This is purely to shut up Coverity since there's no way the value
could be outside the range.

Coverity seems to hate it mostly in the mutex, so change it to
mostly outside of the mutex and see if that's fine.

It doesn't really matter where it's changed as it's an atomic bool.

We don't want ch == -2 derping through the rest of the loop.
Luckily, ch is never currently == -2 as far as I know.

Initially set 1MB as the max macro size.  I can't imagine wanting
one bigger than this, but I can bump it up if needed.

This likely fixes a vulerability where the BBS could at least crash
SyncTERM, and at most take control of the users system.  This
likely isn't the only place that needs bounds checks like this.

If a write() to the sound device fails (for example USB device goes
away), this would loop forever (in it's own thread and whatnot,
so you only notice because sounds stops and a core gets used up).

Not that there's any need to, it appears that it was written for
the web server, then discarded for that purpose and now is only
called from the JS Socket.sendfile() method, which always passes
NULL and 0 for the last two parameters, and has a copy/pasted
implementation for TLS sockets.  The only consumer of that in
the tree appears to be gopher_service.js.

It was apparently to use as a wrapper for the high-performance
FreeBSD sendfile(), but that code behaved differently than all
the other platforms, and was disabled (behind USE_SENDFILE, which
isn't defined anywhere).

This should really just be folded into either js_socket_sendfilesocket()
or js_sendfile() with the extra knobs broken off and all the TODO
comments I'm adding here addressed.

Though, since Socket.sendfile() returns a bool where true indicates
that either the size of the file at the start of the function
was sent, or an EOF was reached, and false indicates that
"something else happened", some of the TODO comments don't really
need to be addressed.

Basically, this is a crap function and it's only used by an even
more crap JS wrapper, it should be tucked into a backward
compatibility function, removed from the JSDocs, and forgotten
about.

If Coverity keeps complaining about this, I'll wait until after
the next release and drag this out back and shoot it.  Otherwise,
I'll just forget it ever existed.

This may be the first time in my life that I've used difftime()...
which is strictly one of only two things you're actually allowed
to do with a time_t per the C standard (the other is convert into
a broken-down time).

This reverts commit 9b2c9c08.

Don't need this now that we use the property sheet method

This is the (better) way. See, Deuce knows the coolness of property sheets!

To get proper high DPI scaling and such

This reverts commit cb710acf.

This is not the way.

When passed values between (-1 and -59), this function would output something
nonsensical like: "UTC0:01" or "UTC0:59". Now we'll make sure there's a minus
sign in these conditions (e.g. "UTC-0:01" and "UTC-0:59").

This isn't doing what I want, but maybe Deuce can help look at the artifact
from the build pipeline and offer suggestions.

Also, change the shell order a little

If the timezone is set to automatic and it's not a new install, don't display
"UTC0:01" as the time zone (that's weird), display "Automatic (UTC[+/-]HH:MM)"
instead.

When changing the system password via this config wizard, the cryptlib.key
and ssl.cert files, if they exist, will be invalid, so delete them.

See issue #854 for details

Most of these shells (their menu/display files really) require a terminal at
least 80 columns wide to look/work right.

warning C4244: 'return': conversion from 'uint64_t' to 'unsigned int',
possible loss of data

... especially when it's already beeen installed

This'll keep your ip.can and spamblock.cfg files maintained.

This is that rare case where a Coverity fix makes the code more
obvious and shorter.

This ones does require SSIZE_MAX... so let's see what the pipes say...

These are either correct and trivial to fix, or false positives,
but fixing is easy enough that it's not a problem.

While it's only been around for about 18 years, I'll assume that
anyone updating the exec directory has updated Synchronet as well.

(user_t.misc, User.settings), when enabling auto-terminal detection. This is
similar to what we do in logon.cpp already:

	useron.misc |= (AUTOTERM | autoterm);

We used to have this logic in useredit.cpp, but was removed in commit
8a71ab16, probably due to editing offline users (e.g. in ;uedit sysop
comand). So just do the copy of autoterm flags when editing the *current*
(online) user. This likely addresses the original concern in that commit.

And it fixes issue #853, thanks to Deuce for root-causing

... since that puts us back into VGA tall-font mode

Each app can have its own config file as well (e.g. ctrl/scfg.ini)

We're just converting/upgrading this file (to time.ini), so don't log an error
(reading) if/when the file doesn't exist.