Add entries for the OID used for NFS-over-TLS "user@domain".

The NFS-over-TLS server daemon (rpc.tlsservd) can optionally replace user
credentials in the RPC header with ones derived from a username specified
by the form "user@domain", if this exists in the client's X.509 v3 certificate.
Specifically, "user@domain" needs to be in the "otherName" component of
subjectjAltName, with a unique OID as assigned by this update.

This patch adds a subtree for the "otherName" component of subjectAltName in
X.509 v3 cerificates and a value for "user@domain" as used by NFS-over-TLS.

Reviewed by:	phk, gordon
Differential Revision:	https://reviews.freebsd.org/D26225

share/snmp/mibs/FREEBSD-MIB.txt

@@ -16,7 +16,7 @@ IMPORTS
 		FROM SNMPv2-SMI;
 
 freeBSD MODULE-IDENTITY
-	LAST-UPDATED "200610311000Z"
+	LAST-UPDATED "202009032030Z"
 	ORGANIZATION "The FreeBSD Project."
 	CONTACT-INFO
 		"phk@FreeBSD.org is contact person for this file.
@@ -24,6 +24,9 @@ freeBSD MODULE-IDENTITY
 	DESCRIPTION
 		"The Structure of Management Information for the
 		FreeBSD Project enterprise MIB subtree."
+	REVISION      "202009031900Z"
+	DESCRIPTION
+		"Added entries for the otherName component of a X.509 cert"
 	REVISION      "200610310800Z"
 	DESCRIPTION
 		"Initial version of this MIB module."
@@ -36,6 +39,21 @@ freeBSDsrc OBJECT-IDENTITY
 		"Subtree for things which lives in the src tree."
 	::= { freeBSD 1 }
 
+freeBSDsrcCertOtherName OBJECT-IDENTITY
+	STATUS	current
+	DESCRIPTION
+		"Subtree for X.509 Certificate otherName entries"
+	::= { freeBSDsrc 1 }
+
+--
+-- For NFS over TLS, a user@domain can optionally be handled by rpc.tlsservd
+--
+freeBSDsrcCertNFSuser OBJECT-IDENTITY
+	STATUS	current
+	DESCRIPTION
+		"Entry for X.509 Certificate for NFS user@domain name"
+	::= { freeBSDsrcCertOtherName 1 }
+
 freeBSDports OBJECT-IDENTITY
 	STATUS	current
 	DESCRIPTION