Merge remote-tracking branch 'upstream/main' into sspi-writer

Author: twsouthwick

src/Microsoft.Data.SqlClient.sln

@@ -196,7 +196,6 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{4F3CD363-B1E6-4D6D-9466-97D78A56BE45}"
 	ProjectSection(SolutionItems) = preProject
 		Directory.Build.props = Directory.Build.props
-		NuGet.config = NuGet.config
 	EndProjectSection
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.SqlServer.Server", "Microsoft.SqlServer.Server\Microsoft.SqlServer.Server.csproj", "{A314812A-7820-4565-A2A8-ABBE391C11E4}"

src/Microsoft.Data.SqlClient/netcore/src/Microsoft.Data.SqlClient.csproj

@@ -18,6 +18,7 @@
     <Product>Core $(BaseProduct)</Product>
     <EnableTrimAnalyzer Condition="$([MSBuild]::IsTargetFrameworkCompatible('$(TargetFramework)', 'net6.0'))">true</EnableTrimAnalyzer>
     <NoWarn>$(NoWarn);IL2026;IL2057;IL2072;IL2075</NoWarn>
+    <RootNamespace />
   </PropertyGroup>
   <PropertyGroup>
     <TargetFrameworkMonikerAssemblyAttributesPath>$([System.IO.Path]::Combine('$(IntermediateOutputPath)','$(TargetFrameworkMoniker).AssemblyAttributes$(DefaultLanguageSourceExtension)'))</TargetFrameworkMonikerAssemblyAttributesPath>
@@ -935,6 +936,7 @@
     </EmbeddedResource>
     <EmbeddedResource Include="$(CommonSourceRoot)Resources\$(ResxFileName).*.resx">
       <Link>Resources\%(RecursiveDir)%(Filename)%(Extension)</Link>
+      <LogicalName>Microsoft.Data.SqlClient.Resources.%(Filename).resources</LogicalName>
     </EmbeddedResource>
     <EmbeddedResource Include="Resources\Microsoft.Data.SqlClient.SqlMetaData.xml">
       <LogicalName>Microsoft.Data.SqlClient.SqlMetaData.xml</LogicalName>

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNIProxy.cs

@@ -196,7 +196,7 @@ internal static SNIHandle CreateConnectionHandle(
             }
 
             SNIHandle sniHandle = null;
-            switch (details._connectionProtocol)
+            switch (details.ResolvedProtocol)
             {
                 case DataSource.Protocol.Admin:
                 case DataSource.Protocol.None: // default to using tcp if no protocol is provided
@@ -208,7 +208,7 @@ internal static SNIHandle CreateConnectionHandle(
                     sniHandle = CreateNpHandle(details, timeout, parallel, tlsFirst, hostNameInCertificate, serverCertificateFilename);
                     break;
                 default:
-                    Debug.Fail($"Unexpected connection protocol: {details._connectionProtocol}");
+                    Debug.Fail($"Unexpected connection protocol: {details.ResolvedProtocol}");
                     break;
             }
 
@@ -244,11 +244,11 @@ private static byte[][] GetSqlServerSPNs(DataSource dataSource, string serverSPN
             }
             else if (!string.IsNullOrWhiteSpace(dataSource.InstanceName))
             {
-                postfix = dataSource._connectionProtocol == DataSource.Protocol.TCP ? dataSource.ResolvedPort.ToString() : dataSource.InstanceName;
+                postfix = dataSource.ResolvedProtocol == DataSource.Protocol.TCP ? dataSource.ResolvedPort.ToString() : dataSource.InstanceName;
             }
 
             SqlClientEventSource.Log.TryTraceEvent("SNIProxy.GetSqlServerSPN | Info | ServerName {0}, InstanceName {1}, Port {2}, postfix {3}", dataSource?.ServerName, dataSource?.InstanceName, dataSource?.Port, postfix);
-            return GetSqlServerSPNs(hostName, postfix, dataSource._connectionProtocol);
+            return GetSqlServerSPNs(hostName, postfix, dataSource.ResolvedProtocol);
         }
 
         private static byte[][] GetSqlServerSPNs(string hostNameOrAddress, string portOrInstanceName, DataSource.Protocol protocol)
@@ -326,7 +326,7 @@ private static SNITCPHandle CreateTcpHandle(
             }
 
             int port = -1;
-            bool isAdminConnection = details._connectionProtocol == DataSource.Protocol.Admin;
+            bool isAdminConnection = details.ResolvedProtocol == DataSource.Protocol.Admin;
             if (details.IsSsrpRequired)
             {
                 try
@@ -439,8 +439,6 @@ internal class DataSource
 
         internal enum Protocol { TCP, NP, None, Admin };
 
-        internal Protocol _connectionProtocol = Protocol.None;
-
         /// <summary>
         /// Provides the HostName of the server to connect to for TCP protocol.
         /// This information is also used for finding the SPN of SqlServer
@@ -472,6 +470,12 @@ internal enum Protocol { TCP, NP, None, Admin };
         /// </summary>
         internal string PipeHostName { get; private set; }
 
+        /// <summary>
+        /// Gets or sets the protocol that was resolved from the connection string. If this is
+        /// <see cref="Protocol.None"/>, the protocol could not reliably be determined.
+        /// </summary>
+        internal Protocol ResolvedProtocol { get; private set; }
+
         private string _workingDataSource;
         private string _dataSourceAfterTrimmingProtocol;
 
@@ -488,16 +492,16 @@ private DataSource(string dataSource)
 
             PopulateProtocol();
 
-            _dataSourceAfterTrimmingProtocol = (firstIndexOfColon > -1) && _connectionProtocol != Protocol.None
+            _dataSourceAfterTrimmingProtocol = (firstIndexOfColon > -1) && ResolvedProtocol != Protocol.None
                 ? _workingDataSource.Substring(firstIndexOfColon + 1).Trim() : _workingDataSource;
 
             if (_dataSourceAfterTrimmingProtocol.Contains(Slash)) // Pipe paths only allow back slashes
             {
-                if (_connectionProtocol == Protocol.None)
+                if (ResolvedProtocol == Protocol.None)
                     ReportSNIError(SNIProviders.INVALID_PROV);
-                else if (_connectionProtocol == Protocol.NP)
+                else if (ResolvedProtocol == Protocol.NP)
                     ReportSNIError(SNIProviders.NP_PROV);
-                else if (_connectionProtocol == Protocol.TCP)
+                else if (ResolvedProtocol == Protocol.TCP)
                     ReportSNIError(SNIProviders.TCP_PROV);
             }
         }
@@ -508,25 +512,25 @@ private void PopulateProtocol()
 
             if (splitByColon.Length <= 1)
             {
-                _connectionProtocol = Protocol.None;
+                ResolvedProtocol = Protocol.None;
             }
             else
             {
                 // We trim before switching because " tcp : server , 1433 " is a valid data source
                 switch (splitByColon[0].Trim())
                 {
                     case TdsEnums.TCP:
-                        _connectionProtocol = Protocol.TCP;
+                        ResolvedProtocol = Protocol.TCP;
                         break;
                     case TdsEnums.NP:
-                        _connectionProtocol = Protocol.NP;
+                        ResolvedProtocol = Protocol.NP;
                         break;
                     case TdsEnums.ADMIN:
-                        _connectionProtocol = Protocol.Admin;
+                        ResolvedProtocol = Protocol.Admin;
                         break;
                     default:
                         // None of the supported protocols were found. This may be a IPv6 address
-                        _connectionProtocol = Protocol.None;
+                        ResolvedProtocol = Protocol.None;
                         break;
                 }
             }
@@ -610,7 +614,7 @@ private void InferLocalServerName()
             // If Server name is empty or localhost, then use "localhost"
             if (string.IsNullOrEmpty(ServerName) || IsLocalHost(ServerName) ||
                 (Environment.MachineName.Equals(ServerName, StringComparison.CurrentCultureIgnoreCase) &&
-                 _connectionProtocol == Protocol.Admin))
+                 ResolvedProtocol == Protocol.Admin))
             {
                 // For DAC use "localhost" instead of the server name.
                 ServerName = DefaultHostName;
@@ -642,11 +646,11 @@ private bool InferConnectionDetails()
                 }
 
                 // For Tcp and Only Tcp are parameters allowed.
-                if (_connectionProtocol == Protocol.None)
+                if (ResolvedProtocol == Protocol.None)
                 {
-                    _connectionProtocol = Protocol.TCP;
+                    ResolvedProtocol = Protocol.TCP;
                 }
-                else if (_connectionProtocol != Protocol.TCP)
+                else if (ResolvedProtocol != Protocol.TCP)
                 {
                     // Parameter has been specified for non-TCP protocol. This is not allowed.
                     ReportSNIError(SNIProviders.INVALID_PROV);
@@ -704,15 +708,15 @@ private void ReportSNIError(SNIProviders provider)
         private bool InferNamedPipesInformation()
         {
             // If we have a datasource beginning with a pipe or we have already determined that the protocol is Named Pipe
-            if (_dataSourceAfterTrimmingProtocol.StartsWith(PipeBeginning, StringComparison.Ordinal) || _connectionProtocol == Protocol.NP)
+            if (_dataSourceAfterTrimmingProtocol.StartsWith(PipeBeginning, StringComparison.Ordinal) || ResolvedProtocol == Protocol.NP)
             {
                 // If the data source starts with "np:servername"
                 if (!_dataSourceAfterTrimmingProtocol.Contains(PipeBeginning))
                 {
                     // Assuming that user did not change default NamedPipe name, if the datasource is in the format servername\instance, 
                     // separate servername and instance and prepend instance with MSSQL$ and append default pipe path 
                     // https://learn.microsoft.com/en-us/sql/tools/configuration-manager/named-pipes-properties?view=sql-server-ver16
-                    if (_dataSourceAfterTrimmingProtocol.Contains(PathSeparator) && _connectionProtocol == Protocol.NP)
+                    if (_dataSourceAfterTrimmingProtocol.Contains(PathSeparator) && ResolvedProtocol == Protocol.NP)
                     {
                         string[] tokensByBackSlash = _dataSourceAfterTrimmingProtocol.Split(BackSlashCharacter);
                         if (tokensByBackSlash.Length == 2)
@@ -799,11 +803,11 @@ private bool InferNamedPipesInformation()
                 }
 
                 // DataSource is something like "\\pipename"
-                if (_connectionProtocol == Protocol.None)
+                if (ResolvedProtocol == Protocol.None)
                 {
-                    _connectionProtocol = Protocol.NP;
+                    ResolvedProtocol = Protocol.NP;
                 }
-                else if (_connectionProtocol != Protocol.NP)
+                else if (ResolvedProtocol != Protocol.NP)
                 {
                     // In case the path began with a "\\" and protocol was not Named Pipes
                     ReportSNIError(SNIProviders.NP_PROV);

src/Microsoft.Data.SqlClient/netfx/src/Microsoft.Data.SqlClient.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.Net.Sdk">
   <PropertyGroup>
     <ProjectGuid>{407890AC-9876-4FEF-A6F1-F36A876BAADE}</ProjectGuid>
-    <RootNamespace>Microsoft.Data.SqlClient</RootNamespace>
+    <RootNamespace></RootNamespace>
     <TargetFramework>net462</TargetFramework>
     <EnableLocalAppContext>true</EnableLocalAppContext>
     <AssemblyName>Microsoft.Data.SqlClient</AssemblyName>
@@ -731,6 +731,7 @@
     </EmbeddedResource>
     <EmbeddedResource Include="$(CommonSourceRoot)Resources\$(ResxFileName).*.resx">
       <Link>Resources\%(RecursiveDir)%(Filename)%(Extension)</Link>
+      <LogicalName>Microsoft.Data.SqlClient.Resources.%(Filename).resources</LogicalName>
     </EmbeddedResource>
     <EmbeddedResource Include="Resources\Microsoft.Data.SqlClient.SqlMetaData.xml">
       <LogicalName>Microsoft.Data.SqlClient.SqlMetaData.xml</LogicalName>

src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs

@@ -120,7 +120,11 @@ public override async Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenti
             using CancellationTokenSource cts = new();
 
             // Use Connection timeout value to cancel token acquire request after certain period of time.
-            cts.CancelAfter(parameters.ConnectionTimeout * 1000); // Convert to milliseconds
+            int timeout = parameters.ConnectionTimeout * 1000; // Convert to milliseconds
+            if (timeout > 0) // if ConnectionTimeout is 0 or the millis overflows an int, no need to set CancelAfter
+            {
+                cts.CancelAfter(timeout);
+            }
 
             string scope = parameters.Resource.EndsWith(s_defaultScopeSuffix, StringComparison.Ordinal) ? parameters.Resource : parameters.Resource + s_defaultScopeSuffix;
             string[] scopes = new string[] { scope };

src/Microsoft.Data.SqlClient/tests/ManualTests/DataCommon/DataTestUtility.cs

@@ -67,6 +67,7 @@ public static class DataTestUtility
         public static readonly string EnclaveAzureDatabaseConnString = null;
         public static bool ManagedIdentitySupported = true;
         public static string AADAccessToken = null;
+        public static bool SupportsSystemAssignedManagedIdentity = false;
         public static string AADSystemIdentityAccessToken = null;
         public static string AADUserIdentityAccessToken = null;
         public const string ApplicationClientId = "2fd908ad-0664-4344-b9be-cd3e8b574c38";
@@ -108,6 +109,15 @@ public static bool IsAzureSynapse
             }
         }
 
+        public static bool TcpConnectionStringDoesNotUseAadAuth
+        {
+            get
+            {
+                SqlConnectionStringBuilder builder = new (TCPConnectionString);
+                return builder.Authentication == SqlAuthenticationMethod.SqlPassword || builder.Authentication == SqlAuthenticationMethod.NotSpecified;
+            }
+        }
+
         public static string SQLServerVersion
         {
             get
@@ -645,7 +655,7 @@ public static string GetAccessToken()
 
         public static string GetSystemIdentityAccessToken()
         {
-            if (true == ManagedIdentitySupported && null == AADSystemIdentityAccessToken && IsAADPasswordConnStrSetup())
+            if (ManagedIdentitySupported && SupportsSystemAssignedManagedIdentity && null == AADSystemIdentityAccessToken && IsAADPasswordConnStrSetup())
             {
                 AADSystemIdentityAccessToken = AADUtility.GetManagedIdentityToken().GetAwaiter().GetResult();
                 if (AADSystemIdentityAccessToken == null)
@@ -658,7 +668,7 @@ public static string GetSystemIdentityAccessToken()
 
         public static string GetUserIdentityAccessToken()
         {
-            if (true == ManagedIdentitySupported && null == AADUserIdentityAccessToken && IsAADPasswordConnStrSetup())
+            if (ManagedIdentitySupported && null == AADUserIdentityAccessToken && IsAADPasswordConnStrSetup())
             {
                 // Pass User Assigned Managed Identity Client Id here.
                 AADUserIdentityAccessToken = AADUtility.GetManagedIdentityToken(UserManagedIdentityClientId).GetAwaiter().GetResult();

src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/AdapterTest/AdapterTest.cs

@@ -1059,7 +1059,14 @@ public void UpdateOffsetTest()
             }
         }
 
-        [ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.AreConnStringsSetup))]
+        public static bool CanRunSchemaTests()
+        {
+            return DataTestUtility.AreConnStringsSetup() &&
+                // Tests switch to master database, which is not guaranteed when using AAD auth
+                DataTestUtility.TcpConnectionStringDoesNotUseAadAuth;
+        }
+
+        [ConditionalFact(nameof(CanRunSchemaTests))]
         public void SelectAllTest()
         {
             // Test exceptions