Commit 7086fbb8 authored by unknown's avatar unknown

Added --single-transaction for mysqldump, updated --lock-tables info.

Added SHA1() function, cleaned up MD5() info.
Added AES_ENCRYPT()/AES_DECRYPT() functions, cleaned up DES info.
Updated 4.0.2 changelog for above additions.
Clarified LAST_INSERT_ID(expr) info about sequences.
Fixed URL for Perl DBI.

parent 356c3107
...@@ -14874,8 +14874,8 @@ command. ...@@ -14874,8 +14874,8 @@ command.
@item @item
Do not keep any plain-text passwords in your database. When your Do not keep any plain-text passwords in your database. When your
computer becomes compromised, the intruder can take the full list of computer becomes compromised, the intruder can take the full list of
passwords and use them. Instead use @code{MD5()} or another one-way passwords and use them. Instead use @code{MD5()}, @code{SHA1()} or
hashing function. another one-way hashing function.
@item @item
Do not choose passwords from dictionaries. There are special programs to Do not choose passwords from dictionaries. There are special programs to
break them. Even passwords like ``xfish98'' are very bad. Much better is break them. Even passwords like ``xfish98'' are very bad. Much better is
...@@ -22689,6 +22689,12 @@ is @code{localhost}. ...@@ -22689,6 +22689,12 @@ is @code{localhost}.
Lock all tables before starting the dump. The tables are locked with Lock all tables before starting the dump. The tables are locked with
@code{READ LOCAL} to allow concurrent inserts in the case of @code{MyISAM} @code{READ LOCAL} to allow concurrent inserts in the case of @code{MyISAM}
tables. tables.
Please note that when dumping multiple databases, @code{--lock-tables}
will lock tables for each database separately. So using this option will
not guarantee your tables will be logically consistent between databases.
Tables in different databases may be dumped in completely different
states.
@item -K, --disable-keys @item -K, --disable-keys
@code{/*!40000 ALTER TABLE tb_name DISABLE KEYS */;} and @code{/*!40000 ALTER TABLE tb_name DISABLE KEYS */;} and
@code{/*!40000 ALTER TABLE tb_name ENABLE KEYS */;} @code{/*!40000 ALTER TABLE tb_name ENABLE KEYS */;}
...@@ -22724,6 +22730,21 @@ Quote table and column names within @samp{`} characters. ...@@ -22724,6 +22730,21 @@ Quote table and column names within @samp{`} characters.
Direct output to a given file. This option should be used in MSDOS, Direct output to a given file. This option should be used in MSDOS,
because it prevents new line '\n' from being converted to '\n\r' (new because it prevents new line '\n' from being converted to '\n\r' (new
line + carriage return). line + carriage return).
@item --single-transaction
This option issues a @code{BEGIN} SQL command before dumping data from
server. It is mostly useful with @code{InnoDB} tables and
@code{READ_COMMITTED} transaction isolation level, as in this mode it
will dump the consistent state of the database at the time then
@code{BEGIN} was issued without blocking any applications.
When using this option you should keep in mind that only transactional
tables will be dumped in a consistent state, e.g., any @code{MyISAM} or
@code{HEAP} tables dumped while using this option may still change
state.
The @code{--single-transaction} option was added in version 4.0.2.
This option is mutually exclusive with the @code{--lock-tables} option
as @code{LOCK TABLES} cancels a previous transaction.
@item -S /path/to/socket, --socket=/path/to/socket @item -S /path/to/socket, --socket=/path/to/socket
The socket file to use when connecting to @code{localhost} (which is the The socket file to use when connecting to @code{localhost} (which is the
default host). default host).
...@@ -32936,21 +32957,80 @@ password. @code{crypt_str} should be a string returned from ...@@ -32936,21 +32957,80 @@ password. @code{crypt_str} should be a string returned from
@findex MD5() @findex MD5()
@item MD5(string) @item MD5(string)
Calculates a MD5 checksum for the string. Value is returned as a 32 long Calculates an MD5 128 bit checksum for the string. The value is returned
hex number that may, for example, be used as a hash key: as a 32 digit hex number that may, for example, be used as a hash key:
@example @example
mysql> SELECT MD5("testing"); mysql> SELECT MD5("testing");
-> 'ae2b1fca515949e5d54fb22b8ed95575' -> 'ae2b1fca515949e5d54fb22b8ed95575'
@end example @end example
This is an "RSA Data Security, Inc. MD5 Message-Digest Algorithm". This is the "RSA Data Security, Inc. MD5 Message-Digest Algorithm".
@findex SHA1()
@findex SHA()
@item SHA1(string)
@itemx SHA(string)
Calculates an SHA1 160 bit checksum for the string, as described in
RFC 3174 (Secure Hash Algorithm). The value is returned as a 40 digit
hex number, or @code{NULL} in case the input argument was @code{NULL}.
One of the possible uses for this function is as a hash key. You can
also use it as cryptographically safe function for storing passwords.
@example
mysql> SELECT SHA1("abc");
-> 'a9993e364706816aba3e25717850c26c9cd0d89d'
@end example
@code{SHA1()} was added in version 4.0.2, and can be considered
a cryptographically more secure equivalent of @code{MD5()}.
@code{SHA()} is synonym for @code{SHA1()}.
@findex AES_ENCRYPT()
@findex AES_DECRYPT()
@item AES_ENCRYPT(string,key_string)
@itemx AES_DECRYPT(string,key_string)
These functions allow encryption/decryption of data using the official
AES (Advanced Encryption Standard) algorithm, previously known as Rijndael.
Encoding with 128 bit key length is used, but you can extend it up to
256 bit by patching the source. We chose 128 bits because it is much
faster and it is usually secure enough.
The input arguments may be any length. If either argument is @code{NULL},
the result of this function is also @code{NULL}.
As AES is a block level algorithm, padding is used to encode uneven length
strings and so the result string length may be calculated as
16*(trunc(string_length/16)+1).
@c FIX arjen 2002-06-21 Peter: this sentence makes no sense at all!
If the string has an incorrect length or contains invalid data for this
key, @code{AES_DECRYPT()} will return @code{NULL}, therefore you can't
rely on this to much, @code{AES_DECRYPT()} has some change to return
a non-@code{NULL} value even for an invalid key.
You can use the AES functions to store data in an encrypted form by
modifying your queries:
@example
INSERT INTO t VALUES (1,AES_ENCRYPT("text","password"));
@end example
You can get even more security by avoiding transferring the key over the
connection for each query, which can be accomplished by storing it in a
server side variable at connection time:
@example
SELECT @@password:="my password";
INSERT INTO t VALUES (1,AES_ENCRYPT("text",@@password));
@end example
@code{AES_ENCRYPT()} and @code{AES_DECRYPT()} were added in version 4.0.2,
and can be considered the most cryptographically secure encryption
functions currently available in MySQL.
@findex DES_ENCRYPT() @findex DES_ENCRYPT()
@item DES_ENCRYPT(string_to_encrypt [, (key_number | key_string) ] ) @item DES_ENCRYPT(string_to_encrypt [, (key_number | key_string) ] )
Encrypts the string with the given key using the DES algorithm, which Encrypts the string with the given key using the DES algorithm.
provides strong encryption.
Note that this function only works if you have configured MySQL with Note that this function only works if you have configured MySQL with
SSL support. @xref{Secure connections}. SSL support. @xref{Secure connections}.
...@@ -33049,9 +33129,9 @@ the same @code{INSERT} statement against some other server. ...@@ -33049,9 +33129,9 @@ the same @code{INSERT} statement against some other server.
@cindex sequence emulation @cindex sequence emulation
If @code{expr} is given as an argument to @code{LAST_INSERT_ID()}, then If @code{expr} is given as an argument to @code{LAST_INSERT_ID()}, then
the value of the argument is returned by the function, is set as the the value of the argument is returned by the function, and is set as the
next value to be returned by @code{LAST_INSERT_ID()} and used as the next next value to be returned by @code{LAST_INSERT_ID()}. This can be used
@code{AUTO_INCREMENT} value. This can be used to simulate sequences: to simulate sequences:
First create the table: First create the table:
...@@ -33068,16 +33148,16 @@ mysql> UPDATE sequence SET id=LAST_INSERT_ID(id+1); ...@@ -33068,16 +33148,16 @@ mysql> UPDATE sequence SET id=LAST_INSERT_ID(id+1);
You can generate sequences without calling @code{LAST_INSERT_ID()}, but the You can generate sequences without calling @code{LAST_INSERT_ID()}, but the
utility of using the function this way is that the ID value is maintained in utility of using the function this way is that the ID value is maintained in
the server as the last automatically generated value. You can retrieve the the server as the last automatically generated value (multi-user safe).
new ID as you would read any normal @code{AUTO_INCREMENT} value in You can retrieve the new ID as you would read any normal
MySQL. For example, @code{LAST_INSERT_ID()} (without an argument) @code{AUTO_INCREMENT} value in MySQL. For example, @code{LAST_INSERT_ID()}
will return the new ID. The C API function @code{mysql_insert_id()} (without an argument) will return the new ID. The C API function
can also be used to get the value. @code{mysql_insert_id()} can also be used to get the value.
Note that as @code{mysql_insert_id()} is only updated after Note that as @code{mysql_insert_id()} is only updated after @code{INSERT}
@code{INSERT} and @code{UPDATE} statements, you can't use this function and @code{UPDATE} statements, so you can't use the C API function to
to retrieve the value for @code{LAST_INSERT_ID(expr)} after executing retrieve the value for @code{LAST_INSERT_ID(expr)} after executing other
other SQL statements like @code{SELECT} or @code{SET}. SQL statements like @code{SELECT} or @code{SET}.
@findex FORMAT() @findex FORMAT()
...@@ -40769,10 +40849,7 @@ You can also use the @code{pod2man}, @code{pod2html}, etc., tools to ...@@ -40769,10 +40849,7 @@ You can also use the @code{pod2man}, @code{pod2html}, etc., tools to
translate to other formats. translate to other formats.
You can find the latest @code{DBI} information at You can find the latest @code{DBI} information at
the @code{DBI} web page: the @code{DBI} web page: @uref{http://dbi.perl.org/}.
@example
@uref{http://www.symbolstone.org/technology/perl/DBI/}
@end example
@node ODBC, C, Perl, Clients @node ODBC, C, Perl, Clients
...@@ -49496,6 +49573,19 @@ Our TODO section contains what we plan to have in 4.0. @xref{TODO MySQL 4.0}. ...@@ -49496,6 +49573,19 @@ Our TODO section contains what we plan to have in 4.0. @xref{TODO MySQL 4.0}.
@itemize @bullet @itemize @bullet
@item @item
Added @code{SHA1()} function to calculate 160 bit hash value as described
in RFC 3174 (Secure Hash Algorithm). This function can be considered a
cryptographically more secure equivalent of @code{MD5()}.
@xref{Miscellaneous functions}.
@item
Added @code{AES_ENCRYPT()} and @code{AES_DECRYPT()} functions to perform
encryption according to AES standard (Rijndael).
@xref{Miscellaneous functions}.
@item
Added @code{--single-transaction} option to @code{mysqldump}, allowing a
consistent dump of @code{InnoDB} tables.
@xref{mysqldump}.
@item
Fixed bug in @code{innodb_log_group_home_dir} in @code{SHOW VARIABLES}. Fixed bug in @code{innodb_log_group_home_dir} in @code{SHOW VARIABLES}.
@item @item
Fixed a bug in optimiser with merge tables when non-uniques values are Fixed a bug in optimiser with merge tables when non-uniques values are
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment