From 31d69174fc6539ebd77658db829eb3709f26008c Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Wed, 5 Apr 2023 20:59:47 -0700
Subject: [PATCH] Actually return the value of the password field
 https://forum.virtualmin.com/t/mysql-root-password-leaks-to-users-during-backup/120096/5

---
 mysql/mysql-lib.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mysql/mysql-lib.pl b/mysql/mysql-lib.pl
index ce2270809..548b1a676 100755
--- a/mysql/mysql-lib.pl
+++ b/mysql/mysql-lib.pl
@@ -742,7 +742,7 @@ if (&compare_version_numbers($mysql_version, "4.1") >= 0 && !$config{'nopwd'}) {
 		local @cf = &parse_mysql_config($cf);
 		local $client = &find("client", \@cf);
 		next if (!$client);
-		local $password = &find("password", $client->{'members'});
+		local $password = &find_value("password", $client->{'members'});
 		return 0 if ($password ne '' && $password ne $realpass);
 		}
 	return 1;