refactor: standardize logging on zap across all packages

Replace all fmt.Printf/Println and log.Printf/Fatal with structured
zap.Logger calls to eliminate inconsistent logging (anti-pattern #12).

- network/crypt_conn: inject logger via NewCryptConn, replace 6 fmt calls
- signserver/session: use existing s.logger for debug packet dumps
- entranceserver: use s.logger for inbound/outbound debug logging
- api/utils: accept logger param in verifyPath, replace fmt.Println
- api/endpoints: use s.logger for screenshot path diagnostics
- config: replace log.Fatal with error return in getOutboundIP4
- deltacomp: replace log.Printf with zap.L() global logger

server/api/utils.go

@@ -2,8 +2,9 @@ package api
 
 import (
 	"errors"
-	"fmt"
 	"path/filepath"
+
+	"go.uber.org/zap"
 )
 
 func inTrustedRoot(path string, trustedRoot string) error {
@@ -16,20 +17,20 @@ func inTrustedRoot(path string, trustedRoot string) error {
 	return errors.New("path is outside of trusted root")
 }
 
-func verifyPath(path string, trustedRoot string) (string, error) {
+func verifyPath(path string, trustedRoot string, logger *zap.Logger) (string, error) {
 
 	c := filepath.Clean(path)
-	fmt.Println("Cleaned path: " + c)
+	logger.Debug("Cleaned path", zap.String("path", c))
 
 	r, err := filepath.EvalSymlinks(c)
 	if err != nil {
-		fmt.Println("Error " + err.Error())
+		logger.Warn("Path verification failed", zap.Error(err))
 		return c, errors.New("unsafe or invalid path specified")
 	}
 
 	err = inTrustedRoot(r, trustedRoot)
 	if err != nil {
-		fmt.Println("Error " + err.Error())
+		logger.Warn("Path outside trusted root", zap.Error(err))
 		return r, errors.New("unsafe or invalid path specified")
 	} else {
 		return r, nil