Adding TLS support to deno-mysql

TLS support recently landed in the MySQL driver for Deno, a modern JavaScript runtime.

I was playing around with the MySQL driver for Deno in November 2021 and noticed I couldn’t connect to a Planetscale database. Planetscale requires TLS for all connections, but the driver did not yet support TLS. As luck would have it, Deno.startTls had just stabilized, so I decided to give implementing TLS support a shot.

In MySQL, the client can establish a TLS connection as follows:

  1. The client first opens a plaintext connection, and the server sends an initial handshake packet to the client.

  2. The client sends an SSL connection request packet to the server:

    const writer = new BufferWriter(new Uint8Array(32));
writer
  // Client capabilities
  .writeUint32(capabilitiesFlag)
  // Maximum packet size
  .writeUint32(2 ** 24 - 1)
  // Character set
  .write(Charset.UTF8_GENERAL_CI)
  // Filler
  .skip(23);

  3. The client initiates a TLS handshake, after which the plaintext connection is upgraded to a TLS connection, and the client responds to the initial handshake packet.

After implementing these changes, I could connect to Planetscale via TLS. As these things often go, I got swamped with other commitments at the time, but luckily, shiyuhang0 finalized the implementation that shipped in v2.12.0! 🚀