA5397
             {
                 name = "SSL 2.0";
             }
@@ -790,9 +791,10 @@ private static string ToFriendlyName(this SslProtocols protocol)
         public static string GetProtocolWarning(this SslProtocols protocol)
         {
             string message = string.Empty;
-#pragma warning disable CS0618 // Type or member is obsolete : SSL is depricated
-            if ((protocol & (SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None) // CodeQL [SM00395] False Positive: Suppressing CodeQL warning as this is a legacy code
-#pragma warning restore CS0618 // Type or member is obsolete : SSL is depricated
+// SSL 2.0 and 3.0 are provided for backward compatibility
+#pragma warning disable CS0618, CA5397
+            if ((protocol & (SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None)
+#pragma warning restore CS0618, CA5397
             {
                 message = StringsHelper.Format(Strings.SEC_ProtocolWarning, protocol.ToFriendlyName());
             }
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
index 59776956a1..c2271bea9b 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
@@ -427,13 +427,14 @@ internal override uint WaitForSSLHandShakeToComplete(out int protocolVersion)
             }
             else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_SERVER))
             {
-#pragma warning disable CS0618 // Type or member is obsolete : SSL is depricated
+// SSL 2.0 and 3.0 are provided for backward compatibility
+#pragma warning disable CS0618, CA5397
                 protocolVersion = (int)SslProtocols.Ssl3;
             }
             else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL2_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL2_SERVER))
             {
                 protocolVersion = (int)SslProtocols.Ssl2;
-#pragma warning restore CS0618 // Type or member is obsolete : SSL is depricated
+#pragma warning restore CS0618, CA5397
             }
             else //if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_NONE))
             {

From 376bf151abce1d62a0a85933c87b2660e6b584cb Mon Sep 17 00:00:00 2001
From: David Engel <dengel1012@gmail.com>
Date: Fri, 29 Mar 2024 14:48:38 -0700
Subject: [PATCH 5/5] Apply suggestions from code review

---
 .../src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs    | 4 ++--
 .../Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
index b372a2a29b..d0431e1901 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserHelperClasses.cs
@@ -764,7 +764,7 @@ private static string ToFriendlyName(this SslProtocols protocol)
             {
                 name = "TLS 1.0";
             }
-// SSL 2.0 and 3.0 are provided for backward compatibility
+// SSL 2.0 and 3.0 are only referenced to log a warning, not explicitly used for connections
 #pragma warning disable CS0618, CA5397
             else if ((protocol & SslProtocols.Ssl3) == SslProtocols.Ssl3)
             {
@@ -791,7 +791,7 @@ private static string ToFriendlyName(this SslProtocols protocol)
         public static string GetProtocolWarning(this SslProtocols protocol)
         {
             string message = string.Empty;
-// SSL 2.0 and 3.0 are provided for backward compatibility
+// SSL 2.0 and 3.0 are only referenced to log a warning, not explicitly used for connections
 #pragma warning disable CS0618, CA5397
             if ((protocol & (SslProtocols.Ssl2 | SslProtocols.Ssl3 | SslProtocols.Tls | SslProtocols.Tls11)) != SslProtocols.None)
 #pragma warning restore CS0618, CA5397
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
index c2271bea9b..80fd68d5d8 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs
@@ -427,7 +427,7 @@ internal override uint WaitForSSLHandShakeToComplete(out int protocolVersion)
             }
             else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_SERVER))
             {
-// SSL 2.0 and 3.0 are provided for backward compatibility
+// SSL 2.0 and 3.0 are only referenced to log a warning, not explicitly used for connections
 #pragma warning disable CS0618, CA5397
                 protocolVersion = (int)SslProtocols.Ssl3;
             }