Hi,
Ionut G. Stan wrote:
Hi Ulf,
Thanks for the answer, but let me understand this better.
The old mysql API did not support the auth protocol of MySQL 4.1+, but
only lower,
while the new mysqlnd API only supports MySQL 4.1+ auth protocol. At
least this
is what I understand from the error message, your response and the note
on this page[1]
which refers specifically to PHP.
No. libmysql supports both authentication methods, versions of libmysql
4.1+. The old pre-4.1 insecure one and the new post-4.1 secure
authentication. What is different? The password hash in mysql.user is of
a different length. While with the years it has been good to have a
smooth transition, with just a recompile, I think it is high time that
the dbas should secure their systems and change the passwords. In web
environments you don't have too many users, usually just one, which will
need a new password set. Just use the statement for setting the password
and set it to the same as current, then it will work. Also, mysqlnd
doesn't work with servers which are pre-4.1. Windows developers don't
get this as download option at all - mysql 4.0 or 3.2x.x servers.
Is that true? If yes, then this should be stressed on the mysqlnd manual
page[2] so that
people can do what suits them best - update passwords or compile PHP
with the MySQL
client library. There are a lot of legacy applications using mysql_*
functions that are working
right now because the auth protocol is the old one (as in my case).
They are working either because the used libmysql is 3.23, a lpgl one,
or 4.0, because the server used is old. In the case of 4.1, 5.0 and 5.1
servers it is just laziness to change the password. It is written
somewhere in the documentation about upgrading from 4.0 to 4.1.
Sorry if I somehow missed such warnings in the manual.
There's also the problem of Windows binaries. Lots of people are
developing on Windows
and host their work where they have little control over the MySQL
configuration. People
compiling PHP on Windows are rare and even some Linux sysadmins are
afraid/don't have
the knowledge to compile PHP with special arguments (my sysadmin). In my
opinion there's
a problem right here that would have been best solved with some php.ini
setting.
On public hosting it should be very rare to get MySQL Server 4.0 or
earlier. With 4.1 and up everything is fine, just re-set your password.
Cheers,
[1] http://dev.mysql.com/doc/refman/4.1/en/old-client.html
[2] http://php.net/mysqli.mysqlnd
On 3/30/2009 11:04, Ulf Wendel wrote:
Ionut G. Stan schrieb:
Warning: mysql_connect() [function.mysql-connect]: OK packet 6 bytes
shorter than expected in {filename} on line 18
Warning: mysql_connect() [function.mysql-connect]: mysqlnd cannot
connect to MySQL 4.1+ using old authentication in {filename} on line 18
This says everything. You cannot use old authentication with mysqlnd.
Upgrade you server passwords to the more recent and more secure
authentication method or recompile PHP with libmysql (MySQL Client
Library) support. Check ./configure --help | grep -C3 mysql and
http://www.php.net/manual/en/mysql.installation.php .
Ulf
Best,
Andrey
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php