simplify ocsp sending using config_send_file while here add an explicit flush to avoid a fd rampage.

change config_send_file to take the process id as argument i.e. not hardcode PROC_SERVER

gencert: use secp384r1 prime256v1 should be perfectly fine for all I understand, but OpenBSD' acme-client uses secp384r1 and who am I to disagree :)

parse the config file only once Don't have all the processes read gmid.conf. The parent needs to do that, and the will send the config to the children (already happening.) The other processes were reading the config anyway to figure out the user and the chroot (if enabled); make the parent pass additional flag to propagate that info. We dissociate a bit from the "usual" proc.c but it's a change worth having.

move print_conf and make it take the config as argument

use fatal/fatalx instead of err/errx in daemon code

parse_conf: don't die on error, return -1 this avoids having the daemon dieing on SIGHUP with a bad config file.

don't have the config being a global

move hosts into the config struct

ignore and clean fcgi.sock

fcgi-test: be less verbose

re-establish fastcgi test

move fastcgi from global var to the config struct while here also make them a list rather than a fixed-size array.

fix sandbox_server_process it does the unveil(2)ing based on the first config, which breaks config-reloading.

rework fcgi-test so that it binds a local socket still not re-enabled.