MySQL Manual
2 MySQL Installation
- 2.5 Upgrading/Downgrading MySQL
- 2.5.1 Upgrading From Version 4.0 to 4.1
- 2.5.1.1 Preparing to Upgrade From Version 4.0 to 4.1
- 2.5.1.2 What to do when upgrading from 4.0 to 4.1
2.5.1.2 What to do when upgrading from 4.0 to 4.1
In general, upgrading to 4.1 from an earlier MySQL version involves the following steps:
- Check the changes section if there is some change that may affect your application. See section 2.5.1.1 Preparing to Upgrade From Version 4.0 to 4.1.
- Read the 4.1 news items to see what significant new features you can use in 4.1. See section D.2 Changes in release 4.1.x (Alpha).
-
Run the script
mysql_fix_privilege_tablesto generate the new longerPasswordcolumn that is needed for secure handling of passwords.
The password hashing mechanism has changed in 4.1 to provide better security, but this may cause compatibility problems if you still have clients that use the client library from 4.0 or earlier. (It is very likely that you will have 4.0 clients in situations where clients connect from remote hosts that have not yet upgraded to 4.1). The following list indicates some possible upgrade strategies. They represent various tradeoffs between the goal of compatibility with old clients and the goal of security.
- Don't upgrade to 4.1. No behaviour will change, but of course you cannot use any of the new features provided by the 4.1 client/server protocol, either. (MySQL 4.1 has an extended client/server protocol that offers such features as prepared statements and multiple result sets.) See section 9.1.4 C API Prepared Statements.
-
Upgrade to 4.1 and run the
mysql_fix_privilege_tablesscript to widen thePasswordcolumn in theusertable so that it can hold long password hashes. But run the server with the--old-passwordsoption to provide backward compatibility that allows pre-4.1 clients to continue to connect to their short-hash accounts. Eventually, when all your clients are upgraded to 4.1, you can stop using the--old-passwordsserver option. You can also change the passwords for your MySQL accounts to use the new more secure format. -
Upgrade to 4.1 and run the
mysql_fix_privilege_tablesscript to widen thePasswordcolumn in theusertable. If you know that all clients also have been upgraded to 4.1, don't run the server with the--old-passwordsoption. Instead, change the passwords on all existing accounts so that they have the new format. A pure-4.1 installation is the most secure.
Further background on password hashing with respect to client authentication and password-changing operations may be found in section 4.2.11 Password Hashing in MySQL 4.1.
