MDEV-25719: stunnel uses "verifyChain" without subject checks

Another batch of changes that should make the SST process
more reliable in all scenarios:

 1) Added hostname or CN verification when stunnel is used
    with certificate chain verification (verifyChain = yes);
 2) Added check for the absence of the stunnel utility for
    mtr tests;
 3) Deletion of working files before and after SST is done
    more accurately;
 4) rsync on joiner can be run even if the path to its
    configuration file contains spaces;
 5) More accurate directory creation (for data files and
    for logs);
 6) IST with mysqldump no longer turns off statement logging;
 7) Reset password for mysqldump when password is empty but
    username is specified;
 8) More reliable quoting when generating statements in
    wsrep_sst_mysqldump;
 9) Added explicit generation of 2048-bit Diffie-Hellman
    parameters for sockat < 1.7.3, by analogy with xtrabackup;
10) Compression parameters for qpress are read from all
    suitable server groups in configuration file, as well as
    from the [sst] and [xtrabackup] groups;
11) Added a test that checks compression using qpress;
12) Checking for optional utilities is modified to work even
    if they implemented as built-in shell commands (unlikely
    on real systems, but more reliable).

Author: sysprg

mysql-test/suite/galera/disabled.def

@@ -43,11 +43,11 @@ galera_var_notify_cmd : MDEV-21905 Galera test galera_var_notify_cmd causes hang
 galera_var_reject_queries : assertion in inline_mysql_socket_send
 galera_var_replicate_myisam_on : MDEV-24062 Galera test failure on galera_var_replicate_myisam_on
 galera_var_retry_autocommit: MDEV-18181 Galera test failure on galera.galera_var_retry_autocommit
-galera_wan : MDEV-17259 Test failure on galera.galera_wan
+#galera_wan : MDEV-17259 Test failure on galera.galera_wan
 galera_wsrep_provider_unset_set: wsrep_provider is read-only for security reasons
 mysql-wsrep#198 : MDEV-24446: galera.mysql-wsrep#198 MTR failed: query 'reap' failed: 2000: Unknown MySQL error
 partition : MDEV-19958 Galera test failure on galera.partition
 pxc-421: wsrep_provider is read-only for security reasons
 query_cache: MDEV-15805 Test failure on galera.query_cache
-sql_log_bin : MDEV-21491 galera.sql_log_bin
+#sql_log_bin : MDEV-21491 galera.sql_log_bin
 versioning_trx_id: MDEV-18590: galera.versioning_trx_id: Test failure: mysqltest: Result content mismatch

mysql-test/suite/galera/include/have_qpress.inc

@@ -0,0 +1,4 @@
+#
+# suite.pm will make sure that all tests including this file
+# will be skipped as needed
+#

mysql-test/suite/galera/include/have_stunnel.inc

@@ -0,0 +1,4 @@
+#
+# suite.pm will make sure that all tests including this file
+# will be skipped as needed
+#

mysql-test/suite/galera/r/galera_sst_mariabackup_qpress.result

@@ -0,0 +1,4 @@
+SELECT 1;
+1
+1
+include/assert_grep.inc [Compressed qpress files found]

mysql-test/suite/galera/suite.pm

@@ -67,9 +67,16 @@ push @::global_suppressions,
      qr|WSREP: Wait for gtid returned error 3 while waiting for prior transactions to commit before setting position|,
    );
 
+sub which($) { return `sh -c "command -v $_[0]"` }
+
 sub skip_combinations {
   my %skip = ();
-  $skip{'include/have_mariabackup.inc'} = 'Need ss' unless `ss -V`;
+  $skip{'include/have_mariabackup.inc'} = 'Need socket statistics utility'
+            unless which("lsof") || which("sockstat") || which("ss");
+  $skip{'include/have_stunnel.inc'} = "Need 'stunnel' utility"
+            unless which("stunnel");
+  $skip{'include/have_qpress.inc'} = "Need 'qpress' utility"
+            unless which("qpress");
   %skip;
 }
 

mysql-test/suite/galera/t/galera_ist_rsync.cnf

@@ -10,4 +10,3 @@ wsrep_sync_wait=1
 [mysqld.2]
 wsrep_provider_options='base_port=@mysqld.2.#galera_port;pc.ignore_sb=true'
 wsrep_sync_wait=1
-

mysql-test/suite/galera/t/galera_log_bin.cnf

@@ -7,4 +7,3 @@ log-slave-updates
 [mysqld.2]
 log-bin
 log-slave-updates
-

mysql-test/suite/galera/t/galera_log_bin_opt.cnf

@@ -12,4 +12,4 @@ wsrep_provider_options='base_port=@mysqld.2.#galera_port;gcache.size=1;pc.ignore
 
 [sst]
 transferfmt=@ENV.MTR_GALERA_TFMT
-streamfmt=xbstream
+streamfmt=mbstream

mysql-test/suite/galera/t/galera_sst_mariabackup_qpress.cnf

@@ -0,0 +1,12 @@
+!include ../galera_2nodes.cnf
+
+[mysqld]
+wsrep_sst_method=mariabackup
+wsrep_sst_auth="root:"
+wsrep_debug=ON
+
+[sst]
+transferfmt=@ENV.MTR_GALERA_TFMT
+compress=quicklz
+compress-threads=2
+compress-chunk-size=32768

mysql-test/suite/galera/t/galera_sst_mariabackup_qpress.test

@@ -0,0 +1,24 @@
+#
+# This test checks that qpress compression works with mariabackup
+# Initial SST happens via mariabackup, so there is not much to do in the body
+# of the test
+#
+
+--source include/big_test.inc
+--source include/galera_cluster.inc
+--source include/have_innodb.inc
+--source include/have_mariabackup.inc
+--source include/have_qpress.inc
+
+SELECT 1;
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+# Confirm that transfer was compressed using qpress algorithm
+--let $assert_text = Compressed qpress files found
+--let $assert_select = Compressed qpress files found
+--let $assert_count = 1
+--let $assert_file = $MYSQLTEST_VARDIR/log/mysqld.2.err
+--let $assert_only_after = CURRENT_TEST
+--source include/assert_grep.inc