restore signal handlers before exec'ing CGI scripts

define TLS_VERSION, TLS_CIPHER and TLS_CIPHER_STRENGTH for CGI scripts

list instead of fixed-size array for vhosts and locations saves some bytes of memory and removes the limit on the maximum number of vhosts and location blocks.

gmid v1.6 -- "Stargazers"

move all sandbox-related code to sandbox.c while there, add capsicum for the logger process

refactoring: imsg everywhere use imsg to handle ALL kinds of IPC in gmid. This simplifies and shorten the code, and makes everything more uniform too.

handle SIGHUP gracefully i.e. don't print scary messages with LOG_CRIT priority!

give each server process its own socket for the executor this fixes a bug introduced with the prefork mechanics: every server process shared the same socket, and this would cause a race condition when multiple server processes asked for a script cgi being executed. This gives each server process its own socket to talk to the executor, so the race cannot happen.

fix various compilation errors Include gmid.h as first header in every file, as it then includes config.h (that defines _GNU_SOURCE for instance). Fix also a warning about unsigned vs signed const char pointers in openssl.

define TLS_CLIENT_NOT_BEFORE/NOT_AFTER in CGI scripts

[cgi] split the query in words if needed and add them to the argv

use log_err instead of fprintf

ensure CGI stdout it's blocking

reload configuration on SIGHUP

refactor executor_main now it's symmetrical to listener_main().