1: Wrap SSH cryptDestroySession() calls in a wrapper that tracks the number of
    open sessions and logs errors upon failure (and remaining session count).
    This is how I found the SSH session leak in sbbs_t::hangup().
    Also found multiple cals to SSH_END() which were invalid (no session to
    destroy) and removed them.
2: If errors are detected when unpacking a REP packet, save the .rep file
    (in data/file/<filename.rep>.<timestamp>.bad) for later inspection.
    Also added some VOTING.DAT debug output (to be removed later).
    Trying to the get to the bottom of the
    "smb_addvote thread_back field missing" errors.

pause and CLS after.

@DigitalMan | It'd be nice if home/end keys moved to first/last avatars in a collection when viewing a collection

@DigitalMan | JavaScript  s:\sbbs\exec\avatar_chooser.js line 775: TypeError: state.opt_out_item is null

uh, this oughta do away with that, I guess

revisit some of this.

(Not the best fix, but it'll do for now.)

REP unpacking).

'Resource/space exhausted' errors in TLS and SSH:
The wrong ssh_session is being passed to cryptDestroySession() in
sbbs_t::hangup() (introduced in rev 1.615), this call to cryptDestorySession()
fails (returns -1, bad param) thus leaving the actual
ssh_session never destroyed (leaked).

chars for Bill McGarrity @ tequilamockingbirdonline.net :-)
Doesn't seem to break anything (except backwards compatibility with SBL
v3).

you can't print and free it again after calling that macro.

Added destination address of outbound file in "Attempting callout" log msg.

cast from pointer to integer of different size

format not a string literal and no format arguments [-Wformat-security]

emusetup.bat).
It was generating an (easy to fix) GCC 5.4.0 warning:
format not a string literal and no format arguments [-Wformat-security]
But the line was not needed, so just removed it.

format not a string literal and no format arguments [-Wformat-security]

warning: format not a string literal and no format arguments [-Wformat-security]

warning: format not a string literal and no format arguments [-Wformat-security]
   sockprintf(sock,sess,(char*)resp);
   sockprintf(socket,session,sys_error);

of lprintf() misuse.

unused variable 'p'
comparison between signed and unsigned integer expressions

 in expansion of macro 'JS_ARGS_OFFSET':
unsigned long is the same size as a pointer (rather than unsigned int)
on the supported target platforms/tool-chains.

::lprintf() usage.

fix the resulting warnings.

and resolve the resulting warnings.

resolve the resulting warnings.

and send_mlsx().
Fix numerous printf-style argument bugs, many in the TLS and MLSx support.

Put "TLS" in the failure log messages rather than repeating "FTP".

Was this pasted from somewhere else?

- Since rev 1.556, mailproc_to_match[] would only ever contain one mail
  processor (index) value, even if the RCPT TO address matched multiple
  mail processor "To" keys in mailproc.ini, so only the first-matching
  mail processor (with a "To" key) would be executed for the msg.
- mailproc_match, meaning the destination was a non-passthrough
  external mail processor, in which case the destination (RCPT TO) address
  may *not* match a valid local user account, would be set for *passthru*
  mail processors potentially resulting in the following error (and an
  undelivered mail message): !SMTP can't deliver mail to user #0
  only set mailproc_match to a valid mail proc index if the recipient matches a
  non-passthru mail processor.

Windows debug build.

instead of stdout.

(black on black) as this can inadvertently "hide" text for ANSI users
(e.g. poll comments, when reading a poll message). Set to 7 (lightgray)
instead.

not known/available (e.g. certain types of SSH login failures).

to use this function in bbs_thread() for SSH failed login attempts and thus
enable the perm-IP-filtering (LoginAttemptFilterThreshold) functionality.
Right now, it's only a "bad login" if the "Getting channel type" doesn't
return "session", but we could (and likely will) use it for more SSH login
failure modes which indicate a likely hack-attempt.

had a "replace" option that did something differnet (enabled parsing of the
REPLACES verb) - don't want to confuse sysops now. :-)