PS-9033 fix: audit_log_filter plugin, does not register remote accesses

https://perconadev.atlassian.net/browse/PS-9033

Fixed problem with 'audit_log_filter' not being able to properly identify
remote host name (in case when user specified an IP address in the
connection string).
Original implementation used to rely on user name and host name
provided by the client (the equivalent of 'USER()' MySQL function) which
did not work as expected in all cases and could lead to filtering out
legitimate events.
In particular, when 'AuditLogFilter::get_connection_user()' was not able
to identify a non-empty 'name' / 'host' part of the user account, it used
to return early with error code causing audit events to be not logged
properly.

This fix changes the logic to use authenticated user name and host name
(the equivalent of 'CURRENT_USER()' MySQL function) when applying filtering
rules.
Not only does this fix the issue with not being able to identify host names
and skipping events in case when a connection was established to an IP
address (not to a host name), but also opens possibility to support
authenticated users with wildcard host names (like 'usr'@'%').
Wildcards support will be added in the fix for
PS-9024 "audit_log_filter_set_user does not allow wildcards in hostname"
https://perconadev.atlassian.net/browse/PS-9024

Connect / disconnect logic inside 'generate_audit_events.inc' MTR include
file made more deterministic by using 'count_sessions.inc' /
'wait_until_count_sessions.inc' pair befoire and after establishing / closing
a new connection.

Re-recorded 'audit_log_filter.writer_buffer_size_overflow' MTR test case as
proper connection event tracking caused shift in '<CONNECTION_ID>' from
single digit to 2-digit numbers.

Author: percona-ysorokin

plugin/audit_log_filter/audit_log_filter.cc

@@ -605,13 +605,13 @@ bool AuditLogFilter::get_connection_user(Security_context_handle &ctx,
   MYSQL_LEX_CSTRING user{"", 0};
   MYSQL_LEX_CSTRING host{"", 0};
 
-  if (m_security_context_opts_srv->get(ctx, "user", &user)) {
+  if (m_security_context_opts_srv->get(ctx, "priv_user", &user)) {
     LogPluginErr(ERROR_LEVEL, ER_LOG_PRINTF_MSG,
                  "Can not get user name from security context");
     return false;
   }
 
-  if (m_security_context_opts_srv->get(ctx, "host", &host)) {
+  if (m_security_context_opts_srv->get(ctx, "priv_host", &host)) {
     LogPluginErr(ERROR_LEVEL, ER_LOG_PRINTF_MSG,
                  "Can not get user host from security context");
     return false;

plugin/audit_log_filter/tests/mtr/r/writer_buffer_size_overflow.result

@@ -29,6 +29,6 @@ Variable_name	Value
 Audit_log_filter_events_lost	3
 SHOW GLOBAL STATUS LIKE 'Audit_log_filter_event_max_drop_size';
 Variable_name	Value
-Audit_log_filter_event_max_drop_size	4406
+Audit_log_filter_event_max_drop_size	4407
 #
 # Cleanup

plugin/audit_log_filter/tests/mtr/t/generate_audit_events.inc

@@ -43,6 +43,7 @@ INSTALL COMPONENT "file://component_audit_api_message_emit";
 SELECT audit_api_message_emit_udf('component_text', 'producer_text', 'message_text', 'key', 'value') AS 'Message';
 UNINSTALL COMPONENT "file://component_audit_api_message_emit";
 
+--source include/count_sessions.inc
 # AuditRecordConnection
 # AuditRecordAuthentication
 CREATE USER 'user1'@'%' IDENTIFIED BY '111';
@@ -51,6 +52,7 @@ connect (conn1,localhost,user1,111,test);
 disconnect conn1;
 connection default;
 DROP USER user1;
+--source include/wait_until_count_sessions.inc
 
 # AuditRecordServerShutdown
 #--source include/restart_mysqld.inc