don't have the config being a global

rework the daemon to do fork+exec It uses the 'common' proc.c from various OpenBSD-daemons. gmid grew organically bit by bit and it was also the first place where I tried to implement privsep. It wasn't done very well, in fact the parent process (that retains root privileges) just fork()s a generation of servers, all sharing *exactly* the same address space. No good! Now, we fork() and re-exec() ourselves, so that each process has a fresh address space. Some features (require client ca for example) are temporarly disabled, will be fixed in subsequent commits. The "ge" program is also temporarly disabled as it needs tweaks to do privsep too.

rename PROC_MAX to PREFORK_MAX

const-ify some tables matches found with % grep -R '=[ ]*{' . | fgrep -v const

move all sandbox-related code to sandbox.c while there, add capsicum for the logger process

refactoring: imsg everywhere use imsg to handle ALL kinds of IPC in gmid. This simplifies and shorten the code, and makes everything more uniform too.

sync global variables

define conf in the test program, not in puny.c

parse_err is a const pointer

fix puny-test build

use starts_with in puny.c

const-ify puny_decode (and add puny.c)

initial punycode support