than hard-code to 60 chars - better support for wide terminals.
Write the newly-defined "3rd line" (editor details) to the result.ed file
(this is used by latest sbbs for EDITOR msg header field).
Always write the result.ed file when creating a message, even if the subject
was not changed. "edit_top==5" is a strange way to determine that you're
editing a message, but okay...

Full editor name and version details (up to 127 chars), for use in the EDITOR
msg header field which is propagated over QWK networks.
From what I could find, the WWIV RESULT.ED file format only ever contained 2
lines:
<Anonymous: 0/1>
<subject>

So adding support for an optional 3rd line should be fine and backwards
compatible. Hopefully WWIV or its message editors don't define a different
"standard" 3rd line in the future. :-)

get_file_diz() was reading the contents of the DIZ/SDI file into a local
variable and not returning it or writing to the database. Poof!
Also, read the existing extended description if there is one, when updating
existing files.

The max_paragraph* settings introduced by mcmlxxix in 1.34 would break
the bot for anyone who updated without adding these keys to ircbot.ini.
(max_paragraph_length was NaN, breaking String.slice in Server_writeout
of ircbot_functions.js.)

Visual Studio 2017 - Windows XP (v141_xp) toolset

Visual Studio 2017 - Windows XP (v141_xp) toolset

Added per-user JSON files:
- Tracks which messages they've viewed
- Tracks the time when they last read a file bulletin
Added 'newOnly' key to root of bullshit.ini.  If true:
- Unread messages will be listed
- Files timestamped newer than last view will be listed
- All other files/messages will be supressed
- If nothing can be listed, Bullshit will start & exit silently
I won't even pretend to have actually tested any of this.

Do not use LOGINDISABLED with TLS connections.
Add support for CRAM-MD5 so it's RFC-3501 compliant to log in without TLS.

- Coverity.

Found by Coverity.

bitmap_init_mode().

JS_ValueToUint32() for converting to integers where we may need the full 32
bits.

error (e.g. can't convert 2147745800 to an integer), so use
JS_ValueToECMAUint32() rather than JS_ValueToInt32() where we possibly need
a full 32-bit value.

certain Australian timezones.

with logins via SSH or RLogin (handled in answer.cpp). So revert login.js
back to rev 1.17 since the fast-logons are now detected in the login name
parsing in login.cpp's sbbs_t::parse_login() which is used in answer() and
login() - called via bbs.login().

So... if you're writing a login matrix or custom login module where you want
to use a *different* method of detecting/enabling fast logon support, you'll
just need to set the SS_FASTLOGON flag in the JS bbs.sys_status property:
    bbs.sys_status |= SS_FASTLOGON;

This also means that 2 modopts.ini options (fast_logon and
fast_logon_requirments) are now used in logon.js, not login.js, so the section
where you add them is now [logon], not [login]. Got it? Good. :-)

- SS_QWKLOGON
- SS_FASTLOGON

need that internal for SSH and RLogin support of fast-logons.
So, now, even if logging in via SSH or Rlogin, the sys_status SS_FASTLOGON
flag will be set when the user specifies "!username-or-number" during logon and
then the logon.js can use that to determine what to display (or not) to the
user, during logon.

The QWK logon support ("*username-or-number") is also handled in this new
sbbs_t method: parse_login().

This means the fast_logon_char is no longer configurable (hard-coded to '!')
and the modopts.ini options are going to be parsed by logon.js from the [logon]
section (not the [login] section).

You still must set fast_logon=true in the [logon] section of modopts.ini to
enable the fast-logon option for users.

Always parse/strip the fast_logon_char (default: '!') from the login name
/number. This way if users get used to logging in in this fashion, it won't
stimy them if the sysop disables the feature.

Added fast_logon_requirements option (default: blank) which is an optional
ARS to limit fast logon support to specific user-groups.

by setting fast_logon=true in the [login] section of the ctrl/modopts.ini file.
A user can choose a fast logon by prefixing their user name or number with
'!' (configurable via 'fast_logon_char'). This option tells logon.js to
skip the logon menus and logon events.
The logon.js just looks for bbs.fast_logon==true, so if you have your own
method of detecting a fast logon (e.g. a logon matrix menu or a prompt of the
user), then you could just set bbs.fast_logon=true and continue to use the
stock logon.js.

Other ideas (not implemented):
- a minimum security level (or ARS) required to allow fast logons
- a notice to the user that fast logons are available (enabled)
- option to skip logon menus but not logon events, or vice-versa

  MAILW#<num>, MAILP#<num>, SPAMW#<num>

These codes, unlike the colon-variants, can be combined with format modifiers
(e.g. -L, etc.).

inline asm stuff (cl-noasm-defines.patch).

This (of course) revealed an issue with 64-bit systems not building properly
so cl-bn-noasm64-fix.patch fixes this again.

There should no longer be any inline (or out of line) asm, so any more
illegal instruction errors are likely to be the fault of the compiler or
the compiler flags.

size that's being protected in this case, it doesn't *really* matter, but
it's a technical flaw.

Setting user.security.flags[1-4], exemptions, or restrictions to a string value
would result in unexpected modified values:

1. The exiting flags were all based on the current value of flags1 (copy/paste
    error it appears)
2. The set/removed/added flags were all "off-by-one" because str_to_bits()
    treats 'A' as bit-1, not bit-0.

emailval.js is now using this feature and PSI-Jack reported the "interesting"
behavior. :-)

If this value is false (the default), then a validated user's account will
be set to *not* expire.
If this value is true, then a validated user's account expiration status
won't be changed unless the expiration_days_after_validation option is also
set, in which case the expiration date will be reset based on that setting.

Document the new modopts.ini [logon] email_validation option to enable use of
this module.

was based on _finddata_t.attrib value while the value *written* was based on
struct stat.st_mode, and totally incompatible.
Just use the stat/chmod compatible value for both read and write (for all
OSes). If you need the old Windows-centric attribute values (e.g. to determine
"hidden" or "archive" attributes), use file_attrib() instead.