From 4f13bfc057e35181326d9d506dbe3ce5695dbfc3 Mon Sep 17 00:00:00 2001
From: Santhosh Kumar Tekuri <santhosh.tekuri@gmail.com>
Date: Fri, 6 Aug 2021 14:24:05 +0530
Subject: [PATCH] sha256_password on unix transport failing (#1245)

caching_sha2_password uses cleartext password when
the connection is Unix or sharedmemory protocol.
but sha256_password do not.
---
 AUTHORS | 1 +
 auth.go | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/AUTHORS b/AUTHORS
index 80199cf2c..876b2964a 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -82,6 +82,7 @@ Reed Allman <rdallman10 at gmail.com>
 Richard Wilkes <wilkes at me.com>
 Robert Russell <robert at rrbrussell.com>
 Runrioter Wung <runrioter at gmail.com>
+Santhosh Kumar Tekuri <santhosh.tekuri at gmail.com>
 Sho Iizuka <sho.i518 at gmail.com>
 Sho Ikeda <suicaicoca at gmail.com>
 Shuode Li <elemount at qq.com>
diff --git a/auth.go b/auth.go
index b2f19e8f0..f610b5f49 100644
--- a/auth.go
+++ b/auth.go
@@ -274,7 +274,9 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		if len(mc.cfg.Passwd) == 0 {
 			return []byte{0}, nil
 		}
-		if mc.cfg.tls != nil || mc.cfg.Net == "unix" {
+		// unlike caching_sha2_password, sha256_password does not accept
+		// cleartext password on unix transport.
+		if mc.cfg.tls != nil {
 			// write cleartext auth packet
 			return append([]byte(mc.cfg.Passwd), 0), nil
 		}