[MSSQL] Fix regression: Connection establishment

[rtpt-romankarwacik]

This commit broke mssqlclient.py for me: a60a1f1

With the commit a connection to a Microsoft SQL Server 2012 is not possible anymore, during connection establishment (TLS client hello) the server does not respond. The only difference between the packets in the old impacket version I tested ( abfaea2 ) and the commit above is that a tlsv1 client hello is now used, wheres before it was a tlsv1.2 client hello.

This commit reintroduces the explicit setting of the ciphers, which seems to fix this. I am not sure if this is platform dependent which TLS record layer is used, I am testing on Debian 12 with Python 3.11.2 and OpenSSL 3.0.16-1~deb12u1.

[Dfte]

Damn sorry for the trouble and thanks for the patch :)!!

[gabrielg5]

Hey guys,

Testing this I found that @rtpt-romankarwacik changes are not enough (at least in my environment - win10, py3.12, sql2012 -)
I'm getting [-] [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1000) (I have the TLS minimum_version in the context as TLS 1.2)
So we need to change the minimum_version of the context.

This reminds me a PR I've been working on last week #2003 (perhaps not the best PR name :) )
We are redefining there the create_default_context function of the ssl module to create an "insecure" context we can use to connect to old systems.

I guess we can leverage that function to create ssl contexts that allow connection to both new and old TLS versions

EDIT: If setting the minimum_version (context.minimum_version = ssl.TLSVersion.MINIMUM_SUPPORTED) connection can be established ok in my env