Check sscanf() result
Don't use deprecated function: inet_addr()

At one point while migrating off the Windows XP compatible WinSDK and toolset,
I was getting nice deprecation warnings in this file about uses of
GetTickCount() and the 49 day roll-over isuse. I stopped getting those
deprecation warnings (not sure when/why), but I'm still doing the right thing
here/now and using the newer Win32 API function when it's available (always,
for the versions of Windows we're building Synchronet and friends for).

Synchronet v3.20 doesn't actually work on Windows XP due to depenendies in
3rd party libraries we link with and more recent ciolib improvements.

So, no need to use an ancient WinSDK (7.0) or toolset anymore. Hooray!
I'm not changing the versions of C or C++ language enabled (yet), but that's
something we should consider doing.

Also, re-enable enhanced x86 processor extensions (e.g. SSE2) as I doubt very
much you can run Windows Vista on a pre-2000 CPU anyway. If this is a problem
for anyone, it's trivial to disable the processor extensions again.

No need to continue to carry this baggage

dupefind is another candidate for removal (soon)

To help debug any situations where import_netmail() might silently fail
(though I don't anticipate there are any, Accession suggested there was).

For sysops that don't want to use the user's chosen language to auto-load
alternate text strings, they can specify some other filename from the ctrl
directory (so long as it ends in .ini). I wouldn't use text.*.ini however,
since those filenames are assumed to be language translations and will
automatically appear in user_settings.js as a user-selectable language.
text-*.ini would be fine though as an alternate text.ini filename:
not colliding with text.ini or text.*.ini

When one or more files that match the menu file pattern can't be displayed
(e.g. the user's terminal is not wide enough or there's any other menu file
open/read error), pick another random menu file and try displaying that one,
until either a menu file has been displayed successfully or all files
(matching the pattern) have been attempted.

For example, you have text/menu/random1.c80.msg and random2.msg, if the first
file (random1.c80.msg) is selected at random but the user's terminal isn't
at least 80 columns wide, another file will be picked at random. Since only
random2.msg remains in the list (matching the pattern "random*"), that's the
only file that will always be displayed.

Thank you 5mooth!

Fix issue #867

Renamed to .msg to make for easier preview/edit with PabloDraw

Need the O_CREAT mode flag.

Broken with commit d116f362: I started using opennodeext() (created 5 years
ago with commit 710bb23c) rather than nopen(), and I didn't realize that
opennodeext() was not including O_CREAT.

Once the ctrl/node.exb was created (by anything), this error wouldn't happen.
And it'd only be an issues for systems with text.dat's that included custom
node status (NodeAction*) strings. Good catch Nelgin!

@-codes weren't expanded before the text length calculation, so the centering
logic (offset in the user's terminal screen) would usually be incorrect as
pointed out by Nelgin in #synchronet when we were discussing the |C @-code
modifier (which is to center an @-code value in a field, not the screen).

This issue was a known limitation of the fix to issue #418 (commit 8987150b)
but now that we have the expand_atcodes() function (hooray!), this is an
easily solvable problem.

Note: we're now calling center() withOUT the 'msg' parameter set to true,
which means the @center@ code goes back to the previous (to issue #418 fix)
behavior of just using bputs() for the centered text (we don't need the
recursive call to pustmsg() to support @-codes any longer). This was the only
reason that center() grew the optional 'msg' parameter so we likely can remove
that option/feature at some date.

(mail received from authenticated SMTP clients is still allowed)

Previously, the M-restriction also prevent receipt of Internet mail from
authenticated SMTP clients, so separate that restriction into the new 'I'
restriction.

This fixes issue #865

Also add cryptlib to PATH for jsexec smoke test, just in case

Oops.

not clear why this would be required, but exampels seem to use 'em

As discovered and reported by Deuce and Nelgin

... so we always use the correct cl32.dll when running the jsexec test suite
on Windows.

Catch cryptlib version mismatch gracefully

No functional change.

The wrong version nubmer was specified for these new properties - these
properties were added in v3.20c which is represented numerically as 32002 in
decimal.

The description of the tls_psk_id property was missing socket_prop_desc.

There are now two ways to authenticate with the broker:
1) TLS PSK with a sysop account, and set the password field at the
   MQTT level to the system password (user field, if present is
   ignored).  This is the prefered method as it provides mutual
   authentication and you simply can't steal credentials with MITM.
2) Synchronet TLS certificate, sysop username and the users password
   followed by a colon, followed by the system password.  The server
   authentication will now depend on the appropriate trust chain in
   the client.  If using a Let's Encrypt certificate for example,
   you can' securely connect to localhost with this method.

tools and libraries tend to allow TLS-PSK with password at the MQTT
level, many GUI tools do not allow TLS-PSK.

Now both the "regular" certificate, and PSK will be supported on
a TLS socket, and it's up to the client to check which was used.

trimmed some trailing whitespace

of an existing one.

If tls_psk is used, indicates which entry in tls_psk was used by
the remote.