Opened 14 years ago
Last modified 11 years ago
#136 closed defect
PHP 5.3 mysqlnd requires new-style passwords — at Version 2
Reported by: | geofft | Owned by: | |
---|---|---|---|
Priority: | blocker | Milestone: | Fedora 20 |
Component: | sql | Keywords: | |
Cc: |
Description (last modified by andersk)
The sql.mit.edu servers currently have old_passwords=1 set in the mysqld configuration for compatibility with MySQL 3.x and 4.x clients. The MySQL native driver in PHP 5.3 only knows how to deal with new-style passwords; this will probably bite us hard when we move to PHP 5.3 as part of upgrading to Fedora 13.
We'll need to either figure out if we can do the backward-compatible but insecure hack of making PHP clients able to use old-style passwords (disable the native driver? patch it?), or if we can drop support for MySQL clients that don't support new-style passwords, i.e., 4.0.x and below.
Change History (2)
comment:1 Changed 14 years ago by mitchb
- Priority changed from blocker to minor
comment:2 Changed 14 years ago by andersk
- Description modified (diff)
Fortunately for us, the F13 packages have not begun to build with the option that enables mysqlnd for any of the mysql, mysqli, or pdo-mysql extensions. As a result, they all still use the libmysql client library, which supports both types of passwords (as well as such niceties as SSL). So, while sql and scripts should probably figure out whether/when we can discontinue keeping the less secure compatibility passwords around, this doesn't pose an issue for the F13 upgrade.