List:Commits« Previous MessageNext Message »
From:paul Date:January 21 2006 3:09am
Subject:svn commit - mysqldoc@docsrva: r960 - in trunk: . refman-4.1 refman-5.0 refman-5.1
View as plain text  
Author: paul
Date: 2006-01-21 04:09:29 +0100 (Sat, 21 Jan 2006)
New Revision: 960

Log:
 r6504@frost:  paul | 2006-01-20 18:51:41 -0600
 MD5 and SHA-1 can be cracked. (Bug#13174)


Modified:
   trunk/
   trunk/refman-4.1/functions.xml
   trunk/refman-5.0/functions.xml
   trunk/refman-5.1/functions.xml


Property changes on: trunk
___________________________________________________________________
Name: svk:merge
   - b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:6503
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:2396
   + b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:6504
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:2396

Modified: trunk/refman-4.1/functions.xml
===================================================================
--- trunk/refman-4.1/functions.xml	2006-01-21 03:09:14 UTC (rev 959)
+++ trunk/refman-4.1/functions.xml	2006-01-21 03:09:29 UTC (rev 960)
@@ -11747,6 +11747,13 @@
         change data values.
       </para>
 
+      <para>
+        <emphasis role="bold">Note</emphasis>: Exploits for the MD5 and
+        SHA-1 algorithms have become known. You may wish to consider
+        using one of the other encryption functions described in this
+        section instead.
+      </para>
+
       <itemizedlist>
 
         <listitem>
@@ -12124,10 +12131,7 @@
             If <literal>crypt()</literal> is not available on your
             system (as is the case with Windows),
             <literal>ENCRYPT()</literal> always returns
-            <literal>NULL</literal>. Because of this, we recommend that
-            you use <literal>MD5()</literal> or
-            <literal>SHA1()</literal> instead, because those two
-            functions exist on all platforms.
+            <literal>NULL</literal>.
           </para>
         </listitem>
 
@@ -12178,6 +12182,11 @@
           </para>
 
           <para>
+            See the note regarding the MD5 algorithm at the beginning
+            this section.
+          </para>
+
+          <para>
             <literal>MD5()</literal> was added in MySQL 3.23.2.
           </para>
         </listitem>
@@ -12272,7 +12281,7 @@
             <literal>PASSWORD()</literal> function is used by the
             authentication system in MySQL Server; you should
             <emphasis>not</emphasis> use it in your own applications.
-            For that purpose, use <literal>MD5()</literal> or
+            For that purpose, consider <literal>MD5()</literal> or
             <literal>SHA1()</literal> instead. Also see RFC 2195 for
             more information about handling passwords and authentication
             securely in your applications.
@@ -12306,13 +12315,15 @@
           <remark role="help-description-begin"/>
 
           <para>
-            Calculates an SHA1 160-bit checksum for the string, as
+            Calculates an SHA-1 160-bit checksum for the string, as
             described in RFC 3174 (Secure Hash Algorithm). The value is
             returned as a string of 40 hex digits, or
             <literal>NULL</literal> if the argument was
             <literal>NULL</literal>. One of the possible uses for this
             function is as a hash key. You can also use it as a
-            cryptographically safe function for storing passwords.
+            cryptographic function for storing passwords.
+            <literal>SHA()</literal> is synonymous with
+            <literal>SHA1()</literal>.
           </para>
 
           <remark role="help-description-end"/>
@@ -12327,8 +12338,8 @@
           <para>
             <literal>SHA1()</literal> was added in MySQL 4.0.2, and can
             be considered a cryptographically more secure equivalent of
-            <literal>MD5()</literal>. <literal>SHA()</literal> is
-            synonymous with <literal>SHA1()</literal>.
+            <literal>MD5()</literal>. However, see the note regarding
+            the MD5 and SHA-1 algorithms at the beginning this section.
           </para>
         </listitem>
 

Modified: trunk/refman-5.0/functions.xml
===================================================================
--- trunk/refman-5.0/functions.xml	2006-01-21 03:09:14 UTC (rev 959)
+++ trunk/refman-5.0/functions.xml	2006-01-21 03:09:29 UTC (rev 960)
@@ -11744,6 +11744,13 @@
         with trailing space removal that would change data values.
       </para>
 
+      <para>
+        <emphasis role="bold">Note</emphasis>: Exploits for the MD5 and
+        SHA-1 algorithms have become known. You may wish to consider
+        using one of the other encryption functions described in this
+        section instead.
+      </para>
+
       <itemizedlist>
 
         <listitem>
@@ -12112,10 +12119,7 @@
             If <literal>crypt()</literal> is not available on your
             system (as is the case with Windows),
             <literal>ENCRYPT()</literal> always returns
-            <literal>NULL</literal>. Because of this, we recommend that
-            you use <literal>MD5()</literal> or
-            <literal>SHA1()</literal> instead, because those two
-            functions exist on all platforms.
+            <literal>NULL</literal>.
           </para>
         </listitem>
 
@@ -12164,6 +12168,11 @@
             for the <literal>BINARY</literal> operator in
             <xref linkend="cast-functions"/>.
           </para>
+
+          <para>
+            See the note regarding the MD5 algorithm at the beginning
+            this section.
+          </para>
         </listitem>
 
         <listitem>
@@ -12256,7 +12265,7 @@
             <literal>PASSWORD()</literal> function is used by the
             authentication system in MySQL Server; you should
             <emphasis>not</emphasis> use it in your own applications.
-            For that purpose, use <literal>MD5()</literal> or
+            For that purpose, consider <literal>MD5()</literal> or
             <literal>SHA1()</literal> instead. Also see RFC 2195 for
             more information about handling passwords and authentication
             securely in your applications.
@@ -12290,13 +12299,15 @@
           <remark role="help-description-begin"/>
 
           <para>
-            Calculates an SHA1 160-bit checksum for the string, as
+            Calculates an SHA-1 160-bit checksum for the string, as
             described in RFC 3174 (Secure Hash Algorithm). The value is
             returned as a string of 40 hex digits, or
             <literal>NULL</literal> if the argument was
             <literal>NULL</literal>. One of the possible uses for this
             function is as a hash key. You can also use it as a
-            cryptographically safe function for storing passwords.
+            cryptographic function for storing passwords.
+            <literal>SHA()</literal> is synonymous with
+            <literal>SHA1()</literal>.
           </para>
 
           <remark role="help-description-end"/>
@@ -12311,8 +12322,8 @@
           <para>
             <literal>SHA1()</literal> can be considered a
             cryptographically more secure equivalent of
-            <literal>MD5()</literal>. <literal>SHA()</literal> is
-            synonymous with <literal>SHA1()</literal>.
+            <literal>MD5()</literal>. However, see the note regarding
+            the MD5 and SHA-1 algorithms at the beginning this section.
           </para>
         </listitem>
 

Modified: trunk/refman-5.1/functions.xml
===================================================================
--- trunk/refman-5.1/functions.xml	2006-01-21 03:09:14 UTC (rev 959)
+++ trunk/refman-5.1/functions.xml	2006-01-21 03:09:29 UTC (rev 960)
@@ -12173,6 +12173,13 @@
         change data values.
       </para>
 
+      <para>
+        <emphasis role="bold">Note</emphasis>: Exploits for the MD5 and
+        SHA-1 algorithms have become known. You may wish to consider
+        using one of the other encryption functions described in this
+        section instead.
+      </para>
+
       <itemizedlist>
 
         <listitem>
@@ -12541,10 +12548,7 @@
             If <literal>crypt()</literal> is not available on your
             system (as is the case with Windows),
             <literal>ENCRYPT()</literal> always returns
-            <literal>NULL</literal>. Because of this, we recommend that
-            you use <literal>MD5()</literal> or
-            <literal>SHA1()</literal> instead, because those two
-            functions exist on all platforms.
+            <literal>NULL</literal>.
           </para>
         </listitem>
 
@@ -12593,6 +12597,11 @@
             for the <literal>BINARY</literal> operator in
             <xref linkend="cast-functions"/>.
           </para>
+
+          <para>
+            See the note regarding the MD5 algorithm at the beginning
+            this section.
+          </para>
         </listitem>
 
         <listitem>
@@ -12685,7 +12694,7 @@
             <literal>PASSWORD()</literal> function is used by the
             authentication system in MySQL Server; you should
             <emphasis>not</emphasis> use it in your own applications.
-            For that purpose, use <literal>MD5()</literal> or
+            For that purpose, consider <literal>MD5()</literal> or
             <literal>SHA1()</literal> instead. Also see RFC 2195 for
             more information about handling passwords and authentication
             securely in your applications.
@@ -12719,13 +12728,15 @@
           <remark role="help-description-begin"/>
 
           <para>
-            Calculates an SHA1 160-bit checksum for the string, as
+            Calculates an SHA-1 160-bit checksum for the string, as
             described in RFC 3174 (Secure Hash Algorithm). The value is
             returned as a string of 40 hex digits, or
             <literal>NULL</literal> if the argument was
             <literal>NULL</literal>. One of the possible uses for this
             function is as a hash key. You can also use it as a
-            cryptographically safe function for storing passwords.
+            cryptographic function for storing passwords.
+            <literal>SHA()</literal> is synonymous with
+            <literal>SHA1()</literal>.
           </para>
 
           <remark role="help-description-end"/>
@@ -12740,8 +12751,8 @@
           <para>
             <literal>SHA1()</literal> can be considered a
             cryptographically more secure equivalent of
-            <literal>MD5()</literal>. <literal>SHA()</literal> is
-            synonymous with <literal>SHA1()</literal>.
+            <literal>MD5()</literal>. However, see the note regarding
+            the MD5 and SHA-1 algorithms at the beginning this section.
           </para>
         </listitem>
 

Thread
svn commit - mysqldoc@docsrva: r960 - in trunk: . refman-4.1 refman-5.0 refman-5.1paul21 Jan