tlshd: Read TLS session tag configuration information

TLS session tags are defined in files that reside in
/etc/tlshd/tags.d/*.{yaml,yml}. On daemon start-up, the tag
definitions are read into a data structure that is shared with
forked children processes.

Unfortunately the libyaml parser is nothing more than a token
emitter. A nicer API exists in libcyaml, but that library does not
appear to be available in many distributions. Thus the new tag
config file parsing code implements a full finite state parser of
the session tags files.

Session tag configuration errors are reported but are not fatal.

Nothing is done with these tags yet, and documentation is added
in a subsequent patch.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

Author: chucklever

src/tlshd/Makefile.am

@@ -23,8 +23,9 @@ sbin_PROGRAMS		= tlshd
 tlshd_CFLAGS		= -Werror -Wall -Wextra $(LIBGNUTLS_CFLAGS) \
 			  $(LIBKEYUTILS_CFLAGS) $(GLIB_CFLAGS) $(LIBNL3_CFLAGS) \
 			  $(LIBNL_GENL3_CFLAGS) $(LIBYAML_CFLAGS)
-tlshd_SOURCES		= client.c config.c handshake.c keyring.c ktls.c log.c \
-			  main.c netlink.c netlink.h server.c tlshd.h quic.c
+tlshd_SOURCES		= client.c config.c handshake.c keyring.c ktls.c \
+			  log.c main.c netlink.c netlink.h quic.c server.c \
+			  tags.c tlshd.h
 tlshd_LDADD		= $(LIBGNUTLS_LIBS) $(LIBKEYUTILS_LIBS) $(GLIB_LIBS) \
 			  $(LIBNL3_LIBS) $(LIBNL_GENL3_LIBS) $(LIBYAML_LIBS)
 

src/tlshd/config.c

@@ -106,11 +106,14 @@ bool tlshd_config_init(const gchar *pathname)
 	tlshd_keyring_link_session(".nfs");
 	tlshd_keyring_link_session(".nfsd");
 
+	/* Eventually the tags directory might become a tlshd config option */
+	tlshd_tags_read_configuration("/etc/tlshd/tags.d");
 	return true;
 }
 
 void tlshd_config_shutdown(void)
 {
+	tlshd_tags_shutdown();
 	g_key_file_free(tlshd_configuration);
 }