This reverts 395641549ac7..536d9e2b9e5b, in particular:
8dffd56936 MDEV-31857 enable MYSQL_OPT_SSL_VERIFY_SERVER_CERT by default
a99570c118 MDEV-31855 SSL cert validation protocol extension
9aa15e72a7 TLS fingerprint
and related commits
* extend the client auth plugin API with a new callback
* relax the plugin version check to allow load a plugin with the
same major version, even if the minor versions differ
* implement the protocol extension:
- don't abort at once if the certificate is self signed and
no CA was explicitly specified
- allow it if it passes fingerprint check
- allow it if plugin has hash_password_bin callback, password was
non-empty and the control hash matches server's
Plugin configuration happens now in CMakeLists.txt files in corresponding plugin directories.
plugins.cmake now contains REGISTER_PLUGIN_FUNCTION which accepts the following parameters:
- TARGET: the name of the plugin (dynamic plugins will be named ${TARGET}.so (or .dll)
- SOURCES: source files
- LIBRARIES: additional libraries for linking
- INCLUDES: include directories
- CONFIGURATIONS: possible plugin configurations: valid arguments are DYNAMIC, STATIC, OFF
- DEFAULT: default configuration (see CONFIGURATIONS)
- COMPILE_OPTIONS: compiler flags
The default plugin configuration can be specified via cmake parameter -DCLIENT_PLUGIN_${TARGET}=[DYNAMIC|STATIC|OFF]
- changed plugin API to avoid crashes: Oracle/MariaDB changed
structure several times without updating interface version.
- ABI fixes: moved additional net items to net->extension (connection
handler and com_multi buffer)
