[MKDoc-dev] MySQL 4.1 and plain text passwords

Chris Croome chris at webarchitects.co.uk
Wed Feb 16 13:10:09 GMT 2005 

Hi

I guess the legal problems were resolved RHEL that shipped yesterday
comes with MySQL 4.1:

  Users should note that there may be compatibility issues when
  migrating applications or databases from version 3.23.x to 4.1.x of
  MySQL. A known issue is that the default timestamp format has changed.
  To address these various issues, the mysqlclient10 package is included
  to provide the 3.23.x client library (libmysqlclient.so.10) for binary
  compatibility with applications linked against this legacy library.
  Note

  While the mysqlclient10 package provides compatibility support with
  the MySQL 4.1.x server, it does not support the new password
  encryption method introduced in version 4.1. To enable compatibility
  with legacy MySQL 3.x-based clients, the old_passwords parameter is
  enabled by default in the /etc/my.cnf configuration file. If
  compatibility with old clients is not required, this parameter can be
  disabled to allow use of the improved password encryption method.

  http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/release-notes/as-x86/#id3465361

So I have updated the MySQL bug for 1.8 from wishlist to normal:

  http://www.mkdoc.org/bugs/unstable/normal/mysql-41/

When CentOS ship a version 4 I'll install install this on a box when I
get a chance to see if the old_passwords parameter workaround does the
trick.

Chris  

On Wed 17-Nov-2004 at 11:00:01 +0000, Chris Croome wrote:
> 
> At some point the legal issues preventing some distros shipping MySQL
> 4.1 will probably be sorted [1] so I guess at some point it would make
> sense to make MKDoc work with it, the only issue I'm aware of is the way
> that 4.1.x does passwords -- they are no longer in plain text:
> 
> - 5.5.9 Password Hashing in MySQL 4.1
> 
>   MySQL user accounts are listed in the user table of the mysql
>   database.  Each MySQL account is assigned a password, although what is
>   stored in the Password column of the user table is not the plaintext
>   version of the password, but a hash value computed from it. Password
>   hash values are computed by the PASSWORD() function. 
> 
>   http://dev.mysql.com/doc/mysql/en/Password_hashing.html
> 
> There is a way around this, you can start the MySQL server with the
> --old-passwords command line option, and this _should_ work in my.cnf
> (but I'm not sure if it does from browsing the MySQL list):
> 
>   [mysqld]
>   old-passwords
> 
> I have no idea what would have to be changed in MKDoc for hashed passwds
> to work, also backwards compatability with 3.x should be retained.
> 
> Chris
> 
> [1] http://thread.gmane.org/gmane.linux.redhat.fedora.devel/16521

-- 
Chris Croome                               <chris at webarchitects.co.uk>
web design                             http://www.webarchitects.co.uk/ 
web content management                               http://mkdoc.com/

More information about the MKDoc-dev mailing list