If the first token of the body of a stored procedure was 'WITH' then
the beginning of the body was determined incorrectly and that token was
missing in the string representing the body of the SP in mysql.proc. As a
resultnany call of such procedure failed as the string representing the
body could not be parsed.

The patch corrects the code of the functions get_tok_start() and
get_cpp_tok_start() of the class Lex_input_stream to make them take into
account look ahead tokens. The patch is needed only for 10.2 as this
problem has neen resolved in 10.3+.

Fixed typo in variable name that breaks SST in some scenatios.

Also fixed one small inaccuracy after MDEV-25978 which leads
to the use of an uninitialized variable when the --log-bin
option is specified without an argument.

wsrep_sst_common did not correctly set name for binlog index
file if custom binlog name was used and this name was
not added to script command line.

Added test case for both log_basename and log_binlog.

added %config directive to /etc/logrotate.d/mysql and put it to server
package. if file is edited by customer and defaults are changed - new
.rpmnew file with defaults will be created next to old one.

init_crypt_key(): On failure, set info->key_version to
ENCRYPTION_KEY_VERSION_INVALID.

log_crypt_101_read_block(): Refuse to attempt decryption if
info->key_version is ENCRYPTION_KEY_VERSION_INVALID.

This bug affected queries with views / derived_tables / CTEs whose
specifications were of the form
  (SELECT ... LIMIT <n>) ORDER BY ...
Units representing such specifications contains one SELECT_LEX structure
for (SELECT ... LIMIT <n>) and additionally SELECT_LEX structure for
fake_select_lex. This fact should have been taken into account in the
function mysql_derived_fill().

This patch has to be applied to 10.2 and 10.3 only.

Builds on travis-ci.org ceased on 2021-06-15.

- Make innodb_fts.misc_debug test case more stable.

In commit 1c35a3f6 a useless
computation that used the variable was removed.

Additional improvements aimed at improving operational
reliability of the SST scripts:

1) Script need to give rsync and stunnel a short time to
   terminate after "kill -9" before the first PID check
   using ps utility;
2) The temporary file used to create the binlog index could
   sometimes remain in the data directory if tar failed and
   then may be reused without being cleaned up (the next
   time when SST was run) - now it's fixed;
3) The temporary file used to build the binlog index is now
   created using mktemp and, if this variable is present in
   the configuration file, in tmpdir;
4) Checking the secret tag in SST via rsync is made faster
   and does not require creating a temporary file, which
   could remain in the data directory in case of failure;
5) Added "-F" option to grep to check the tag when using
   mariabackup/xtrabackup-v2 - to avoid possible collisions
   in case of special characters in the tag value (unlikely
   scenario, but the new check is more reliable).

This commit fixes a bug was originally discovered during the
galera_nbo_sst_slave mtr test for 10.6 branch. However it is
relevant for all versions and can lead to intermittent SST
crashes via rsync on very fast server restarts - when a new
SST process (for example, after starting a new server instance)
overlaps the old SST process started by the previous, already
terminated server. This overlap can result in the new rsync
being killed instead of the old rsync, or the pid file from
the new rsync being killed, which then lead to problems.

a new warning -Wunused-but-set-variable was introduced recently to clang

- During online alter conversion from compact to redundant,
virtual column field length already set during
innobase_get_computed_value(). Skip the char(n) check for
virtual column in row_merge_buf_add()

MDEV-25872 InnoDB: Assertion failure in row_merge_read_clustered_index upon ALTER on table with indexed virtual columns

- InnoDB fails to check DB_COMPUTE_VALUE_FAILED error in
row_merge_read_clustered_index() and wrongly asserts that
the buffer shouldn't be ran out of memory. Alter table
should give warning when the column value is being
truncated.

Problem:
=======
- InnoDB iterates the fil_system space list to encrypt the
tablespace in case of key rotation. But it is not
necessary for any encryption plugin which doesn't do
key version rotation.

Solution:
=========
- Introduce a new variable called srv_encrypt_rotate to
indicate whether encryption plugin does key rotation

fil_space_crypt_t::key_get_latest_version(): Enable the
srv_encrypt_rotate only once if current key version is
higher than innodb_encyrption_rotate_key_age

fil_crypt_must_default_encrypt(): Default encryption tables
should be added to default_encryp_tables list if
innodb_encyrption_rotate_key_age is zero and encryption
plugin doesn't do key version rotation

fil_space_create(): Add the newly created space to
default_encrypt_tables list if
fil_crypt_must_default_encrypt() returns true

Removed the nondeterministic select from
innodb-key-rotation-disable test. By default,
InnoDB adds the tablespace to the rotation list and
background crypt thread does encryption of tablespace.
So these select doesn't give reliable results.

- Rename the rotation list to default_encrypt_tables in
fil_system_t. Because rotation list naming could be
misleading when it comes to key version rotation

- Rename is_in_rotation_list to is_in_default_encrypt
in fil_space_t

- Rename keyrotate_next function to default_encrypt_next

fil_system_t::default_encrypt_next(): Find the next
suitable default encrypt table if beginning of
default_encrypt_tables list has been scheduled
to be deleted

Brad Smith made this OpenBSD file based of the
FreeBSD cmake directives in commit ab589043
by the Monty Program Ab.

As such the Oracle Copyright header isn't really applicable.

Fix malloc/delete mismatch. This causes a double free in the cleanup.

closes #1845

* read_command_buf is a pointer now, sizeof() no longer reflects its
  length, read_command_buflen is.
* my_safe_print_str() prints multiple screens of '\0' bytes after the
  query end and up to read_command_buflen. Use fprintf() instead.
* when setting connection->name to "-closed_connection-" update
  connection->name_len to match.

Not all environments have 'diff' installed. Most notably CentOS 8
does not have diff out-of-the-box. Thus users running 'cmake .' and
'make' would fail to build MariaDB, and they would think the error
was in ABI incompatibilities due to the error message emitted by CMake
when in reality simply 'diff' was missing.

This fixes it and makes the developer experience better by simply
skipping the diffing if 'diff' is not found.

Closes #1846

This was missed in commit 1d0f70c2.

* Make Item_in_optimizer::fix_fields inherit the with_window_func
  attribute of the subquery's left expression (the subquery itself
  cannot have window functions that are aggregated in this select)

* Make Item_cache_wrapper::Item_cache_wrapper() inherit
  with_window_func attribute of the item it is caching.

buf_read_ibuf_merge_pages(): If space->size is 0, invoke
fil_space_get_size() to determine the size of the tablespace
by reading the header page. Only after that proceed to delete
any entries that are beyond the end of the tablespace.
Otherwise, we could be deleting valid entries that actually
need to be applied.

This fixes a regression that had been introduced in
commit b80df9eb (MDEV-21069),
which aimed to avoid crashes during DROP TABLE of corrupted tables.

This partially reverts commit d7321893.

The *.jar files are not being built and all Debian builds are failing
as dh_install stops on missing files. To build them we would need to also
add new Java build dependencies.

In a stable release (10.2->10.5) we shouldn't add new files and certainly
not any new build dependencies, so reverting commit.

Also, the files are located in a different path, and already included
in the mariadb-test-data package:

  /usr/share/mysql/mysql-test/plugin/connect/connect/std_data/JavaWrappers.jar
  /usr/share/mysql/mysql-test/plugin/connect/connect/std_data/JdbcMariaDB.jar
  /usr/share/mysql/mysql-test/plugin/connect/connect/std_data/Mongo2.jar
  /usr/share/mysql/mysql-test/plugin/connect/connect/std_data/Mongo3.jar

This change needs to be redesigned and applies only on 10.6 or newer.

The fix is to quote service name parameter, when it is passed to
mysql_upgrade_service subprocess.

MDEV-25777: JAVA_INCLUDE_PATH and JAVA_INCLUDE_PATH2 not found with out of source configuration and Ninja generator

- As solution `PLUGIN_CONNECT=NO` use early check to disable plugin:
  Solution suggested by wlad@mariadb.com
- `JNI_FOUND` is a internal result variable and should be set with
cached library and header variables (like `JAVA_INCLUDE_PATH`) defined.
  * Note: wrapper cmake/FindJNI.cmake runs first time and cmake native Find<module> returns only cached variable, like `JAVA_INCLUDE_PATH`, results variable are not cached).

Reviewed by: serg@mariadb.com

only perform the "correct table name" check for *new* generated columns,
but not for already existing ones - they're guaranteed to be valid

This bug could manifest itself after pushing a where condition over a
mergeable derived table / view / CTE DT into a grouping view / derived
table / CTE V whose item list contained set functions with constant
arguments such as MIN(2), SUM(1) etc. In such cases the field references
used in the condition pushed into the view V that correspond set functions
are wrapped into Item_direct_view_ref wrappers. Due to a wrong implementation
of the virtual method const_item() for the class Item_direct_view_ref the
wrapped set functions with constant arguments could be erroneously taken
for constant items. This could lead to a wrong result set returned by the
main select query in 10.2. In 10.4 where a possibility of pushing condition
from HAVING into WHERE had been added this could cause a crash.

Approved by Sergey Petrunya <sergey.petrunya@mariadb.com>

Silence a warning about an uninitialized variable that was
introduced by commit d8fa71a0.

This commit reduces the likelihood of getting a busy port on
quick restarts with rsync SST (problem MDEV-25818) and fixes
a number of other flaws in SST scripts, adds new functionality,
and also synchronizes the xtrabackup-v2 script with the
mariabackup script (the latter applies only to the 10.2 branch):

 1) SST via rsync: rsync and stunnel does not always get the right
    time to complete by correctly handling SIGTERM. These utilities
    are now given more time to complete normally (via normal SIGTERM
    processing) before we move on to using "kill -9";
 2) SST via rsync: attempts to terminate an rsync or stunnel process
    (via "kill" utility) are only made if it did not terminated on
    its own;
 3) SST via rsync: if a combination of stunnel and rsync is used,
    then we need to wait for both utilities to finish or stop, not
    just one of them;
 4) The config file and pid file for stunnel are now deleted after
    successful completion of SST on the donor node;
 5) The configs and pid files from rsync and stunnel should not be
    deleted unless these utilities succeed (or are sucessfully
    terminated) on the joiner node;
 6) The configs and pid files now excluded from transfer via rsync;
 7) Spaces in paths are now valid for config files as well (when
    used with SST via rsync or mariabackup / xtrabackup[-v2]);
 8) SST via mariabackup: added preliminary verification of keys and
    certificates that are used when establishing a connection using
    SSL (to avoid long timeouts and improve diagnostics) - by analogy
    with how it is done for the xtrabackup-v2 (plus check for CA file),
    while that check is skipped if the user does not have openssl
    installed (or does not have diff utility);
 9) Added backup-threads=<n> configuration option which adds
    "--parallel=<n>" for mariabackup / xtrabackup at backup and
    move-back stages;
10) Added encrypt-threads and encrypt-chunk-size configuration
    options for xbcrypt management (when xbcrypt is used);
11) Small optimization: checking the socat version and adding
    a file with parameters for 2048-bit Diffie-Hellman (if necessary)
    is done only if the user has not specified "dhparam=" in the
    "sockopt" option value;
12) SST via rsync now supports "backup-threads" configuration option
    (in server-related sections or in the "[sst]");
13) Determining the number of available processors is now supported
    for FreeBSD + mariabackup/xtrabackup: before that we might have
    problems with "--compact" (rebuild indexes) or qpress on FreeBSD;
14) The check_pid() function should not raise an error state in
    the rare cases when the pid file was created, but it is empty,
    or if it is deleted right during the check, or when zero is read
    from the pid file;
15) Iproved templates that are used to check if a requested socket
    is "listening" when using the ss utility;
16) Shortened some other templates for socket state utilities;
17) Temporary files created by mariabackup / xtrabackup are moved
    to a separate subdirectory inside tmpdir (so they don't get
    mixed with other temporary files, which can make debugging
    more difficult);
18) 10.2 only: the script for SST via xtrabackup-v2 has been brought
    in full compliance with all the bugfixes made for mariabackup (as
    it previously contained many flaws compared to the updated script
    for mariabackup).