No change in functionality, just code comprehension

uncrustify nl_split_if_one_liner setting

... using uncrustify mod_paren_on_return config

White-space changes only, exception being the rare insertion of NL before
closing brace (couldn't find the option to disable that behavior).

I excluded some header files (e.g. sbbs.h) since uncrustify seemed to be doing
more harm than good there. I might just end up applying different set of rules
to .h files.

getnodedat() now performs a non-locked read by default.

Perform more checks of getnodedat() return value before calling putnodedat()
to avoid unintentionally zeroing out node.dab records.

Add/use unlocknodedat() method for unlocking a node.dab record without
writing.

Note: The userdat.c getnodedat() and putnodedat() still return int (i.e. 0 on
success), so that can be confusing.

Vertrauen's FTP server gets abused by QWKnet logins sometimes and handling
the race conditions around QWK packet creation attempts is silly - there's
no legit reason why a QWKnet account needs to be logged-in multiple times
concurrently to the hub's FTP server, so reject the subsequent logins even
when they're on different hosts (as is the case with Vertrauen).

As part of this change:
- fmutex() now takes an new time_t* argument to (optionally) store the
  time of the mutex file for helping logging (locked since when?).
- time_as_hhmm() created to format a string as either HH:MM or HH:MM[a|p]
  (depending on system configuration for 12 or 24 hour time formatting).
- renamed the old hhmmtostr ()to tm_as_hhmm() (since it takes a struct tm arg)
  and have it return a non-padded string (useful in more situations without
  requiring truncation) when the sysop prefers 24-hour time.

Trying to get to the bottom of user.tab corruption (issue #797).

Fix observed crash when shutting down services server where the client_t
protocol was pointing to a freed service's protocol description string.

This was the last pointer in client_t and should resolve the last race
conditions (memory ownership issues) with its data members.

This also resolves a small memory leak in getnodeclient() where the last
client "gotten" would have its heap-duplicated protocol string leaked.

Because the session is activated on the *next* time through the
loop, if the third attempt to authenticate (including public key)
fails, it would leave the session inactive and fail to log in with
a confusing error about an obsolete cryptlib.

On success, decrement ssh_failed to ensure another pass through
the loop.

Also, add more debug logging around the auth so you can clearly
see each failure, and log client_socket each time so it's clearly
grouped.

Allow SFTP support to be enabled/configured in SCFG->Servers and
SBBSCTRL->Terminal->Configure.

SFTP session inactivity applies to 'H' exempt users too (intentionally).

Q for Deuce: record_transfer() is being called multiple times for non-filebase
file transfers, resulting in duplicate log messages. This doesn't happen for
filebase file transfer (downloads, anyway).

For SFTP sessions, there's no shell/terminal, so no need to run command
shells (with their input timeouts, etc.). Reflect the node connection as
"via sftp" in the node status. Handle node interruption signal. Probably more
to do here with node status/actions (e.g. it'd be nice to set the action to
"uploading or "downloading" when appropriate).

See sbbs_t::logon() for example

Note: the client.protocol is still "SSH" here (not "SFTP"). Perhaps that
should be changed?

Does any client actually support simultaneous "SSH" and "SFTP" sessions over
the same socket?

If there's an error setting the channel or getting the channel
type, give up on the session immediately.

In this case, just accept whatever we get info on as the "first" one.

Likely fixes #728

If the SSH_ANYAUTH option is set, the server will accept the "none"
authentication method, and not even suggest the client send a
password or public key.

The client must still send a user ID, but we just ignore it
completely and don't even log it.

This blindly accepts whatever authentication the remote offers, but
does not log into the BBS, dropping the user at the login prompt
instead.

Closes #726

You're welcome Keyop.

The other 500 times are implied.

Don't corrupt UTF-8 strings with SAFECOPY() (use new SAFECOPY_UTF8).

Some terminals (notably, Windows Terminal) display zero width UNICODE chars
as a single column-wide space. <sigh> Auto-detect the zero-width "width"
(1 or 0) of the terminal during connection and UTF-8 auto-detection.

getstr() works a lot better now with UTF-8 strings with wide chars (e.g.
emojis), but likely much more to do.

handler it.

Previously, once a pubkey was attempted, you could not use a password.

328:25: warning: ‘pubkey’ may be used uninitialized

Just running git commit --amend doesn't do -a it seems. :)

This should fix a long-standing issue where someone could connect to
the SSH port and do nothing, which would prevent other incoming
terminal sessions from being accepted until it times out.

Unfortunately, this means that Synchronet can't send any data until
authentication is completed, which means useful messages about why
you're being disconnected (ie: "Sorry, all terminal nodes are in use or otherwise unavailable.")
as well as usless information nobody ever cares about (ie: The IP
you're connecting from, that it is resolving your hostname, etc).
can no longer be sent to the user.

comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]

SSH channels, I noticed that I hand't ever finished the terminal
type/size "stuff", and while fixing that, I noticed that the hack
for SyncTERM was done wrong.

Fix the whole thing, and now Synchronet and SyncTERM both properly
support terminal type and size over SSH.  It also looks trivial to
support the SSH window size change message, but I'm not doing that
tonight.

Unfortunately, this is a patch on a patch, so is a bit fragile.
It should really have the patches merged at some point.

- New keys in [BBS] section of sbbs.ini:
  MaxLoginInactivity (default: 10 minutes)
  MaxNewUserInactivity (default: 60 minutes)
  MaxSessionInactivity (default: none/unlimited)
- Each configured external program/door in SCFG can have its own maximum inactivity setting (or else the session max inactivity is applied)
- moved node-specific sec_hangup to system-wide/shared max_getkey_inactivity (configured in SCFG->System->Advanced)
- moved node-specific sec_warn (seconds of inactivity before sending warning) to inactivity_warn (a percentage of elapsed max inactivity before sending warning), also configured in SCFG->System->Advanced and used for both socket and getkey inactivity detection
- Renamed JS console.inactivity_hangup to console.max_getkey_inactivity (old name remains as alias)
- Renamed JS console.timeout to console.last_getkey_activity (old name remains as alias)
- Removed JS console.inactivity_warning
- Added JS console.max_socket_inactivity (current input_thread inactivity threshold)
- New text.dat string: InactivityAlert (just contains 3 ^G/BELLs by default) used for non-visual inactive-user warning

The MaxLoginInactivity setting in particular solves the problem of custom scripts (e.g. animated pause prompts) that just poll indefinitely for user input and never time-out  - these will no longer cause nodes to be tied-up with inactive/bot users at login.

You may ask yourself, how did I get here? No, you may ask yourself: why configure these socket inactivity max values in sbbs.ini? The reason is consistency: sbbs.ini is where the MaxInactivity is configured for all the other TCP servers and services.

This fixes issue #534 for Krueger in #synchronet

Mostly [s]printf format fixups