[API review] Add API for plugins to load certificates and keys

[SUSAN HINRICHS <sh...@apache.org>]

Details in https://github.com/apache/trafficserver/pull/6609

I'm proposing to add functionality for plugins to load certificate and key
information on configuration load and reload.

I propose adding a hook, TS_LIFESTYLE_SSL_SECRET_HOOK, and a pair of TS
API's, TSSslSecretSet/Get. The hook gets triggered before the SSL_CTX is
created. The continuation is called with the name of the certificate or key
as the data argument. The plugin then can load the certificate/key
information from some other source (e.g. a key server or just someplace
else on disk as the ssl_secret_load_test.cc does in the PR). The plugin
calls TSSslSecretSet to update the secret table. After the hooks are
called, the core looks for the data in the secret_map. If it is not
present, the core loads the data from disk and puts it in the map. The
SSL_CTX creation logic operates on a mem_bio instead of using the file
oriented forms of the cert and key loading calls.

https://github.com/apache/trafficserver/blob/c011b03f79633674356eab1c37954aa8e5a06bfe/tests/tools/plugins/ssl_secret_load_test.cc
shows
an example plugin.  This is used by the autests added in the PR.  Given the
secret name, it inserts an extra directory into the path and reads the
certificate or key information from there.

I am working on updating the PR to handle both client and server
certificates.  Currently the PR only supports client certificates.  Please
share your feedback via this email or the PR.

Thanks, Susan