I've got a weird vibe about this imsg request being IMSG_SOCKET_CLOSE,
which looks too close to close().

The way things work is with IMSG_SOCKET_CONN the speaker asks the master
(who sets up ipsec-or-md5-network configuration, then provides a socket fd,
but closes this fd in the master itself), then the speaker moves data, and
eventually the speaker calls [the only] close() on the fd, and tells the
the master to deconfigure the ipsec-or-md5-network configuration.  This
operation is being called IMSG_SOCKET_CLOSE.

Well, isn't actually a close (the imsg receiver does not have a copy of
the fd).

I just find the names IMSG_SOCKET_CONN and IMSG_SOCKET_CLOSE a bit weird.