simplifies further handling. The stdio layer introduces its own buffering and for the logs I'd like to avoid it. fflush(3) is an option, but using a raw fd and dprintf(2) requires less code.

so that ge can provide its own log_request without requiring a separate logger process.

It uses the 'common' proc.c from various OpenBSD-daemons. gmid grew organically bit by bit and it was also the first place where I tried to implement privsep. It wasn't done very well, in fact the parent process (that retains root privileges) just fork()s a generation of servers, all sharing *exactly* the same address space. No good! Now, we fork() and re-exec() ourselves, so that each process has a fresh address space. Some features (require client ca for example) are temporarly disabled, will be fixed in subsequent commits. The "ge" program is also temporarly disabled as it needs tweaks to do privsep too.