gemexp is meant for local testing so I'm not too worried about changing its log format if it makes sense to do so.

Call the certificates .pem and the keys .key; use contrib/gencert to generate the certificates and provide a GENCERT_FLAGS knob so that regress can be run with EC keys (GENCERT_FLAGS=-e). Still no automatic way of testing with both RSA and EC keys.

Using what the manpage advertised. The regress adaptations will follow. The directory will also change (and the key type too.)

These connection are not otherwise logged and it could be helpful to track down the bad ip.

gg -> gemexp and better wording.

in this codepath. otherwise we end up with a mismatch where we expect a request but were sent a response.

otherwise we send the request id N and expect to receive N+1

all other rules are freeing the value of `listen_addr'

default_host needs to be NULL for getaddrinfo(3) to listen on everything.

There's no much we can do if we resolv an IPv6 address but its support is disabled in the current kernel, so ignore and go ahead. Spotted while testing gmid i n a FreeBSD jail without IPv6.