Merge pull request #34260 from AfsanehR/CredentialsFix

Fix passing null for credentials in SqlConnectionPoolKey

Author: wtgodbe

src/System.Data.SqlClient/src/System/Data/SqlClient/SqlConnection.cs

@@ -1471,7 +1471,7 @@ public static void ChangePassword(string connectionString, SqlCredential credent
                 throw ADP.InvalidArgumentLength(nameof(newSecurePassword), TdsEnums.MAXLEN_NEWPASSWORD);
             }
 
-            SqlConnectionPoolKey key = new SqlConnectionPoolKey(connectionString, credential: null, accessToken: null);
+            SqlConnectionPoolKey key = new SqlConnectionPoolKey(connectionString, credential, accessToken: null);
 
             SqlConnectionString connectionOptions = SqlConnectionFactory.FindSqlConnectionOptions(key);
 
@@ -1509,7 +1509,7 @@ private static void ChangePassword(string connectionString, SqlConnectionString
                 if (con != null)
                     con.Dispose();
             }
-            SqlConnectionPoolKey key = new SqlConnectionPoolKey(connectionString, credential: null, accessToken: null);
+            SqlConnectionPoolKey key = new SqlConnectionPoolKey(connectionString, credential, accessToken: null);
 
             SqlConnectionFactory.SingletonInstance.ClearPool(key);
         }

src/System.Data.SqlClient/tests/ManualTests/SQL/SqlCredentialTest/SqlCredentialTest.cs

@@ -122,6 +122,52 @@ public static void SqlConnectionChangePasswordSecureString()
             }
         }
 
+        [CheckConnStrSetupFact]
+        public static void OldCredentialsShouldFail()
+        {
+            String user = "u" + Guid.NewGuid().ToString().Replace("-", "");
+            String passStr = "Pax561O$T5K#jD";
+
+            try
+            {
+                createTestUser(user, passStr);
+
+                SqlConnectionStringBuilder sqlConnectionStringBuilder = new SqlConnectionStringBuilder(DataTestUtility.TcpConnStr);
+                sqlConnectionStringBuilder.Remove("User ID");
+                sqlConnectionStringBuilder.Remove("Password");
+                sqlConnectionStringBuilder.IntegratedSecurity = false;
+
+                SecureString password = new SecureString();
+                passStr.ToCharArray().ToList().ForEach(x => password.AppendChar(x));
+                password.MakeReadOnly();
+                SqlCredential credential = new SqlCredential(user, password);
+
+                using (SqlConnection conn1 = new SqlConnection(sqlConnectionStringBuilder.ConnectionString, credential))
+                using (SqlConnection conn2 = new SqlConnection(sqlConnectionStringBuilder.ConnectionString, credential))
+                using (SqlConnection conn3 = new SqlConnection(sqlConnectionStringBuilder.ConnectionString, credential))
+                using (SqlConnection conn4 = new SqlConnection(sqlConnectionStringBuilder.ConnectionString, credential))
+                {
+                    conn1.Open();
+                    conn2.Open();
+                    conn3.Open();
+                    conn4.Open();
+
+                    SecureString newPassword = new SecureString();
+                    "NewPassword".ToCharArray().ToList().ForEach(x => newPassword.AppendChar(x));
+                    newPassword.MakeReadOnly();
+                    SqlConnection.ChangePassword(sqlConnectionStringBuilder.ConnectionString, credential, newPassword);
+                    using (SqlConnection conn5 = new SqlConnection(sqlConnectionStringBuilder.ConnectionString, new SqlCredential(user, password)))
+                    {
+                        Assert.Throws<SqlException>(() => conn5.Open());
+                    }
+                }
+            }
+            finally
+            {
+                dropTestUser(user);
+            }
+        }
+
         private static void createTestUser(string username, string password)
         {
             // Creates a test user with read permissions.