rework the daemon to do fork+exec

It uses the 'common' proc.c from various OpenBSD-daemons.

gmid grew organically bit by bit and it was also the first place where I
tried to implement privsep.  It wasn't done very well, in fact the
parent process (that retains root privileges) just fork()s a generation
of servers, all sharing *exactly* the same address space.  No good!

Now, we fork() and re-exec() ourselves, so that each process has a fresh
address space.

Some features (require client ca for example) are temporarly disabled,
will be fixed in subsequent commits.  The "ge" program is also
temporarly disabled as it needs tweaks to do privsep too.

2 files changed, 5 insertions, 4 deletions

diff --git a/regress/puny-test.c b/regress/puny-test.c
index 52b18c6..f3dfbd2 100644
--- a/regress/puny-test.c
+++ b/regress/puny-test.c
@@ -21,7 +21,6 @@
 
 /* to make the linker happy */
 struct conf conf;
-struct imsgbuf logibuf, servibuf[PREFORK_MAX];
 
 const struct suite {
 	const char	*src;
diff --git a/regress/regress b/regress/regress
index 63d99ac..f89b353 100755
--- a/regress/regress
+++ b/regress/regress
@@ -31,7 +31,7 @@ if [ "${SKIP_RUNTIME_TESTS:-0}" -eq 1 ]; then
 fi
 
 # Run regression tests for the ge binary.
-run_test test_ge
+#run_test test_ge		XXX
 
 # Run regression tests for the gmid binary.
 run_test test_static_files
@@ -47,14 +47,16 @@ run_test test_custom_index_default_type_per_location
 run_test test_auto_index
 run_test test_block
 run_test test_block_return_fmt
-run_test test_require_client_ca
+# run_test test_require_client_ca # XXX: needs to be readded
 run_test test_root_inside_location
 run_test test_root_inside_location_with_redirect
 # run_test test_fastcgi		XXX: needs to be fixed
 run_test test_macro_expansion
 run_test test_proxy_relay_to
-run_test test_proxy_with_certs
+# run_test test_proxy_with_certs# XXX: needs to be readded
 # run_test test_unknown_host	# XXX: breaks on some distro
 run_test test_include_mime
 
+# TODO: add test that uses only a TLSv1.2 or TLSv1.3
+
 tests_done