headers
Peter Selinger | 3 Dec 2003 06:18
Picon

can DBD::mysql handle the new mysql-4.1.0 authentication method?

Hi,

according to its changelog, mysql 4.1.0 introduced a "New more secure
client authentication based on 45-byte passwords in the user table."

I am dealing with a server which accepts *only* this new
authentication method; all old methods have been disabled because they
were not secure (unencrypted password was sent over the network, as
far as I know). 

My problem is: I cannot get DBI / DBD::mysql to use this new method. I
have upgraded everything to the newest version, and I still get this
error message:

DBI connect('database=xxxx;host=yyyy,'zzzz',...) failed: Client does
not support authentication protocol requested by server. Consider
upgrading MySQL client at ./test.pl line 8

Can anyone tell me whether this new authentication method is supported
by DBD::mysql, and if yes, what I need to do to get it to work? Or if
it is going to be supported in the future? Or where I can locate the
source code, libraries, protocol specs, or whatever is needed to fix
this myself? I could not find the documentation of the MySQL
client/server authentication protocol anywhere. 

Presumably many users don't have this problem because their client
will simply fall back to some older method, if it is still enabled. 

Thanks, -- Peter
(Continue reading)

Permalink | Reply | 8 comments |
headers
Jochen Wiedmann | 3 Dec 2003 08:12
Picon

Re: can DBD::mysql handle the new mysql-4.1.0 authentication method?

Peter Selinger wrote:

> My problem is: I cannot get DBI / DBD::mysql to use this new method. I
> have upgraded everything to the newest version, and I still get this
> error message:

The question is: Does this new method of authentication require any changes 
on the client side? Is there any documentation available to which you can
point us?

Jochen

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 6 comments |
headers
曹方 | 3 Dec 2003 10:48

Help me ^!^

Dear Sir,
 
I want help, but my email didn't reach you. I don't know the reason. Now the descripts is in the accessory.
Thank you!   

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 0 comments |
headers
Giuseppe Maxia | 3 Dec 2003 10:53
Picon

Re: bulk inserts

> Starting from MySQL 4, you can do bulk inserts like:

Actually, they have available for long, long time. I remember using them
with MySQL 3.23.30

> INSERT INTO table VALUES (a), (b), (c);
>
>Is there anything in DBD::mysql to take advantage of this ?

Not explicitly. But you can use a Perl idiom to create multi-values
INSERT statements:

my  <at> values = (
    ["A", "B", "D", "0"],    ["E", "F", "G", "1"],
    ["H", "I", "J", "2"],    ["K", "L", "M", "3"],
    ["N", "O", "P", "4"],    ["Q", "R", "S", "5"],
    ["T", "U", "V", "6"],    ["W", "X", "Y", "7"],
);

my $query = "INSERT INTO mytable VALUES \n"
  . join(",\n", ( map { "(". join ( ", ", 
                       map {$dbh->quote($_)}  <at> $_). ")" 
                      }
                  <at> values));
print "$query;\n";

__END__

it will print

INSERT INTO mytable VALUES
('A', 'B', 'D', '0'),
('E', 'F', 'G', '1'),
('H', 'I', 'J', '2'),
('K', 'L', 'M', '3'),
('N', 'O', 'P', '4'),
('Q', 'R', 'S', '5'),
('T', 'U', 'V', '6'),
('W', 'X', 'Y', '7')

See http://gmax.oltrelinux.com/dbirecipes.html for more DBI idioms

-- 
  ____ ____  _____ _   _ 
 / _  |    \(____ ( \ / ) 
( (_| | | | / ___ |) X ( 
 \___ |_|_|_\_____(_/ \_) 
(_____| 
Sapere, saper fare, fare, far sapere
http://gmax.oltrelinux.com

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 0 comments |
headers
lshen | 3 Dec 2003 14:39
Picon

How to open a Mysql server to connect with client PC?

I am trying to get connect my mysql (in linux) server to my Navicat mysql
client (from PC). But it always come with a error - 'not allow to connect to
the mysql server' . Dose anyone know what happen?

Brian
----- Original Message ----- 
From: "Peter Selinger" <selinger <at> mathstat.uottawa.ca>
To: <perl <at> lists.mysql.com>
Sent: Wednesday, December 03, 2003 12:18 AM
Subject: can DBD::mysql handle the new mysql-4.1.0 authentication method?

> Hi,
>
> according to its changelog, mysql 4.1.0 introduced a "New more secure
> client authentication based on 45-byte passwords in the user table."
>
> I am dealing with a server which accepts *only* this new
> authentication method; all old methods have been disabled because they
> were not secure (unencrypted password was sent over the network, as
> far as I know).
>
> My problem is: I cannot get DBI / DBD::mysql to use this new method. I
> have upgraded everything to the newest version, and I still get this
> error message:
>
> DBI connect('database=xxxx;host=yyyy,'zzzz',...) failed: Client does
> not support authentication protocol requested by server. Consider
> upgrading MySQL client at ./test.pl line 8
>
> Can anyone tell me whether this new authentication method is supported
> by DBD::mysql, and if yes, what I need to do to get it to work? Or if
> it is going to be supported in the future? Or where I can locate the
> source code, libraries, protocol specs, or whatever is needed to fix
> this myself? I could not find the documentation of the MySQL
> client/server authentication protocol anywhere.
>
> Presumably many users don't have this problem because their client
> will simply fall back to some older method, if it is still enabled.
>
> Thanks, -- Peter
>
> -- 
> MySQL Perl Mailing List
> For list archives: http://lists.mysql.com/perl
> To unsubscribe:
http://lists.mysql.com/perl?unsub=lshen <at> pop900.gsfc.nasa.gov
>
>

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 0 comments |
headers
Peter Selinger | 3 Dec 2003 17:47
Picon

Re: can DBD::mysql handle the new mysql-4.1.0 authentication method?

Jochen Wiedmann wrote:
> 
> Peter Selinger wrote:
> 
> > My problem is: I cannot get DBI / DBD::mysql to use this new method. I
> > have upgraded everything to the newest version, and I still get this
> > error message:
> 
> The question is: Does this new method of authentication require any changes 
> on the client side? Is there any documentation available to which you can
> point us?

I thought I had already answered these questions in my original post. 

Yes, it requires changes on the client side. The error message (from
the server) clearly states: "*Client* does not support authentication
protocol requested by server. Consider upgrading MySQL *client*".

For example, I get the same error message when trying to connect with
the "mysql" 3.23.54 client. However, with the "mysql" 4.1.0 client,
all is fine. So it must be a client side problem.

And no, I don't know where to find the documentation of the MySQL
client/server authentication protocol. I thought somebody on this list
might know. I was hoping that the people who create and maintain
clients are in touch with the people who create and maintain MySQL.

-- Peter

Original post:
> Hi,
> 
> according to its changelog, mysql 4.1.0 introduced a "New more secure
> client authentication based on 45-byte passwords in the user table."
> 
> I am dealing with a server which accepts *only* this new
> authentication method; all old methods have been disabled because they
> were not secure (unencrypted password was sent over the network, as
> far as I know). 
> 
> My problem is: I cannot get DBI / DBD::mysql to use this new method. I
> have upgraded everything to the newest version, and I still get this
> error message:
> 
> DBI connect('database=xxxx;host=yyyy,'zzzz',...) failed: Client does
> not support authentication protocol requested by server. Consider
> upgrading MySQL client at ./test.pl line 8
> 
> Can anyone tell me whether this new authentication method is supported
> by DBD::mysql, and if yes, what I need to do to get it to work? Or if
> it is going to be supported in the future? Or where I can locate the
> source code, libraries, protocol specs, or whatever is needed to fix
> this myself? I could not find the documentation of the MySQL
> client/server authentication protocol anywhere. 
> 
> Presumably many users don't have this problem because their client
> will simply fall back to some older method, if it is still enabled. 
> 
> Thanks, -- Peter

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 5 comments |
headers
Jochen Wiedmann | 3 Dec 2003 18:47
Picon

Re: can DBD::mysql handle the new mysql-4.1.0 authentication method?

Peter Selinger wrote:

> And no, I don't know where to find the documentation of the MySQL
> client/server authentication protocol. I thought somebody on this list
> might know. I was hoping that the people who create and maintain
> clients are in touch with the people who create and maintain MySQL.

Open Source software is a "take and give" process. You are the one who 
requires a feature. The maintainer is the one who can give you a feature. He 
will do so, if he either needs the feature himself or if the hurdle to start 
working on it is sufficiently low. By searching for documentation you are 
able to help.

And, no, in 6 years of DBD::mysql maintenance I was never more than very 
loosely related to the people of MySQL. So is Rudy, the current maintainer,
as far as I know.

Jochen

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 0 comments |
headers
Rudy Lippan | 3 Dec 2003 20:52

Re: can DBD::mysql handle the new mysql-4.1.0 authentication method?

On Wed, 3 Dec 2003, Peter Selinger wrote:

> Jochen Wiedmann wrote:
> > 
> > Peter Selinger wrote:
> > 
> > > My problem is: I cannot get DBI / DBD::mysql to use this new method. I
> > > have upgraded everything to the newest version, and I still get this
> > > error message:
> > 
> > The question is: Does this new method of authentication require any changes 
> > on the client side? Is there any documentation available to which you can
> > point us?
> 
> I thought I had already answered these questions in my original post. 
> 
> Yes, it requires changes on the client side. The error message (from
> the server) clearly states: "*Client* does not support authentication
> protocol requested by server. Consider upgrading MySQL *client*".
> 

But it might not require changes to the client code (see below).

> For example, I get the same error message when trying to connect with
> the "mysql" 3.23.54 client. However, with the "mysql" 4.1.0 client,
> all is fine. So it must be a client side problem.
> 

http://www.mysql.com/doc/en/Old_client.html

It looks like the problem is that you are linking against the old 
libraries (which is what I suspect that Jochen suspected when he penned 
his email), or that you did not re-link DBD::mysql against the new 
libararies when you upgraded mysql.

> And no, I don't know where to find the documentation of the MySQL
> client/server authentication protocol. I thought somebody on this list

FYI:
http://www.mysql.com/doc/en/Password_hashing.html

> might know. I was hoping that the people who create and maintain
> clients are in touch with the people who create and maintain MySQL.

Not really. DBD::mysql is just another application that uses the mysql 
API, so if the mysql api works correctly and the documentation is good, 
there is not much need to keep in touch with the MySQL maintainers.

HTH,

Rudy

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 3 comments |
headers
Peter Selinger | 3 Dec 2003 23:35
Picon

Re: can DBD::mysql handle the new mysql-4.1.0 authentication method?

Hi Rudy and Jochen,

thanks for your responses. 

Sorry, Jochen, I didn't mean to be rude. I meant to say I looked for
documentation, but couldn't find anything useful. Of course I would
have preferred to give you as much information as possible.

Even the stuff in http://www.mysql.com/doc/en/Password_hashing.html
which Rudy pointed out is only a user-level document; it tells you how
many bytes there are in a hash value and where they are stored, but it
is completely silent on how authentication is actually achieved. For
instance, is the password sent from client to server in cleartext
(like FTP)?  Is there a challenge-reponse protocol? Clearly these
questions are more important for security than whether the hash is 16
or 41 characters long. But I digress.

Rudy's answer is useful because it clarifies for me that DBD::mysql is
apparently merely a wrapper around some native libraries. And it seems
that the libraries in question are supplied with MySQL, not with
DBD::mysql. This is a useful start, because I tried different ways of
installing, re-installing, and upgrading DBD::mysql, with no success.

My next question is: are the libraries in question dynamically or
statically linked? If dynamic, I might be able to simply drop the new
libraries in place of the old ones without too much fanfare (hoping
that there won't be any unresolved symbol errors). If I can figure out
what they are called, where they are located, and how they are linked
into DBD::mysql, that is.

Part of the problem seems to be that I still have an old version of
mysql-3.23 installed in /usr, while I installed the new version
mysql-4.1.0 in /usr/local. When I recompile DBD::mysql I seem to have
a hard time telling it to use the new libraries. I just tried various
combinations like this:

perl Makefile.PL --testpassword=xxxx --libs=-L/usr/local/mysql/lib/mysql \
 --cflags=-I/usr/local/mysql/include/mysql

but it failed the majority of test suite cases with error message such
as this:

t/50commit.........install_driver(mysql) failed: Can't load
'blib/arch/auto/DBD/mysql/mysql.so' for module DBD::mysql: blib/arch/auto/DBD/mysql/mysql.so:
undefined symbol: net_buffer_length at /usr/lib/perl5/5.6.0/i386-linux/DynaLoader.pm line 200.
 at (eval 1) line 3
Compilation failed in require at (eval 1) line 3.
Perhaps a required shared library or dll isn't installed where expected
 at t/50commit.t line 64
t/50commit.........dubious
        Test returned status 255 (wstat 65280, 0xff00)
DIED. FAILED tests 1-30
        Failed 30/30 tests, 0.00% okay

t/mysql2...........Had to create DBD::mysql::dr::imp_data_size unexpectedly at
/usr/lib/perl5/site_perl/5.6.0/i386-linux/DBI.pm line 1056.
Use of uninitialized value in subroutine entry at /usr/lib/perl5/site_perl/5.6.0/i386-linux/DBI.pm
line 1056.
Can't locate object method "connect" via package "Mysql" at blib/lib/Mysql.pm line 71.
t/mysql2...........dubious
        Test returned status 255 (wstat 65280, 0xff00)

So somehow, despite the above --libs and --cflags options, there seem
to be library mismatches. I'll play with this a bit more to see if I
can get it to work, or else I guess I'll have to erase all old
versions of mysql.

By the way, I am using linux, and I am following the "Manual
installation" instructions in
http://search.cpan.org/src/RUDY/DBD-mysql-2.9003/INSTALL.html#manual%20installation

Thanks for any help, -- Peter

Rudy Lippan wrote:
> 
> > For example, I get the same error message when trying to connect with
> > the "mysql" 3.23.54 client. However, with the "mysql" 4.1.0 client,
> > all is fine. So it must be a client side problem.
> > 
> 
> http://www.mysql.com/doc/en/Old_client.html
> 
> It looks like the problem is that you are linking against the old 
> libraries (which is what I suspect that Jochen suspected when he penned 
> his email), or that you did not re-link DBD::mysql against the new 
> libararies when you upgraded mysql.

I see. If I understand correctly, then DBD::mysql is merely a wrapper
around some libraries, which must be upgraded independently. That
seems like the kind of thing I might be able to do.

Could you let me know where these libraries are located, and what I
need to do to get DBD::mysql to link against them? I can't see them
anywhere in my /usr/lib/perl5/site_perl/5.6.0/i386-linux/DBD
directory. Are these dynamically linked libraries (in which case I
might be able to just drop the new libraries in place of the old
ones), or are they somehow statically linked, and if so, against what?

I did try to install and upgrade DBD::mysql in various ways, including 
 perl -MCPAN -e shell
 install Bundle::DBD::mysql

which did some stuff but did not solve the problem.

Sorry for these relatively basic questions... I am sure

> 
> 
> > And no, I don't know where to find the documentation of the MySQL
> > client/server authentication protocol. I thought somebody on this list
> 
> FYI:
> http://www.mysql.com/doc/en/Password_hashing.html
> 
> > might know. I was hoping that the people who create and maintain
> > clients are in touch with the people who create and maintain MySQL.
> 
> Not really. DBD::mysql is just another application that uses the mysql 
> API, so if the mysql api works correctly and the documentation is good, 
> there is not much need to keep in touch with the MySQL maintainers.
> 
> 
> HTH,
> 
> Rudy
> 
> 
> 
> -- 
> MySQL Perl Mailing List
> For list archives: http://lists.mysql.com/perl
> To unsubscribe:    http://lists.mysql.com/perl?unsub=sugiarto.Then <at> infotronik.com
> 

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 2 comments |
headers
Laurence Stendard | 4 Dec 2003 12:14
Picon

Help on installing Bundle::DBD::mysql

Hi !

I will appreciate any help on this issue. 

I'm trying to install  Bundle::DBD::mysql ( perl -MCPAN -e 'install Bundle::DBD::mysql' ) on a Solaris 9
running Perl 5.8.2 but I got the error messages below.

Many thanks,

Laurence

 ==================================
/usr/local/bin/perl -p -e "s/~DRIVER~/mysql/g"
/usr/local/lib/perl5/site_perl/5.8.2/sun4-solaris-thread-multi/auto/DBI/Driver.xst > mysql.xsi
/usr/local/bin/perl /usr/local/lib/perl5/5.8.2/ExtUtils/xsubpp  -typemap
/usr/local/lib/perl5/5.8.2/ExtUtils/typemap  mysql.xs > mysql.xsc && mv mysql.xsc mysql.c
Warning: duplicate function definition 'do' detected in mysql.xs, line 192
Warning: duplicate function definition 'rows' detected in mysql.xs, line 290
gcc -B/usr/ccs/bin/ -c 
-I/usr/local/lib/perl5/site_perl/5.8.2/sun4-solaris-thread-multi/auto/DBI
-I/usr/local/mysql/include -Xa -xstrconst -mt -D_FORTEC_ -xarch=v9 -D_REENTRANT
-fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2  
-DVERSION=\"2.9003\" -DXS_VERSION=\"2.9003\" -fPIC
"-I/usr/local/lib/perl5/5.8.2/sun4-solaris-thread-multi/CORE"   mysql.c
gcc: unrecognized option `-Xa'   <<<<<<<< ???
gcc: language arch=v9 not recognized <<<<<<<< ???
gcc: mysql.c: linker input file unused because linking not done <<<<<<<< ???
Running Mkbootstrap for DBD::mysql ()
chmod 644 mysql.bs
rm -f blib/arch/auto/DBD/mysql/mysql.so
LD_RUN_PATH="/usr/lib" /usr/local/bin/perl myld gcc -B/usr/ccs/bin/  -G -L/usr/local/lib dbdimp.o
mysql.o  -o blib/arch/auto/DBD/mysql/mysql.so   -L/usr/local/mysql/lib -lmysqlclient -lposix4
-lcrypt -lgen -lsocket -lnsl -lm
gcc: dbdimp.o: No such file or directory
gcc: mysql.o: No such file or directory
make: *** [blib/arch/auto/DBD/mysql/mysql.so] Error 1 <<<<<<<< ???
  /usr/local/bin/make  -- NOT OK
Running make test
  Can't test without successful make <<<<<<<<
Running make install
  make had returned bad status, install seems impossible
Running install for module DBD::mysql
Running make for R/RU/RUDY/DBD-mysql-2.9003.tar.gz
  Is already unwrapped into directory /.cpan/build/DBD-mysql-2.9003
  Has already been processed within this session
Running make test
  Can't test without successful make
Running make install
  make had returned bad status, install seems impossible
Bundle summary: The following items in bundle Bundle::DBD::mysql had
installation problems:
  Mysql DBD::mysql

--

-- 
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe:    http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules <at> m.gmane.org
Permalink | Reply | 1 comment |

Gmane