From 0e99872216a854e8c99b9b164725d442997f9a26 Mon Sep 17 00:00:00 2001
From: Kamil Dziedzic <arvenil@klecza.pl>
Date: Mon, 21 May 2018 19:59:52 +0200
Subject: [PATCH] Use revision before merging
 https://github.com/go-sql-driver/mysql/pull/794

---
 Gopkg.lock                                    |  5 +-
 Gopkg.toml                                    |  4 +-
 vendor/github.com/go-sql-driver/mysql/AUTHORS |  1 -
 .../go-sql-driver/mysql/connection_go18.go    |  9 --
 .../github.com/go-sql-driver/mysql/const.go   |  6 --
 .../github.com/go-sql-driver/mysql/driver.go  | 28 +------
 .../github.com/go-sql-driver/mysql/packets.go | 84 +++----------------
 .../github.com/go-sql-driver/mysql/utils.go   | 29 -------
 8 files changed, 21 insertions(+), 145 deletions(-)

diff --git a/Gopkg.lock b/Gopkg.lock
index c748c99..c170c65 100644
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -2,10 +2,9 @@
 
 
 [[projects]]
-  branch = "master"
   name = "github.com/go-sql-driver/mysql"
   packages = ["."]
-  revision = "d03e4c28477ccf584ef564f3957b42550d5785f1"
+  revision = "3287d94d4c6a48a63e16fffaabf27ab20203af2a"
 
 [[projects]]
   name = "google.golang.org/appengine"
@@ -16,6 +15,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "dd161e195e8b90a209a606326b2836f7e8f14e583868d4f251c82254c6364d08"
+  inputs-digest = "a6a5e848fae35aee152af4bde3bedd631e33ad448b87890443ce3e873445b560"
   solver-name = "gps-cdcl"
   solver-version = 1
diff --git a/Gopkg.toml b/Gopkg.toml
index dbf0930..7e96939 100644
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -5,4 +5,6 @@
 
 [[constraint]]
   name = "github.com/go-sql-driver/mysql"
-  branch = "master"
+  # Use revision before merging https://github.com/go-sql-driver/mysql/pull/794
+  # https://github.com/go-sql-driver/mysql/commit/3287d94d4c6a48a63e16fffaabf27ab20203af2a
+  revision = "3287d94d4c6a48a63e16fffaabf27ab20203af2a"
diff --git a/vendor/github.com/go-sql-driver/mysql/AUTHORS b/vendor/github.com/go-sql-driver/mysql/AUTHORS
index 2f3a8d6..14e8398 100644
--- a/vendor/github.com/go-sql-driver/mysql/AUTHORS
+++ b/vendor/github.com/go-sql-driver/mysql/AUTHORS
@@ -29,7 +29,6 @@ Egor Smolyakov <egorsmkv at gmail.com>
 Evan Shaw <evan at vendhq.com>
 Frederick Mayle <frederickmayle at gmail.com>
 Gustavo Kristic <gkristic at gmail.com>
-Hajime Nakagami <nakagami at gmail.com>
 Hanno Braun <mail at hannobraun.com>
 Henri Yandell <flamefew at gmail.com>
 Hirotaka Yamamoto <ymmt2005 at gmail.com>
diff --git a/vendor/github.com/go-sql-driver/mysql/connection_go18.go b/vendor/github.com/go-sql-driver/mysql/connection_go18.go
index 474ea22..1306b70 100644
--- a/vendor/github.com/go-sql-driver/mysql/connection_go18.go
+++ b/vendor/github.com/go-sql-driver/mysql/connection_go18.go
@@ -200,12 +200,3 @@ func (mc *mysqlConn) CheckNamedValue(nv *driver.NamedValue) (err error) {
 	nv.Value, err = converter{}.ConvertValue(nv.Value)
 	return
 }
-
-// ResetSession implements driver.SessionResetter.
-// (From Go 1.10)
-func (mc *mysqlConn) ResetSession(ctx context.Context) error {
-	if mc.closed.IsSet() {
-		return driver.ErrBadConn
-	}
-	return nil
-}
diff --git a/vendor/github.com/go-sql-driver/mysql/const.go b/vendor/github.com/go-sql-driver/mysql/const.go
index 1503f9e..4a19ca5 100644
--- a/vendor/github.com/go-sql-driver/mysql/const.go
+++ b/vendor/github.com/go-sql-driver/mysql/const.go
@@ -164,9 +164,3 @@ const (
 	statusInTransReadonly
 	statusSessionStateChanged
 )
-
-const (
-	cachingSha2PasswordRequestPublicKey          = 2
-	cachingSha2PasswordFastAuthSuccess           = 3
-	cachingSha2PasswordPerformFullAuthentication = 4
-)
diff --git a/vendor/github.com/go-sql-driver/mysql/driver.go b/vendor/github.com/go-sql-driver/mysql/driver.go
index f77b917..27cf5ad 100644
--- a/vendor/github.com/go-sql-driver/mysql/driver.go
+++ b/vendor/github.com/go-sql-driver/mysql/driver.go
@@ -107,20 +107,20 @@ func (d MySQLDriver) Open(dsn string) (driver.Conn, error) {
 	mc.writeTimeout = mc.cfg.WriteTimeout
 
 	// Reading Handshake Initialization Packet
-	cipher, pluginName, err := mc.readInitPacket()
+	cipher, err := mc.readInitPacket()
 	if err != nil {
 		mc.cleanup()
 		return nil, err
 	}
 
 	// Send Client Authentication Packet
-	if err = mc.writeAuthPacket(cipher, pluginName); err != nil {
+	if err = mc.writeAuthPacket(cipher); err != nil {
 		mc.cleanup()
 		return nil, err
 	}
 
 	// Handle response to auth packet, switch methods if possible
-	if err = handleAuthResult(mc, cipher, pluginName); err != nil {
+	if err = handleAuthResult(mc, cipher); err != nil {
 		// Authentication failed and MySQL has already closed the connection
 		// (https://dev.mysql.com/doc/internals/en/authentication-fails.html).
 		// Do not send COM_QUIT, just cleanup and return the error.
@@ -153,27 +153,7 @@ func (d MySQLDriver) Open(dsn string) (driver.Conn, error) {
 	return mc, nil
 }
 
-func handleAuthResult(mc *mysqlConn, oldCipher []byte, pluginName string) error {
-
-	// handle caching_sha2_password
-	if pluginName == "caching_sha2_password" {
-		auth, err := mc.readCachingSha2PasswordAuthResult()
-		if err != nil {
-			return err
-		}
-		if auth == cachingSha2PasswordPerformFullAuthentication {
-			if mc.cfg.tls != nil || mc.cfg.Net == "unix" {
-				if err = mc.writeClearAuthPacket(); err != nil {
-					return err
-				}
-			} else {
-				if err = mc.writePublicKeyAuthPacket(oldCipher); err != nil {
-					return err
-				}
-			}
-		}
-	}
-
+func handleAuthResult(mc *mysqlConn, oldCipher []byte) error {
 	// Read Result Packet
 	cipher, err := mc.readResultOK()
 	if err == nil {
diff --git a/vendor/github.com/go-sql-driver/mysql/packets.go b/vendor/github.com/go-sql-driver/mysql/packets.go
index 6775d28..afc3fcc 100644
--- a/vendor/github.com/go-sql-driver/mysql/packets.go
+++ b/vendor/github.com/go-sql-driver/mysql/packets.go
@@ -10,14 +10,9 @@ package mysql
 
 import (
 	"bytes"
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/sha1"
 	"crypto/tls"
-	"crypto/x509"
 	"database/sql/driver"
 	"encoding/binary"
-	"encoding/pem"
 	"errors"
 	"fmt"
 	"io"
@@ -159,24 +154,24 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 
 // Handshake Initialization Packet
 // http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::Handshake
-func (mc *mysqlConn) readInitPacket() ([]byte, string, error) {
+func (mc *mysqlConn) readInitPacket() ([]byte, error) {
 	data, err := mc.readPacket()
 	if err != nil {
 		// for init we can rewrite this to ErrBadConn for sql.Driver to retry, since
 		// in connection initialization we don't risk retrying non-idempotent actions.
 		if err == ErrInvalidConn {
-			return nil, "", driver.ErrBadConn
+			return nil, driver.ErrBadConn
 		}
-		return nil, "", err
+		return nil, err
 	}
 
 	if data[0] == iERR {
-		return nil, "", mc.handleErrorPacket(data)
+		return nil, mc.handleErrorPacket(data)
 	}
 
 	// protocol version [1 byte]
 	if data[0] < minProtocolVersion {
-		return nil, "", fmt.Errorf(
+		return nil, fmt.Errorf(
 			"unsupported protocol version %d. Version %d or higher is required",
 			data[0],
 			minProtocolVersion,
@@ -196,14 +191,13 @@ func (mc *mysqlConn) readInitPacket() ([]byte, string, error) {
 	// capability flags (lower 2 bytes) [2 bytes]
 	mc.flags = clientFlag(binary.LittleEndian.Uint16(data[pos : pos+2]))
 	if mc.flags&clientProtocol41 == 0 {
-		return nil, "", ErrOldProtocol
+		return nil, ErrOldProtocol
 	}
 	if mc.flags&clientSSL == 0 && mc.cfg.tls != nil {
-		return nil, "", ErrNoTLS
+		return nil, ErrNoTLS
 	}
 	pos += 2
 
-	pluginName := ""
 	if len(data) > pos {
 		// character set [1 byte]
 		// status flags [2 bytes]
@@ -225,8 +219,6 @@ func (mc *mysqlConn) readInitPacket() ([]byte, string, error) {
 		// The official Python library uses the fixed length 12
 		// which seems to work but technically could have a hidden bug.
 		cipher = append(cipher, data[pos:pos+12]...)
-		pos += 13
-		pluginName = string(data[pos : pos+bytes.IndexByte(data[pos:], 0x00)])
 
 		// TODO: Verify string termination
 		// EOF if version (>= 5.5.7 and < 5.5.10) or (>= 5.6.0 and < 5.6.2)
@@ -240,22 +232,18 @@ func (mc *mysqlConn) readInitPacket() ([]byte, string, error) {
 		// make a memory safe copy of the cipher slice
 		var b [20]byte
 		copy(b[:], cipher)
-		return b[:], pluginName, nil
+		return b[:], nil
 	}
 
 	// make a memory safe copy of the cipher slice
 	var b [8]byte
 	copy(b[:], cipher)
-	return b[:], pluginName, nil
+	return b[:], nil
 }
 
 // Client Authentication Packet
 // http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::HandshakeResponse
-func (mc *mysqlConn) writeAuthPacket(cipher []byte, pluginName string) error {
-	if pluginName != "mysql_native_password" && pluginName != "caching_sha2_password" {
-		return fmt.Errorf("unknown authentication plugin name '%s'", pluginName)
-	}
-
+func (mc *mysqlConn) writeAuthPacket(cipher []byte) error {
 	// Adjust client flags based on server support
 	clientFlags := clientProtocol41 |
 		clientSecureConn |
@@ -280,13 +268,7 @@ func (mc *mysqlConn) writeAuthPacket(cipher []byte, pluginName string) error {
 	}
 
 	// User Password
-	var scrambleBuff []byte
-	switch pluginName {
-	case "mysql_native_password":
-		scrambleBuff = scramblePassword(cipher, []byte(mc.cfg.Passwd))
-	case "caching_sha2_password":
-		scrambleBuff = scrambleCachingSha2Password(cipher, []byte(mc.cfg.Passwd))
-	}
+	scrambleBuff := scramblePassword(cipher, []byte(mc.cfg.Passwd))
 
 	pktLen := 4 + 4 + 1 + 23 + len(mc.cfg.User) + 1 + 1 + len(scrambleBuff) + 21 + 1
 
@@ -368,7 +350,7 @@ func (mc *mysqlConn) writeAuthPacket(cipher []byte, pluginName string) error {
 	}
 
 	// Assume native client during response
-	pos += copy(data[pos:], pluginName)
+	pos += copy(data[pos:], "mysql_native_password")
 	data[pos] = 0x00
 
 	// Send Auth packet
@@ -440,38 +422,6 @@ func (mc *mysqlConn) writeNativeAuthPacket(cipher []byte) error {
 	return mc.writePacket(data)
 }
 
-//  Caching sha2 authentication. Public key request and send encrypted password
-// http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::AuthSwitchResponse
-func (mc *mysqlConn) writePublicKeyAuthPacket(cipher []byte) error {
-	// request public key
-	data := mc.buf.takeSmallBuffer(4 + 1)
-	data[4] = cachingSha2PasswordRequestPublicKey
-	mc.writePacket(data)
-
-	data, err := mc.readPacket()
-	if err != nil {
-		return err
-	}
-
-	block, _ := pem.Decode(data[1:])
-	pub, err := x509.ParsePKIXPublicKey(block.Bytes)
-	if err != nil {
-		return err
-	}
-
-	plain := make([]byte, len(mc.cfg.Passwd)+1)
-	copy(plain, mc.cfg.Passwd)
-	for i := range plain {
-		j := i % len(cipher)
-		plain[i] ^= cipher[j]
-	}
-	sha1 := sha1.New()
-	enc, _ := rsa.EncryptOAEP(sha1, rand.Reader, pub.(*rsa.PublicKey), plain, nil)
-	data = mc.buf.takeSmallBuffer(4 + len(enc))
-	copy(data[4:], enc)
-	return mc.writePacket(data)
-}
-
 /******************************************************************************
 *                             Command Packets                                 *
 ******************************************************************************/
@@ -585,16 +535,6 @@ func (mc *mysqlConn) readResultOK() ([]byte, error) {
 	return nil, err
 }
 
-func (mc *mysqlConn) readCachingSha2PasswordAuthResult() (int, error) {
-	data, err := mc.readPacket()
-	if err == nil {
-		if data[0] != 1 {
-			return 0, ErrMalformPkt
-		}
-	}
-	return int(data[1]), err
-}
-
 // Result Set Header Packet
 // http://dev.mysql.com/doc/internals/en/com-query-response.html#packet-ProtocolText::Resultset
 func (mc *mysqlConn) readResultSetHeaderPacket() (int, error) {
diff --git a/vendor/github.com/go-sql-driver/mysql/utils.go b/vendor/github.com/go-sql-driver/mysql/utils.go
index 9d1530b..f986de2 100644
--- a/vendor/github.com/go-sql-driver/mysql/utils.go
+++ b/vendor/github.com/go-sql-driver/mysql/utils.go
@@ -10,7 +10,6 @@ package mysql
 
 import (
 	"crypto/sha1"
-	"crypto/sha256"
 	"crypto/tls"
 	"database/sql/driver"
 	"encoding/binary"
@@ -212,34 +211,6 @@ func scrambleOldPassword(scramble, password []byte) []byte {
 	return out[:]
 }
 
-// Encrypt password using 8.0 default method
-func scrambleCachingSha2Password(scramble, password []byte) []byte {
-	if len(password) == 0 {
-		return nil
-	}
-
-	// XOR(SHA256(password), SHA256(SHA256(SHA256(password)), scramble))
-
-	crypt := sha256.New()
-	crypt.Write(password)
-	message1 := crypt.Sum(nil)
-
-	crypt.Reset()
-	crypt.Write(message1)
-	message1Hash := crypt.Sum(nil)
-
-	crypt.Reset()
-	crypt.Write(message1Hash)
-	crypt.Write(scramble)
-	message2 := crypt.Sum(nil)
-
-	for i := range message1 {
-		message1[i] ^= message2[i]
-	}
-
-	return message1
-}
-
 /******************************************************************************
 *                           Time related utils                                *
 ******************************************************************************/