Ubuntu
mysqltuner package

Bug #1634613
Comment #4

Comment 4 for bug 1634613

Revision history for this message

Thomas Antepoth (ta-ubuntu-antepoth) wrote on 2019-09-13:

Hi folks,

trivial patch here

diff -u mysqltuner.orig mysqltuner
--- mysqltuner.orig 2019-09-13 05:16:01.221572477 +0200
+++ mysqltuner 2019-09-13 05:17:37.479446200 +0200
@@ -1266,7 +1266,7 @@

     # Looking for Empty Password
     @mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE password = '' OR password IS NULL";
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE authentication_string = '' OR authentication_string IS NULL";
     if (@mysqlstatlist) {
         foreach my $line ( sort @mysqlstatlist ) {
             chomp($line);
@@ -1282,7 +1282,7 @@

     # Looking for User with user/ uppercase /capitalise user as password
     @mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST(password as Binary) = PASSWORD(user) OR CAST(password as Binary) = PASSWORD(UPPER(user)) OR CAST(password as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))";
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST(authentication_string as Binary) = PASSWORD(user) OR CAST(authentication_string as Binary) = PASSWORD(UPPER(user)) OR CAST(authentication_string as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))";
     if (@mysqlstatlist) {
         foreach my $line ( sort @mysqlstatlist ) {
             chomp($line);
@@ -1323,11 +1323,11 @@
             # Looking for User with user/ uppercase /capitalise weak password
             @mysqlstatlist =
               select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE password = PASSWORD('"
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE authentication_string = PASSWORD('"
               . $pass
- . "') OR password = PASSWORD(UPPER('"
+ . "') OR authentication_string = PASSWORD(UPPER('"
               . $pass
- . "')) OR password = PASSWORD(UPPER(LEFT('"
+ . "')) OR authentication_string = PASSWORD(UPPER(LEFT('"
               . $pass
               . "', 1)) + SUBSTRING('"
               . $pass

Hi folks,

trivial patch here

diff -u mysqltuner.orig mysqltuner
--- mysqltuner.orig     2019-09-13 05:16:01.221572477 +0200
+++ mysqltuner  2019-09-13 05:17:37.479446200 +0200
@@ -1266,7 +1266,7 @@

# Looking for User with user/ uppercase /capitalise user as password
     @mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST(password as Binary) = PASSWORD(user) OR CAST(password as Binary) = PASSWORD(UPPER(user)) OR CAST(password as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))";
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE CAST(authentication_string as Binary) = PASSWORD(user) OR CAST(authentication_string as Binary) = PASSWORD(UPPER(user)) OR CAST(authentication_string as Binary) = PASSWORD(UPPER(LEFT(User, 1)) + SUBSTRING(User, 2, LENGTH(User)))";
     if (@mysqlstatlist) {
         foreach my $line ( sort @mysqlstatlist ) {
             chomp($line);
@@ -1323,11 +1323,11 @@
             # Looking for User with user/ uppercase /capitalise weak password
             @mysqlstatlist =
               select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE password = PASSWORD('"
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE authentication_string = PASSWORD('"
               . $pass
-              . "') OR password = PASSWORD(UPPER('"
+              . "') OR authentication_string = PASSWORD(UPPER('"
               . $pass
-              . "')) OR password = PASSWORD(UPPER(LEFT('"
+              . "')) OR authentication_string = PASSWORD(UPPER(LEFT('"
               . $pass
               . "', 1)) + SUBSTRING('"
               . $pass

Ubuntumysqltuner package

Comment 4 for bug 1634613

Ubuntu
mysqltuner package