This reverts 395641549ac7..536d9e2b9e5b, in particular:
8dffd56936 MDEV-31857 enable MYSQL_OPT_SSL_VERIFY_SERVER_CERT by default
a99570c118 MDEV-31855 SSL cert validation protocol extension
9aa15e72a7 TLS fingerprint
and related commits
* extend the client auth plugin API with a new callback
* relax the plugin version check to allow load a plugin with the
same major version, even if the minor versions differ
* implement the protocol extension:
- don't abort at once if the certificate is self signed and
no CA was explicitly specified
- allow it if it passes fingerprint check
- allow it if plugin has hash_password_bin callback, password was
non-empty and the control hash matches server's
To avoid conflicts (and possible crashes) by duplicate symbols the function
crypto_sign was renamed to ma_crypto_sign.
Kudos to Peter van Dijk for reporting this issue.
By default Windows builds now use the native system crypto libraries used
by ed25519, caching_sha2_password and sha256_password authentication plugins.
Even if configuration option WITH_SSL=OFF was specified (or no TLS library was found) authentication plugins using crypto will be available.
