Sync with upstream go-ora

.github/workflows/codeql.yml

@@ -0,0 +1,40 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - teleport
+  pull_request:
+    branches:
+      - teleport
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yaml

@@ -0,0 +1,11 @@
+name: Dependency Review
+
+on:
+  pull_request:
+
+jobs:
+  dependency-review:
+    if: ${{ !startsWith(github.head_ref, 'dependabot/') }}
+    uses: gravitational/shared-workflows/.github/workflows/dependency-review.yaml@main
+    permissions:
+      contents: read

v2/configurations/session_info.go

@@ -2,6 +2,7 @@ package configurations
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net"
 	"strings"
@@ -22,6 +23,7 @@ type SessionInfo struct {
 	Protocol              string
 	SSL                   bool
 	SSLVerify             bool
+	TLSConfig             *tls.Config
 	Dialer                DialerContext
 }
 

v2/connection.go

@@ -2,6 +2,7 @@ package go_ora
 
 import (
 	"context"
+	"crypto/tls"
 	"database/sql"
 	"database/sql/driver"
 	"encoding/binary"
@@ -118,6 +119,7 @@ type OracleConnector struct {
 	drv           *OracleDriver
 	connectString string
 	dialer        configurations.DialerContext
+	tlsConfig     *tls.Config
 }
 
 func NewConnector(connString string) driver.Connector {
@@ -144,6 +146,9 @@ func (connector *OracleConnector) Connect(ctx context.Context) (driver.Conn, err
 	if conn.connOption.Dialer == nil {
 		conn.connOption.Dialer = connector.dialer
 	}
+	if conn.connOption.TLSConfig == nil {
+		conn.connOption.TLSConfig = connector.tlsConfig
+	}
 	err = conn.OpenWithContext(ctx)
 	if err != nil {
 		return nil, err
@@ -163,6 +168,10 @@ func (connector *OracleConnector) Dialer(dialer configurations.DialerContext) {
 	connector.dialer = dialer
 }
 
+func (connector *OracleConnector) WithTLSConfig(config *tls.Config) {
+	connector.tlsConfig = config
+}
+
 // Open return a new open connection
 func (driver *OracleDriver) Open(name string) (driver.Conn, error) {
 	conn, err := NewConnection(name, driver.connOption)

v2/network/session.go

@@ -336,13 +336,20 @@ func (session *Session) LoadSSLData(certs, keys, certRequests [][]byte) error {
 // used to create sslConn object
 func (session *Session) negotiate() {
 	connOption := session.Context.connConfig
+	host := connOption.GetActiveServer(false)
+
+	if tlsConfig := connOption.TLSConfig; tlsConfig != nil {
+		tlsConfig.ServerName = host.Addr
+		session.sslConn = tls.Client(session.conn, tlsConfig)
+		return
+	}
+
 	if session.SSL.roots == nil && len(session.SSL.Certificates) > 0 {
 		session.SSL.roots = x509.NewCertPool()
 		for _, cert := range session.SSL.Certificates {
 			session.SSL.roots.AddCert(cert)
 		}
 	}
-	host := connOption.GetActiveServer(false)
 	config := &tls.Config{
 		ServerName: host.Addr,
 	}