[MDEV-12160] Modern alternative to the SHA1 authentication plugin - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Fix Version/s: 10.1.22, 10.2.5
Component/s: Authentication and Privilege System
Labels:
None

Sprint:
10.1.22

Description

Authentication plugin that

uses a crypto-hash that is considered secure nowadays
does not allow to get the password even if mysql.user is read and the authentication exchange is intercepted
as easy to use as native_mysql_authentication plugin, no public/private key files or anything
pure plugin

Attachments

Issue Links

duplicates

MDEV-12701 ACL secured by SHA1 algorithm too weak/out dated

Closed

relates to

CONJ-501 provide support for authentication plugin ed25519

Closed

MDEV-9804 Implement a sha256_password / caching_sha256_password plugin

Open

MDEV-12320 configurable default authentication plugin for the server

Stalled

MDEV-12321 authentication plugin: SET PASSWORD support

Closed

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Sergei Golubchik

Votes:: 1 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2017-03-01 14:08

Updated:: 2017-06-29 16:29

Resolved:: 2017-03-10 17:55

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.