nfs-over-tls: add rc scripts for rpc.tlsclntd and rpc.tlsservd

Add rc.d scripts that control the recently committed rpc.tlsclntd(8)
and rpc.tlsservd(8) daemons.

Reviewed by:	gbe
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D28432

libexec/rc/rc.conf

@@ -385,6 +385,10 @@ nfscbd_enable="NO"		# NFSv4 client side callback daemon
 nfscbd_flags=""			# Flags for nfscbd
 nfsuserd_enable="NO"		# NFSv4 user/group name mapping daemon
 nfsuserd_flags=""		# Flags for nfsuserd
+tlsclntd_enable="NO"		# Run rpc.tlsclntd needed for NFS-over-TLS mount
+tlsclntd_flags=""		# Flags for rpc.tlsclntd
+tlsservd_enable="NO"		# Run rpc.tlsservd needed for NFS-over-TLS nfsd
+tlsservd_flags=""		# Flags for rpc.tlsservd
 
 ### Network Time Services options: ###
 timed_enable="NO"		# Run the time daemon (or NO).

libexec/rc/rc.d/Makefile

@@ -271,6 +271,10 @@ _opensm=	opensm
 
 .if ${MK_OPENSSL} != "no"
 CONFS+=		keyserv
+.if ${MK_OPENSSL_KTLS} != "no"
+CONFS+=		tlsclntd \
+		tlsservd
+.endif
 .endif
 
 .if ${MK_OPENSSH} != "no"

libexec/rc/rc.d/tlsclntd

@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: tlsclntd
+# REQUIRE: NETWORKING root mountcritlocal sysctl
+# BEFORE: nfscbd
+# KEYWORD: nojail shutdown
+
+. /etc/rc.subr
+
+name="tlsclntd"
+desc="NFS over TLS client side daemon"
+rcvar="tlsclntd_enable"
+command="/usr/sbin/rpc.${name}"
+pidfile="/var/run/rpc.${name}.pid"
+
+load_rc_config $name
+
+run_rc_command "$1"

libexec/rc/rc.d/tlsservd

@@ -0,0 +1,25 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: tlsservd
+# REQUIRE: NETWORKING root mountcritlocal sysctl
+# BEFORE: nfsd
+# KEYWORD: nojail shutdown
+
+. /etc/rc.subr
+
+name="tlsservd"
+desc="NFS over TLS server side daemon"
+rcvar="tlsservd_enable"
+command="/usr/sbin/rpc.${name}"
+
+pidfile="/var/run/rpc.${name}.pid"
+required_files="/etc/rpc.tlsservd/cert.pem /etc/rpc.tlsservd/certkey.pem"
+extra_commands="reload"
+
+
+load_rc_config $name
+
+run_rc_command "$1"