Add SSL option for data socket of rpcap

Add SSL option for data socket of rpcap

When using rpcapd one may want the forwarded traffic to be encrypted.
When running rpcapd via initd it is relatively easy to add stunnel but
the client still have to implement TLS. Or one could also use an ssh
tunnel but it's a lot of setup. Ultimately, it is simpler than rpcap
protocol could run on SSL natively. So this patch adds a -S option to
rpcapd that will wrap the data socket into a TLS tunnel (in both passive
anbd active mode, as long as it's TCP not UDP).

The start capture message has an additional flag: ssl, asking the client
to initiate a TLS handshake once he is connected to the data socket.

This patch is not polished as I'm more interested in early opinions at
this stage. Please let me know what you think of the idea and its
implementation so far.

Proof of concept:

generate a private key, a self signed root cert:

$ openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 36500 -out cert.pem

then run rpcapd with option -S (ssl) and -K and -C:

$ rpcapd -n -S -K key.pem -C cert.pem

Once recompiled, tcpdump can attach to this rpcap:// service and the
traffic will be encrypted.