Open h3ssan opened 3 months ago
I remember looking into this some time ago. And I noped out when I learned that MariaDB invented their own variant of ED25519: https://jira.mariadb.org/browse/MDEV-19217
I remember looking into this some time ago. And I noped out when I learned that MariaDB invented their own variant of ED25519: https://jira.mariadb.org/browse/MDEV-19217
Hey @nielsdos At some point MySQL will eventually implement ed25519 too. Since sha-1 is freaking weak nowadays they must implement a stronger mechanism for authentication.
At least, MariaDB's deviates from standard ed25519, so I'm not sure if we should rush to deal with it now...
Sometimes doing nothing pays out.
We're releasing a new authentication plugin https://mariadb.com/kb/en/authentication-plugin-parsec/ — it uses stock ed25519 from OpenSSL or GnuTLS, not modified.
Sometimes doing nothing pays out.
We're releasing a new authentication plugin https://mariadb.com/kb/en/authentication-plugin-parsec/ — it uses stock ed25519 from OpenSSL or GnuTLS, not modified.
That’s great. @SakiTakamachi could you take a look into it please?
Description
Overview
Since MariaDB
10.4
(released ~5 years ago) introduced an authentication method calledauth_ed25519
and still supported till now in the latest versions of MariaDB which is now11.3
, here's official to read more aboutauth_ed25519
The Problem
As this code of PHP 8.1.0 ( Located in https://github.com/php/php-src/blob/php-8.1.0/ext/mysqlnd/mysqlnd_auth.c#L1315-L1326 ) mentioned below that
auth_ed25519
is not supported yet.Also, here's what official MariaDB said about
mysql_native_password
:The Requested Features
More on this