Update sha256_password.js

In short, replacing `xor` for `xorRotating` when authenticating passwords that are greater than 20 characters in length.  The original issue was first spotted in the auth_plugin `caching_sha2_password` but is also present in the `sha256_password` auth_plugin as well.

The link to the original issue (and fix) can be found here:  sidorares#1044

Author: cavenator

lib/auth_plugins/sha256_password.js

@@ -2,7 +2,7 @@
 
 const PLUGIN_NAME = 'sha256_password';
 const crypto = require('crypto');
-const { xor } = require('../auth_41');
+const { xorRotating } = require('../auth_41');
 
 const REQUEST_SERVER_KEY_PACKET = Buffer.from([1]);
 
@@ -11,7 +11,7 @@ const STATE_WAIT_SERVER_KEY = 1;
 const STATE_FINAL = -1;
 
 function encrypt(password, scramble, key) {
-  const stage1 = xor(
+  const stage1 = xorRotating(
     Buffer.from(`${password}\0`, 'utf8').toString('binary'),
     scramble.toString('binary')
   );