only use second

twsouthwick · twsouthwick · commit 99335ca4949f · 2025-05-16T12:45:47.000-07:00
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -593,7 +593,10 @@ internal void Connect(ServerInfo serverInfo,
             }
             SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect|SEC> Prelogin handshake successful");
 
-            _authenticationProvider?.Initialize(serverInfo, _physicalStateObj, this, serverSpns);
+            // We need to initialize the authentication provider with the server SPN
+            // This array will either be a single entry with the SPN or two entries with the second
+            // one being including a default port.
+            _authenticationProvider?.Initialize(serverInfo, _physicalStateObj, this, serverSpns[^1]);
 
             if (_fMARS && marsCapable)
             {
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/SspiContextProvider.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SSPI/SspiContextProvider.cs
@@ -1,8 +1,6 @@
 ﻿using System;
 using System.Buffers;
-using System.Collections.Generic;
 using System.Diagnostics;
-using System.Linq;
 
 #nullable enable
 
@@ -13,7 +11,6 @@ internal abstract class SspiContextProvider
         private TdsParser _parser = null!;
         private ServerInfo _serverInfo = null!;
 
-        private List<SspiAuthenticationParameters>? _authParams;
         private SspiAuthenticationParameters? _authParam;
 
         private protected TdsParserStateObject _physicalStateObj = null!;
@@ -22,22 +19,15 @@ internal void Initialize(
             ServerInfo serverInfo,
             TdsParserStateObject physicalStateObj,
             TdsParser parser,
-#if NETFRAMEWORK
             string serverSpn
-#else
-            string[] serverSpns
-#endif
             )
         {
             _parser = parser;
             _physicalStateObj = physicalStateObj;
             _serverInfo = serverInfo;
 
-#if NETFRAMEWORK
             _authParam = CreateAuthParams(serverSpn);
-#else
-            _authParams = [.. serverSpns.Select(CreateAuthParams)];
-#endif
+
             Initialize();
         }
 
@@ -51,43 +41,13 @@ internal void WriteSSPIContext(ReadOnlySpan<byte> receivedBuff, IBufferWriter<by
         {
             using var _ = TrySNIEventScope.Create(nameof(SspiContextProvider));
 
-            if (!TryRunSingle(receivedBuff, outgoingBlobWriter) && !TryRunMultiple(receivedBuff, outgoingBlobWriter))
+            if (!(_authParam is { } && RunGenerateSspiClientContext(receivedBuff, outgoingBlobWriter, _authParam)))
             {
                 // If we've hit here, the SSPI context provider implementation failed to generate the SSPI context.
                 SSPIError(SQLMessage.SSPIGenerateError(), TdsEnums.GEN_CLIENT_CONTEXT);
             }
         }
 
-        /// <summary>
-        /// If we only have a single auth param, we know it's the correct one to use.
-        /// </summary>
-        private bool TryRunSingle(ReadOnlySpan<byte> receivedBuff, IBufferWriter<byte> outgoingBlobWriter)
-        {
-            return _authParam is { } && RunGenerateSspiClientContext(receivedBuff, outgoingBlobWriter, _authParam);
-        }
-
-        /// <summary>
-        /// If we have multiple, we need to loop through them, and then identify the correct one for future use.
-        /// </summary>
-        private bool TryRunMultiple(ReadOnlySpan<byte> receivedBuff, IBufferWriter<byte> outgoingBlobWriter)
-        {
-            if (_authParams is { })
-            {
-                foreach (var authParam in _authParams)
-                {
-                    if (RunGenerateSspiClientContext(receivedBuff, outgoingBlobWriter, authParam))
-                    {
-                        // Reset the _authParams to only have a single one going forward to always call the context with that one
-                        _authParam = authParam;
-                        _authParams = null;
-                        return true;
-                    }
-                }
-            }
-
-            return false;
-        }
-
         private SspiAuthenticationParameters CreateAuthParams(string serverSpn)
         {
             var options = _parser.Connection.ConnectionOptions;

Original file line number	Diff line number	Diff line change
`@@ -593,7 +593,10 @@ internal void Connect(ServerInfo serverInfo,`
`593`	`593`	`}`
`594`	`594`	`SqlClientEventSource.Log.TryTraceEvent("<sc.TdsParser.Connect\|SEC> Prelogin handshake successful");`
`595`	`595`
`596`		`- _authenticationProvider?.Initialize(serverInfo, _physicalStateObj, this, serverSpns);`
	`596`	`+ // We need to initialize the authentication provider with the server SPN`
	`597`	`+ // This array will either be a single entry with the SPN or two entries with the second`
	`598`	`+ // one being including a default port.`
	`599`	`+ _authenticationProvider?.Initialize(serverInfo, _physicalStateObj, this, serverSpns[^1]);`
`597`	`600`
`598`	`601`	`if (_fMARS && marsCapable)`
`599`	`602`	`{`