Update Fix

2026-03-15 12:30:40 +01:00
parent 311ba5e7f3
commit 50be8e25f3
176 changed files with 4075 additions and 3013 deletions
--- a/node_modules/mysql2/lib/packets/handshake_response.js
+++ b/node_modules/mysql2/lib/packets/handshake_response.js
@@ -16,22 +16,47 @@ class HandshakeResponse {
    this.authPluginData2 = handshake.authPluginData2;
    this.compress = handshake.compress;
    this.clientFlags = handshake.flags;
-    // TODO: pre-4.1 auth support
-    let authToken;
-    if (this.passwordSha1) {
-      authToken = auth41.calculateTokenFromPasswordSha(
-        this.passwordSha1,
-        this.authPluginData1,
-        this.authPluginData2
-      );
+
+    // Accept pre-calculated authToken and authPluginName from caller
+    // This allows the caller to optimize by using the server's preferred auth method
+    if (
+      handshake.authToken !== undefined &&
+      handshake.authPluginName !== undefined
+    ) {
+      // Validate types to fail fast with clear errors
+      if (!Buffer.isBuffer(handshake.authToken)) {
+        throw new TypeError(
+          'HandshakeResponse authToken must be a Buffer when provided'
+        );
+      }
+      if (typeof handshake.authPluginName !== 'string') {
+        throw new TypeError(
+          'HandshakeResponse authPluginName must be a string when provided'
+        );
+      }
+      this.authToken = handshake.authToken;
+      this.authPluginName = handshake.authPluginName;
    } else {
-      authToken = auth41.calculateToken(
-        this.password,
-        this.authPluginData1,
-        this.authPluginData2
-      );
+      // Fallback to legacy behavior: calculate mysql_native_password token
+      // TODO: pre-4.1 auth support
+      let authToken;
+      if (this.passwordSha1) {
+        authToken = auth41.calculateTokenFromPasswordSha(
+          this.passwordSha1,
+          this.authPluginData1,
+          this.authPluginData2
+        );
+      } else {
+        authToken = auth41.calculateToken(
+          this.password,
+          this.authPluginData1,
+          this.authPluginData2
+        );
+      }
+      this.authToken = authToken;
+      this.authPluginName = 'mysql_native_password';
    }
-    this.authToken = authToken;
+
    this.charsetNumber = handshake.charsetNumber;
    this.encoding = CharsetToEncoding[handshake.charsetNumber];
    this.connectAttributes = handshake.connectAttributes;
@@ -62,8 +87,12 @@ class HandshakeResponse {
      packet.writeNullTerminatedString(this.database, encoding);
    }
    if (isSet('PLUGIN_AUTH')) {
-      // TODO: pass from config
-      packet.writeNullTerminatedString('mysql_native_password', 'latin1');
+      // Use the auth plugin name specified by the caller (optimized for server's preference)
+      // or fall back to mysql_native_password for backward compatibility
+      packet.writeNullTerminatedString(
+        this.authPluginName || 'mysql_native_password',
+        'latin1'
+      );
    }
    if (isSet('CONNECT_ATTRS')) {
      const connectAttributes = this.connectAttributes || {};