rename functions in proc.c to proc_* and move some code from imsg_util.c to

proc.c.  this is the first sync to what i did for relayd but does not include
the multi-instance handling - so no functional change.

10 files changed, 183 insertions, 180 deletions

diff --git a/sbin/iked/ca.c b/sbin/iked/ca.c
index c010a97c9f3..5cebe3b377d 100644
--- a/sbin/iked/ca.c
+++ b/sbin/iked/ca.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ca.c,v 1.15 2011/05/05 12:59:31 reyk Exp $	*/
+/*	$OpenBSD: ca.c,v 1.16 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: ca.c,v 1.29 2010/06/02 12:22:58 reyk Exp $	*/
 
 /*
@@ -110,7 +110,7 @@ caproc(struct privsep *ps, struct privsep_proc *p)
 	if (ca_key_serialize(key, &store->ca_privkey) != 0)
 		fatalx("ca: failed to serialize private key");
 
-	return (run_proc(ps, p, procs, nitems(procs), ca_reset, store));
+	return (proc_run(ps, p, procs, nitems(procs), ca_reset, store));
 }
 
 void
@@ -230,7 +230,7 @@ ca_setcert(struct iked *env, struct iked_sahdr *sh, struct iked_id *id,
 	iov[iovcnt].iov_len = len;
 	iovcnt++;
 
-	if (imsg_composev_proc(env, procid, IMSG_CERT, -1, iov, iovcnt) == -1)
+	if (proc_composev_imsg(env, procid, IMSG_CERT, -1, iov, iovcnt) == -1)
 		return (-1);
 	return (0);
 }
@@ -271,7 +271,7 @@ ca_setreq(struct iked *env, struct iked_sahdr *sh,
 	iov[iovcnt].iov_len = len;
 	iovcnt++;
 
-	if (imsg_composev_proc(env, procid,
+	if (proc_composev_imsg(env, procid,
 	    IMSG_CERTREQ, -1, iov, iovcnt) == -1)
 		goto done;
 
@@ -308,7 +308,7 @@ ca_setauth(struct iked *env, struct iked_sa *sa,
 		log_debug("%s: auth length %d", __func__, ibuf_size(authmsg));
 	}
 
-	if (imsg_composev_proc(env, id, IMSG_AUTH, -1, iov, iovcnt) == -1)
+	if (proc_composev_imsg(env, id, IMSG_AUTH, -1, iov, iovcnt) == -1)
 		return (-1);
 	return (0);
 }
@@ -363,7 +363,7 @@ ca_getcert(struct iked *env, struct imsg *imsg)
 	iov[1].iov_base = &type;
 	iov[1].iov_len = sizeof(type);
 
-	if (imsg_composev_proc(env, PROC_IKEV2, cmd, -1, iov, iovcnt) == -1)
+	if (proc_composev_imsg(env, PROC_IKEV2, cmd, -1, iov, iovcnt) == -1)
 		return (-1);
 	return (0);
 }
@@ -598,7 +598,7 @@ ca_reload(struct iked *env)
 		    ibuf_length(env->sc_certreq) == SHA_DIGEST_LENGTH ?
 		    "" : "s");
 
-		(void)imsg_composev_proc(env, PROC_IKEV2, IMSG_CERTREQ, -1,
+		(void)proc_composev_imsg(env, PROC_IKEV2, IMSG_CERTREQ, -1,
 		    iov, iovcnt);
 	}
 
diff --git a/sbin/iked/config.c b/sbin/iked/config.c
index d83e95b5c08..f70d0c960c6 100644
--- a/sbin/iked/config.c
+++ b/sbin/iked/config.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: config.c,v 1.11 2011/05/05 12:17:10 reyk Exp $	*/
+/*	$OpenBSD: config.c,v 1.12 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: config.c,v 1.30 2010/05/28 15:34:35 reyk Exp $	*/
 
 /*
@@ -388,8 +388,8 @@ config_setcoupled(struct iked *env, u_int couple)
 	u_int	 type;
 
 	type = couple ? IMSG_CTL_COUPLE : IMSG_CTL_DECOUPLE;
-	imsg_compose_proc(env, PROC_IKEV1, type, -1, NULL, 0);
-	imsg_compose_proc(env, PROC_IKEV2, type, -1, NULL, 0);
+	proc_compose_imsg(env, PROC_IKEV1, type, -1, NULL, 0);
+	proc_compose_imsg(env, PROC_IKEV2, type, -1, NULL, 0);
 
 	return (0);
 }
@@ -407,8 +407,8 @@ config_setmode(struct iked *env, u_int passive)
 	u_int	 type;
 
 	type = passive ? IMSG_CTL_PASSIVE : IMSG_CTL_ACTIVE;
-	imsg_compose_proc(env, PROC_IKEV1, type, -1, NULL, 0);
-	imsg_compose_proc(env, PROC_IKEV2, type, -1, NULL, 0);
+	proc_compose_imsg(env, PROC_IKEV1, type, -1, NULL, 0);
+	proc_compose_imsg(env, PROC_IKEV2, type, -1, NULL, 0);
 
 	return (0);
 }
@@ -434,7 +434,7 @@ config_getmode(struct iked *env, u_int type)
 int
 config_setreset(struct iked *env, u_int mode, enum privsep_procid id)
 {
-	imsg_compose_proc(env, id, IMSG_CTL_RESET, -1, &mode, sizeof(mode));
+	proc_compose_imsg(env, id, IMSG_CTL_RESET, -1, &mode, sizeof(mode));
 	return (0);
 }
 
@@ -488,7 +488,7 @@ config_setsocket(struct iked *env, struct sockaddr_storage *ss,
 
 	if ((s = udp_bind((struct sockaddr *)ss, port)) == -1)
 		return (-1);
-	imsg_compose_proc(env, id, IMSG_UDP_SOCKET, s,
+	proc_compose_imsg(env, id, IMSG_UDP_SOCKET, s,
 	    ss, sizeof(*ss));
 	return (0);
 }
@@ -538,7 +538,7 @@ config_setpfkey(struct iked *env, enum privsep_procid id)
 
 	if ((s = pfkey_socket()) == -1)
 		return (-1);
-	imsg_compose_proc(env, id, IMSG_PFKEY_SOCKET, s, NULL, 0);
+	proc_compose_imsg(env, id, IMSG_PFKEY_SOCKET, s, NULL, 0);
 	return (0);
 }
 
@@ -558,7 +558,7 @@ config_setuser(struct iked *env, struct iked_user *usr, enum privsep_procid id)
 		return (0);
 	}
 
-	imsg_compose_proc(env, id, IMSG_CFG_USER, -1, usr, sizeof(*usr));
+	proc_compose_imsg(env, id, IMSG_CFG_USER, -1, usr, sizeof(*usr));
 	return (0);
 }
 
@@ -629,7 +629,7 @@ config_setpolicy(struct iked *env, struct iked_policy *pol,
 		return (0);
 	}
 
-	if (imsg_composev_proc(env, id, IMSG_CFG_POLICY, -1,
+	if (proc_composev_imsg(env, id, IMSG_CFG_POLICY, -1,
 	    iov, iovcnt) == -1)
 		return (-1);
 
@@ -708,7 +708,7 @@ config_setcompile(struct iked *env, enum privsep_procid id)
 	if (env->sc_opts & IKED_OPT_NOACTION)
 		return (0);
 
-	imsg_compose_proc(env, id, IMSG_COMPILE, -1, NULL, 0);
+	proc_compose_imsg(env, id, IMSG_COMPILE, -1, NULL, 0);
 	return (0);
 }
 
diff --git a/sbin/iked/control.c b/sbin/iked/control.c
index ade3f40fb50..bd76e7e8648 100644
--- a/sbin/iked/control.c
+++ b/sbin/iked/control.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.c,v 1.6 2011/05/05 12:55:52 reyk Exp $	*/
+/*	$OpenBSD: control.c,v 1.7 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: control.c,v 1.4 2010/05/14 07:35:52 reyk Exp $	*/
 
 /*
@@ -265,9 +265,9 @@ control_dispatch_imsg(int fd, short event, void *arg)
 			memcpy(&v, imsg.data, sizeof(v));
 			log_verbose(v);
 
-			imsg_forward_proc(env, &imsg, PROC_PARENT);
-			imsg_forward_proc(env, &imsg, PROC_IKEV2);
-			imsg_forward_proc(env, &imsg, PROC_IKEV1);
+			proc_forward_imsg(env, &imsg, PROC_PARENT);
+			proc_forward_imsg(env, &imsg, PROC_IKEV2);
+			proc_forward_imsg(env, &imsg, PROC_IKEV1);
 			break;
 		case IMSG_CTL_RELOAD:
 		case IMSG_CTL_RESET:
@@ -275,7 +275,7 @@ control_dispatch_imsg(int fd, short event, void *arg)
 		case IMSG_CTL_DECOUPLE:
 		case IMSG_CTL_ACTIVE:
 		case IMSG_CTL_PASSIVE:
-			imsg_forward_proc(env, &imsg, PROC_PARENT);
+			proc_forward_imsg(env, &imsg, PROC_PARENT);
 			break;
 		default:
 			log_debug("%s: error handling imsg %d",
diff --git a/sbin/iked/iked.c b/sbin/iked/iked.c
index 4afdc16a789..17e1362be90 100644
--- a/sbin/iked/iked.c
+++ b/sbin/iked/iked.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: iked.c,v 1.10 2011/05/05 12:55:52 reyk Exp $	*/
+/*	$OpenBSD: iked.c,v 1.11 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: iked.c,v 1.22 2010/06/02 14:43:30 reyk Exp $	*/
 
 /*
@@ -20,8 +20,8 @@
 #include <sys/param.h>
 #include <sys/types.h>
 #include <sys/queue.h>
-#include <sys/wait.h>
 #include <sys/socket.h>
+#include <sys/wait.h>
 #include <sys/uio.h>
 
 #include <net/if.h>
@@ -148,7 +148,7 @@ main(int argc, char *argv[])
 		err(1, "failed to daemonize");
 
 	group_init();
-	init_procs(ps, procs, nitems(procs));
+	proc_init(ps, procs, nitems(procs));
 
 	setproctitle("parent");
 
@@ -166,8 +166,7 @@ main(int argc, char *argv[])
 	signal_add(&ps->ps_evsighup, NULL);
 	signal_add(&ps->ps_evsigpipe, NULL);
 
-	config_pipes(ps, procs, nitems(procs));
-	config_procs(ps, procs, nitems(procs));
+	proc_config(ps, procs, nitems(procs));
 
 	if (parent_configure(env) == -1)
 		fatalx("configuration failed");
@@ -185,13 +184,13 @@ parent_configure(struct iked *env)
 	struct sockaddr_storage	 ss;
 
 	if (parse_config(env->sc_conffile, env) == -1) {
-		kill_procs(&env->sc_ps);
+		proc_kill(&env->sc_ps);
 		exit(1);
 	}
 
 	if (env->sc_opts & IKED_OPT_NOACTION) {
 		fprintf(stderr, "configuration OK\n");
-		kill_procs(&env->sc_ps);
+		proc_kill(&env->sc_ps);
 		exit(0);
 	}
 
@@ -357,8 +356,8 @@ parent_dispatch_ca(int fd, struct privsep_proc *p, struct imsg *imsg)
 	case IMSG_CTL_DECOUPLE:
 	case IMSG_CTL_ACTIVE:
 	case IMSG_CTL_PASSIVE:
-		imsg_compose_proc(env, PROC_IKEV1, type, -1, NULL, 0);
-		imsg_compose_proc(env, PROC_IKEV2, type, -1, NULL, 0);
+		proc_compose_imsg(env, PROC_IKEV1, type, -1, NULL, 0);
+		proc_compose_imsg(env, PROC_IKEV2, type, -1, NULL, 0);
 		break;
 	case IMSG_CTL_RELOAD:
 		if (IMSG_DATA_SIZE(imsg) > 0)
@@ -377,15 +376,7 @@ parent_dispatch_ca(int fd, struct privsep_proc *p, struct imsg *imsg)
 void
 parent_shutdown(struct iked *env)
 {
-	pid_t		 pid;
-	u_int		 i;
-
-	for (i = 0; i < PROC_MAX; i++)
-		kill(env->sc_ps.ps_pid[i], SIGTERM);
-
-	do {
-		pid = waitpid(WAIT_MYPGRP, NULL, 0);
-	} while (pid != -1 || (pid == -1 && errno == EINTR));
+	proc_kill(&env->sc_ps);
 
 	free(env);
 
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h
index 0918f4aa9e1..d82a15c317c 100644
--- a/sbin/iked/iked.h
+++ b/sbin/iked/iked.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: iked.h,v 1.40 2011/05/05 12:59:31 reyk Exp $	*/
+/*	$OpenBSD: iked.h,v 1.41 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: iked.h,v 1.61 2010/06/03 07:57:33 reyk Exp $	*/
 
 /*
@@ -741,16 +741,25 @@ void	 timer_register_initiator(struct iked *,
 void	 timer_unregister_initiator(struct iked *);
 
 /* proc.c */
-void	 init_procs(struct privsep *, struct privsep_proc *, u_int);
-void	 kill_procs(struct privsep *);
-void	 init_pipes(struct privsep *);
-void	 config_pipes(struct privsep *, struct privsep_proc *, u_int);
-void	 config_procs(struct privsep *, struct privsep_proc *, u_int);
-void	 purge_config(struct privsep *, u_int8_t);
-void	 dispatch_proc(int, short event, void *);
-pid_t	 run_proc(struct privsep *, struct privsep_proc *,
+void	 proc_init(struct privsep *, struct privsep_proc *, u_int);
+void	 proc_kill(struct privsep *);
+void	 proc_config(struct privsep *, struct privsep_proc *, u_int);
+void	 proc_dispatch(int, short event, void *);
+pid_t	 proc_run(struct privsep *, struct privsep_proc *,
 	    struct privsep_proc *, u_int,
 	    void (*)(struct privsep *, void *), void *);
+void	 imsg_event_add(struct imsgev *);
+int	 imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t,
+	    pid_t, int, void *, u_int16_t);
+int	 imsg_composev_event(struct imsgev *, u_int16_t, u_int32_t,
+	    pid_t, int, const struct iovec *, int);
+int	 proc_compose_imsg(struct iked *, enum privsep_procid,
+	    u_int16_t, int, void *, u_int16_t);
+int	 proc_composev_imsg(struct iked *, enum privsep_procid,
+	    u_int16_t, int, const struct iovec *, int);
+int	 proc_forward_imsg(struct iked *, struct imsg *,
+	    enum privsep_procid);
+void	 proc_flush_imsg(struct iked *, enum privsep_procid);
 
 /* util.c */
 void	 socket_set_blockmode(int, enum blockmodes);
@@ -786,18 +795,6 @@ int	 expand_string(char *, size_t, const char *, const char *);
 u_int8_t *string2unicode(const char *, size_t *);
 
 /* imsg_util.c */
-void	 imsg_event_add(struct imsgev *);
-int	 imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t,
-	    pid_t, int, void *, u_int16_t);
-int	 imsg_composev_event(struct imsgev *, u_int16_t, u_int32_t,
-	    pid_t, int, const struct iovec *, int);
-int	 imsg_compose_proc(struct iked *, enum privsep_procid,
-	    u_int16_t, int, void *, u_int16_t);
-int	 imsg_composev_proc(struct iked *, enum privsep_procid,
-	    u_int16_t, int, const struct iovec *, int);
-int	 imsg_forward_proc(struct iked *, struct imsg *,
-	    enum privsep_procid);
-void	 imsg_flush_proc(struct iked *, enum privsep_procid);
 struct ibuf *
 	 ibuf_new(void *, size_t);
 struct ibuf *
diff --git a/sbin/iked/ikev1.c b/sbin/iked/ikev1.c
index 97562b7cdd7..c4df0d8e2dc 100644
--- a/sbin/iked/ikev1.c
+++ b/sbin/iked/ikev1.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev1.c,v 1.9 2011/05/05 12:59:31 reyk Exp $	*/
+/*	$OpenBSD: ikev1.c,v 1.10 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: ikev1.c,v 1.13 2010/05/28 15:34:35 reyk Exp $	*/
 
 /*
@@ -60,7 +60,7 @@ static struct privsep_proc procs[] = {
 pid_t
 ikev1(struct privsep *ps, struct privsep_proc *p)
 {
-	return (run_proc(ps, p, procs, nitems(procs), NULL, NULL));
+	return (proc_run(ps, p, procs, nitems(procs), NULL, NULL));
 }
 
 int
@@ -160,7 +160,7 @@ ikev1_msg_cb(int fd, short event, void *arg)
 		iov[1].iov_base = buf;
 		iov[1].iov_len = len;
 
-		imsg_composev_proc(env, PROC_IKEV2, IMSG_IKE_MESSAGE, -1,
+		proc_composev_imsg(env, PROC_IKEV2, IMSG_IKE_MESSAGE, -1,
 		    iov, 2);
 		goto done;
 	}
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index d7f565f3e0f..00b2f27db06 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2.c,v 1.54 2011/05/05 12:59:31 reyk Exp $	*/
+/*	$OpenBSD: ikev2.c,v 1.55 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $	*/
 
 /*
@@ -109,7 +109,7 @@ static struct privsep_proc procs[] = {
 pid_t
 ikev2(struct privsep *ps, struct privsep_proc *p)
 {
-	return (run_proc(ps, p, procs, nitems(procs), NULL, NULL));
+	return (proc_run(ps, p, procs, nitems(procs), NULL, NULL));
 }
 
 int
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c
index 7834be9b384..bf5903ab08d 100644
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2_msg.c,v 1.11 2011/01/21 12:37:28 reyk Exp $	*/
+/*	$OpenBSD: ikev2_msg.c,v 1.12 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $	*/
 
 /*
@@ -95,7 +95,7 @@ ikev2_msg_cb(int fd, short event, void *arg)
 		iov[1].iov_base = buf;
 		iov[1].iov_len = len;
 
-		imsg_composev_proc(env, PROC_IKEV1, IMSG_IKE_MESSAGE, -1,
+		proc_composev_imsg(env, PROC_IKEV1, IMSG_IKE_MESSAGE, -1,
 		    iov, 2);
 		goto done;
 	}
diff --git a/sbin/iked/imsg_util.c b/sbin/iked/imsg_util.c
index a5e311322cb..36be7eea9ac 100644
--- a/sbin/iked/imsg_util.c
+++ b/sbin/iked/imsg_util.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: imsg_util.c,v 1.3 2011/05/05 12:55:52 reyk Exp $	*/
+/*	$OpenBSD: imsg_util.c,v 1.4 2011/05/09 11:15:18 reyk Exp $	*/
 
 /*
  * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net>
@@ -39,80 +39,6 @@
 #include <event.h>
 
 #include "iked.h"
-#include "ikev2.h"
-
-void
-imsg_event_add(struct imsgev *iev)
-{
-	if (iev->handler == NULL) {
-		imsg_flush(&iev->ibuf);
-		return;
-	}
-
-	iev->events = EV_READ;
-	if (iev->ibuf.w.queued)
-		iev->events |= EV_WRITE;
-
-	event_del(&iev->ev);
-	event_set(&iev->ev, iev->ibuf.fd, iev->events, iev->handler, iev->data);
-	event_add(&iev->ev, NULL);
-}
-
-int
-imsg_compose_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid,
-    pid_t pid, int fd, void *data, u_int16_t datalen)
-{
-	int	ret;
-
-	if ((ret = imsg_compose(&iev->ibuf, type, peerid,
-	    pid, fd, data, datalen)) == -1)
-		return (ret);
-	imsg_event_add(iev);
-	return (ret);
-}
-
-int
-imsg_composev_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid,
-    pid_t pid, int fd, const struct iovec *iov, int iovcnt)
-{
-	int	ret;
-
-	if ((ret = imsg_composev(&iev->ibuf, type, peerid,
-	    pid, fd, iov, iovcnt)) == -1)
-		return (ret);
-	imsg_event_add(iev);
-	return (ret);
-}
-
-int
-imsg_compose_proc(struct iked *env, enum privsep_procid id,
-    u_int16_t type, int fd, void *data, u_int16_t datalen)
-{
-	return (imsg_compose_event(&env->sc_ps.ps_ievs[id],
-	    type, -1, 0, fd, data, datalen));
-}
-
-int
-imsg_composev_proc(struct iked *env, enum privsep_procid id,
-    u_int16_t type, int fd, const struct iovec *iov, int iovcnt)
-{
-	return (imsg_composev_event(&env->sc_ps.ps_ievs[id],
-	    type, -1, 0, fd, iov, iovcnt));
-}
-
-int
-imsg_forward_proc(struct iked *env, struct imsg *imsg,
-    enum privsep_procid id)
-{
-	return (imsg_compose_proc(env, id, imsg->hdr.type,
-	    imsg->fd, imsg->data, IMSG_DATA_SIZE(imsg)));
-}
-
-void
-imsg_flush_proc(struct iked *env, enum privsep_procid id)
-{
-	imsg_flush(&env->sc_ps.ps_ievs[id].ibuf);
-}
 
 /*
  * Extending the imsg buffer API for internal use
diff --git a/sbin/iked/proc.c b/sbin/iked/proc.c
index ce788956172..6514b6c7189 100644
--- a/sbin/iked/proc.c
+++ b/sbin/iked/proc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: proc.c,v 1.5 2011/05/05 12:59:31 reyk Exp $	*/
+/*	$OpenBSD: proc.c,v 1.6 2011/05/09 11:15:18 reyk Exp $	*/
 /*	$vantronix: proc.c,v 1.11 2010/06/01 16:45:56 jsg Exp $	*/
 
 /*
@@ -22,6 +22,7 @@
 #include <sys/queue.h>
 #include <sys/tree.h>
 #include <sys/param.h>
+#include <sys/wait.h>
 #include <sys/socket.h>
 
 #include <stdio.h>
@@ -37,17 +38,25 @@
 
 #include "iked.h"
 
+void	 proc_setup(struct privsep *);
 void	 proc_shutdown(struct privsep_proc *);
 void	 proc_sig_handler(int, short, void *);
 
 void
-init_procs(struct privsep *ps, struct privsep_proc *p, u_int nproc)
+proc_init(struct privsep *ps, struct privsep_proc *p, u_int nproc)
 {
 	u_int	 i;
 
+	/*
+	 * Called from parent
+	 */
 	privsep_process = PROC_PARENT;
-	init_pipes(ps);
+	ps->ps_title[PROC_PARENT] = "parent";
+	ps->ps_pid[PROC_PARENT] = getpid();
+
+	proc_setup(ps);
 
+	/* Engage! */
 	for (i = 0; i < nproc; i++, p++) {
 		ps->ps_title[p->p_id] = p->p_title;
 		ps->ps_pid[p->p_id] = (*p->p_init)(ps, p);
@@ -55,9 +64,10 @@ init_procs(struct privsep *ps, struct privsep_proc *p, u_int nproc)
 }
 
 void
-kill_procs(struct privsep *ps)
+proc_kill(struct privsep *ps)
 {
-	u_int	 i;
+	pid_t		 pid;
+	u_int		 i;
 
 	if (privsep_process != PROC_PARENT)
 		return;
@@ -67,20 +77,24 @@ kill_procs(struct privsep *ps)
 			continue;
 		kill(ps->ps_pid[i], SIGTERM);
 	}
+
+	do {
+		pid = waitpid(WAIT_ANY, NULL, 0);
+	} while (pid != -1 || (pid == -1 && errno == EINTR));
 }
 
 void
-init_pipes(struct privsep *ps)
+proc_setup(struct privsep *ps)
 {
-	int	 i, j, fds[2];
+	int	 i, j, sockpair[2];
 
 	for (i = 0; i < PROC_MAX; i++)
 		for (j = 0; j < PROC_MAX; j++) {
 			if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC,
-			    fds) == -1)
-				fatal("socketpair");
-			ps->ps_pipes[i][j] = fds[0];
-			ps->ps_pipes[j][i] = fds[1];
+			    sockpair) == -1)
+				fatal("sockpair");
+			ps->ps_pipes[i][j] = sockpair[0];
+			ps->ps_pipes[j][i] = sockpair[1];
 			socket_set_blockmode(ps->ps_pipes[i][j],
 			    BM_NONBLOCK);
 			socket_set_blockmode(ps->ps_pipes[j][i],
@@ -89,10 +103,15 @@ init_pipes(struct privsep *ps)
 }
 
 void
-config_pipes(struct privsep *ps, struct privsep_proc *p, u_int nproc)
+proc_config(struct privsep *ps, struct privsep_proc *p, u_int nproc)
 {
-	u_int	 i, j, k, found;
+	u_int	 src, dst, i, j, k, found;
 
+	src = privsep_process;
+
+	/*
+	 * close unused pipes
+	 */
 	for (i = 0; i < PROC_MAX; i++) {
 		if (i != privsep_process) {
 			for (j = 0; j < PROC_MAX; j++) {
@@ -112,25 +131,18 @@ config_pipes(struct privsep *ps, struct privsep_proc *p, u_int nproc)
 			}
 		}
 	}
-}
-
-void
-config_procs(struct privsep *ps, struct privsep_proc *p, u_int nproc)
-{
-	u_int	src, dst, i;
 
 	/*
 	 * listen on appropriate pipes
 	 */
 	for (i = 0; i < nproc; i++, p++) {
-		src = privsep_process;
 		dst = p->p_id;
 		p->p_ps = ps;
 		p->p_env = ps->ps_env;
 
 		imsg_init(&ps->ps_ievs[dst].ibuf,
 		    ps->ps_pipes[src][dst]);
-		ps->ps_ievs[dst].handler = dispatch_proc;
+		ps->ps_ievs[dst].handler = proc_dispatch;
 		ps->ps_ievs[dst].events = EV_READ;
 		ps->ps_ievs[dst].data = p;
 		ps->ps_ievs[dst].name = p->p_title;
@@ -158,10 +170,12 @@ proc_shutdown(struct privsep_proc *p)
 void
 proc_sig_handler(int sig, short event, void *arg)
 {
+	struct privsep_proc	*p = arg;
+
 	switch (sig) {
 	case SIGINT:
 	case SIGTERM:
-		proc_shutdown((struct privsep_proc *)arg);
+		proc_shutdown(p);
 		break;
 	case SIGCHLD:
 	case SIGHUP:
@@ -175,7 +189,7 @@ proc_sig_handler(int sig, short event, void *arg)
 }
 
 pid_t
-run_proc(struct privsep *ps, struct privsep_proc *p,
+proc_run(struct privsep *ps, struct privsep_proc *p,
     struct privsep_proc *procs, u_int nproc,
     void (*init)(struct privsep *, void *), void *arg)
 {
@@ -186,7 +200,7 @@ run_proc(struct privsep *ps, struct privsep_proc *p,
 
 	switch (pid = fork()) {
 	case -1:
-		fatal("run_proc: cannot fork");
+		fatal("proc_run: cannot fork");
 	case 0:
 		break;
 	default:
@@ -208,27 +222,28 @@ run_proc(struct privsep *ps, struct privsep_proc *p,
 
 #ifndef DEBUG
 	if (chroot(root) == -1)
-		fatal("run_proc: chroot");
+		fatal("proc_run: chroot");
 	if (chdir("/") == -1)
-		fatal("run_proc: chdir(\"/\")");
+		fatal("proc_run: chdir(\"/\")");
 #else
 #warning disabling privilege revocation and chroot in DEBUG MODE
 	if (p->p_chroot != NULL) {
 		if (chroot(root) == -1)
-			fatal("run_proc: chroot");
+			fatal("proc_run: chroot");
 		if (chdir("/") == -1)
-			fatal("run_proc: chdir(\"/\")");
+			fatal("proc_run: chdir(\"/\")");
 	}
 #endif
 
 	privsep_process = p->p_id;
+
 	setproctitle("%s", p->p_title);
 
 #ifndef DEBUG
 	if (setgroups(1, &pw->pw_gid) ||
 	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
 	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
-		fatal("run_proc: cannot drop privileges");
+		fatal("proc_run: cannot drop privileges");
 #endif
 
 	event_init();
@@ -245,8 +260,7 @@ run_proc(struct privsep *ps, struct privsep_proc *p,
 	signal_add(&ps->ps_evsighup, NULL);
 	signal_add(&ps->ps_evsigpipe, NULL);
 
-	config_pipes(ps, procs, nproc);
-	config_procs(ps, procs, nproc);
+	proc_config(ps, procs, nproc);
 
 	arc4random_buf(seed, sizeof(seed));
 	RAND_seed(seed, sizeof(seed));
@@ -268,7 +282,7 @@ run_proc(struct privsep *ps, struct privsep_proc *p,
 }
 
 void
-dispatch_proc(int fd, short event, void *arg)
+proc_dispatch(int fd, short event, void *arg)
 {
 	struct privsep_proc	*p = (struct privsep_proc *)arg;
 	struct privsep		*ps = p->p_ps;
@@ -277,13 +291,15 @@ dispatch_proc(int fd, short event, void *arg)
 	struct imsg		 imsg;
 	ssize_t			 n;
 	int			 verbose;
+	const char		*title;
 
+	title = ps->ps_title[privsep_process];
 	iev = &ps->ps_ievs[p->p_id];
 	ibuf = &iev->ibuf;
 
 	if (event & EV_READ) {
 		if ((n = imsg_read(ibuf)) == -1)
-			fatal(p->p_title);
+			fatal(title);
 		if (n == 0) {
 			/* this pipe is dead, so remove the event handler */
 			event_del(&iev->ev);
@@ -294,12 +310,12 @@ dispatch_proc(int fd, short event, void *arg)
 
 	if (event & EV_WRITE) {
 		if (msgbuf_write(&ibuf->w) == -1)
-			fatal(p->p_title);
+			fatal(title);
 	}
 
 	for (;;) {
 		if ((n = imsg_get(ibuf, &imsg)) == -1)
-			fatal(p->p_title);
+			fatal(title);
 		if (n == 0)
 			break;
 
@@ -325,9 +341,82 @@ dispatch_proc(int fd, short event, void *arg)
 		default:
 			log_warnx("%s: %s got imsg %d", __func__, p->p_title,
 			    imsg.hdr.type);
-			fatalx(p->p_title);
+			fatalx(title);
 		}
 		imsg_free(&imsg);
 	}
 	imsg_event_add(iev);
 }
+
+void
+imsg_event_add(struct imsgev *iev)
+{
+	if (iev->handler == NULL) {
+		imsg_flush(&iev->ibuf);
+		return;
+	}
+
+	iev->events = EV_READ;
+	if (iev->ibuf.w.queued)
+		iev->events |= EV_WRITE;
+
+	event_del(&iev->ev);
+	event_set(&iev->ev, iev->ibuf.fd, iev->events, iev->handler, iev->data);
+	event_add(&iev->ev, NULL);
+}
+
+int
+imsg_compose_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid,
+    pid_t pid, int fd, void *data, u_int16_t datalen)
+{
+	int	ret;
+
+	if ((ret = imsg_compose(&iev->ibuf, type, peerid,
+	    pid, fd, data, datalen)) == -1)
+		return (ret);
+	imsg_event_add(iev);
+	return (ret);
+}
+
+int
+imsg_composev_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid,
+    pid_t pid, int fd, const struct iovec *iov, int iovcnt)
+{
+	int	ret;
+
+	if ((ret = imsg_composev(&iev->ibuf, type, peerid,
+	    pid, fd, iov, iovcnt)) == -1)
+		return (ret);
+	imsg_event_add(iev);
+	return (ret);
+}
+
+int
+proc_compose_imsg(struct iked *env, enum privsep_procid id,
+    u_int16_t type, int fd, void *data, u_int16_t datalen)
+{
+	return (imsg_compose_event(&env->sc_ps.ps_ievs[id],
+	    type, -1, 0, fd, data, datalen));
+}
+
+int
+proc_composev_imsg(struct iked *env, enum privsep_procid id,
+    u_int16_t type, int fd, const struct iovec *iov, int iovcnt)
+{
+	return (imsg_composev_event(&env->sc_ps.ps_ievs[id],
+	    type, -1, 0, fd, iov, iovcnt));
+}
+
+int
+proc_forward_imsg(struct iked *env, struct imsg *imsg,
+    enum privsep_procid id)
+{
+	return (proc_compose_imsg(env, id, imsg->hdr.type,
+	    imsg->fd, imsg->data, IMSG_DATA_SIZE(imsg)));
+}
+
+void
+proc_flush_imsg(struct iked *env, enum privsep_procid id)
+{
+	imsg_flush(&env->sc_ps.ps_ievs[id].ibuf);
+}