Progress DataDirect Connect and Connect64 for ODBC SQL Server Wire Protocol Driver
An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.
- Certified with Red Hat Enterprise 8.0*
Driver version 08.02.0269 (B0526, U0369)
- Certified with Microsoft Azure SQL Data Warehouse 12.00
Certified with Red Hat Enterprise 7.3
- Certified with Windows Server 2016
- Certified with Debian Linux 7.11, 8.5
- Certified with Ubuntu Linux 14.04, 16.04
- The curl library files that are installed with the product have been
upgraded to version 7.67.0, which fixes a number of potential security
vulnerabilities. For more information on the vulnerabilities resolved
by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html.
This upgrade is available starting in build 08.02.0116 of the curl library
- The driver has been enhanced to support the Always Encrypted feature. Beginning with SQL Server 2016, Azure SQL and SQL Server databases support Always Encrypted, which allows sensitive data to be stored on the server in an encrypted state such that the data can only be decrypted by an authorized application. The following are highlights of this enhancement:
You can enable support for Always Encrypted using the new Column Encryption, Key Store Principal, Key Store Secret, and Key Cache Time To Live connection options.
- The driver detects all supported native data types in encrypted columns and transparently encrypts values bound to SQL parameters or decrypts values returned in results and output parameters.
- The driver supports configurable caching of column encryption keys for improved performance.
- The driver supports using Windows Certificate Store and Azure Key Vault as keystore providers.
The default version of the OpenSSL library, 1.0.2r, has reached the end of its
product life-cycle and has been upgraded to version 1.1.1d. In addition to
receiving full update support, version 1.1.1d fixes the following security
- Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
- Windows builds with insecure path defaults (CVE-2019-1552)
- Fork Protection (CVE-2019-1549)
- ECDSA remote timing attack (CVE-2019-1547)
- ChaCha20-Poly1305 with long nonces (CVE-2019-1543)
- Timing vulnerability in ECDSA signature generation (CVE-2018-0735)
Version 1.1.1d also addresses vulnerabilities resolved by earlier versions of the library. For more information on the installed library files, refer to the readme.
For more information on the OpenSSL vulnerabilities resolved by this upgrade,
refer to the corresponding OpenSSL announcements at
- The new AllowedOpenSSLVersions option determines which version of the OpenSSL library file the driver uses for data
encryption when multiple versions are installed with the product. For example,
when specifying a value of 1.1.1 (AllowedOpenSSLVersions=1.1.1) the driver uses the 1.1.1 version of the library that is installed with the driver.*
- The default version of the OpenSSL library has been updated to 1.0.2r.*
- The driver has been enhanced to transparently connect to Microsoft Azure SQL Data Warehouse and
Microsoft Analytics Platform System data sources.
- The driver has been enhanced to support connecting to a proxy server through an HTTP connection.
HTTP proxy support is configurable with the new Proxy Host, Proxy Mode, Proxy Password, Proxy Port, and Proxy User connection options.
- The new Enable Server Side Cursors connection option allows you to determine which server-side
cursors are enabled for the data source.
- The driver is enhanced to support Azure Active Directory (Azure AD) authentication. Azure AD
authentication is an alternative to SQL Server Authentication for Azure SQL Database that allows you
to centrally manage identities of database users.
The driver has been enhanced to support Always On Availability Groups.
Introduced in SQL Server 2012, Always On Availability Groups is a
replica-database environment that provides a high-level of data availability,
protection, and recovery. To support this enhancement, the following updates
have been made to the driver:
- The Host Name option has been updated to support the virtual network
name (VNN) of the availability group listener as a valid value. To connect
to an Always On Availability group, you must specify the VNN using this
- The new Application Intent option allows you to control whether the driver
requests read-only routing, thereby improving efficiency by reducing the
workload on read-write nodes. For details, refer to the readme installed with the product.
- The new MultiSubnetFailover option allows the driver to attempt parallel
connections to all the IP addresses associated with an availability group
when the primary listener is unavailable. This offers improved response
time over traditional failover, which attempts connections to alternate
servers one at a time. For details, refer to the readme installed with the product.
- The driver and Driver Manager have been enhanced to support UTF-8 encoding in the odbc.ini and
The OpenSSL library was updated to version 1.0.2n.
The following Windows platforms have reached the end of their product lifecycle
and are no longer supported by the driver*:
- Windows 8.0 (versions 8.1 and higher are still supported)
- Windows Vista (all versions)
- Windows XP (all versions)
- Windows Server 2003 (all versions)
- The new CryptoLibName and SSLLibName connection options allow you to designate the OpenSSL libraries used when SSL is enabled.
- Certified with Microsoft Azure SQL Data Warehouse 12.00* (driver version 07.16.0369 (B0372, U0245))
- Certified with Red Hat Enterprise 7.3* (driver version 07.16.0361 (B0363, U0242))
- Certified with Windows Server 2016* (driver version 07.16.0352 (B0357, U0237))
- Certified with Debian Linux 7.11*, 8.5* (driver version 07.16.0300 (B0314, U0208))
- Certified with Ubuntu Linux 14.04*, 16.04* (driver version 07.16.0300 (B0314, U0208))
- Certified with Windows 10
- Certified with Red Hat Enterprise 7.1
- Certified with CentOS Linux 7.1
- Certified with Oracle Linux 7.1
- Certified with SUSE Enterprise Server 12
- Certified with Red Hat Enterprise 7.0
- Certified with CentOS Linux 7.0
- Certified with Oracle Linux 7.0
- The OpenSSL library was upgraded to version 1.0.0r, which fixes the
CVE‐2015‐0204 (FREAK) vulnerability. See "RSA silently downgrades
to EXPORT_RSA [Client] (CVE‐2015‐0204)" at
https://www.openssl.org/news/secadv_20150108.txt for more
- The driver has been enhanced to support NTLMv2 authentication, which can be
enabled using the AuthenticationMethod connection option.
- The new PRNGSeedSource connection option allows you to specifies whether the
driver uses a file or the RAND_poll function as the seed source for SSL key generation.
- The new PRNGSeedFile connection option allows you to specify the entropy‐source file or device used as a seed for SSL key generation.
- The new Crypto Protocol Version connection option allows you to specify the cryptographic protocols used when SSL is enabled. This option can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.
- Certified with Windows 8.1
The new KeepAlive connection option allows you to
use TCP Keep Alive to maintain idle TCP connections.
- Certified with CentOS Linux 4.x, 5.x, and 6.x
- Certified with Oracle Linux 4.x, 5.x, and 6.x
- Certified with Oracle Solaris 11.1
- Certified with Red Hat 6.3
- Certified with Windows 8 and Windows Server 2012