Support MySQL 8

[fernandes]

Thankfully now GH has the Draft Pull Request option, so no need to explicit it here 😉

Some premises:

• I couldn't manage the driver to connect without password on MySQL 8, so I had to change the spec_helper to accept a password
• I changed the driver_spec to make the test more robust, with some DROP IF EXISTS
• As secret is considered a weak password on MySQL 8, I set the 3 globals to allow secret as a password for the user
• MySQL 8 does not allow creating a user on GRANT call, so I split in two, first CREATE USER then GRANT

The workaround fix for #62 is the removal on src/mysql/packets; not sure about the (likely) bad impact on MySQL 5 versions

Here on my machine, to run the tests, I created the user on DB

CREATE USER 'crystal_mysql_spec'@'localhost' IDENTIFIED WITH mysql_native_password BY 'crystal_mysql_spec';
GRANT ALL PRIVILEGES ON *.* TO 'crystal_mysql_spec'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;

then

DATABASE_USER="crystal_mysql_spec" crystal spec

So yeah, here is what I could manage to do, any idea where we can go next? 😄

[bcardiff]

I would not drop the empty password support. Maybe the default installation of MySQL 8 has non-empty root password and can be tweaked (https://medium.com/@benmorel/remove-the-mysql-root-password-ba3fcbe29870, https://stackoverflow.com/questions/48824572/mysql-8-0-unable-to-reset-root-password).

Please update the travis.yml to include MySQL 8.

If "secret" bothers as a password, use any other constant value and that's it. Let's avoid changing the rules. Not everybody will run an isolated db server.

[fernandes]

@bcardiff thanks for the reply! :)

my mysql root user has no password, the problem happens when use crystal-mysql with the following connection URI:

mysql://root@#{database_host}/#{initial_db}

MySQL driver does not play well with MySQL 8 when using no password, so I got this error:

Unhandled exception: Client does not support authentication protocol requested by server; consider upgrading MySQL client (Exception) as reported on #56 , no idea how to solve here

For the secret, just used a "stronger" password, and MySQL was happy

ps: I'm using a default MySQL 8 install on OSX

[bcardiff]

After double checking https://dev.mysql.com/doc/internals/en/determining-authentication-method.html it seems we are fine removing this and force Secure Password Authentication instead of Old Password Authentication.

[fernandes]

oh, thanks for the link, I was looking for something like this hahahha

After some research (aka stack overflow hahaha) I found this PR mysqljs/mysql#1962 that is adding support for MySQL 8, I was reading trying to figure out this auth mechanims, but as this is the very first time I'm dealing with db driver, and using mysql after a few years, I'm having a hard time 😅

[fernandes]

this line is the main point of the PR... the other modifications are just some 💅 to fix the specs (like the password stuff)

[bcardiff]

We are on the same page. This was the first binary protocol I implemented for a db driver. I mostly read the docs of mysql internals and compared other source code.

Is hard to have in mind all the evolution of the protocol and even harders try all the possibilities. But the end result is worth it 🚀.

After adding mysql 8 to travis and whenever you feel the PR ready let us know 😃

[fernandes]

We are on the same page. This was the first binary protocol I implemented for a db driver. I mostly read the docs of mysql internals and compared other source code.

awesome!! :D

After adding mysql 8 to travis and whenever you feel the PR ready let us know 😃

Sorry but I think I missed something, what about the password for mysql 5.6 and 5.7? Should we remove both versions from travis, or add password to them? hehehe

[bcardiff]

None 🙈. I would expect that mysql 8 with a blank root password is added.

I think is common for developers to have root with empty passwords for mysql intallations. I would not drop the support for that.

I've just found a bit more on information regarding the new auth mechanism in mysql 8: caching_sha2_password

• https://github.com/go-sql-driver/mysql/blob/6be42e0ff99645d7d9626d779001a46e39c5f280/auth.go#L242

• https://dev.mysql.com/doc/refman/8.0/en/pluggable-authentication.html#pluggable-authentication-connector-writing

• from Fix MySQL 8.0.x incompatibilities mysqljs/mysql#1962 it seems there are some differences between 8.0.3 and 8.0.4

  The handshake process remains unchanged when connecting to any server with version lower or equal to 8.0.3. Whereas for 8.0.4 or above, the process is now the following:

[fernandes]

hahahah sure!! that's why I asked, I misunderstood... now I need to figure out how to enable this support in mysql 8

How do you think we should handle this in the design of the driver, leave the current HandshakeResponse41 and use other classes (that inherits from this one), based on protocol_version / version? Because do some "ifs" on the #write method will fastly become a monster hahah

anyway, I'm gonna draft something here when I figure out how to do this and commit here 😉