[F-12] fix(network): replace system(dd) with native C in send_tf()

[adequatelimited]

Closes #105

Summary

send_tf() constructed a dd shell command with a peer-controlled skip offset and executed it via system(). Replaced with native fseek64/fread/fwrite.

Change

// Before — shell command with peer-controlled parameter
sprintf(cmd, "dd if=tfile.dat of=%s bs=%u skip=%u count=%u 2>/dev/null",
             fname, (int) sizeof(BTRAILER), first, count);
system(cmd);

// After — native file I/O with shutdown awareness
ifp = fopen("tfile.dat", "rb");
fseek64(ifp, (long long) first * sizeof(BTRAILER), SEEK_SET);
ofp = fopen(fname, "wb");
for (j = 0; j < count && Running; j++) {
   if (fread(&bt, sizeof(BTRAILER), 1, ifp) != 1) break;
   if (fwrite(&bt, sizeof(BTRAILER), 1, ofp) != 1) break;
}

Why

• Eliminates shell process overhead (2 processes per request, up to 37 concurrent connections)
• Removes peer-controlled values from shell command strings
• Adds explicit error handling on open/seek/read/write
• Checks Running flag between iterations for clean shutdown
• Identical output for all inputs including past-EOF and count=0

Testing

• Clean build with -Wall -Werror -Wextra -Wpedantic
• Offline test harness (63 tests): byte-for-byte parity verified between system(dd) and native C across normal operations, edge cases, boundary conditions, permission errors, and real tfile.dat. Posted to issue [F-12] MEDIUM: send_tf() invokes system("dd...") with peer-controlled skip offset — resource abuse #105.
• Live integration test (25 tests): connected to a running node via OP_TF protocol, received tfile data through the real production code path, compared against direct disk reads — all byte-identical. Covers start/middle/tip/max-count/single/last/partial/EOF scenarios.