MDEV-33834 Extend audit plugin to include tls_version and tls_version_length variables

Add tls_version and tls_version_length variables to the audit plugin so
they can be logged. This is useful to help identify suspicious or
malformed connections attempting to use unsupported TLS versions. A log
with this information will allow to detect and block more malicious
connection attempts.

Users with 'server_audit_events' empty will have these two new variables
automatically visible in their logs, but if users don't want them, they
can always configure what fields to include by listing the fields in
'server_audit_events'.

In connection event, The TLS version will be populated in `object` field
in key=value format, and the key-value pair will be omitted when the
value is empty.

To ensure the MTR test result matches in all environments, the TLS
version string is replaced with a general `TLS_VERSION` to avoid the MTR
test failing unexpectedly. It stores the version with query `SHOW STATUS
LIKE 'Ssl_version'` and replace the output with `replace_result` command.

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.

[1]: https://docs.openssl.org/3.2/man3/SSL_get_version/

include/mysql/plugin_audit.h

@@ -29,7 +29,7 @@ extern "C" {
 
 #define MYSQL_AUDIT_CLASS_MASK_SIZE 1
 
-#define MYSQL_AUDIT_INTERFACE_VERSION 0x0302
+#define MYSQL_AUDIT_INTERFACE_VERSION 0x0303
 
 
 /*************************************************************************
@@ -102,6 +102,8 @@ struct mysql_event_connection
   const char *ip;
   unsigned int ip_length;
   MYSQL_CONST_LEX_STRING database;
+  const char *tls_version;
+  unsigned int tls_version_length;
 };
 
 /*