Some more robust error handling. Now, nothing in the main loop calls
croak(). Instead, the client is dropped, and an error is logged. If we get too many errors (10), we bail. But, if we go a while without getting any errors (60 seconds), we reset the error count. This is so that if we have any bugs (or the node is just totally fubared), we'll exit, but long-running daemons won't just accumulate the error counter forever. Also, handle a rare (but, on plab, who knows!) DOS-type condition with blocking accept() noted in Stevens.
Showing with 143 additions and 14 deletions