WL#16095: Remove the server side --ssl/--admin-ssl option

Removed the --ssl and --admin-ssl options.
Moved the client utility header files into the client/include directory.
Removed all use of --ssl/--admin-ssl in the tests.
Changed the default for --require-secure-transport to on.
Removed have_ssl and have_openssl

Change-Id: I3e7a4b1ee3725310bccab3cb731b72d7448ad144

client/CMakeLists.txt

@@ -29,10 +29,6 @@ DISABLE_MISSING_PROFILE_WARNING()
 ## Subdirectory for mysql_migrate_keyring code.
 ADD_SUBDIRECTORY(migrate_keyring)
 
-INCLUDE_DIRECTORIES(
-  ${CMAKE_CURRENT_SOURCE_DIR}/include
-)
-
 MYSQL_ADD_EXECUTABLE(mysql
   ${CMAKE_SOURCE_DIR}/sql-common/net_ns.cc
   completion_hash.cc

client/check/mysqlcheck.cc

@@ -29,8 +29,9 @@
 #include <mysqld_error.h>
 #include <stdlib.h>
 
-#include "caching_sha2_passwordopt-vars.h"
-#include "client/client_priv.h"
+#include "client/include/caching_sha2_passwordopt-vars.h"
+#include "client/include/client_priv.h"
+#include "client/include/sslopt-vars.h"
 #include "compression.h"
 #include "my_alloc.h"
 #include "my_dbug.h"
@@ -41,7 +42,6 @@
 #include "mysql/strings/m_ctype.h"
 #include "nulls.h"
 #include "print_version.h"
-#include "sslopt-vars.h"
 #include "typelib.h"
 #include "welcome_copyright_notice.h" /* ORACLE_WELCOME_COPYRIGHT_NOTICE */
 
@@ -81,7 +81,7 @@ static char *shared_memory_base_name = nullptr;
 static uint opt_protocol = 0;
 static char *opt_bind_addr = nullptr;
 
-#include "multi_factor_passwordopt-vars.h"
+#include "client/include/multi_factor_passwordopt-vars.h"
 
 static struct my_option my_long_options[] = {
     {"all-databases", 'A',
@@ -186,7 +186,7 @@ static struct my_option my_long_options[] = {
      nullptr, 0, nullptr},
     {"optimize", 'o', "Optimize table.", nullptr, nullptr, nullptr, GET_NO_ARG,
      NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
-#include "multi_factor_passwordopt-longopts.h"
+#include "client/include/multi_factor_passwordopt-longopts.h"
 #ifdef _WIN32
     {"pipe", 'W', "Use named pipes to connect to server.", nullptr, nullptr,
      nullptr, GET_NO_ARG, NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
@@ -231,8 +231,8 @@ static struct my_option my_long_options[] = {
     {"socket", 'S', "The socket file to use for connection.",
      &opt_mysql_unix_port, &opt_mysql_unix_port, nullptr, GET_STR, REQUIRED_ARG,
      0, 0, 0, nullptr, 0, nullptr},
-#include "caching_sha2_passwordopt-longopts.h"
-#include "sslopt-longopts.h"
+#include "client/include/caching_sha2_passwordopt-longopts.h"
+#include "client/include/sslopt-longopts.h"
 
     {"tables", OPT_TABLES, "Overrides option --databases (-B).", nullptr,
      nullptr, nullptr, GET_NO_ARG, NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
@@ -347,7 +347,7 @@ static bool get_one_option(int optid, const struct my_option *opt,
       DBUG_PUSH(argument ? argument : "d:t:o");
       debug_check_flag = true;
       break;
-#include "sslopt-case.h"
+#include "client/include/sslopt-case.h"
 
     case OPT_TABLES:
       opt_databases = false;

client/check/mysqlcheck_core.cc

@@ -30,7 +30,7 @@
 #include <vector>
 
 #include "client/check/mysqlcheck.h"
-#include "client/client_priv.h"
+#include "client/include/client_priv.h"
 #include "m_string.h"
 #include "my_default.h"
 #include "my_inttypes.h"

client/client_query_attributes.cc

@@ -23,7 +23,7 @@
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 */
 
-#include "client/client_priv.h"
+#include "client/include/client_priv.h"
 #include "my_config.h"
 #include "mysql/service_mysql_alloc.h"  // my_malloc, my_strdup
 

client/common/user_registration.cc

@@ -27,7 +27,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 #include <sstream>
 #include <vector>
 
-#include "user_registration.h"
+#include "client/include/user_registration.h"
 
 #include "my_hostname.h"
 #include "my_inttypes.h"

include/authentication_kerberos_clientopt-case.h → client/include/authentication_kerberos_clientopt-case.h

@@ -21,10 +21,6 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-/**
-  @file include/authentication_kerberos_clientopt-case.h
-*/
-
 #if defined(_WIN32)
 case OPT_AUTHENTICATION_KERBEROS_CLIENT_MODE:
   opt_authentication_kerberos_client_mode =

include/authentication_kerberos_clientopt-longopts.h → client/include/authentication_kerberos_clientopt-longopts.h

@@ -21,10 +21,6 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-/**
-  @file include/authentication_kerberos_clientopt-longopts.h
-*/
-
 #if defined(_WIN32)
 {"plugin_authentication_kerberos_client_mode",
  OPT_AUTHENTICATION_KERBEROS_CLIENT_MODE,

include/authentication_kerberos_clientopt-vars.h → client/include/authentication_kerberos_clientopt-vars.h

@@ -21,10 +21,6 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-/**
-  @file include/authentication_kerberos_clientopt-vars.h
-*/
-
 #ifndef AUTHETICATION_KERBEROS_CLIENTOPT_VARS_H
 #define AUTHETICATION_KERBEROS_CLIENTOPT_VARS_H
 

client/include/multi_factor_passwordopt-vars.h

@@ -21,10 +21,6 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-/**
-  @file include/multi_factor_passwordopt-vars.h
-*/
-
 #ifndef MULTI_FACTOR_PASSWORDOPT_VARS_H
 #define MULTI_FACTOR_PASSWORDOPT_VARS_H
 

include/sslopt-case.h → client/include/sslopt-case.h

@@ -21,10 +21,6 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
-/**
-  @file include/sslopt-case.h
-*/
-
 #ifdef MYSQL_SERVER
 #error This header is supposed to be used only in the client
 #endif

include/sslopt-longopts.h → client/include/sslopt-longopts.h

@@ -25,7 +25,6 @@
   @file include/sslopt-longopts.h
 */
 
-#ifndef MYSQL_SERVER
 {"ssl-mode",
  OPT_SSL_MODE,
  "SSL connection mode.",
@@ -40,24 +39,6 @@
  nullptr,
  0,
  nullptr},
-#else
-{"ssl",
- OPT_SSL_SSL,
- "If set to ON, this option enforces that SSL is established before client "
- "attempts to authenticate to the server. To disable client SSL capabilities "
- "use --ssl=OFF.",
- &opt_use_ssl,
- &opt_use_ssl,
- 0,
- GET_BOOL,
- OPT_ARG,
- 1,
- 0,
- 0,
- 0,
- 0,
- 0},
-#endif
     {"ssl-ca",
      OPT_SSL_CA,
      "CA file in PEM format.",

include/sslopt-vars.h → client/include/sslopt-vars.h

@@ -24,10 +24,6 @@
 #ifndef SSLOPT_VARS_INCLUDED
 #define SSLOPT_VARS_INCLUDED
 
-/**
-  @file include/sslopt-vars.h
-*/
-
 #include <stddef.h>
 #include <stdio.h>
 #include <sys/types.h>

client/migrate_keyring/options.cc

@@ -52,7 +52,7 @@
 #include "utilities.h"
 
 /* TLS variables */
-#include "sslopt-vars.h"
+#include "client/include/sslopt-vars.h"
 
 namespace options {
 
@@ -101,7 +101,7 @@ char *Options::s_socket = nullptr;
 bool Options::s_tty_password = false;
 
 /* Caching sha2 password variables */
-#include "caching_sha2_passwordopt-vars.h"
+#include "client/include/caching_sha2_passwordopt-vars.h"
 
 /** Options group */
 static const char *load_default_groups[] = {"mysql_migrate_keyring", nullptr};
@@ -164,9 +164,9 @@ static struct my_option my_long_options[] = {
      nullptr, nullptr, nullptr, GET_PASSWORD, OPT_ARG, 0, 0, 0, nullptr, 0,
      nullptr},
 /* TLS options */
-#include "sslopt-longopts.h"
+#include "client/include/sslopt-longopts.h"
 /* Caching sha2 password options */
-#include "caching_sha2_passwordopt-longopts.h"
+#include "client/include/caching_sha2_passwordopt-longopts.h"
     {"verbose", 'v', "Write more.", nullptr, nullptr, nullptr, GET_NO_ARG,
      NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
     /* Must be the last one */
@@ -219,7 +219,7 @@ bool get_one_option(int optid, const struct my_option *opt, char *argument) {
         Options::s_tty_password = true;
       break;
 /* Handle TLS options */
-#include "sslopt-case.h"
+#include "client/include/sslopt-case.h"
   }
   return false;
 }

client/multi_factor_passwordopt-vars.cc

@@ -25,7 +25,7 @@
   @file include/multi_factor_passwordopt-vars.h
 */
 
-#include "multi_factor_passwordopt-vars.h"
+#include "client/include/multi_factor_passwordopt-vars.h"
 #include "my_getopt.h"
 #include "mysql.h"
 #include "mysql/service_mysql_alloc.h"  // my_free, my_strdup

client/mysql.cc

@@ -38,8 +38,9 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 #include <sys/types.h>
 #include <time.h>
 
-#include "client/client_priv.h"
 #include "client/client_query_attributes.h"
+#include "client/include/client_priv.h"
+#include "client/include/user_registration.h"
 #include "client/multi_option.h"
 #include "client/my_readline.h"
 #include "client/pattern_matcher.h"
@@ -65,7 +66,6 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 #include "strxmov.h"
 #include "strxnmov.h"
 #include "typelib.h"
-#include "user_registration.h"
 #include "violite.h"
 
 #ifdef HAVE_SYS_IOCTL_H
@@ -259,11 +259,11 @@ static struct my_option my_empty_options[] = {
 
 static void usage(int version);
 
-#include "authentication_kerberos_clientopt-vars.h"
-#include "authentication_webauthn_clientopt-vars.h"
-#include "caching_sha2_passwordopt-vars.h"
-#include "multi_factor_passwordopt-vars.h"
-#include "sslopt-vars.h"
+#include "client/include/authentication_kerberos_clientopt-vars.h"
+#include "client/include/authentication_webauthn_clientopt-vars.h"
+#include "client/include/caching_sha2_passwordopt-vars.h"
+#include "client/include/multi_factor_passwordopt-vars.h"
+#include "client/include/sslopt-vars.h"
 
 const char *default_dbug_option = "d:t:o,/tmp/mysql.trace";
 static void *ssl_session_data = nullptr;
@@ -1910,7 +1910,7 @@ static struct my_option my_long_options[] = {
      "This option is disabled by default.",
      nullptr, nullptr, nullptr, GET_STR, OPT_ARG, 0, 0, 0, nullptr, 0, nullptr},
 #endif
-#include "multi_factor_passwordopt-longopts.h"
+#include "client/include/multi_factor_passwordopt-longopts.h"
 #ifdef _WIN32
     {"pipe", 'W', "Use named pipes to connect to server.", nullptr, nullptr,
      nullptr, GET_NO_ARG, NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
@@ -1956,8 +1956,8 @@ static struct my_option my_long_options[] = {
     {"socket", 'S', "The socket file to use for connection.",
      &opt_mysql_unix_port, &opt_mysql_unix_port, nullptr, GET_STR_ALLOC,
      REQUIRED_ARG, 0, 0, 0, nullptr, 0, nullptr},
-#include "caching_sha2_passwordopt-longopts.h"
-#include "sslopt-longopts.h"
+#include "client/include/caching_sha2_passwordopt-longopts.h"
+#include "client/include/sslopt-longopts.h"
 
     {"table", 't', "Output in table format.", &output_tables, &output_tables,
      nullptr, GET_BOOL, NO_ARG, 0, 0, 0, nullptr, 0, nullptr},
@@ -2077,8 +2077,8 @@ static struct my_option my_long_options[] = {
     {"telemetry-client", 0, "Load the telemetry_client plugin.",
      &opt_tel_plugin, &opt_tel_plugin, nullptr, GET_BOOL, NO_ARG, 0, 0, 0,
      nullptr, 0, nullptr},
-#include "authentication_kerberos_clientopt-longopts.h"
-#include "authentication_webauthn_clientopt-longopts.h"
+#include "client/include/authentication_kerberos_clientopt-longopts.h"
+#include "client/include/authentication_webauthn_clientopt-longopts.h"
     {"register-factor", 0,
      "Specifies factor for which registration needs to be done for.",
      &opt_register_factor, &opt_register_factor, nullptr, GET_STR, REQUIRED_ARG,
@@ -2206,10 +2206,10 @@ bool get_one_option(int optid, const struct my_option *opt [[maybe_unused]],
       opt_protocol = MYSQL_PROTOCOL_PIPE;
 #endif
       break;
-#include "sslopt-case.h"
+#include "client/include/sslopt-case.h"
 
-#include "authentication_kerberos_clientopt-case.h"
-#include "authentication_webauthn_clientopt-case.h"
+#include "client/include/authentication_kerberos_clientopt-case.h"
+#include "client/include/authentication_webauthn_clientopt-case.h"
 
     case 'V':
       usage(1);

client/mysql_config_editor.cc

@@ -39,7 +39,7 @@
 #include <stdlib.h>
 #include <sys/types.h>
 
-#include "client/client_priv.h"
+#include "client/include/client_priv.h"
 #include "my_aes.h"
 #include "my_byteorder.h"
 #include "my_compiler.h"

client/mysql_secure_installation.cc

@@ -27,7 +27,7 @@
 #include <stdlib.h>
 #include <sys/types.h>
 
-#include "client/client_priv.h"
+#include "client/include/client_priv.h"
 #include "m_string.h"
 #ifdef _WIN32
 #include "mysql/strings/m_ctype.h"
@@ -64,7 +64,7 @@ static bool opt_use_default = false;
 static const char *shared_memory_base_name = default_shared_memory_base_name;
 #endif
 
-#include "sslopt-vars.h"
+#include "client/include/sslopt-vars.h"
 
 static const char *load_default_groups[] = {"mysql_secure_installation",
                                             "mysql", "client", nullptr};
@@ -105,7 +105,7 @@ static struct my_option my_connection_options[] = {
     {"socket", 'S', "Socket file to be used for connection.", &opt_socket,
      &opt_socket, nullptr, GET_STR_ALLOC, REQUIRED_ARG, 0, 0, 0, nullptr, 0,
      nullptr},
-#include "sslopt-longopts.h"
+#include "client/include/sslopt-longopts.h"
 
     {"user", 'u', "User for login if not root.", &opt_user, &opt_user, nullptr,
      GET_STR_ALLOC, REQUIRED_ARG, (longlong) "root", 0, 0, nullptr, 0, nullptr},
@@ -157,7 +157,7 @@ static bool my_arguments_get_one_option(int optid,
       password_provided = true;
       break;
 
-#include "sslopt-case.h"
+#include "client/include/sslopt-case.h"
 
     case OPT_MYSQL_PROTOCOL:
       opt_protocol =