Perhaps it's best not to support shorter hashes, for the same reason the
developers made them longer.

Gary Dunn
Open Slate Project
http://openslate.org

On Sep 30, 2011 6:39 PM, "Anindya Haldar" <anindya_haldar at yahoo.com> wrote:

I believe I found the core issue here. What likely happens in this scenario
is:
- The connector follows 4.1.1 and up wire protocol, which has a very
specific way of scrambling and hashing of user credentials. And this is
supported by the longer hash used by MySQL.
- If the user credential was created with a older version with a shorter
hash style, then the server asks the client to send the hash again using
older style (short hash).
- Our protocol driver does not support this fall back yet, and that is where
this exception is thrown
- The best solution: have a user with a new style longer password hash.
Please refer to the function old_password() vs password() in MySQL
documentation. As far as I am aware just setting a new password using the
password() function should do it.
- One way to verify the style differences is to do a 'select host, user,
password from mysql.user' from an admin account. This lists the password
hashes: the older ones are short, the newer ones are long format
- I will investigate further on how to support the old hash style in the
driver

Hope this is helpful for now.

BTW, there are some test cases where they use a 'testuser'/'testpass'
combination; this is different from the other 'stdbtestuser'/'stdbtestpass'
combination. This is an inconsistency that I found, and will fix this so
that only the 'stdbtestuser' account is required for running all the unit
tests.

Best,
Anindya

------------------------------
*From:* Yanni Chiu <yanni at rogers.com>
*To:* squeak-dev at lists.squeakfoundation.org
*Sent:* Friday, September 30, 2011 9:05 AM
*Subject:* [squeak-dev] Re: Now available: a database conectivity API and
its MySQL implementation

On 30/09/11 3:57 AM, Andreas Raab wrote:
> On 9/30/2011 4:35, Anindya Haldar wrote:
>> I believe this is a version issue. I tested my code with MySQL 5.0.67 on
>> Mac OS X. The details of the test platform combinations are in the
>> project page in Squeaksource.
>>
>> Could you please let me know your MySQL version and platform? It is
>> entirely possible that for certain versions/conditions the handshake
>> protocol does another extra step. This is something I found NOT
>> applicable for the version I was working with, although the reference C
>> implementation does have such provisions.
>
> I'm running MySql 5.0.77 server on CentOS 5.6 (which is the
> out-of-the-box version you get on CentOS via yum). This seems pretty
> close to what you're using. Is there a chance that I need to set up the
> database credentials in a specific way? I've just been using an existing
> user which works fine in other contexts but perhaps there's something
> specific that needs to be done?

Just a wild guess (based on working on a PostgreSQL driver) - you might try
to change the authentication method used by the MySQL server. In PostgreSQL,
there is plain text password and OS userid authentication methods, no idea
if something similar is available in MySQL. The other authentication methods
require hashing or encryption to implement.

-- Yanni
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20110930/78412f89/attachment.htm