Merge branch '10.3' into 10.4

9b76e284 · Sergei Golubchik · 06a37d37 · 3b1b665f · 9b76e284 · 9b76e284
Commit 9b76e284 authored Jan 26, 2019 by Sergei Golubchik
29 changed files
--- a/.gitignore
+++ b/.gitignore
@@ -193,6 +193,7 @@ storage/myisam/myisampack
 storage/myisam/rt_test
 storage/myisam/sp_test
 storage/rocksdb/ldb
+storage/rocksdb/myrocks_hotbackup
 storage/rocksdb/mysql_ldb
 storage/rocksdb/myrocks_hotbackup
 storage/rocksdb/sst_dump

--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -343,7 +343,8 @@ MYSQL_CHECK_SSL()
 MYSQL_CHECK_READLINE()

 SET(MALLOC_LIBRARY "system")
-SET(PYTHON_SHEBANG "/usr/bin/env python")
+SET(PYTHON_SHEBANG "/usr/bin/env python" CACHE STRING "python shebang")
+MARK_AS_ADVANCED(PYTHON_SHEBANG)

 CHECK_PCRE()


--- a/debian/autobake-deb.sh
+++ b/debian/autobake-deb.sh
@@ -124,6 +124,12 @@ EOF
  sed -i -e "/-DPLUGIN_AWS_KEY_MANAGEMENT=NO/d" debian/rules
 fi

+# Don't build cassandra package if thrift is not installed
+if [[ ! -f /usr/local/include/thrift/Thrift.h && ! -f /usr/include/thrift/Thrift.h ]]
+then
+  sed '/Package: mariadb-plugin-cassandra/,/^$/d' -i debian/control
+fi
+
 # Mroonga, TokuDB never built on Travis CI anyway, see build flags above
 if [[ $TRAVIS ]]
 then

--- a/debian/rules
+++ b/debian/rules
@@ -114,11 +114,6 @@ override_dh_auto_install:
 	dh_testdir
 	dh_testroot

-	# If libthrift-dev was available (manually installed, as it is
-	# not in Debian) and ha_cassandra.so was thus built, create package,
-	# otherwise skip it.
-	[ -f $(BUILDDIR)/storage/cassandra/ha_cassandra.so ] || sed -i -e "/Package: mariadb-plugin-cassandra/,+20d" debian/control
-
 ifneq (,$(filter linux,$(DEB_HOST_ARCH_OS)))
 	# Copy systemd files to a location available for dh_installinit
 	cp $(BUILDDIR)/support-files/mariadb.service debian/mariadb-server-10.4.mariadb.service

--- a/mysql-test/main/openssl_1.result
+++ b/mysql-test/main/openssl_1.result
@@ -4,52 +4,38 @@ drop table if exists t1;
 create table t1(f1 int);
 insert into t1 values (5);
 grant select on test.* to ssl_user1@localhost require SSL;
-grant select on test.* to ssl_user2@localhost require cipher "AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
-grant select on test.* to ssl_user4@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
-grant select on test.* to ssl_user5@localhost require cipher "AES256-SHA" AND SUBJECT "xxx";
+grant select on test.* to ssl_user3@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
+grant select on test.* to ssl_user4@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
+grant select on test.* to ssl_user5@localhost require SUBJECT "xxx";
 flush privileges;
-connect  con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA;
-connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET);
-connect  con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA;
-ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO)
-connect  con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA;
-connect  con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA;
-connect  con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA;
+connect  con1,localhost,ssl_user1,,,,,SSL;
+connect  con3,localhost,ssl_user3,,,,,SSL;
+connect  con4,localhost,ssl_user4,,,,,SSL;
 connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
-connect  con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA;
+connect  con5,localhost,ssl_user5,,,,,SSL;
 ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO)
 connection con1;
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES256-SHA
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
+have_ssl
+1
 select * from t1;
 f1
 5
 delete from t1;
 ERROR 42000: DELETE command denied to user 'ssl_user1'@'localhost' for table 't1'
-connection con2;
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES256-SHA
-select * from t1;
-f1
-5
-delete from t1;
-ERROR 42000: DELETE command denied to user 'ssl_user2'@'localhost' for table 't1'
 connection con3;
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES256-SHA
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
+have_ssl
+1
 select * from t1;
 f1
 5
 delete from t1;
 ERROR 42000: DELETE command denied to user 'ssl_user3'@'localhost' for table 't1'
 connection con4;
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES256-SHA
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
+have_ssl
+1
 select * from t1;
 f1
 5
@@ -57,20 +43,15 @@ delete from t1;
 ERROR 42000: DELETE command denied to user 'ssl_user4'@'localhost' for table 't1'
 connection default;
 disconnect con1;
-disconnect con2;
 disconnect con3;
 disconnect con4;
-drop user ssl_user1@localhost, ssl_user2@localhost,
-ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
+drop user ssl_user1@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
 drop table t1;
 mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx
 mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx
 mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx
 mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx
 mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxx
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES256-SHA
 have_ssl
 1
 End of 5.0 tests
@@ -94,13 +75,7 @@ SSL_ACCEPTS	#
 SSL_CALLBACK_CACHE_HITS	#
 DROP TABLE thread_status;
 SET GLOBAL event_scheduler=0;
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES128-SHA
-SHOW STATUS LIKE 'Ssl_cipher';
-Variable_name	Value
-Ssl_cipher	AES128-SHA
-mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxxCREATE TABLE t1(a int);
+CREATE TABLE t1(a int);
 INSERT INTO t1 VALUES (1), (2);

 /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
@@ -204,19 +179,12 @@ UNLOCK TABLES;
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-mysqldump: Got error: 2026: SSL connection error: xxxx
+mysqldump: Got error: 2026: "SSL connection error: xxxx
 DROP TABLE t1;
-Variable_name	Value
-Ssl_cipher	AES256-SHA
-Variable_name	Value
-Ssl_cipher	AES128-SHA
-select 'is still running; no cipher request crashed the server' as result from dual;
-result
-is still running; no cipher request crashed the server
 GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
 FLUSH PRIVILEGES;
 connect con1,localhost,bug42158,,,,,SSL;
-SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 have_ssl
 1
 disconnect con1;

--- a/mysql-test/main/openssl_1.test
+++ b/mysql-test/main/openssl_1.test
@@ -19,58 +19,45 @@ create table t1(f1 int);
 insert into t1 values (5);

 grant select on test.* to ssl_user1@localhost require SSL;
-grant select on test.* to ssl_user2@localhost require cipher "AES256-SHA";
-grant select on test.* to ssl_user3@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
-grant select on test.* to ssl_user4@localhost require cipher "AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
-grant select on test.* to ssl_user5@localhost require cipher "AES256-SHA" AND SUBJECT "xxx";
+grant select on test.* to ssl_user3@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
+grant select on test.* to ssl_user4@localhost require SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
+grant select on test.* to ssl_user5@localhost require SUBJECT "xxx";
 flush privileges;

-connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA);
+connect (con1,localhost,ssl_user1,,,,,SSL);
 --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
-connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA);
-connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA);
-connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA);
-connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA);
+connect (con3,localhost,ssl_user3,,,,,SSL);
+connect (con4,localhost,ssl_user4,,,,,SSL);
 --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
 --error ER_ACCESS_DENIED_ERROR
-connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA);
+connect (con5,localhost,ssl_user5,,,,,SSL);

 connection con1;
 # Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
-select * from t1;
--error ER_TABLEACCESS_DENIED_ERROR
-delete from t1;
-
-connection con2;
-# Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 select * from t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 delete from t1;

 connection con3;
 # Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 select * from t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 delete from t1;

 connection con4;
 # Check ssl turned on
-SHOW STATUS LIKE 'Ssl_cipher';
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 select * from t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 delete from t1;

 connection default;
 disconnect con1;
-disconnect con2;
 disconnect con3;
 disconnect con4;
-drop user ssl_user1@localhost, ssl_user2@localhost,
-ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
+drop user ssl_user1@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;

 drop table t1;

@@ -123,14 +110,6 @@ drop table t1;
 --exec $MYSQL_TEST --ssl-cert= --max-connect-retries=1 < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
 --echo

-#
-# Bug#21611 Slave can't connect when master-ssl-cipher specified
-# - Apparently selecting a cipher doesn't work at all
-# - Use a cipher that both yaSSL and OpenSSL supports
-#
--exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
--exec $MYSQL_TEST --ssl-cipher=AES256-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
 #
 # Bug#25309 SSL connections without CA certificate broken since MySQL 5.0.23
 #
@@ -138,7 +117,7 @@ drop table t1;
 # verification of servers certificate by setting both ca certificate
 # and ca path to NULL
 #
--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1
 --echo End of 5.0 tests

 #
@@ -179,25 +158,6 @@ SELECT variable_name, variable_value FROM thread_status;
 DROP TABLE thread_status;
 SET GLOBAL event_scheduler=0;

-#
-# Test to connect using a list of ciphers
-#
--exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER:AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-
-# Test to connect using a specifi cipher
-#
--exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit;" > $MYSQLTEST_VARDIR/tmp/test.sql
--exec $MYSQL_TEST --ssl-cipher=AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
-# Test to connect using an unknown cipher
-#
--exec echo "SHOW STATUS LIKE 'Ssl_cipher'; exit" > $MYSQLTEST_VARDIR/tmp/test.sql
--replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
--error 1
--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
-
 #
 # Bug#27669 mysqldump: SSL connection error when trying to connect
 #
@@ -214,36 +174,13 @@ INSERT INTO t1 VALUES (1), (2);

 # With wrong parameters
 --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR mysqldump.exe mysqldump
--replace_regex /\"SSL connection error.*/SSL connection error: xxxx/
+--replace_regex /SSL connection error.*/SSL connection error: xxxx/
 --error 2
 --exec $MYSQL_DUMP --skip-create-options --skip-comments --ssl --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test 2>&1
 --echo
 DROP TABLE t1;
 --remove_file $MYSQLTEST_VARDIR/tmp/test.sql

-#
-# Bug#39172 Asking for DH+non-RSA key with server set to use other key caused
-#           YaSSL to crash the server.
-#
-
-# Common ciphers to openssl and yassl
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA
--disable_query_log
--disable_result_log
-
-# Below here caused crashes.  ################
--error 1,0
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=NOT----EXIST
-# These probably exist but the server's keys can't be used to accept these kinds of connections.
--error 1,0
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=AES128-RMD
-
-# If this gives a result, then the bug is fixed.
--enable_result_log
--enable_query_log
-select 'is still running; no cipher request crashed the server' as result from dual;
-
 #
 # Bug#42158: leak: SSL_get_peer_certificate() doesn't have matching X509_free()
 #
@@ -251,7 +188,7 @@ select 'is still running; no cipher request crashed the server' as result from d
 GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
 FLUSH PRIVILEGES;
 connect(con1,localhost,bug42158,,,,,SSL);
-SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
+SELECT VARIABLE_VALUE <> '' AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 disconnect con1;
 connection default;
 DROP USER bug42158@localhost;

--- a/mysql-test/main/ssl.result
+++ b/mysql-test/main/ssl.result
@@ -2175,8 +2175,3 @@ still connected?
 still connected?
 connection default;
 disconnect ssl_con;
-create user mysqltest_1@localhost;
-grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
-Variable_name	Value
-Ssl_cipher	AES256-SHA
-drop user mysqltest_1@localhost;
--- a/mysql-test/main/ssl.test
+++ b/mysql-test/main/ssl.test
@@ -32,10 +32,5 @@ select 'still connected?';
 connection default;
 disconnect ssl_con;

-create user mysqltest_1@localhost;
-grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
--exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1
-drop user mysqltest_1@localhost;
-
 # Wait till all disconnects are completed
 --source include/wait_until_count_sessions.inc
--- a/mysql-test/main/ssl_cert_verify.test
+++ b/mysql-test/main/ssl_cert_verify.test
@@ -30,7 +30,7 @@ let $ssl_verify_pass_path = --ssl --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-veri
 --enable_reconnect
 --source include/wait_until_connected_again.inc

--replace_result TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION
+--replace_result TLSv1.3 TLS_VERSION TLSv1.2 TLS_VERSION TLSv1.1 TLS_VERSION TLSv1 TLS_VERSION
 --exec $MYSQL --protocol=tcp --ssl-ca=$MYSQL_TEST_DIR/std_data/ca-cert-verify.pem --ssl-verify-server-cert -e "SHOW STATUS like 'Ssl_version'"

 --echo # restart server using restart

--- a/mysql-test/main/ssl_cipher-master.opt
+++ b/mysql-test/main/ssl_cipher-master.opt
--loose-ssl-cipher=AES128-SHA
--- a/mysql-test/main/ssl_cipher.result
+++ b/mysql-test/main/ssl_cipher.result
-#
-# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
-#
+create user ssl_user1@localhost require SSL;
+create user ssl_user2@localhost require cipher 'AES256-SHA';
+create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client';
+create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB';
+create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx';
+connect  con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA;
+connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET);
+connect  con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA;
+ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO)
+connect  con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA;
+connect  con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA;
+connect  con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA;
+connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET);
+connect  con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA;
+ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO)
+connection con1;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+disconnect con1;
+connection con2;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+disconnect con2;
+connection con3;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+disconnect con3;
+connection con4;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+disconnect con4;
+connection default;
+drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+SHOW STATUS LIKE 'Ssl_cipher';
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+mysqltest: Could not open connection 'default': 2026 SSL connection error: xxxxVariable_name	Value
+Ssl_cipher	AES256-SHA
+Variable_name	Value
+Ssl_cipher	AES128-SHA
+select 'is still running; no cipher request crashed the server' as result from dual;
+result
+is still running; no cipher request crashed the server
+create user mysqltest_1@localhost;
+grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
+Variable_name	Value
+Ssl_cipher	AES256-SHA
+drop user mysqltest_1@localhost;
 connect  ssl_con,localhost,root,,,,,SSL;
 SHOW STATUS LIKE 'Ssl_cipher';
 Variable_name	Value
@@ -8,5 +63,5 @@ Ssl_cipher	AES128-SHA
 SHOW STATUS LIKE 'Ssl_cipher_list';
 Variable_name	Value
 Ssl_cipher_list	AES128-SHA
-connection default;
 disconnect ssl_con;
+connection default;
--- a/mysql-test/main/ssl_cipher.test
+++ b/mysql-test/main/ssl_cipher.test
-# Turn on ssl between the client and server
-# and run a number of tests
+#
+# Various tests that require setting of a specific ssl_cipher
+# which currently doesn't work in OpenSSL 1.1.1
+#
+--source include/have_ssl_communication.inc

--echo #
--echo # BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
--echo #
+if (`select @@version_ssl_library like 'OpenSSL 1.1.1%'`) {
+  skip OpenSSL 1.1.1;
+}

-- source include/have_ssl_communication.inc
+create user ssl_user1@localhost require SSL;
+create user ssl_user2@localhost require cipher 'AES256-SHA';
+create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client';
+create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB';
+create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx';

-# Save the initial number of concurrent sessions
--source include/count_sessions.inc
+connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA);
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_ACCESS_DENIED_ERROR
+connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA);
+connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA);
+connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA);
+connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA);
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_ACCESS_DENIED_ERROR
+connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA);

-connect (ssl_con,localhost,root,,,,,SSL);
+connection con1;
+SHOW STATUS LIKE 'Ssl_cipher';
+disconnect con1;
+connection con2;
+SHOW STATUS LIKE 'Ssl_cipher';
+disconnect con2;
+connection con3;
+SHOW STATUS LIKE 'Ssl_cipher';
+disconnect con3;
+connection con4;
+SHOW STATUS LIKE 'Ssl_cipher';
+disconnect con4;
+connection default;
+drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_user4@localhost, ssl_user5@localhost;

-# Check Cipher Name and Cipher List
+#
+# Bug#21611 Slave can't connect when master-ssl-cipher specified
+# - Apparently selecting a cipher doesn't work at all
+# - Use a cipher that both yaSSL and OpenSSL supports
+#
+--write_file $MYSQLTEST_VARDIR/tmp/test.sql
 SHOW STATUS LIKE 'Ssl_cipher';
-SHOW STATUS LIKE 'Ssl_cipher_list';
+EOF
+--exec $MYSQL_TEST --ssl-cipher=AES256-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
+# Test to connect using a list of ciphers
+--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER:AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
+# Test to connect using a specifi cipher
+--exec $MYSQL_TEST --ssl-cipher=AES128-SHA < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
+# Test to connect using an unknown cipher
+--replace_regex /2026 SSL connection error.*/2026 SSL connection error: xxxx/
+--error 1
+--exec $MYSQL_TEST --ssl-cipher=UNKNOWN-CIPHER < $MYSQLTEST_VARDIR/tmp/test.sql 2>&1
+--remove_file $MYSQLTEST_VARDIR/tmp/test.sql

-connection default;
-disconnect ssl_con;
+#
+# Bug#39172 Asking for DH+non-RSA key with server set to use other key caused
+#           YaSSL to crash the server.
+#

-# Wait till all disconnects are completed
--source include/wait_until_count_sessions.inc
+# Common ciphers to openssl and yassl
+--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
+--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES128-SHA
+--disable_query_log
+--disable_result_log
+
+# Below here caused crashes.  ################
+--error 0,1
+--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=NOT----EXIST
+# These probably exist but the server's keys can't be used to accept these kinds of connections.
+--error 0,1
+--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl-cipher';" --ssl-cipher=AES128-RMD
+
+# If this gives a result, then the bug is fixed.
+--enable_result_log
+--enable_query_log
+select 'is still running; no cipher request crashed the server' as result from dual;
+
+#
+# MDEV-10054 Secure login fails when CIPHER is required
+#
+create user mysqltest_1@localhost;
+grant usage on mysqltest.* to mysqltest_1@localhost require cipher "AES256-SHA";
+--exec $MYSQL -umysqltest_1 --ssl-cipher=AES256-SHA -e "show status like 'ssl_cipher'" 2>&1
+drop user mysqltest_1@localhost;
+
+#
+# BUG#11760210 - SSL_CIPHER_LIST NOT SET OR RETURNED FOR "SHOW STATUS LIKE 'SSL_CIPHER_LIST'"
+# it was a bug in yaSSL, fixed in d2e36e4258bb
+#
+let $restart_parameters=--ssl-cipher=AES128-SHA;
+source include/restart_mysqld.inc;
+connect (ssl_con,localhost,root,,,,,SSL);
+SHOW STATUS LIKE 'Ssl_cipher';
+SHOW STATUS LIKE 'Ssl_cipher_list';
+disconnect ssl_con;
+connection default;
--- a/mysql-test/suite.pm
+++ b/mysql-test/suite.pm
@@ -62,9 +62,9 @@ sub skip_combinations {
  }
  $skip{'include/check_ipv6.inc'} = 'No IPv6' unless ipv6_ok();

-  $skip{'main/openssl_6975.test'} = 'no or too old openssl'
+  $skip{'main/openssl_6975.test'} = 'no or wrong openssl version'
    unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/
-       and $1 ge "1.0.1d";
+       and $1 ge "1.0.1d" and $1 lt "1.1.1";

  $skip{'main/ssl_7937.combinations'} = [ 'x509v3' ]
    unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/
@@ -74,4 +74,3 @@ sub skip_combinations {
 }

 bless { };
-
--- a/mysql-test/suite/funcs_1/r/is_check_constraint.result
+++ b/mysql-test/suite/funcs_1/r/is_check_constraint.result
+#
+# MDEV-17323: Backport INFORMATION_SCHEMA.CHECK_CONSTRAINTS to 10.2
+#
+CREATE user boo1;
+GRANT select,create,alter,drop on foo.* to boo1;
+SHOW GRANTS for boo1;
+Grants for boo1@%
+GRANT USAGE ON *.* TO 'boo1'@'%'
+GRANT SELECT, CREATE, DROP, ALTER ON `foo`.* TO 'boo1'@'%'
+CREATE user boo2;
+create database foo;
+CONNECT con1,localhost, boo1,, foo;
+SET check_constraint_checks=1;
+CREATE TABLE t0
+(
+t int, check (t>32) # table constraint
+) ENGINE=myisam;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CONSTRAINT_1	t0	`t` > 32
+ALTER TABLE t0
+ADD CONSTRAINT CHK_t0_t CHECK(t<100);
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CHK_t0_t	t0	`t` < 100
+def	foo	CONSTRAINT_1	t0	`t` > 32
+ALTER TABLE t0
+DROP CONSTRAINT CHK_t0_t;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CONSTRAINT_1	t0	`t` > 32
+ALTER TABLE t0
+ADD CONSTRAINT CHECK(t<50);
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+CREATE TABLE t1
+( t int CHECK(t>2), # field constraint
+tt int,
+CONSTRAINT CHECK (tt > 32), CONSTRAINT CHECK (tt <50),# autogenerated names table constraints
+CONSTRAINT CHK_tt CHECK(tt<100) # named table constraint
+) ENGINE=InnoDB;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CHK_tt	t1	`tt` < 100
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_1	t1	`tt` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+def	foo	CONSTRAINT_2	t1	`tt` < 50
+def	foo	t	t1	`t` > 2
+ALTER TABLE t1
+DROP CONSTRAINT CHK_tt;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_1	t1	`tt` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+def	foo	CONSTRAINT_2	t1	`tt` < 50
+def	foo	t	t1	`t` > 2
+CREATE TABLE t2
+(
+name VARCHAR(30) CHECK(CHAR_LENGTH(name)>2), #field constraint
+start_date DATE,
+end_date DATE,
+CONSTRAINT CHK_dates CHECK(start_date IS NULL) #table constraint
+)ENGINE=Innodb;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CHK_dates	t2	`start_date` is null
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_1	t1	`tt` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+def	foo	CONSTRAINT_2	t1	`tt` < 50
+def	foo	name	t2	char_length(`name`) > 2
+def	foo	t	t1	`t` > 2
+ALTER TABLE t1
+ADD CONSTRAINT CHK_new_ CHECK(t>tt);
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CHK_dates	t2	`start_date` is null
+def	foo	CHK_new_	t1	`t` > `tt`
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_1	t1	`tt` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+def	foo	CONSTRAINT_2	t1	`tt` < 50
+def	foo	name	t2	char_length(`name`) > 2
+def	foo	t	t1	`t` > 2
+CREATE TABLE t3
+(
+a int,
+b int check (b>0), # field constraint named 'b'
+CONSTRAINT b check (b>10) # table constraint
+) ENGINE=InnoDB;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+def	foo	CHK_dates	t2	`start_date` is null
+def	foo	CHK_new_	t1	`t` > `tt`
+def	foo	CONSTRAINT_1	t0	`t` > 32
+def	foo	CONSTRAINT_1	t1	`tt` > 32
+def	foo	CONSTRAINT_2	t0	`t` < 50
+def	foo	CONSTRAINT_2	t1	`tt` < 50
+def	foo	b	t3	`b` > 0
+def	foo	b	t3	`b` > 10
+def	foo	name	t2	char_length(`name`) > 2
+def	foo	t	t1	`t` > 2
+disconnect con1;
+CONNECT con2, localhost, boo2,, test;
+SELECT * from information_schema.check_constraints;
+CONSTRAINT_CATALOG	CONSTRAINT_SCHEMA	CONSTRAINT_NAME	TABLE_NAME	CHECK_CLAUSE
+disconnect con2;
+CONNECT con1, localhost, boo1,,foo;
+DROP TABLE t0;
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+DROP DATABASE foo;
+disconnect con1;
+connection default;
+DROP USER boo1;
+DROP USER boo2;
--- a/mysql-test/suite/funcs_1/t/is_check_constraint.test
+++ b/mysql-test/suite/funcs_1/t/is_check_constraint.test
+--source include/have_innodb.inc
+--source include/not_embedded.inc
+--echo #
+--echo # MDEV-17323: Backport INFORMATION_SCHEMA.CHECK_CONSTRAINTS to 10.2
+--echo #
+CREATE user boo1;
+GRANT select,create,alter,drop on foo.* to boo1;
+SHOW GRANTS for boo1;
+CREATE user boo2;
+create database foo;
+# Connect with user boo1
+CONNECT(con1,localhost, boo1,, foo);
+
+SET check_constraint_checks=1;
+CREATE TABLE t0
+(
+ t int, check (t>32) # table constraint
+) ENGINE=myisam;
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+ALTER TABLE t0
+ADD CONSTRAINT CHK_t0_t CHECK(t<100);
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+ALTER TABLE t0
+DROP CONSTRAINT CHK_t0_t;
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+ALTER TABLE t0
+ADD CONSTRAINT CHECK(t<50);
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+CREATE TABLE t1
+( t int CHECK(t>2), # field constraint
+ tt int,
+ CONSTRAINT CHECK (tt > 32), CONSTRAINT CHECK (tt <50),# autogenerated names table constraints
+ CONSTRAINT CHK_tt CHECK(tt<100) # named table constraint
+) ENGINE=InnoDB;
+ --sorted_result
+SELECT * from information_schema.check_constraints;
+
+ALTER TABLE t1
+DROP CONSTRAINT CHK_tt;
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+CREATE TABLE t2
+(
+name VARCHAR(30) CHECK(CHAR_LENGTH(name)>2), #field constraint
+start_date DATE,
+end_date DATE,
+CONSTRAINT CHK_dates CHECK(start_date IS NULL) #table constraint
+)ENGINE=Innodb;
+ --sorted_result
+SELECT * from information_schema.check_constraints;
+
+ALTER TABLE t1
+ADD CONSTRAINT CHK_new_ CHECK(t>tt);
+--sorted_result
+SELECT * from information_schema.check_constraints;
+
+# Create table with same field and table check constraint name
+CREATE TABLE t3
+(
+a int,
+b int check (b>0), # field constraint named 'b'
+CONSTRAINT b check (b>10) # table constraint
+) ENGINE=InnoDB;
+ --sorted_result
+SELECT * from information_schema.check_constraints;
+
+DISCONNECT con1;
+CONNECT(con2, localhost, boo2,, test);
+ --sorted_result
+SELECT * from information_schema.check_constraints;
+
+DISCONNECT con2;
+CONNECT(con1, localhost, boo1,,foo);
+DROP TABLE t0;
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+DROP DATABASE foo;
+
+DISCONNECT con1;
+--CONNECTION default
+DROP USER boo1;
+DROP USER boo2;
--- a/mysql-test/suite/galera_3nodes/t/GAL-501.opt
+++ b/mysql-test/suite/galera_3nodes/t/GAL-501.opt
+--bind-address=::
--- a/mysql-test/suite/innodb/r/instant_varchar_enlarge.result
+++ b/mysql-test/suite/innodb/r/instant_varchar_enlarge.result
+create table t (a varchar(100)) engine=innodb;
+select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a';
+name	pos	mtype	prtype	len
+a	0	1	524303	100
+alter table t modify a varchar(110), algorithm=inplace;
+select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a';
+name	pos	mtype	prtype	len
+a	0	1	524303	110
+drop table t;
--- a/mysql-test/suite/innodb/t/instant_varchar_enlarge.test
+++ b/mysql-test/suite/innodb/t/instant_varchar_enlarge.test
+--source include/have_innodb.inc
+
+# LEN must increase here
+create table t (a varchar(100)) engine=innodb;
+select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a';
+alter table t modify a varchar(110), algorithm=inplace;
+select name, pos, mtype, prtype, len from information_schema.innodb_sys_columns where name='a';
+drop table t;
--- a/mysql-test/suite/versioning/r/foreign.result
+++ b/mysql-test/suite/versioning/r/foreign.result
@@ -292,3 +292,12 @@ select count(*) from subchild;
 count(*)
 0
 drop table subchild, child, parent;
+CREATE TABLE t1 (f1 INT, KEY(f1)) ENGINE=InnoDB;
+CREATE TABLE t2 (f2 INT, FOREIGN KEY (f2) REFERENCES t1 (f1)) ENGINE=InnoDB WITH SYSTEM VERSIONING;
+SET FOREIGN_KEY_CHECKS= OFF;
+INSERT IGNORE INTO t2 VALUES (1);
+SET FOREIGN_KEY_CHECKS= ON;
+UPDATE t2 SET f2= 2;
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `t1` (`f1`))
+DELETE FROM t2;
+DROP TABLE t2, t1;
--- a/mysql-test/suite/versioning/t/foreign.test
+++ b/mysql-test/suite/versioning/t/foreign.test
@@ -317,4 +317,18 @@ select count(*) from subchild;
 drop table subchild, child, parent;


+CREATE TABLE t1 (f1 INT, KEY(f1)) ENGINE=InnoDB;
+CREATE TABLE t2 (f2 INT, FOREIGN KEY (f2) REFERENCES t1 (f1)) ENGINE=InnoDB WITH SYSTEM VERSIONING;
+
+SET FOREIGN_KEY_CHECKS= OFF;
+INSERT IGNORE INTO t2 VALUES (1);
+
+SET FOREIGN_KEY_CHECKS= ON;
+--error ER_NO_REFERENCED_ROW_2
+UPDATE t2 SET f2= 2;
+DELETE FROM t2;
+
+DROP TABLE t2, t1;
+
+
 --source suite/versioning/common_finish.inc
--- a/mysys/mf_iocache.c
+++ b/mysys/mf_iocache.c
@@ -115,12 +115,15 @@ init_functions(IO_CACHE* info)
    DBUG_ASSERT(!(info->myflags & MY_ENCRYPT));
    info->read_function = info->share ? _my_b_cache_read_r : _my_b_cache_read;
    info->write_function = info->share ? _my_b_cache_write_r : _my_b_cache_write;
-    info->myflags&= ~MY_FULL_IO;
    break;
  case TYPE_NOT_SET:
    DBUG_ASSERT(0);
    break;
  }
+  if (type == READ_CACHE || type == WRITE_CACHE || type == SEQ_READ_APPEND)
+    info->myflags|= MY_FULL_IO;
+  else
+    info->myflags&= ~MY_FULL_IO;
 }


@@ -297,10 +300,6 @@ int init_io_cache(IO_CACHE *info, File file, size_t cachesize,
  }
  info->inited=info->aio_result.pending=0;
 #endif
-  if (type == READ_CACHE || type == WRITE_CACHE || type == SEQ_READ_APPEND)
-    info->myflags|= MY_FULL_IO;
-  else
-    info->myflags&= ~MY_FULL_IO;
  DBUG_RETURN(0);
 }						/* init_io_cache */

@@ -469,8 +468,6 @@ my_bool reinit_io_cache(IO_CACHE *info, enum cache_type type,
    {
      info->read_end=info->write_pos;
      info->end_of_file=my_b_tell(info);
-      /* Ensure we will read all data */
-      info->myflags|= MY_FULL_IO;
      /*
        Trigger a new seek only if we have a valid
        file handle.
@@ -485,7 +482,6 @@ my_bool reinit_io_cache(IO_CACHE *info, enum cache_type type,
 	info->seek_not_done=1;
      }
      info->end_of_file = ~(my_off_t) 0;
-      info->myflags&= ~MY_FULL_IO;
    }
    pos=info->request_pos+(seek_offset-info->pos_in_file);
    if (type == WRITE_CACHE)

--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -13470,9 +13470,8 @@ bool Write_rows_compressed_log_event::print(FILE *file,
 #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION)
 uint8 Write_rows_log_event::get_trg_event_map()
 {
-  return (static_cast<uint8> (1 << static_cast<int>(TRG_EVENT_INSERT)) |
-          static_cast<uint8> (1 << static_cast<int>(TRG_EVENT_UPDATE)) |
-          static_cast<uint8> (1 << static_cast<int>(TRG_EVENT_DELETE)));
+  return trg2bit(TRG_EVENT_INSERT) | trg2bit(TRG_EVENT_UPDATE) |
+         trg2bit(TRG_EVENT_DELETE);
 }
 #endif

@@ -14179,7 +14178,7 @@ bool Delete_rows_compressed_log_event::print(FILE *file,
 #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION)
 uint8 Delete_rows_log_event::get_trg_event_map()
 {
-  return static_cast<uint8> (1 << static_cast<int>(TRG_EVENT_DELETE));
+  return trg2bit(TRG_EVENT_DELETE);
 }
 #endif

@@ -14454,7 +14453,7 @@ Update_rows_compressed_log_event::print(FILE *file,
 #if defined(MYSQL_SERVER) && defined(HAVE_REPLICATION)
 uint8 Update_rows_log_event::get_trg_event_map()
 {
-  return static_cast<uint8> (1 << static_cast<int>(TRG_EVENT_UPDATE));
+  return trg2bit(TRG_EVENT_UPDATE);
 }
 #endif


--- a/sql/sql_lex.cc
+++ b/sql/sql_lex.cc
@@ -3544,12 +3544,8 @@ void LEX::set_trg_event_type_for_tables()
    On a LOCK TABLE, all triggers must be pre-loaded for this TABLE_LIST
    when opening an associated TABLE.
  */
-    new_trg_event_map= static_cast<uint8>
-                        (1 << static_cast<int>(TRG_EVENT_INSERT)) |
-                      static_cast<uint8>
-                        (1 << static_cast<int>(TRG_EVENT_UPDATE)) |
-                      static_cast<uint8>
-                        (1 << static_cast<int>(TRG_EVENT_DELETE));
+    new_trg_event_map= trg2bit(TRG_EVENT_INSERT) | trg2bit(TRG_EVENT_UPDATE) |
+                       trg2bit(TRG_EVENT_DELETE);
    break;
  /*
    Basic INSERT. If there is an additional ON DUPLIATE KEY UPDATE
@@ -3580,20 +3576,17 @@ void LEX::set_trg_event_type_for_tables()
  */
  case SQLCOM_CREATE_TABLE:
  case SQLCOM_CREATE_SEQUENCE:
-    new_trg_event_map|= static_cast<uint8>
-                          (1 << static_cast<int>(TRG_EVENT_INSERT));
+    new_trg_event_map|= trg2bit(TRG_EVENT_INSERT);
    break;
  /* Basic update and multi-update */
  case SQLCOM_UPDATE:                           /* fall through */
  case SQLCOM_UPDATE_MULTI:
-    new_trg_event_map|= static_cast<uint8>
-                          (1 << static_cast<int>(TRG_EVENT_UPDATE));
+    new_trg_event_map|= trg2bit(TRG_EVENT_UPDATE);
    break;
  /* Basic delete and multi-delete */
  case SQLCOM_DELETE:                           /* fall through */
  case SQLCOM_DELETE_MULTI:
-    new_trg_event_map|= static_cast<uint8>
-                          (1 << static_cast<int>(TRG_EVENT_DELETE));
+    new_trg_event_map|= trg2bit(TRG_EVENT_DELETE);
    break;
  default:
    break;
@@ -3601,12 +3594,10 @@ void LEX::set_trg_event_type_for_tables()

  switch (duplicates) {
  case DUP_UPDATE:
-    new_trg_event_map|= static_cast<uint8>
-                          (1 << static_cast<int>(TRG_EVENT_UPDATE));
+    new_trg_event_map|= trg2bit(TRG_EVENT_UPDATE);
    break;
  case DUP_REPLACE:
-    new_trg_event_map|= static_cast<uint8>
-                          (1 << static_cast<int>(TRG_EVENT_DELETE));
+    new_trg_event_map|= trg2bit(TRG_EVENT_DELETE);
    break;
  case DUP_ERROR:
  default:

--- a/sql/sql_trigger.cc
+++ b/sql/sql_trigger.cc
@@ -2182,8 +2182,7 @@ bool Table_triggers_list::process_triggers(THD *thd,
    This trigger must have been processed by the pre-locking
    algorithm.
  */
-  DBUG_ASSERT(trigger_table->pos_in_table_list->trg_event_map &
-              static_cast<uint>(1 << static_cast<int>(event)));
+  DBUG_ASSERT(trigger_table->pos_in_table_list->trg_event_map & trg2bit(event));

  thd->reset_sub_statement_state(&statement_state, SUB_STMT_TRIGGER);

@@ -2235,8 +2234,7 @@ add_tables_and_routines_for_triggers(THD *thd,

  for (int i= 0; i < (int)TRG_EVENT_MAX; i++)
  {
-    if (table_list->trg_event_map &
-        static_cast<uint8>(1 << static_cast<int>(i)))
+    if (table_list->trg_event_map & trg2bit(static_cast<trg_event_type>(i)))
    {
      for (int j= 0; j < (int)TRG_ACTION_MAX; j++)
      {

--- a/sql/sql_trigger.h
+++ b/sql/sql_trigger.h
@@ -38,6 +38,9 @@ enum trg_event_type
  TRG_EVENT_MAX
 };

+static inline uint8 trg2bit(enum trg_event_type trg)
+{ return static_cast<uint8>(1 << static_cast<int>(trg)); }
+
 #include "table.h"                              /* GRANT_INFO */

 /*

--- a/storage/innobase/fil/fil0fil.cc
+++ b/storage/innobase/fil/fil0fil.cc
@@ -409,7 +409,7 @@ fil_space_is_flushed(
 	     node != NULL;
 	     node = UT_LIST_GET_NEXT(chain, node)) {

-		if (node->modification_counter > node->flush_counter) {
+		if (node->needs_flush) {

 			ut_ad(!fil_buffering_disabled(space));
 			return(false);
@@ -446,8 +446,6 @@ fil_node_t* fil_space_t::add(const char* name, pfs_os_file_t handle,

 	ut_a(!is_raw || srv_start_raw_disk_in_use);

-	node->sync_event = os_event_create("fsync_event");
-
 	node->is_raw_disk = is_raw;

 	node->size = size;
@@ -678,7 +676,7 @@ void fil_node_t::close()
 	ut_a(n_pending == 0);
 	ut_a(n_pending_flushes == 0);
 	ut_a(!being_extended);
-	ut_a(modification_counter == flush_counter
+	ut_a(!needs_flush
 	     || space->purpose == FIL_TYPE_TEMPORARY
 	     || srv_fast_shutdown == 2
 	     || !srv_was_started);
@@ -727,7 +725,7 @@ fil_try_to_close_file_in_LRU(
 	     node != NULL;
 	     node = UT_LIST_GET_PREV(LRU, node)) {

-		if (node->modification_counter == node->flush_counter
+		if (!node->needs_flush
 		    && node->n_pending_flushes == 0
 		    && !node->being_extended) {

@@ -747,11 +745,9 @@ fil_try_to_close_file_in_LRU(
 				<< node->n_pending_flushes;
 		}

-		if (node->modification_counter != node->flush_counter) {
+		if (node->needs_flush) {
 			ib::warn() << "Cannot close file " << node->name
-				<< ", because modification count "
-				<< node->modification_counter <<
-				" != flush count " << node->flush_counter;
+				<< ", because is should be flushed first";
 		}

 		if (node->being_extended) {
@@ -776,7 +772,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false)

 		/* No need to flush. User has explicitly disabled
 		buffering. */
-		ut_ad(!space->is_in_unflushed_spaces);
+		ut_ad(!space->is_in_unflushed_spaces());
 		ut_ad(fil_space_is_flushed(space));
 		ut_ad(space->n_pending_flushes == 0);

@@ -784,8 +780,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false)
 		for (fil_node_t* node = UT_LIST_GET_FIRST(space->chain);
 		     node != NULL;
 		     node = UT_LIST_GET_NEXT(chain, node)) {
-			ut_ad(node->modification_counter
-			      == node->flush_counter);
+			ut_ad(!node->needs_flush);
 			ut_ad(node->n_pending_flushes == 0);
 		}
 #endif /* UNIV_DEBUG */
@@ -800,9 +795,7 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false)
 	     node != NULL;
 	     node = UT_LIST_GET_NEXT(chain, node)) {

-		int64_t	old_mod_counter = node->modification_counter;
-
-		if (old_mod_counter <= node->flush_counter) {
+		if (!node->needs_flush) {
 			continue;
 		}

@@ -826,31 +819,10 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false)
 			goto skip_flush;
 		}
 #endif /* _WIN32 */
-retry:
-		if (node->n_pending_flushes > 0) {
-			/* We want to avoid calling os_file_flush() on
-			the file twice at the same time, because we do
-			not know what bugs OS's may contain in file
-			i/o */
-
-			int64_t	sig_count = os_event_reset(node->sync_event);
-
-			mutex_exit(&fil_system.mutex);
-
-			os_event_wait_low(node->sync_event, sig_count);
-
-			mutex_enter(&fil_system.mutex);
-
-			if (node->flush_counter >= old_mod_counter) {
-
-				goto skip_flush;
-			}
-
-			goto retry;
-		}

 		ut_a(node->is_open());
 		node->n_pending_flushes++;
+		node->needs_flush = false;

 		mutex_exit(&fil_system.mutex);

@@ -858,18 +830,14 @@ static void fil_flush_low(fil_space_t* space, bool metadata = false)

 		mutex_enter(&fil_system.mutex);

-		os_event_set(node->sync_event);
-
 		node->n_pending_flushes--;
+#ifdef _WIN32
 skip_flush:
-		if (node->flush_counter < old_mod_counter) {
-			node->flush_counter = old_mod_counter;
-
-			if (space->is_in_unflushed_spaces
+#endif /* _WIN32 */
+		if (!node->needs_flush) {
+			if (space->is_in_unflushed_spaces()
 			    && fil_space_is_flushed(space)) {

-				space->is_in_unflushed_spaces = false;
-
 				UT_LIST_REMOVE(
 					fil_system.unflushed_spaces,
 					space);
@@ -1164,19 +1132,16 @@ fil_node_close_to_free(
 		/* We fool the assertion in fil_node_t::close() to think
 		there are no unflushed modifications in the file */

-		node->modification_counter = node->flush_counter;
-		os_event_set(node->sync_event);
+		node->needs_flush = false;

 		if (fil_buffering_disabled(space)) {

-			ut_ad(!space->is_in_unflushed_spaces);
+			ut_ad(!space->is_in_unflushed_spaces());
 			ut_ad(fil_space_is_flushed(space));

-		} else if (space->is_in_unflushed_spaces
+		} else if (space->is_in_unflushed_spaces()
 			   && fil_space_is_flushed(space)) {

-			space->is_in_unflushed_spaces = false;
-
 			UT_LIST_REMOVE(fil_system.unflushed_spaces, space);
 		}

@@ -1197,16 +1162,14 @@ fil_space_detach(

 	HASH_DELETE(fil_space_t, hash, fil_system.spaces, space->id, space);

-	if (space->is_in_unflushed_spaces) {
+	if (space->is_in_unflushed_spaces()) {

 		ut_ad(!fil_buffering_disabled(space));
-		space->is_in_unflushed_spaces = false;

 		UT_LIST_REMOVE(fil_system.unflushed_spaces, space);
 	}

-	if (space->is_in_rotation_list) {
-		space->is_in_rotation_list = false;
+	if (space->is_in_rotation_list()) {

 		UT_LIST_REMOVE(fil_system.rotation_list, space);
 	}
@@ -1252,7 +1215,6 @@ fil_space_free_low(
 	for (fil_node_t* node = UT_LIST_GET_FIRST(space->chain);
 	     node != NULL; ) {
 		ut_d(space->size -= node->size);
-		os_event_destroy(node->sync_event);
 		ut_free(node->name);
 		fil_node_t* old_node = node;
 		node = UT_LIST_GET_NEXT(chain, node);
@@ -1428,11 +1390,8 @@ fil_space_create(
 		/* Key rotation is not enabled, need to inform background
 		encryption threads. */
 		UT_LIST_ADD_LAST(fil_system.rotation_list, space);
-		space->is_in_rotation_list = true;
 		mutex_exit(&fil_system.mutex);
-		mutex_enter(&fil_crypt_threads_mutex);
 		os_event_set(fil_crypt_threads_event);
-		mutex_exit(&fil_crypt_threads_mutex);
 	} else {
 		mutex_exit(&fil_system.mutex);
 	}
@@ -4098,24 +4057,21 @@ fil_node_complete_io(fil_node_t* node, const IORequest& type)
 		ut_ad(!srv_read_only_mode
 		      || node->space->purpose == FIL_TYPE_TEMPORARY);

-		++fil_system.modification_counter;
-
-		node->modification_counter = fil_system.modification_counter;
-
 		if (fil_buffering_disabled(node->space)) {

 			/* We don't need to keep track of unflushed
 			changes as user has explicitly disabled
 			buffering. */
-			ut_ad(!node->space->is_in_unflushed_spaces);
-			node->flush_counter = node->modification_counter;
+			ut_ad(!node->space->is_in_unflushed_spaces());
+			ut_ad(node->needs_flush == false);

-		} else if (!node->space->is_in_unflushed_spaces) {
-
-			node->space->is_in_unflushed_spaces = true;
+		} else {
+			node->needs_flush = true;

-			UT_LIST_ADD_FIRST(
-				fil_system.unflushed_spaces, node->space);
+			if (!node->space->is_in_unflushed_spaces()) {
+				UT_LIST_ADD_FIRST(fil_system.unflushed_spaces,
+						  node->space);
+			}
 		}
 	}

@@ -5118,8 +5074,7 @@ fil_space_remove_from_keyrotation(fil_space_t* space)
 	ut_ad(mutex_own(&fil_system.mutex));
 	ut_ad(space);

-	if (space->is_in_rotation_list && !space->referenced()) {
-		space->is_in_rotation_list = false;
+	if (!space->referenced() && space->is_in_rotation_list()) {
 		ut_a(UT_LIST_GET_LEN(fil_system.rotation_list) > 0);
 		UT_LIST_REMOVE(fil_system.rotation_list, space);
 	}
@@ -5260,3 +5215,21 @@ fil_space_set_punch_hole(
 {
 	node->space->punch_hole = val;
 }
+
+/** Checks that this tablespace in a list of unflushed tablespaces.
+@return true if in a list */
+bool fil_space_t::is_in_unflushed_spaces() const {
+	ut_ad(mutex_own(&fil_system.mutex));
+
+	return fil_system.unflushed_spaces.start == this
+	       || unflushed_spaces.next || unflushed_spaces.prev;
+}
+
+/** Checks that this tablespace needs key rotation.
+@return true if in a rotation list */
+bool fil_space_t::is_in_rotation_list() const {
+	ut_ad(mutex_own(&fil_system.mutex));
+
+	return fil_system.rotation_list.start == this || rotation_list.next
+	       || rotation_list.prev;
+}
--- a/storage/innobase/include/fil0fil.h
+++ b/storage/innobase/include/fil0fil.h
@@ -151,15 +151,16 @@ struct fil_space_t {
 	UT_LIST_NODE_T(fil_space_t) named_spaces;
 				/*!< list of spaces for which MLOG_FILE_NAME
 				records have been issued */
-	bool		is_in_unflushed_spaces;
-				/*!< true if this space is currently in
-				unflushed_spaces */
+	/** Checks that this tablespace in a list of unflushed tablespaces.
+	@return true if in a list */
+	bool is_in_unflushed_spaces() const;
 	UT_LIST_NODE_T(fil_space_t) space_list;
 				/*!< list of all spaces */
 	/** other tablespaces needing key rotation */
 	UT_LIST_NODE_T(fil_space_t) rotation_list;
-	/** whether this tablespace needs key rotation */
-	bool		is_in_rotation_list;
+	/** Checks that this tablespace needs key rotation.
+	@return true if in a rotation list */
+	bool is_in_rotation_list() const;

 	/** MariaDB encryption data */
 	fil_space_crypt_t* crypt_data;
@@ -268,10 +269,6 @@ struct fil_node_t {
 	char*		name;
 	/** file handle (valid if is_open) */
 	pfs_os_file_t	handle;
-	/** event that groups and serializes calls to fsync;
-	os_event_set() and os_event_reset() are protected by
-	fil_system.mutex */
-	os_event_t	sync_event;
 	/** whether the file actually is a raw device or disk partition */
 	bool		is_raw_disk;
 	/** size of the file in database pages (0 if not known yet);
@@ -289,10 +286,8 @@ struct fil_node_t {
 	ulint		n_pending_flushes;
 	/** whether the file is currently being extended */
 	bool		being_extended;
-	/** number of writes to the file since the system was started */
-	int64_t		modification_counter;
-	/** the modification_counter of the latest flush to disk */
-	int64_t		flush_counter;
+	/** whether this file had writes after lasy fsync() */
+	bool		needs_flush;
 	/** link to other files in this tablespace */
 	UT_LIST_NODE_T(fil_node_t) chain;
 	/** link to the fil_system.LRU list (keeping track of open files) */
@@ -589,10 +584,8 @@ struct fil_system_t {
 					tablespaces whose files contain
 					unflushed writes; those spaces have
 					at least one file node where
-					modification_counter > flush_counter */
+					needs_flush == true */
 	ulint		n_open;		/*!< number of files currently open */
-	int64_t		modification_counter;/*!< when we write to a file we
-					increment this by one */
 	ulint		max_assigned_id;/*!< maximum space id in the existing
 					tables, or assigned during the time
 					mysqld has been up; at an InnoDB

--- a/storage/innobase/row/row0upd.cc
+++ b/storage/innobase/row/row0upd.cc
@@ -3194,6 +3194,7 @@ row_upd_clust_step(

 	if (node->cmpl_info & UPD_NODE_NO_ORD_CHANGE) {

+		node->index = NULL;
 		err = row_upd_clust_rec(
 			flags, node, index, offsets, &heap, thr, &mtr);
 		goto exit_func;

--- a/storage/rocksdb/myrocks_hotbackup.py
+++ b/storage/rocksdb/myrocks_hotbackup.py
@@ -8,7 +8,6 @@ import os
 import stat
 import sys
 import re
-import commands
 import subprocess
 import logging
 import logging.handlers