don't install unnecessary packages

nodejs/node_modules/mysql/lib/Connection.js

@@ -277,6 +277,7 @@ Connection.prototype.format = function(sql, values) {
 if (tls.TLSSocket) {
   // 0.11+ environment
   Connection.prototype._startTLS = function _startTLS(onSecure) {
+    var connection    = this;
     var secureContext = tls.createSecureContext({
       ca         : this.config.ssl.ca,
       cert       : this.config.ssl.cert,
@@ -291,6 +292,7 @@ if (tls.TLSSocket) {
 
     // socket <-> encrypted
     var rejectUnauthorized = this.config.ssl.rejectUnauthorized;
+    var secureEstablished  = false;
     var secureSocket       = new tls.TLSSocket(this._socket, {
       rejectUnauthorized : rejectUnauthorized,
       requestCert        : true,
@@ -298,6 +300,15 @@ if (tls.TLSSocket) {
       isServer           : false
     });
 
+    // error handler for secure socket
+    secureSocket.on('_tlsError', function(err) {
+      if (secureEstablished) {
+        connection._handleNetworkError(err);
+      } else {
+        onSecure(err);
+      }
+    })
+
     // cleartext <-> protocol
     secureSocket.pipe(this._protocol);
     this._protocol.on('data', function(data) {
@@ -305,6 +316,8 @@ if (tls.TLSSocket) {
     });
 
     secureSocket.on('secure', function() {
+      secureEstablished = true;
+
       onSecure(rejectUnauthorized ? this.ssl.verifyError() : null);
     });
 
@@ -319,6 +332,7 @@ if (tls.TLSSocket) {
     // after:
     //  _socket <-> securePair.encrypted <-> securePair.cleartext <-> _protocol
 
+    var connection  = this;
     var credentials = Crypto.createCredentials({
       ca         : this.config.ssl.ca,
       cert       : this.config.ssl.cert,
@@ -328,8 +342,18 @@ if (tls.TLSSocket) {
     });
 
     var rejectUnauthorized = this.config.ssl.rejectUnauthorized;
+    var secureEstablished  = false;
     var securePair         = tls.createSecurePair(credentials, false, true, rejectUnauthorized);
 
+    // error handler for secure pair
+    securePair.on('error', function(err) {
+      if (secureEstablished) {
+        connection._handleNetworkError(err);
+      } else {
+        onSecure(err);
+      }
+    });
+
     // "unpipe"
     this._socket.removeAllListeners('data');
     this._protocol.removeAllListeners('data');
@@ -346,7 +370,10 @@ if (tls.TLSSocket) {
       securePair.cleartext.write(data);
     });
 
+    // secure established
     securePair.on('secure', function() {
+      secureEstablished = true;
+
       if (!rejectUnauthorized) {
         onSecure();
         return;
@@ -363,6 +390,16 @@ if (tls.TLSSocket) {
 
       onSecure(err);
     });
+
+    // node.js 0.8 bug
+    securePair._cycle = securePair.cycle;
+    securePair.cycle  = function cycle() {
+      if (this.ssl && this.ssl.error) {
+        this.error();
+      }
+
+      return this._cycle.apply(this, arguments);
+    };
   };
 }
 

nodejs/node_modules/mysql/lib/protocol/Parser.js

@@ -74,8 +74,7 @@ Parser.prototype.write = function(buffer) {
       hadException = false;
     } catch (err) {
       if (!err || typeof err.code !== 'string' || err.code.substr(0, 7) !== 'PARSER_') {
-        // Rethrow unknown errors
-        throw err;
+        throw err; // Rethrow non-MySQL errors
       }
 
       // Pass down parser errors

nodejs/node_modules/mysql/lib/protocol/constants/ssl_profiles.js

@@ -108,6 +108,43 @@ exports['Amazon RDS'] = {
     + 'VPrXn2899T1rcTtFYFP16WXjGuc0\n'
     + '-----END CERTIFICATE-----\n',
 
+    /**
+     * Amazon RDS ap-northeast-2 certificate CA 2015 to 2020
+     *
+     *   CN = Amazon RDS ap-northeast-2 CA
+     *   OU = Amazon RDS
+     *   O = Amazon Web Services, Inc.
+     *   L = Seattle
+     *   ST = Washington
+     *   C = US
+     *   P = 2015-11-06T00:05:46Z/2020-03-05T00:05:46Z
+     *   F = 77:D9:33:4E:CE:56:FC:42:7B:29:57:8D:67:59:ED:29:4E:18:CB:6B
+     */
+    '-----BEGIN CERTIFICATE-----\n'
+    + 'MIIEATCCAumgAwIBAgIBTDANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCVVMx\n'
+    + 'EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoM\n'
+    + 'GUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMx\n'
+    + 'GzAZBgNVBAMMEkFtYXpvbiBSRFMgUm9vdCBDQTAeFw0xNTExMDYwMDA1NDZaFw0y\n'
+    + 'MDAzMDUwMDA1NDZaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3Rv\n'
+    + 'bjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNl\n'
+    + 'cywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1hem9uIFJE\n'
+    + 'UyBhcC1ub3J0aGVhc3QtMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n'
+    + 'ggEBAKSwd+RVUzTRH0FgnbwoTK8TMm/zMT4+2BvALpAUe6YXbkisg2goycWuuWLg\n'
+    + 'jOpFBB3GtyvXZnkqi7MkDWUmj1a2kf8l2oLyoaZ+Hm9x/sV+IJzOqPvj1XVUGjP6\n'
+    + 'yYYnPJmUYqvZeI7fEkIGdFkP2m4/sgsSGsFvpD9FK1bL1Kx2UDpYX0kHTtr18Zm/\n'
+    + '1oN6irqWALSmXMDydb8hE0FB2A1VFyeKE6PnoDj/Y5cPHwPPdEi6/3gkDkSaOG30\n'
+    + 'rWeQfL3pOcKqzbHaWTxMphd0DSL/quZ64Nr+Ly65Q5PRcTrtr55ekOUziuqXwk+o\n'
+    + '9QpACMwcJ7ROqOznZTqTzSFVXFECAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgEGMBIG\n'
+    + 'A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFM6Nox/QWbhzWVvzoJ/y0kGpNPK+\n'
+    + 'MB8GA1UdIwQYMBaAFE4C7qw+9hXITO0s9QXBj5yECEmDMA0GCSqGSIb3DQEBBQUA\n'
+    + 'A4IBAQCTkWBqNvyRf3Y/W21DwFx3oT/AIWrHt0BdGZO34tavummXemTH9LZ/mqv9\n'
+    + 'aljt6ZuDtf5DEQjdsAwXMsyo03ffnP7doWm8iaF1+Mui77ot0TmTsP/deyGwukvJ\n'
+    + 'tkxX8bZjDh+EaNauWKr+CYnniNxCQLfFtXYJsfOdVBzK3xNL+Z3ucOQRhr2helWc\n'
+    + 'CDQgwfhP1+3pRVKqHvWCPC4R3fT7RZHuRmZ38kndv476GxRntejh+ePffif78bFI\n'
+    + '3rIZCPBGobrrUMycafSbyXteoGca/kA+/IqrAPlk0pWQ4aEL0yTWN2h2dnjoD7oX\n'
+    + 'byIuL/g9AGRh97+ssn7D6bDRPTbW\n'
+    + '-----END CERTIFICATE-----\n',
+
     /**
      * Amazon RDS ap-southeast-1 certificate CA 2015 to 2020
      *