only return the required resolved spn

Author: twsouthwick

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNIProxy.cs

@@ -34,7 +34,7 @@ internal class SNIProxy
         /// <param name="fullServerName">Full server name from connection string</param>
         /// <param name="timeout">Timer expiration</param>
         /// <param name="instanceName">Instance name</param>
-        /// <param name="spns">SPNs</param>
+        /// <param name="resolvedSpn">SPN</param>
         /// <param name="serverSPN">pre-defined SPN</param>
         /// <param name="flushCache">Flush packet cache</param>
         /// <param name="async">Asynchronous connection</param>
@@ -51,7 +51,7 @@ internal static SNIHandle CreateConnectionHandle(
             string fullServerName,
             TimeoutTimer timeout,
             out byte[] instanceName,
-            ref string[] spns,
+            out string resolvedSpn,
             string serverSPN,
             bool flushCache,
             bool async,
@@ -65,6 +65,7 @@ internal static SNIHandle CreateConnectionHandle(
             string serverCertificateFilename)
         {
             instanceName = new byte[1];
+            resolvedSpn = default;
 
             bool errorWithLocalDBProcessing;
             string localDBDataSource = GetLocalDBDataSource(fullServerName, out errorWithLocalDBProcessing);
@@ -103,7 +104,7 @@ internal static SNIHandle CreateConnectionHandle(
             {
                 try
                 {
-                    spns = GetSqlServerSPNs(details, serverSPN);
+                    resolvedSpn = GetSqlServerSPNs(details, serverSPN);
                 }
                 catch (Exception e)
                 {
@@ -115,12 +116,12 @@ internal static SNIHandle CreateConnectionHandle(
             return sniHandle;
         }
 
-        private static string[] GetSqlServerSPNs(DataSource dataSource, string serverSPN)
+        private static string GetSqlServerSPNs(DataSource dataSource, string serverSPN)
         {
             Debug.Assert(!string.IsNullOrWhiteSpace(dataSource.ServerName));
             if (!string.IsNullOrWhiteSpace(serverSPN))
             {
-                return new[] { serverSPN };
+                return serverSPN;
             }
 
             string hostName = dataSource.ServerName;
@@ -138,7 +139,7 @@ private static string[] GetSqlServerSPNs(DataSource dataSource, string serverSPN
             return GetSqlServerSPNs(hostName, postfix, dataSource.ResolvedProtocol);
         }
 
-        private static string[] GetSqlServerSPNs(string hostNameOrAddress, string portOrInstanceName, DataSource.Protocol protocol)
+        private static string GetSqlServerSPNs(string hostNameOrAddress, string portOrInstanceName, DataSource.Protocol protocol)
         {
             Debug.Assert(!string.IsNullOrWhiteSpace(hostNameOrAddress));
             IPHostEntry hostEntry = null;
@@ -169,12 +170,12 @@ private static string[] GetSqlServerSPNs(string hostNameOrAddress, string portOr
                 string serverSpnWithDefaultPort = serverSpn + $":{DefaultSqlServerPort}";
                 // Set both SPNs with and without Port as Port is optional for default instance
                 SqlClientEventSource.Log.TryAdvancedTraceEvent("SNIProxy.GetSqlServerSPN | Info | ServerSPNs {0} and {1}", serverSpn, serverSpnWithDefaultPort);
-                return new[] { serverSpn, serverSpnWithDefaultPort };
+                return serverSpnWithDefaultPort;
             }
             // else Named Pipes do not need to valid port
 
             SqlClientEventSource.Log.TryAdvancedTraceEvent("SNIProxy.GetSqlServerSPN | Info | ServerSPN {0}", serverSpn);
-            return new[] { serverSpn };
+            return serverSpn;
         }
 
         /// <summary>

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs

@@ -437,14 +437,12 @@ internal void Connect(ServerInfo serverInfo,
 
             _connHandler.pendingSQLDNSObject = null;
 
-            string[] serverSpns = null;
-
             // AD Integrated behaves like Windows integrated when connecting to a non-fedAuth server
             _physicalStateObj.CreatePhysicalSNIHandle(
                 serverInfo.ExtendedServerName,
                 timeout,
                 out instanceName,
-                ref serverSpns,
+                out var serverSpn,
                 false,
                 true,
                 fParallel,
@@ -542,7 +540,7 @@ internal void Connect(ServerInfo serverInfo,
                     serverInfo.ExtendedServerName,
                     timeout,
                     out instanceName,
-                    ref serverSpns,
+                    out serverSpn,
                     true,
                     true,
                     fParallel,
@@ -593,10 +591,10 @@ internal void Connect(ServerInfo serverInfo,
             }
             SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect|SEC> Prelogin handshake successful");
 
-            // We need to initialize the authentication provider with the server SPN
-            // This array will either be a single entry with the SPN or two entries with the second
-            // one being including a default port.
-            _authenticationProvider?.Initialize(serverInfo, _physicalStateObj, this, serverSpns[^1]);
+            if (_authenticationProvider is { } && serverSpn is { })
+            {
+                _authenticationProvider.Initialize(serverInfo, _physicalStateObj, this, serverSpn);
+            }
 
             if (_fMARS && marsCapable)
             {

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObject.netcore.cs

@@ -62,7 +62,7 @@ internal TdsParserStateObject(TdsParser parser, TdsParserStateObject physicalCon
                 AddError(parser.ProcessSNIError(this));
                 ThrowExceptionAndWarning();
             }
-                       
+
             // we post a callback that represents the call to dispose; once the
             // object is disposed, the next callback will cause the GC Handle to
             // be released.
@@ -181,7 +181,7 @@ internal abstract void CreatePhysicalSNIHandle(
             string serverName,
             TimeoutTimer timeout,
             out byte[] instanceName,
-            ref string[] spns,
+            out string resolvedSpn,
             bool flushCache,
             bool async,
             bool fParallel,

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectManaged.cs

@@ -81,7 +81,7 @@ internal override void CreatePhysicalSNIHandle(
             string serverName,
             TimeoutTimer timeout,
             out byte[] instanceName,
-            ref string[] spns,
+            out string resolvedSpn,
             bool flushCache,
             bool async,
             bool parallel,
@@ -94,7 +94,7 @@ internal override void CreatePhysicalSNIHandle(
             string hostNameInCertificate,
             string serverCertificateFilename)
         {
-            SNIHandle? sessionHandle = SNIProxy.CreateConnectionHandle(serverName, timeout, out instanceName, ref spns, serverSPN,
+            SNIHandle? sessionHandle = SNIProxy.CreateConnectionHandle(serverName, timeout, out instanceName, out resolvedSpn, serverSPN,
                 flushCache, async, parallel, isIntegratedSecurity, iPAddressPreference, cachedFQDN, ref pendingDNSInfo, tlsFirst,
                 hostNameInCertificate, serverCertificateFilename);
 

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParserStateObjectNative.cs

@@ -144,7 +144,7 @@ internal override void CreatePhysicalSNIHandle(
             string serverName,
             TimeoutTimer timeout,
             out byte[] instanceName,
-            ref string[] spns,
+            out string resolvedSpn,
             bool flushCache,
             bool async,
             bool fParallel,
@@ -178,7 +178,7 @@ internal override void CreatePhysicalSNIHandle(
 
             _sessionHandle = new SNIHandle(myInfo, serverName, ref serverSPN, timeout.MillisecondsRemainingInt, out instanceName,
                 flushCache, !async, fParallel, ipPreference, cachedDNSInfo, hostNameInCertificate);
-            spns = new[] { serverSPN.TrimEnd() };
+            resolvedSpn = serverSPN.TrimEnd();
         }
 
         protected override uint SniPacketGetData(PacketHandle packet, byte[] _inBuff, ref uint dataSize)
@@ -423,7 +423,7 @@ internal override uint WaitForSSLHandShakeToComplete(out int protocolVersion)
             }
             else if (nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_CLIENT) || nativeProtocol.HasFlag(NativeProtocols.SP_PROT_SSL3_SERVER))
             {
-// SSL 2.0 and 3.0 are only referenced to log a warning, not explicitly used for connections
+                // SSL 2.0 and 3.0 are only referenced to log a warning, not explicitly used for connections
 #pragma warning disable CS0618, CA5397
                 protocolVersion = (int)SslProtocols.Ssl3;
             }