WL#7709: Add server-side option to require secure transport

Affects: Server-5.7   —   Status: Complete

MySQL Server currently provides a mechanism to require SSL for individual user
accounts (CREATE USER ... REQUIRE SSL), but no mechanism for a DBA to require
secure connections globally.  A server option (e.g., --require_secure_transport)
should be added which refuses TCP/IP connections without SSL globally,
regardless of per-account settings.  Because the client may send credentials in
the handshake response packet, it is impractical for the server to prevent
clients from sending data - including authentication credentials - without SSL.
 However, the server can and should prohibit further operations when SSL is not
enabled, protecting against application data from being exposed on the network.

Because SSL checks are done post-authentication and there is no "retry with SSL"
mechanism, it is expected that non-SSL connection attempts will be terminated by
the server when this option is enabled, rather than attempting to negotiate SSL.

User Documentation

FR1 - Implement new server global variable, "require_secure_transport".
 FR1.1 - Valid values will be standard boolean.
 FR1.2 - Values may be changed dynamically by users with SUPER privilege.
 FR1.3 - Explicit values must be provided when specifying the
"require_secure_transport" option as a command-line or configuration file option.
 FR1.4 - Default value will be "OFF"
 FR1.5 - All per-account configurations requiring SSL or x509 will apply
regardless of global variable configuration.
FR2 - A value of "OFF" will perform no global checks for secure transport
(legacy behavior).
FR3 - A value of "ON" will prohibit all connections which are not secure.
 FR3.1 - A new error code and message will be introduced to indicate rejected
FR4 - Only connections of the following types will be considered "secure":
FR5 - When no secured transports are available, dynamically setting
require_secure_transport=ON will fail with an appropriate error.
FR6 - While starting the server, if supplied value for require_secure_transport
is ON and no secure transports are available, an error will be printed on log
and server startup will be aborted.
MySQL Server provides per-account configuration to require SSL, but has no real
concept of "secure" transports or the ability for DBAs to globally configure an
instance to only accept secure connections, or to restrict certain (infrequent)
administrative operations involving plain-text passwords to secure connections.
 This WL should allow DBAs to require secure transport for all connections.
Changes will be made as follows:

* sql/sys_vars.cc - Add require_secure_transport configuration variable.
* sql/sql_authentication.cc - Check require_secure_transport state and throw
error if set to ON if not using secure transport.  Check to be implemented in a
new method for reuse in other situations.
* include/mysqld_error.h and sql/share/errmsg-utf8.txt - Add new error

New MTR test cases covering the variable basics and functionality will be added.