Bug#28082093: LIBMYSQLCLIENT CONNECTING TO OLDER MYSQL 5

  SERVERS RESULTS IN BAD HANDSHAKE

If no default authentication method is specified via a mysql_options()
libmysql will default to the "compiled in default", which is the client
plugin for caching_sha2.
This in itself is fine for a server that supports pluggable authentication
(5.5+).
But on older servers that do not have pluggable authentication expect
the response to be either "mysql_native" or "old, aka. mysql_323".
And if they receive any reply (caching_sha2's in this case) that doesn't
conform to this they'd bail out with "Bad handshake" error.

Unfortunately, the --default-auth option had no effect if the server won't
advertise that it supports pluggable authentication, thus, even the
--default-auth=mysql_native_password workaround won't do.

Fixed by:
1. Making sure --default-auth on the client side works even for
non-pluggable authentication servers.
2. If no --default-auth is specified instead of picking caching_sha2 as a
compiled-in default the client will pick mysql_native instead iff the server
doesn't support pluggagle authentication (<= 5.1).

Unfortunately, only manual testing can be done since it'd require an
actual live 5.1 server, so no regression test is added.

Change-Id: Ifcaa6404503bf1ddaf7f21ddbdcc3d8767711787

Author: gkodinov

sql-common/client.cc

@@ -5663,11 +5663,24 @@ static mysql_state_machine_status authsm_begin_plugin_auth(
   }
 
   if (ctx->auth_plugin_name == nullptr || ctx->auth_plugin == nullptr) {
-    /*
-      If everything else fail we use the built in plugin
-    */
-    ctx->auth_plugin = &caching_sha2_password_client_plugin;
-    ctx->auth_plugin_name = ctx->auth_plugin->name;
+    auth_plugin_t *client_plugin{nullptr};
+    if (mysql->options.extension && mysql->options.extension->default_auth &&
+        (client_plugin = (auth_plugin_t *)mysql_client_find_plugin(
+             mysql, mysql->options.extension->default_auth,
+             MYSQL_CLIENT_AUTHENTICATION_PLUGIN))) {
+      // try default_auth again in case CLIENT_PLUGIN_AUTH wasn't on.
+      ctx->auth_plugin_name = mysql->options.extension->default_auth;
+      ctx->auth_plugin = client_plugin;
+    } else {
+      /*
+        If everything else fail we use the built in plugin: caching sha if the
+        server is new enough or native if not.
+      */
+      ctx->auth_plugin = (mysql->server_capabilities & CLIENT_PLUGIN_AUTH)
+                             ? &caching_sha2_password_client_plugin
+                             : &native_password_client_plugin;
+      ctx->auth_plugin_name = ctx->auth_plugin->name;
+    }
   }
 
   if (check_plugin_enabled(mysql, ctx)) return STATE_MACHINE_FAILED;