Support caching sha2 password

[nakagami]

Description

Support chaching_sha2_password authentication plugin. It's MySQL 8.0 default plugin.

Related Issue #785

Checklist

• Code compiles correctly
• Created tests which fail without the change (if possible)
• All tests passing
• Extended the README / documentation, if necessary
• Added myself / the copyright holder to the AUTHORS file

[methane]

Thanks for your contribution.

There is #552 which implements auth plugin support (without caching_sha2 implementation).
But author of the pull request is not active and there are some unfixed review comments.

@julienschmidt How do you think about next version? MySQL 8.0 is GA already.

1. Don't merge this and add support for authentication plugins. #552 until next version is released.
2. Merge this before next version. And add auth plugin support after next version is released.
3. Fix add support for authentication plugins. #552 and implement caching_sha2 based on it, before releasing next version.

[julienschmidt]

Thank you for this pull-request!

@methane I changed the scheduled release date for v1.4.0 to 1 week from now. We should get it out ASAP. My preference would be option 3. I'll look into it later today, to see how feasible that is. Otherwise we'll fall back to option 2. Making a release without MySQL 8 support would be a bad joke.

[julienschmidt]

is this a required change?

[nakagami]

NO_AUTO_CREATE_USER SQL mode seems removed at MySQL 8.0
https://dev.mysql.com/doc/refman/8.0/en/mysql-nutshell.html

My linux box show that message

--- FAIL: TestSQLInjection (0.92s)
        driver_test.go:161: error on exec CREATE TABLE test (v INTEGER): Error 1231: Variable 'sql_mode' can't be set to the value of 'NO_AUTO_CREATE_USER'

[julienschmidt]

@methane let's do it the other way round. As we will merge this PR anyway in some form, let's merge it as it is first and then implement the general auth plugin support. The benefit would be that we hopefully already get some feedback if this breaks something before we make the release.

[methane]

When len(mc.cfg.Passwd) > 20, this code may overflow.
Could we just use copy(plain, mc.cfg.Passwd) here?

[methane]

len(plain) == 20, but how about len(cipher)?
Shouldn't we do cipher[i % len(cipher)]?

[nakagami]

Parameter cipher is Nonce https://dev.mysql.com/doc/dev/mysql-server/latest/page_caching_sha2_authentication_exchanges.html
from server and always 20 bytes

[methane]

I see. Please fix only above. (len(mc.cfg.Passwd) > 20 case).

[nakagami]

Sorry, There is no limitation about password length (< 20) when caching_sha2_password.
Now fix it 84f6018

[methane]

@nakagami Would you add MySQL 8.0 test to .travis.yml?
It may be very similar to MySQL 5.7 test.

[nakagami]

Would you add MySQL 8.0 test to .travis.yml?

Sorry, it is difficult for me.

[julienschmidt]

@nakagami please gofmt your code: https://travis-ci.org/go-sql-driver/mysql/jobs/380186488#L738

[nakagami]

Sorry, gofmt & push now

[julienschmidt]

@methane any other requested changes or is this PR ready for merge now?

[methane]

I want to add MySQL 8 test on Travis, using caching_sha2 auth.

[julienschmidt]

See https://github.com/go-sql-driver/mysql/tree/travis-mysql8 / https://travis-ci.org/go-sql-driver/mysql/jobs/381084434. I'll submit a separate PR which also fixes the LOAD DATA LOCAL INFILE test.

[julienschmidt]

Thanks a lot @nakagami!