Zeroize SQL auth password buffers

[lstkz]

Zeroize SQL Server auth password buffers so the password only lives in crate-owned memory during login, and scrub transient login packet buffers immediately after use.

Summary by CodeRabbit

• Security Improvements

  • Credentials are now handled so passwords and temporary login data are automatically cleared from memory after use, reducing risk of in-memory exposure.
  • Login payloads are protected end-to-end in memory and wiped once transmitted.

• New Features

  • Login sending now uses a framed, memory-safe transmission that ensures sensitive fragments are zeroed after being sent.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: d311e1bd-8199-42c5-8d58-5da6601d7731

📥 Commits

Reviewing files that changed from the base of the PR and between d191c1e and f49b35b.

📒 Files selected for processing (1)

• src/client/connection.rs

---

Walkthrough

The PR adds the zeroize crate and applies in-memory zeroization to SQL Server authentication and login: passwords are stored as Zeroizing, a new into_credentials() replaces accessors, LoginMessage gains encode_to_vec() returning Zeroizing<Vec>, and Connection adds send_sensitive_login() to transmit and zeroize frames.

Changes

Cohort / File(s)	Summary
Dependency Cargo.toml	Added zeroize = "1.8.2" to enable in-memory zeroization.
Client authentication src/client/auth.rs	Changed SqlServerAuth.password: String → Zeroizing<String>; removed user() and password() accessors; added pub(crate) fn into_credentials(self) -> (String, Zeroizing<String>); updated AuthMethod::sql_server to wrap password with Zeroizing::new(...).
Login encoding & transmission src/tds/codec/login.rs, src/client/connection.rs	Added LoginMessage::encode_to_vec() -> Zeroizing<Vec<u8>> and updated Encode<BytesMut> to use it and zeroize temporaries; added Connection::send_sensitive_login(...) to frame, send, and zeroize login payloads; login flow now consumes credentials via into_credentials() and uses the new framing path.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Zeroize SQL auth password buffers' directly and concisely describes the main change: implementing zeroization of SQL authentication password data to prevent sensitive information from lingering in memory.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can generate a title for your PR based on the changes with custom instructions.

Set the reviews.auto_title_instructions setting to generate a title for your PR based on the changes in the PR with custom instructions.

[coderabbitai]

Actionable comments posted: 1

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: b5f34033-416c-4063-a002-f644feb0373d

📥 Commits

Reviewing files that changed from the base of the PR and between a6b4fcd and d191c1e.

📒 Files selected for processing (4)

• Cargo.toml
• src/client/auth.rs
• src/client/connection.rs
• src/tds/codec/login.rs