Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9804

Implement a caching_sha2_password plugin

    XMLWordPrintable

Details

    • Hide
      Implemented MySQL-compatible caching_sha2_password plugin. It uses the same password hashes as in MySQL It can be used in cases when one has to use MySQL connectors to connect to MariaDB. Or when one migrates from MySQL and wants to keep user passwords intact. Note that this plugin is less secure than the PARSEC plugin, and should only be used when MySQL compatibility is required.
      Show
      Implemented MySQL-compatible caching_sha2_password plugin. It uses the same password hashes as in MySQL It can be used in cases when one has to use MySQL connectors to connect to MariaDB. Or when one migrates from MySQL and wants to keep user passwords intact. Note that this plugin is less secure than the PARSEC plugin, and should only be used when MySQL compatibility is required.
    • Q2/2025 Development, Q3/2025 Maintenance

    Description

      In MySQL 5.6 and 5.7, you have the option of using the SHA256 password algorithm. The current method (mysql_native_password) leverages SHA1 and this has been proven to be no longer as secure as one would expect today.

      Find out more here:

      UPDATE:
      https://dev.mysql.com/doc/mysql-security-excerpt/8.0/en/sha256-pluggable-authentication.html

      Attachments

        Issue Links

          blocks

          New Feature - A new feature of the product, which has yet to be developed. MDEV-37600 Backport MDEV-9804 "Implement a caching_sha2_password plugin" to MariaDB Community Server 11.4/11.8

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-37339 Errors about caching_sha2_password upon server startup with WolfSSL

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          is duplicated by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-36382 mariadb支持caching_sha2_password

          • Major - Major loss of function.
          • Closed
          is part of

          Task - A task that needs to be done. MDEV-28906 MySQL 8.0 desired compatibility

          • Major - Major loss of function.
          • Open
          relates to

          Task - A task that needs to be done. CONC-229 SHA256 authentication plugin

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. CONJ-327 Handle sha256_password plugin

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. CONJS-76 Implement sha256_password support

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. CONJS-77 Implement caching_sha256_password support

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. MDEV-12160 Modern alternative to the SHA1 authentication plugin

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MXS-1325 Add sha256_password authenticator

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MXS-4270 ed25519 authentication support

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. ODBC-241 Add parameter that corresponds to MYSQL_SERVER_PUBLIC_KEY option from MariaDB Connector/C

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. CONC-312 Implement caching_sha2_password plugin

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Task - A task that needs to be done. CONJ-663 Implement caching_sha2_password plugin

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-37554 MariaDB auth protocol differs from MySQL

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Activity

            People

              serg Sergei Golubchik
              colin Colin Charles
              Votes:
              11 Vote for this issue
              Watchers:
              24 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.