mysqljs
Add support for 'mysql_clear_password - continued
Thanks @nmggithub for the mysql_clear_password branch. This PR is a continuation of https://github.com/mysqljs/mysql/pull/2225 with some unit tests added. Also I'm rejecting mysql_clear_password unless it's on a secure socket, which seems to be conventional among database clients. Maybe we should allow an override to that condition, or just drop the check altogether?
@dougwilson I didn't find a simple way to get access to whether the socket is secure or not in a generic fashion. I implemented it in a relatively hacky way here (setting this._tls = true) for the handshake, but changeUser might still be missing access to whether the socket is secure or not.
Thanks @dougwilson - just to clarify my interest in this - we are doing a proxy mysql server and want to handle the auth using bcrypt, as credentials are shared with other services. The only realistic way to use bcrypt is to required clear_password from a secure channel. Let me take another spin at this, really appreciate all the suggestions you have.