-- Albert Einstein

Things return allocated pointers with errors in them now.
FTP server updated, the rest to follow "soon".

to be for TLS sessions.

entry - if there's an actual compile error, it should already be logged
via the exception/error-reporter callback. This should eliminate a lot of
the dokuwiki-related error chatter in my error.log.

TLS servers without all of them needing to separately load the ssl certificate.

It's destroyed in free_scfg(), and the config *must* be prepped both to
destroy the certificate and to load it.  This is because the "no cert"
value is -1, not 0, so the prepped flag is all we really have to indicate
if it's zero because it's a valid certificate or zero because no certificate
has been loaded.

This allows disabling authentication after a higher level specifies an
AccessRequirements value, eliminating the last reason to keep access.ars
around.

HANDLE_PENDING() contains a return, so it's theoretically possible that the
memory allocated by the previous JSVALUE/STRING_TO_... allocation could
be leaked. So now we pass an optional pointer to HANDLE_PENDING() which will
call free() on it if it's not NULL, and then sets it to NULL for good measure.

cause by Chromiums love of dropping a connection rather than an orderly
shutdown.

Since we're dealing with that fallout, lower the read timeout to 1 second
since we select() first anyway.

Deepthaw (DS94):
This was broken in revision 1.584 by deuce, Thu Aug 20 05:19:45 2015 UTC:
The startup->socket_open callback is optional (may be NULL), and in the case
of sbbsNTsvcs.exe, it is NULL, thus the crash when it was called
unconditionally during socket creation. I guess not many people are running
sbbsNTsvcs these days. :-/

globally (using a new macro in sbbbsdefs.h: STR_UNKNOWN_USER). "<unknown>"
in some contexts was too vague (e.g. the 'c' command output from the sbbs
console).

Introduced a better progress indicator (similar to poll results), using the
backfill() method. 2 new attr.cfg fields allow the progress indicator colors to
be configured separately from poll results (though they default to the same
white on magenta). This new progress indicator is used when loading msg ptrs
and scanning for votes. I will be using it while performing other searches
(e.g. file libraries/dirs) as well.

temp-ban (was logging the total number of login attempts, including dupes).

so use shorter thread names.

How did startup->sem_chk_freq get set (back) to 0 in the first place?
The reason: the startup struct sanitization only occured when the various
server threads were first started. When recycled, the server would call back to
the original caller (e.g. sbbscon) which may (and did) re-read the sbbs.ini
file, which could have SemCheckFrequency set to 0 (or missing) and the
sanitization did not happen again (so a 0 value was used in select() calls,
resuilting in high CPU utilization for several threads).

So now, all startup struct sanitization occurs inside the init/recycle loop
and sem_chk_freq should never revert to 0 again. This was the main bug.

value is missing or set to 0 in the sbbs.ini file, the sanity checking this
value (setting it to 2 seconds) will not occur after a server recycle and the
sbbs.ini is re-parsed. So if for any reason, the sem_chk_freq value becomes
0, these server threads won't hog the CPU because they all YIELD at the
top of thier main loops.

Also, changed all the thread names (e.g. adding "sbbs/" prefix), so they're
more sensible in the Linux 'top' output.

Also, started adding 'vi' modelines to auto-set tabstops when using vi/vim.

file (in .can file format) which lists IP addresses or hostnames which will
be exempt from temporary bans or permanent filters.

this is not a totally unexpected occurrance. No need to fill up the error.log.

- Never ban the server's own address
- Log the login attempt and last name attempted
- Use a compressed version of the HH:MM:SS "time remaining" portion of the log
  message

By default, after 20 consecutive (unique) failed login attempts, *or*
a failed login attempt wtih a name from the name.can filter file.
The default temporary ban duration is 10 minutes.
The temporary ban thershold is configurable via LoginAttemptTempBanThreshold
in sbbs.ini and the ban duration is configurable via LoginAttemptTempBanDuration
(in seconds).

the constructor things.  This allows TLS-enabled services to work correctly,
and removes an ugly hack from the web server.

There's still an odd issue with the NNTP service when using TLS though.

to errorlog() so the data/error.log is less ambiguous about where an error
occurred.

removed from the ring buffer.  This prevents the session thread from closing
the socket before send() is called with the data.

Fixed issue seen on techdorks.net with the 404.ssjs file (and likely others
where static files were truncated on send).

This ensures that all data that has been send()ed is transmitted.  Timeout
after max_inactivity (max delay is max_inactivity*2).

after a user (has been) disconnected and before the node transitions to waiting
for connection (WFC) status. Usually the duration of this status is very short,
but it can be longer (e.g. for running log-out module and event) and for (new)
msg-scan pointer fix-ups.
Updated logout() to remove some cruft and add some more log/debug output.
Automatic new-scan pointer fix-ups when performing new-message scans (if the
current pointer is greater than the last message number, set it to the last
message number) and when saving message pointers.
Passing user_t* to get/putmsgptrs() instead of message number now (to better
detect Guest account).

for the CGI REQUEST_URI variable.

by a webctrl.ini... this allows redirect scripts to notice.

Also, clear extra_path_info when we handle an internal redirect so it doesn't
use stale data.