Fix skipped tests in Mariadb integration CI (#1533)

1. Apparently the new errors we recently turned off are due to the
default auto-chaining behavior in OpenSSL. I applied a patch to enable
auto-chaining in Mariadb, since consumers will likely be looking for the
default behavior Mariadb tries to enable.
2. Not sure what desc_index_min_max does, but it does seem to have a
history of being flaky based on this commit: MariaDB/server@03fa2c3.
It seems unrelated to AWS-LC, so I think it's alright to leave off.
3. My guess is that ssl_crl is trying to connect to the server containing
the crl, but there are instances where the crl server is unresponsive
(possibly due to too much load on the server, common issue with crls).
Why our CI still fails, is due the error message being overwritten in the
original patch. The patch correctly encapsulates new AWS-LC errors,
but we've also overwritten the potential error message that was being
expected. I've generated a new patch for the CI.

tests/ci/integration/mariadb_patch/auto-chaining.patch

@@ -0,0 +1,16 @@
+diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c
+index 530872c4..235bf76f 100644
+--- a/vio/viosslfactories.c
++++ b/vio/viosslfactories.c
+@@ -354,6 +354,11 @@ new_VioSSLFd(const char *key_file, const char *cert_file, const char *ca_file,
+   }
+
+   SSL_CTX_set_options(ssl_fd->ssl_context, ssl_ctx_options);
++  /* 
++    This reverts AWS-LC to the default OpenSSL auto-chaining behavior. Since 
++    OpenSSL enables auto-chaining by default, this is a no-op with OpenSSL.
++  */
++  SSL_CTX_clear_mode(ssl_fd->ssl_context, SSL_MODE_NO_AUTO_CHAIN);
+
+   /*
+     Set the ciphers that can be used

tests/ci/integration/mariadb_patch/ssl_crl_expect.patch

@@ -0,0 +1,12 @@
+diff --git a/mysql-test/main/ssl_crl.test b/mysql-test/main/ssl_crl.test
+index 9b475857..58d23087 100644
+--- a/mysql-test/main/ssl_crl.test
++++ b/mysql-test/main/ssl_crl.test
+@@ -8,6 +8,6 @@
+
+ --echo # try logging in with a certificate in the server's --ssl-crl : should fail
+ # OpenSSL 1.1.1a correctly rejects the certificate, but the error message is different
+---replace_regex /ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+/ERROR 2026 (HY000): TLS\/SSL error: sslv3 alert certificate revoked/
++--replace_regex /ERROR 2013 \(HY000\): Lost connection to server at '.*', system error: [0-9]+/ERROR 2026 (HY000): TLS\/SSL error: sslv3 alert certificate revoked/ /SSLV3_ALERT_CERTIFICATE_REVOKED/sslv3 alert certificate revoked/
+ --error 1
+ --exec $MYSQL --ssl-ca=$MYSQL_TEST_DIR/std_data/cacert.pem --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem test -e "SHOW STATUS LIKE 'Ssl_version'" 2>&1

tests/ci/integration/run_mariadb_integration.sh

@@ -59,11 +59,8 @@ function mariadb_run_tests() {
 main.flush_logs_not_windows : query 'flush logs' succeeded - should have failed with error ER_CANT_CREATE_FILE (1004)
 main.mysql_upgrade_noengine : upgrade output order does not match the expected
 main.plugin_load : This test generates a warning in Codebuild. Skip over since this isn't relevant to AWS-LC.
-main.ssl_crl : This test is flaky in CodeBuild CI P112867839
-main.desc_index_min_max : This test is flaky in CodeBuild CI P112867839
-main.ssl_autoverify : Failing with - TLS/SSL error: unable to get local issuer certificate
-main.mysql : Failing with - TLS/SSL error: unable to get local issuer certificate
-main.ssl_fp : Failing with - TLS/SSL error: unable to get local issuer certificate"> skiplist
+main.desc_index_min_max : This test is flaky and unrelated to aws-lc.
+"> skiplist
   ./mtr --suite=main --force --parallel=auto --skip-test-list=${MARIADB_BUILD_FOLDER}/mysql-test/skiplist --retry-failure=2
   popd
 }