fix: add TrustServerCertificate support and fix sp_GetEmployeeById param name

- Add trustServerCertificate: Bool = false to MSSQLConnection.Configuration
  (equivalent to TrustServerCertificate=true in SQL Server connection strings)
- Use it in upgradeTLS() to control certificateVerification (.none vs default)
- Test configuration sets trustServerCertificate: true for self-signed certs
- Fix mssql_seed.sql: sp_GetEmployeeById parameter renamed @p1 → @id
  to match what testCallProcedureWithInputParams expects

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: vkuttyp

Sources/MSSQLNio/MSSQLConnection.swift

@@ -37,6 +37,10 @@ public final class MSSQLConnection: SQLDatabase, @unchecked Sendable {
         /// SQL Server password. Not required when using Windows/NTLM authentication (`domain` is set).
         public var password:       String     = ""
         public var tls:            SQLTLSConfiguration = .prefer
+        /// When `true`, the server's TLS certificate is accepted without verification
+        /// (equivalent to `TrustServerCertificate=true` in a SQL Server connection string).
+        /// Set this to `true` when connecting to servers with self-signed certificates (e.g. dev/test).
+        public var trustServerCertificate: Bool = false
         public var logger:         Logger     = Logger(label: "MSSQLNio")
         /// Timeout for establishing the TCP + TLS + Login7 handshake (seconds). nil = no limit.
         public var connectTimeout: TimeInterval? = 30
@@ -52,18 +56,20 @@ public final class MSSQLConnection: SQLDatabase, @unchecked Sendable {
         public init(host: String, port: Int = 1433,
                     database: String, username: String, password: String,
                     tls: SQLTLSConfiguration = .prefer,
+                    trustServerCertificate: Bool = false,
                     connectTimeout: TimeInterval? = 30,
                     queryTimeout:   TimeInterval? = nil,
                     readOnly:       Bool = false) {
-            self.host           = host
-            self.port           = port
-            self.database       = database
-            self.username       = username
-            self.password       = password
-            self.tls            = tls
-            self.connectTimeout = connectTimeout
-            self.queryTimeout   = queryTimeout
-            self.readOnly       = readOnly
+            self.host                   = host
+            self.port                   = port
+            self.database               = database
+            self.username               = username
+            self.password               = password
+            self.tls                    = tls
+            self.trustServerCertificate = trustServerCertificate
+            self.connectTimeout         = connectTimeout
+            self.queryTimeout           = queryTimeout
+            self.readOnly               = readOnly
         }
 
         /// Windows/NTLM authentication. Username and password are optional;
@@ -75,19 +81,21 @@ public final class MSSQLConnection: SQLDatabase, @unchecked Sendable {
                     username: String = "",
                     password: String = "",
                     tls: SQLTLSConfiguration = .prefer,
+                    trustServerCertificate: Bool = false,
                     connectTimeout: TimeInterval? = 30,
                     queryTimeout:   TimeInterval? = nil,
                     readOnly:       Bool = false) {
-            self.host           = host
-            self.port           = port
-            self.database       = database
-            self.domain         = domain
-            self.username       = username
-            self.password       = password
-            self.tls            = tls
-            self.connectTimeout = connectTimeout
-            self.queryTimeout   = queryTimeout
-            self.readOnly       = readOnly
+            self.host                   = host
+            self.port                   = port
+            self.database               = database
+            self.domain                 = domain
+            self.username               = username
+            self.password               = password
+            self.tls                    = tls
+            self.trustServerCertificate = trustServerCertificate
+            self.connectTimeout         = connectTimeout
+            self.queryTimeout           = queryTimeout
+            self.readOnly               = readOnly
         }
     }
 
@@ -201,7 +209,9 @@ public final class MSSQLConnection: SQLDatabase, @unchecked Sendable {
 
     private func upgradeTLS() async throws {
         var tlsConfig = TLSConfiguration.makeClientConfiguration()
-        tlsConfig.certificateVerification = .none   // dev/test; in production supply a CA cert
+        if config.trustServerCertificate {
+            tlsConfig.certificateVerification = .none
+        }
         let sslContext = try NIOSSLContext(configuration: tlsConfig)
         // IP addresses cannot be used for SNI — pass nil to disable SNI for IP hosts
         let sniHostname: String? = {

Tests/MSSQLNioTests/Support/TestDatabase.swift

@@ -24,11 +24,12 @@ struct TestDatabase {
     static var configuration: MSSQLConnection.Configuration {
         let env = ProcessInfo.processInfo.environment
         return MSSQLConnection.Configuration(
-            host:     env["MSSQL_TEST_HOST"] ?? "127.0.0.1",
-            port:     Int(env["MSSQL_TEST_PORT"] ?? "1433") ?? 1433,
-            database: env["MSSQL_TEST_DB"]   ?? "MSSQLNioTestDb",
-            username: env["MSSQL_TEST_USER"] ?? "sa",
-            password: env["MSSQL_TEST_PASS"] ?? "aBCD111"
+            host:                   env["MSSQL_TEST_HOST"] ?? "127.0.0.1",
+            port:                   Int(env["MSSQL_TEST_PORT"] ?? "1433") ?? 1433,
+            database:               env["MSSQL_TEST_DB"]   ?? "MSSQLNioTestDb",
+            username:               env["MSSQL_TEST_USER"] ?? "sa",
+            password:               env["MSSQL_TEST_PASS"] ?? "aBCD111",
+            trustServerCertificate: true
         )
     }
 

Tests/Resources/mssql_seed.sql

@@ -206,13 +206,13 @@ GO
 -- ─── Stored Procedures ───────────────────────────────────────────────────────
 
 CREATE PROCEDURE sp_GetEmployeeById
-    @p1 UNIQUEIDENTIFIER
+    @id UNIQUEIDENTIFIER
 AS
 BEGIN
     SET NOCOUNT ON;
     SELECT id, name, email, salary, department_id, is_active, notes
     FROM Employees
-    WHERE id = @p1;
+    WHERE id = @id;
 END;
 GO