11 年之前 · 719ee999d6
--- a/src/BuildFiles/Library/Win32_Debug/libeay32.lib
+++ b/src/BuildFiles/Library/Win32_Debug/libeay32.lib
--- a/src/BuildFiles/Library/Win32_Debug/ssleay32.lib
+++ b/src/BuildFiles/Library/Win32_Debug/ssleay32.lib
--- a/src/BuildFiles/Library/Win32_Release/libeay32.lib
+++ b/src/BuildFiles/Library/Win32_Release/libeay32.lib
--- a/src/BuildFiles/Library/Win32_Release/ssleay32.lib
+++ b/src/BuildFiles/Library/Win32_Release/ssleay32.lib
--- a/src/BuildFiles/Library/x64_Debug/libeay32.lib
+++ b/src/BuildFiles/Library/x64_Debug/libeay32.lib
--- a/src/BuildFiles/Library/x64_Debug/ssleay32.lib
+++ b/src/BuildFiles/Library/x64_Debug/ssleay32.lib
--- a/src/BuildFiles/Library/x64_Release/libeay32.lib
+++ b/src/BuildFiles/Library/x64_Release/libeay32.lib
--- a/src/BuildFiles/Library/x64_Release/ssleay32.lib
+++ b/src/BuildFiles/Library/x64_Release/ssleay32.lib
--- a/src/Cedar/Admin.c
+++ b/src/Cedar/Admin.c
@@ -1113,6 +1113,24 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 
				 				x = CloneX(c->ServerX);

			
 
				 			}

			
 
				 			Unlock(c->lock);

			
 
				+

			
 
				+			if (x != NULL)

			
 
				+			{

			
 
				+				// Get the root certificate

			
 
				+				if (x->root_cert == false)

			
 
				+				{

			
 
				+					X *root_x = NULL;

			
 
				+					LIST *cert_list = NewCertList(true);

			
 
				+

			
 
				+					if (TryGetRootCertChain(cert_list, x, true, &root_x))

			
 
				+					{

			
 
				+						FreeX(x);

			
 
				+						x = root_x;

			
 
				+					}

			
 
				+

			
 
				+					FreeCertList(cert_list);

			
 
				+				}

			
 
				+			}

			
 
				 		}

			
 
				 

			
 
				 		x_buf = XToBuf(x, true);

			
@@ -1121,7 +1139,7 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 
				 		WriteBufChar(x_buf, 0);

			
 
				 		SeekBufToBegin(x_buf);

			
 
				 

			
 
				-		// Generate dummy certification

			
 
				+		// Generate a dummy certificate

			
 
				 		if (x != NULL)

			
 
				 		{

			
 
				 			if (RsaGen(&dummy_private_k, &dummy_public_k, x->bits))

			
@@ -8331,6 +8349,15 @@ UINT StSetServerCert(ADMIN *a, RPC_KEY_PAIR *t)
 
				 		return ERR_PROTOCOL_ERROR;

			
 
				 	}

			
 
				 

			
 
				+	t->Flag1 = 1;

			
 
				+	if (t->Cert->root_cert == false)

			
 
				+	{

			
 
				+		if (DownloadAndSaveIntermediateCertificatesIfNecessary(t->Cert) == false)

			
 
				+		{

			
 
				+			t->Flag1 = 0;

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				 	SetCedarCert(c, t->Cert, t->Key);

			
 
				 

			
 
				 	ALog(a, NULL, "LA_SET_SERVER_CERT");

			
@@ -12756,6 +12783,7 @@ void InRpcKeyPair(RPC_KEY_PAIR *t, PACK *p)
 
				 

			
 
				 	t->Cert = PackGetX(p, "Cert");

			
 
				 	t->Key = PackGetK(p, "Key");

			
 
				+	t->Flag1 = PackGetInt(p, "Flag1");

			
 
				 }

			
 
				 void OutRpcKeyPair(PACK *p, RPC_KEY_PAIR *t)

			
 
				 {

			
@@ -12767,6 +12795,7 @@ void OutRpcKeyPair(PACK *p, RPC_KEY_PAIR *t)
 
				 

			
 
				 	PackAddX(p, "Cert", t->Cert);

			
 
				 	PackAddK(p, "Key", t->Key);

			
 
				+	PackAddInt(p, "Flag1", t->Flag1);

			
 
				 }

			
 
				 void FreeRpcKeyPair(RPC_KEY_PAIR *t)

			
 
				 {

			
--- a/src/Cedar/Admin.h
+++ b/src/Cedar/Admin.h
@@ -295,6 +295,7 @@ struct RPC_KEY_PAIR
 
				 {

			
 
				 	X *Cert;							// Certificate

			
 
				 	K *Key;								// Secret key

			
 
				+	UINT Flag1;							// Flag1

			
 
				 };

			
 
				 

			
 
				 // HUB option

			
--- a/src/Cedar/Cedar.h
+++ b/src/Cedar/Cedar.h
@@ -120,10 +120,10 @@
 
				 

			
 
				 

			
 
				 // Version number

			
 
				-#define	CEDAR_VER					406

			
 
				+#define	CEDAR_VER					407

			
 
				 

			
 
				 // Build Number

			
 
				-#define	CEDAR_BUILD					9437

			
 
				+#define	CEDAR_BUILD					9448

			
 
				 

			
 
				 // Beta number

			
 
				 //#define	BETA_NUMBER					3

			
@@ -143,11 +143,11 @@
 
				 

			
 
				 // Specifies the build date

			
 
				 #define	BUILD_DATE_Y		2014

			
 
				-#define	BUILD_DATE_M		4

			
 
				-#define	BUILD_DATE_D		9

			
 
				-#define	BUILD_DATE_HO		9

			
 
				-#define	BUILD_DATE_MI		39

			
 
				-#define	BUILD_DATE_SE		4

			
 
				+#define	BUILD_DATE_M		6

			
 
				+#define	BUILD_DATE_D		6

			
 
				+#define	BUILD_DATE_HO		3

			
 
				+#define	BUILD_DATE_MI		7

			
 
				+#define	BUILD_DATE_SE		39

			
 
				 

			
 
				 // Tolerable time difference

			
 
				 #define	ALLOW_TIMESTAMP_DIFF		(UINT64)(3 * 24 * 60 * 60 * 1000)

			
--- a/src/Cedar/Client.c
+++ b/src/Cedar/Client.c
@@ -5852,7 +5852,6 @@ REMOTE_CLIENT *CcConnectRpcEx(char *server_name, char *password, bool *bad_pass,
 
				 #endif	// OS_WIN32

			
 
				 

			
 
				 	port_start = CLIENT_CONFIG_PORT - 1;

			
 
				-

			
 
				 	if (reg_port != 0)

			
 
				 	{

			
 
				 		s = Connect(server_name, reg_port);

			
--- a/src/Cedar/Command.c
+++ b/src/Cedar/Command.c
@@ -6658,6 +6658,28 @@ void PsMain(PS *ps)
 
				 		}

			
 
				 	}

			
 
				 

			
 
				+	if (ps->HubName == NULL)

			
 
				+	{

			
 
				+		RPC_KEY_PAIR t;

			
 
				+

			
 
				+		Zero(&t, sizeof(t));

			
 
				+

			
 
				+		if (ScGetServerCert(ps->Rpc, &t) == ERR_NO_ERROR)

			
 
				+		{

			
 
				+			if (t.Cert != NULL && t.Cert->has_basic_constraints == false)

			
 
				+			{

			
 
				+				if (t.Cert->root_cert)

			
 
				+				{

			
 
				+					ps->Console->Write(ps->Console, L"");

			
 
				+					ps->Console->Write(ps->Console, _UU("SM_CERT_MESSAGE_CLI"));

			
 
				+					ps->Console->Write(ps->Console, L"");

			
 
				+				}

			
 
				+			}

			
 
				+

			
 
				+			FreeRpcKeyPair(&t);

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				 	while (true)

			
 
				 	{

			
 
				 		// Definition of command

			
@@ -7841,6 +7863,14 @@ UINT PsServerCertSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 
				 			return ret;

			
 
				 		}

			
 
				 

			
 
				+		if (t.Flag1 == 0)

			
 
				+		{

			
 
				+			// Show the warning message

			
 
				+			c->Write(c, L"");

			
 
				+			c->Write(c, _UU("SM_CERT_NEED_ROOT"));

			
 
				+			c->Write(c, L"");

			
 
				+		}

			
 
				+

			
 
				 		FreeRpcKeyPair(&t);

			
 
				 	}

			
 
				 	else

			
@@ -20897,6 +20927,10 @@ UINT PsServerCertRegenerate(CONSOLE *c, char *cmd_name, wchar_t *str, void *para
 
				 		return ret;

			
 
				 	}

			
 
				 

			
 
				+	c->Write(c, L"");

			
 
				+	c->Write(c, _UU("CM_CERT_SET_MSG"));

			
 
				+	c->Write(c, L"");

			
 
				+

			
 
				 	FreeParamValueList(o);

			
 
				 

			
 
				 	return 0;

			
--- a/src/Cedar/Interop_OpenVPN.c
+++ b/src/Cedar/Interop_OpenVPN.c
@@ -2058,6 +2058,7 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 
				 									}

			
 
				 									else

			
 
				 									{

			
 
				+#if	0	// Currently disabled

			
 
				 										// If the default gateway is not specified, add the static routing table

			
 
				 										// entry for the local IP subnet

			
 
				 										IP local_network;

			
@@ -2076,6 +2077,7 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 
				 											&cao->SubnetMask);

			
 
				 

			
 
				 										StrCat(option_str, sizeof(option_str), l3_options);

			
 
				+#endif

			
 
				 									}

			
 
				 

			
 
				 									// Classless routing table

			
--- a/src/Cedar/Logging.c
+++ b/src/Cedar/Logging.c
@@ -1333,16 +1333,23 @@ char *BuildHttpLogStr(HTTPLOG *h)
 
				 

			
 
				 	b = NewBuf();

			
 
				 

			
 
				-	// URL generation

			
 
				-	if (h->Port == 80)

			
 
				+	if (StartWith(h->Path, "http://"))

			
 
				 	{

			
 
				-		Format(url, sizeof(url), "http://%s%s",

			
 
				-			h->Hostname, h->Path);

			
 
				+		StrCpy(url, sizeof(url), h->Path);

			
 
				 	}

			
 
				 	else

			
 
				 	{

			
 
				-		Format(url, sizeof(url), "http://%s:%u%s",

			
 
				-			h->Hostname, h->Port, h->Path);

			
 
				+		// URL generation

			
 
				+		if (h->Port == 80)

			
 
				+		{

			
 
				+			Format(url, sizeof(url), "http://%s%s",

			
 
				+				h->Hostname, h->Path);

			
 
				+		}

			
 
				+		else

			
 
				+		{

			
 
				+			Format(url, sizeof(url), "http://%s:%u%s",

			
 
				+				h->Hostname, h->Port, h->Path);

			
 
				+		}

			
 
				 	}

			
 
				 

			
 
				 	AddLogBufToStr(b, "HttpMethod", h->Method);

			
--- a/src/Cedar/Protocol.c
+++ b/src/Cedar/Protocol.c
@@ -100,6 +100,461 @@
 
				 

			
 
				 static UCHAR ssl_packet_start[3] = {0x17, 0x03, 0x00};

			
 
				 

			
 
				+// Download and save intermediate certificates if necessary

			
 
				+bool DownloadAndSaveIntermediateCertificatesIfNecessary(X *x)

			
 
				+{

			
 
				+	LIST *o;

			
 
				+	bool ret = false;

			
 
				+	// Validate arguments

			
 
				+	if (x == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	if (x->root_cert)

			
 
				+	{

			
 
				+		return true;

			
 
				+	}

			
 
				+

			
 
				+	o = NewCertList(true);

			
 
				+

			
 
				+	ret = TryGetRootCertChain(o, x, true, NULL);

			
 
				+

			
 
				+	FreeCertList(o);

			
 
				+

			
 
				+	return ret;

			
 
				+}

			
 
				+

			
 
				+// Attempt to fetch the full chain of the specified cert

			
 
				+bool TryGetRootCertChain(LIST *o, X *x, bool auto_save, X **found_root_x)

			
 
				+{

			
 
				+	bool ret = false;

			
 
				+	LIST *chain = NULL;

			
 
				+	LIST *current_chain_dir = NULL;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL || x == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	chain = NewCertList(false);

			
 
				+

			
 
				+	ret = TryGetParentCertFromCertList(o, x, chain);

			
 
				+

			
 
				+	if (ret)

			
 
				+	{

			
 
				+		UINT i;

			
 
				+		DIRLIST *dir;

			
 
				+		wchar_t dirname[MAX_SIZE];

			
 
				+		wchar_t exedir[MAX_SIZE];

			
 
				+

			
 
				+		GetExeDirW(exedir, sizeof(exedir));

			
 
				+		CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");

			
 
				+		MakeDirExW(dirname);

			
 
				+

			
 
				+		if (auto_save)

			
 
				+		{

			
 
				+			// delete the current auto_save files

			
 
				+			dir = EnumDirW(dirname);

			
 
				+			if (dir != NULL)

			
 
				+			{

			
 
				+				for (i = 0;i < dir->NumFiles;i++)

			
 
				+				{

			
 
				+					DIRENT *e = dir->File[i];

			
 
				+

			
 
				+					if (e->Folder == false)

			
 
				+					{

			
 
				+						if (UniStartWith(e->FileNameW, AUTO_DOWNLOAD_CERTS_PREFIX))

			
 
				+						{

			
 
				+							wchar_t tmp[MAX_SIZE];

			
 
				+

			
 
				+							CombinePathW(tmp, sizeof(tmp), dirname, e->FileNameW);

			
 
				+

			
 
				+							FileDeleteW(tmp);

			
 
				+						}

			
 
				+					}

			
 
				+				}

			
 
				+

			
 
				+				FreeDir(dir);

			
 
				+			}

			
 
				+		}

			
 
				+

			
 
				+		current_chain_dir = NewCertList(false);

			
 
				+		AddAllChainCertsToCertList(current_chain_dir);

			
 
				+

			
 
				+		for (i = 0;i < LIST_NUM(chain);i++)

			
 
				+		{

			
 
				+			wchar_t tmp[MAX_SIZE];

			
 
				+			X *xx = LIST_DATA(chain, i);

			
 
				+

			
 
				+			GetAllNameFromName(tmp, sizeof(tmp), xx->subject_name);

			
 
				+

			
 
				+			Debug("depth = %u, subject = %S\n", i, tmp);

			
 
				+

			
 
				+			if (auto_save && CompareX(x, xx) == false && IsXInCertList(current_chain_dir, xx) == false)

			
 
				+			{

			
 
				+				wchar_t fn[MAX_PATH];

			
 
				+				char hex_a[128];

			
 
				+				wchar_t hex[128];

			
 
				+				UCHAR hash[SHA1_SIZE];

			
 
				+				wchar_t tmp[MAX_SIZE];

			
 
				+				BUF *b;

			
 
				+

			
 
				+				GetXDigest(xx, hash, true);

			
 
				+				BinToStr(hex_a, sizeof(hex_a), hash, SHA1_SIZE);

			
 
				+				StrToUni(hex, sizeof(hex), hex_a);

			
 
				+

			
 
				+				UniStrCpy(fn, sizeof(fn), AUTO_DOWNLOAD_CERTS_PREFIX);

			
 
				+				UniStrCat(fn, sizeof(fn), hex);

			
 
				+				UniStrCat(fn, sizeof(fn), L".cer");

			
 
				+

			
 
				+				CombinePathW(tmp, sizeof(tmp), dirname, fn);

			
 
				+

			
 
				+				b = XToBuf(xx, true);

			
 
				+

			
 
				+				DumpBufW(b, tmp);

			
 
				+

			
 
				+				FreeBuf(b);

			
 
				+			}

			
 
				+

			
 
				+			if (xx->root_cert)

			
 
				+			{

			
 
				+				if (found_root_x != NULL)

			
 
				+				{

			
 
				+					*found_root_x = CloneX(xx);

			
 
				+				}

			
 
				+			}

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	FreeCertList(chain);

			
 
				+

			
 
				+	FreeCertList(current_chain_dir);

			
 
				+

			
 
				+	return ret;

			
 
				+}

			
 
				+

			
 
				+// Try get the parent cert

			
 
				+bool TryGetParentCertFromCertList(LIST *o, X *x, LIST *found_chain)

			
 
				+{

			
 
				+	bool ret = false;

			
 
				+	X *r;

			
 
				+	bool do_free = false;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL || x == NULL || found_chain == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	if (LIST_NUM(found_chain) >= FIND_CERT_CHAIN_MAX_DEPTH)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	Add(found_chain, CloneX(x));

			
 
				+

			
 
				+	if (x->root_cert)

			
 
				+	{

			
 
				+		return true;

			
 
				+	}

			
 
				+

			
 
				+	r = FindCertIssuerFromCertList(o, x);

			
 
				+

			
 
				+	if (r == NULL)

			
 
				+	{

			
 
				+		if (IsEmptyStr(x->issuer_url) == false)

			
 
				+		{

			
 
				+			r = DownloadCert(x->issuer_url);

			
 
				+

			
 
				+			if (CheckXEx(x, r, true, true) && CompareX(x, r) == false)

			
 
				+			{

			
 
				+				// found

			
 
				+				do_free = true;

			
 
				+			}

			
 
				+			else

			
 
				+			{

			
 
				+				// invalid

			
 
				+				FreeX(r);

			
 
				+				r = NULL;

			
 
				+			}

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	if (r != NULL)

			
 
				+	{

			
 
				+		ret = TryGetParentCertFromCertList(o, r, found_chain);

			
 
				+	}

			
 
				+

			
 
				+	if (do_free)

			
 
				+	{

			
 
				+		FreeX(r);

			
 
				+	}

			
 
				+

			
 
				+	return ret;

			
 
				+}

			
 
				+

			
 
				+// Find the issuer of the cert from the cert list

			
 
				+X *FindCertIssuerFromCertList(LIST *o, X *x)

			
 
				+{

			
 
				+	UINT i;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL || x == NULL)

			
 
				+	{

			
 
				+		return NULL;

			
 
				+	}

			
 
				+

			
 
				+	if (x->root_cert)

			
 
				+	{

			
 
				+		return NULL;

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(o);i++)

			
 
				+	{

			
 
				+		X *xx = LIST_DATA(o, i);

			
 
				+

			
 
				+		if (CheckXEx(x, xx, true, true))

			
 
				+		{

			
 
				+			if (CompareX(x, xx) == false)

			
 
				+			{

			
 
				+				return xx;

			
 
				+			}

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	return NULL;

			
 
				+}

			
 
				+

			
 
				+// Download a cert by using HTTP

			
 
				+X *DownloadCert(char *url)

			
 
				+{

			
 
				+	BUF *b;

			
 
				+	URL_DATA url_data;

			
 
				+	X *ret = NULL;

			
 
				+	// Validate arguments

			
 
				+	if (IsEmptyStr(url))

			
 
				+	{

			
 
				+		return NULL;

			
 
				+	}

			
 
				+

			
 
				+	Debug("Trying to download a cert from %s ...\n", url);

			
 
				+

			
 
				+	if (ParseUrl(&url_data, url, false, NULL) == false)

			
 
				+	{

			
 
				+		Debug("Download failed.\n");

			
 
				+		return NULL;

			
 
				+	}

			
 
				+

			
 
				+	b = HttpRequestEx(&url_data, NULL, CERT_HTTP_DOWNLOAD_TIMEOUT, CERT_HTTP_DOWNLOAD_TIMEOUT,

			
 
				+		NULL, false, NULL, NULL, NULL, NULL, NULL, CERT_HTTP_DOWNLOAD_MAXSIZE);

			
 
				+

			
 
				+	if (b == NULL)

			
 
				+	{

			
 
				+		Debug("Download failed.\n");

			
 
				+		return NULL;

			
 
				+	}

			
 
				+

			
 
				+	ret = BufToX(b, IsBase64(b));

			
 
				+

			
 
				+	FreeBuf(b);

			
 
				+

			
 
				+	Debug("Download ok.\n");

			
 
				+	return ret;

			
 
				+}

			
 
				+

			
 
				+// New cert list

			
 
				+LIST *NewCertList(bool load_root_and_chain)

			
 
				+{

			
 
				+	LIST *o;

			
 
				+

			
 
				+	o = NewList(NULL);

			
 
				+

			
 
				+	if (load_root_and_chain)

			
 
				+	{

			
 
				+		AddAllRootCertsToCertList(o);

			
 
				+		AddAllChainCertsToCertList(o);

			
 
				+	}

			
 
				+

			
 
				+	return o;

			
 
				+}

			
 
				+

			
 
				+// Free cert list

			
 
				+void FreeCertList(LIST *o)

			
 
				+{

			
 
				+	UINT i;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(o);i++)

			
 
				+	{

			
 
				+		X *x = LIST_DATA(o, i);

			
 
				+

			
 
				+		FreeX(x);

			
 
				+	}

			
 
				+

			
 
				+	ReleaseList(o);

			
 
				+}

			
 
				+

			
 
				+// Check whether the cert is in the cert list

			
 
				+bool IsXInCertList(LIST *o, X *x)

			
 
				+{

			
 
				+	UINT i;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL || x == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(o);i++)

			
 
				+	{

			
 
				+		X *xx = LIST_DATA(o, i);

			
 
				+

			
 
				+		if (CompareX(x, xx))

			
 
				+		{

			
 
				+			return true;

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	return false;

			
 
				+}

			
 
				+

			
 
				+// Add a cert to the cert list

			
 
				+void AddXToCertList(LIST *o, X *x)

			
 
				+{

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL || x == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	if (IsXInCertList(o, x))

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	if (CheckXDateNow(x) == false)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	Add(o, CloneX(x));

			
 
				+}

			
 
				+

			
 
				+// Add all chain certs to the cert list

			
 
				+void AddAllChainCertsToCertList(LIST *o)

			
 
				+{

			
 
				+	wchar_t dirname[MAX_SIZE];

			
 
				+	wchar_t exedir[MAX_SIZE];

			
 
				+	DIRLIST *dir;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	GetExeDirW(exedir, sizeof(exedir));

			
 
				+

			
 
				+	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");

			
 
				+

			
 
				+	MakeDirExW(dirname);

			
 
				+

			
 
				+	dir = EnumDirW(dirname);

			
 
				+

			
 
				+	if (dir != NULL)

			
 
				+	{

			
 
				+		UINT i;

			
 
				+

			
 
				+		for (i = 0;i < dir->NumFiles;i++)

			
 
				+		{

			
 
				+			DIRENT *e = dir->File[i];

			
 
				+

			
 
				+			if (e->Folder == false)

			
 
				+			{

			
 
				+				wchar_t tmp[MAX_SIZE];

			
 
				+				X *x;

			
 
				+

			
 
				+				CombinePathW(tmp, sizeof(tmp), dirname, e->FileNameW);

			
 
				+

			
 
				+				x = FileToXW(tmp);

			
 
				+

			
 
				+				if (x != NULL)

			
 
				+				{

			
 
				+					AddXToCertList(o, x);

			
 
				+

			
 
				+					FreeX(x);

			
 
				+				}

			
 
				+			}

			
 
				+		}

			
 
				+

			
 
				+		FreeDir(dir);

			
 
				+	}

			
 
				+}

			
 
				+

			
 
				+// Add all root certs to the cert list

			
 
				+void AddAllRootCertsToCertList(LIST *o)

			
 
				+{

			
 
				+	BUF *buf;

			
 
				+	PACK *p;

			
 
				+	UINT num_ok = 0, num_error = 0;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	buf = ReadDump(ROOT_CERTS_FILENAME);

			
 
				+	if (buf == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	p = BufToPack(buf);

			
 
				+

			
 
				+	if (p != NULL)

			
 
				+	{

			
 
				+		UINT num = PackGetIndexCount(p, "cert");

			
 
				+		UINT i;

			
 
				+

			
 
				+		for (i = 0;i < num;i++)

			
 
				+		{

			
 
				+			bool ok = false;

			
 
				+			BUF *b = PackGetBufEx(p, "cert", i);

			
 
				+

			
 
				+			if (b != NULL)

			
 
				+			{

			
 
				+				X *x = BufToX(b, false);

			
 
				+

			
 
				+				if (x != NULL)

			
 
				+				{

			
 
				+					AddXToCertList(o, x);

			
 
				+

			
 
				+					ok = true;

			
 
				+

			
 
				+					FreeX(x);

			
 
				+				}

			
 
				+

			
 
				+				FreeBuf(b);

			
 
				+			}

			
 
				+

			
 
				+			if (ok)

			
 
				+			{

			
 
				+				num_ok++;

			
 
				+			}

			
 
				+			else

			
 
				+			{

			
 
				+				num_error++;

			
 
				+			}

			
 
				+		}

			
 
				+

			
 
				+		FreePack(p);

			
 
				+	}

			
 
				+

			
 
				+	FreeBuf(buf);

			
 
				+

			
 
				+	Debug("AddAllRootCertsToCertList: ok=%u error=%u total_list_len=%u\n", num_ok, num_error, LIST_NUM(o));

			
 
				+}

			
 
				 

			
 
				 // Convert the date of YYYYMMDD format to a number

			
 
				 UINT64 ShortStrToDate64(char *str)

			
@@ -5345,8 +5800,26 @@ bool ClientUploadAuth(CONNECTION *c)
 
				 	// UDP acceleration function using flag

			
 
				 	if (o->NoUdpAcceleration == false && c->Session->UdpAccel != NULL)

			
 
				 	{

			
 
				+		IP my_ip;

			
 
				+

			
 
				+		Zero(&my_ip, sizeof(my_ip));

			
 
				+

			
 
				 		PackAddBool(p, "use_udp_acceleration", true);

			
 
				-		PackAddIp(p, "udp_acceleration_client_ip", &c->Session->UdpAccel->MyIp);

			
 
				+

			
 
				+		Copy(&my_ip, &c->Session->UdpAccel->MyIp, sizeof(IP));

			
 
				+		if (IsLocalHostIP(&my_ip))

			
 
				+		{

			
 
				+			if (IsIP4(&my_ip))

			
 
				+			{

			
 
				+				ZeroIP4(&my_ip);

			
 
				+			}

			
 
				+			else

			
 
				+			{

			
 
				+				ZeroIP6(&my_ip);

			
 
				+			}

			
 
				+		}

			
 
				+

			
 
				+		PackAddIp(p, "udp_acceleration_client_ip", &my_ip);

			
 
				 		PackAddInt(p, "udp_acceleration_client_port", c->Session->UdpAccel->MyPort);

			
 
				 		PackAddData(p, "udp_acceleration_client_key", c->Session->UdpAccel->MyKey, UDP_ACCELERATION_COMMON_KEY_SIZE);

			
 
				 		PackAddBool(p, "support_hmac_on_udp_acceleration", true);

			
@@ -6186,6 +6659,8 @@ SOCK *ProxyConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
 
				 	char basic_str[MAX_SIZE * 2];

			
 
				 	UINT http_error_code;

			
 
				 	HTTP_HEADER *h;

			
 
				+	char server_host_name_tmp[256];

			
 
				+	UINT i, len;

			
 
				 	// Validate arguments

			
 
				 	if (c == NULL || proxy_host_name == NULL || proxy_port == 0 || server_host_name == NULL ||

			
 
				 		server_port == 0)

			
@@ -6206,6 +6681,19 @@ SOCK *ProxyConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
 
				 		return NULL;

			
 
				 	}

			
 
				 

			
 
				+	Zero(server_host_name_tmp, sizeof(server_host_name_tmp));

			
 
				+	StrCpy(server_host_name_tmp, sizeof(server_host_name_tmp), server_host_name);

			
 
				+

			
 
				+	len = StrLen(server_host_name_tmp);

			
 
				+

			
 
				+	for (i = 0;i < len;i++)

			
 
				+	{

			
 
				+		if (server_host_name_tmp[i] == '/')

			
 
				+		{

			
 
				+			server_host_name_tmp[i] = 0;

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				 	// Connection

			
 
				 	s = TcpConnectEx3(proxy_host_name, proxy_port, timeout, cancel_flag, hWnd, true, NULL, false, false);

			
 
				 	if (s == NULL)

			
@@ -6224,24 +6712,24 @@ SOCK *ProxyConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
 
				 	}

			
 
				 

			
 
				 	// HTTP header generation

			
 
				-	if (IsStrIPv6Address(server_host_name))

			
 
				+	if (IsStrIPv6Address(server_host_name_tmp))

			
 
				 	{

			
 
				 		IP ip;

			
 
				 		char iptmp[MAX_PATH];

			
 
				 

			
 
				-		StrToIP(&ip, server_host_name);

			
 
				+		StrToIP(&ip, server_host_name_tmp);

			
 
				 		IPToStr(iptmp, sizeof(iptmp), &ip);

			
 
				 

			
 
				 		Format(tmp, sizeof(tmp), "[%s]:%u", iptmp, server_port);

			
 
				 	}

			
 
				 	else

			
 
				 	{

			
 
				-		Format(tmp, sizeof(tmp), "%s:%u", server_host_name, server_port);

			
 
				+		Format(tmp, sizeof(tmp), "%s:%u", server_host_name_tmp, server_port);

			
 
				 	}

			
 
				 

			
 
				 	h = NewHttpHeader("CONNECT", tmp, "HTTP/1.0");

			
 
				 	AddHttpValue(h, NewHttpValue("User-Agent", (c->Cedar == NULL ? DEFAULT_USER_AGENT : c->Cedar->HttpUserAgent)));

			
 
				-	AddHttpValue(h, NewHttpValue("Host", server_host_name));

			
 
				+	AddHttpValue(h, NewHttpValue("Host", server_host_name_tmp));

			
 
				 	AddHttpValue(h, NewHttpValue("Content-Length", "0"));

			
 
				 	AddHttpValue(h, NewHttpValue("Proxy-Connection", "Keep-Alive"));

			
 
				 	AddHttpValue(h, NewHttpValue("Pragma", "no-cache"));

			
@@ -6249,7 +6737,7 @@ SOCK *ProxyConnectEx2(CONNECTION *c, char *proxy_host_name, UINT proxy_port,
 
				 	if (use_auth)

			
 
				 	{

			
 
				 		wchar_t tmp[MAX_SIZE];

			
 
				-		UniFormat(tmp, sizeof(tmp), _UU("STATUS_3"), server_host_name);

			
 
				+		UniFormat(tmp, sizeof(tmp), _UU("STATUS_3"), server_host_name_tmp);

			
 
				 		// Generate the authentication string

			
 
				 		Format(auth_tmp_str, sizeof(auth_tmp_str), "%s:%s",

			
 
				 			username, password);

			
--- a/src/Cedar/Protocol.h
+++ b/src/Cedar/Protocol.h
@@ -179,6 +179,12 @@ struct UPDATE_CLIENT
 
				 #define	UPDATE_CONNECT_TIMEOUT			5000

			
 
				 #define	UPDATE_COMM_TIMEOUT				5000

			
 
				 

			
 
				+// Dynamic root cert fetch function

			
 
				+#define	CERT_HTTP_DOWNLOAD_MAXSIZE	65536

			
 
				+#define	CERT_HTTP_DOWNLOAD_TIMEOUT	(10 * 1000)

			
 
				+#define	ROOT_CERTS_FILENAME			"|root_certs.dat"

			
 
				+#define	AUTO_DOWNLOAD_CERTS_PREFIX	L".autodownload_"

			
 
				+#define	FIND_CERT_CHAIN_MAX_DEPTH	16

			
 
				 

			
 
				 

			
 
				 // Function prototype

			
@@ -277,6 +283,18 @@ void PackAddClientVersion(PACK *p, CONNECTION *c);
 
				 void NodeInfoToStr(wchar_t *str, UINT size, NODE_INFO *info);

			
 
				 void GenerateMachineUniqueHash(void *data);

			
 
				 

			
 
				+LIST *NewCertList(bool load_root_and_chain);

			
 
				+void FreeCertList(LIST *o);

			
 
				+bool IsXInCertList(LIST *o, X *x);

			
 
				+void AddXToCertList(LIST *o, X *x);

			
 
				+void AddAllRootCertsToCertList(LIST *o);

			
 
				+void AddAllChainCertsToCertList(LIST *o);

			
 
				+X *DownloadCert(char *url);

			
 
				+X *FindCertIssuerFromCertList(LIST *o, X *x);

			
 
				+bool TryGetRootCertChain(LIST *o, X *x, bool auto_save, X **found_root_x);

			
 
				+bool TryGetParentCertFromCertList(LIST *o, X *x, LIST *found_chain);

			
 
				+bool DownloadAndSaveIntermediateCertificatesIfNecessary(X *x);

			
 
				+

			
 
				 

			
 
				 #endif	// PROTOCOL_H

			
 
				 

			
--- a/src/Cedar/SM.c
+++ b/src/Cedar/SM.c
@@ -16929,6 +16929,13 @@ void SmSslDlgOnOk(HWND hWnd, SM_SSL *s)
 
				 		{

			
 
				 			return;

			
 
				 		}

			
 
				+

			
 
				+		if (t.Flag1 == 0)

			
 
				+		{

			
 
				+			// Show the warning message

			
 
				+			MsgBox(hWnd, MB_ICONWARNING, _UU("SM_CERT_NEED_ROOT"));

			
 
				+		}

			
 
				+

			
 
				 		FreeRpcKeyPair(&t);

			
 
				 

			
 
				 		MsgBox(hWnd, MB_ICONINFORMATION, _UU("CM_CERT_SET_MSG"));

			
@@ -18930,6 +18937,8 @@ UINT SmServerDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *pa
 
				 

			
 
				 			SmShowIPSecMessageIfNecessary(hWnd, p);

			
 
				 

			
 
				+			SmShowCertRegenerateMessageIfNecessary(hWnd, p);

			
 
				+

			
 
				 			SetTimer(hWnd, 3, 150, NULL);

			
 
				 			break;

			
 
				 

			
@@ -18954,6 +18963,73 @@ UINT SmServerDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *pa
 
				 	return 0;

			
 
				 }

			
 
				 

			
 
				+// Display the message about the cert

			
 
				+void SmShowCertRegenerateMessageIfNecessary(HWND hWnd, SM_SERVER *p)

			
 
				+{

			
 
				+	// Validate arguments

			
 
				+	if (p == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	if (p->ServerAdminMode && p->Bridge == false)

			
 
				+	{

			
 
				+		RPC_KEY_PAIR t;

			
 
				+

			
 
				+		Zero(&t, sizeof(t));

			
 
				+

			
 
				+		if (ScGetServerCert(p->Rpc, &t) == ERR_NO_ERROR)

			
 
				+		{

			
 
				+			if (t.Cert != NULL && t.Cert->has_basic_constraints == false)

			
 
				+			{

			
 
				+				if (t.Cert->root_cert)

			
 
				+				{

			
 
				+					if (MsRegReadInt(REG_CURRENT_USER, SM_HIDE_CERT_UPDATE_MSG_KEY, p->ServerName) == 0)

			
 
				+					{

			
 
				+						if (MsgBox(hWnd, MB_ICONQUESTION | MB_YESNO, _UU("SM_CERT_MESSAGE")) == IDYES)

			
 
				+						{

			
 
				+							X *x;

			
 
				+							K *k;

			
 
				+

			
 
				+							// Regenerating the certificate

			
 
				+							if (SmRegenerateServerCert(hWnd, p, NULL, &x, &k, false))

			
 
				+							{

			
 
				+								// Confirmation message

			
 
				+								if (MsgBox(hWnd, MB_ICONEXCLAMATION | MB_YESNO, _UU("SM_REGENERATE_CERT_MSG")) == IDYES)

			
 
				+								{

			
 
				+									// Set the new certificate and private key

			
 
				+									RPC_KEY_PAIR t2;

			
 
				+

			
 
				+									Zero(&t2, sizeof(t2));

			
 
				+

			
 
				+									t2.Cert = CloneX(x);

			
 
				+									t2.Key = CloneK(k);

			
 
				+

			
 
				+									if (CALL(hWnd, ScSetServerCert(p->Rpc, &t2)))

			
 
				+									{

			
 
				+										FreeRpcKeyPair(&t2);

			
 
				+

			
 
				+										MsgBox(hWnd, MB_ICONINFORMATION, _UU("CM_CERT_SET_MSG"));

			
 
				+									}

			
 
				+								}

			
 
				+

			
 
				+								FreeX(x);

			
 
				+								FreeK(k);

			
 
				+							}

			
 
				+						}

			
 
				+						else

			
 
				+						{

			
 
				+							MsRegWriteInt(REG_CURRENT_USER, SM_HIDE_CERT_UPDATE_MSG_KEY, p->ServerName, 1);

			
 
				+						}

			
 
				+					}

			
 
				+				}

			
 
				+			}

			
 
				+

			
 
				+			FreeRpcKeyPair(&t);

			
 
				+		}

			
 
				+	}

			
 
				+}

			
 
				+

			
 
				 // Display messages about IPsec, and prompt for the setting

			
 
				 void SmShowIPSecMessageIfNecessary(HWND hWnd, SM_SERVER *p)

			
 
				 {

			
--- a/src/Cedar/SMInner.h
+++ b/src/Cedar/SMInner.h
@@ -101,6 +101,7 @@
 
				 #define	SM_CERT_REG_KEY		"Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Cert Tool"

			
 
				 #define	SM_SETTING_REG_KEY	"Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Settings"

			
 
				 #define	SM_LASTHUB_REG_KEY	"Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Last HUB Name"

			
 
				+#define	SM_HIDE_CERT_UPDATE_MSG_KEY	"Software\\SoftEther Corporation\\PacketiX VPN\\Server Manager\\Hide Cert Update Msg"

			
 
				 

			
 
				 #define	NAME_OF_VPN_SERVER_MANAGER	"vpnsmgr"

			
 
				 #define	NAME_OF_VPN_SERVER_TARGET	"vpnserver@%s"

			
@@ -799,6 +800,7 @@ UINT SmSpecialListenerDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, voi
 
				 void SmSpecialListenerDlgInit(HWND hWnd, SM_SERVER *s);

			
 
				 void SmSpecialListenerDlgOnOk(HWND hWnd, SM_SERVER *s);

			
 
				 void SmShowIPSecMessageIfNecessary(HWND hWnd, SM_SERVER *p);

			
 
				+void SmShowCertRegenerateMessageIfNecessary(HWND hWnd, SM_SERVER *p);

			
 
				 UINT SmVmBridgeDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);

			
 
				 void SmAzure(HWND hWnd, SM_SERVER *s, bool on_setup);

			
 
				 UINT SmAzureDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);

			
--- a/src/Cedar/Server.h
+++ b/src/Cedar/Server.h
@@ -414,6 +414,7 @@ struct LOG_FILE
 
				 #define	GSF_SHOW_OSS_MSG				7

			
 
				 

			
 
				 

			
 
				+

			
 
				 // Virtual HUB creation history

			
 
				 struct SERVER_HUB_CREATE_HISTORY

			
 
				 {

			
--- a/src/Cedar/Session.c
+++ b/src/Cedar/Session.c
@@ -2142,6 +2142,23 @@ SESSION *NewServerSessionEx(CEDAR *cedar, CONNECTION *c, HUB *h, char *username,
 
				 	return s;

			
 
				 }

			
 
				 

			
 
				+// Check whether the specified MAC address is IPC address

			
 
				+bool IsIpcMacAddress(UCHAR *mac)

			
 
				+{

			
 
				+	// Validate arguments

			
 
				+	if (mac == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	if (mac[0] == 0xCA)

			
 
				+	{

			
 
				+		return true;

			
 
				+	}

			
 
				+

			
 
				+	return false;

			
 
				+}

			
 
				+

			
 
				 // Display the session key for debugging

			
 
				 void DebugPrintSessionKey(UCHAR *session_key)

			
 
				 {

			
--- a/src/Cedar/Session.h
+++ b/src/Cedar/Session.h
@@ -397,6 +397,7 @@ void NewSessionKey(CEDAR *cedar, UCHAR *session_key, UINT *session_key_32);
 
				 SESSION *GetSessionFromKey(CEDAR *cedar, UCHAR *session_key);

			
 
				 SESSION *GetSessionFromKey32(CEDAR *cedar, UINT key32);

			
 
				 void DebugPrintSessionKey(UCHAR *session_key);

			
 
				+bool IsIpcMacAddress(UCHAR *mac);

			
 
				 void ClientAdditionalConnectChance(SESSION *s);

			
 
				 void SessionAdditionalConnect(SESSION *s);

			
 
				 void ClientAdditionalThread(THREAD *t, void *param);

			
--- a/src/Cedar/Virtual.c
+++ b/src/Cedar/Virtual.c
@@ -9436,6 +9436,53 @@ void VirtualDhcpServer(VH *v, PKT *p)
 
				 				if (GetGlobalServerFlag(GSF_DISABLE_PUSH_ROUTE) == 0)

			
 
				 				{

			
 
				 					Copy(&ret.ClasslessRoute, &v->PushRoute, sizeof(DHCP_CLASSLESS_ROUTE_TABLE));

			
 
				+

			
 
				+					if (IsIpcMacAddress(p->MacAddressSrc))

			
 
				+					{

			
 
				+						if (ret.Gateway == 0)

			
 
				+						{

			
 
				+							// If the default gateway is not specified, add the static routing table

			
 
				+							// entry for the local IP subnet

			
 
				+							// (for PPP clients)

			
 
				+							IP dhcp_ip;

			
 
				+							IP dhcp_mask;

			
 
				+							IP dhcp_network;

			
 
				+

			
 
				+							UINTToIP(&dhcp_ip, ip);

			
 
				+

			
 
				+							if (ip == 0)

			
 
				+							{

			
 
				+								UINTToIP(&dhcp_ip, p->L3.IPv4Header->SrcIP);

			
 
				+							}

			
 
				+

			
 
				+							UINTToIP(&dhcp_mask, v->DhcpMask);

			
 
				+

			
 
				+							IPAnd4(&dhcp_network, &dhcp_ip, &dhcp_mask);

			
 
				+

			
 
				+							if (GetBestClasslessRoute(&ret.ClasslessRoute, &dhcp_ip) == NULL)

			
 
				+							{

			
 
				+								if (ret.ClasslessRoute.NumExistingRoutes < MAX_DHCP_CLASSLESS_ROUTE_ENTRIES)

			
 
				+								{

			
 
				+									DHCP_CLASSLESS_ROUTE *cr = &ret.ClasslessRoute.Entries[ret.ClasslessRoute.NumExistingRoutes];

			
 
				+

			
 
				+									cr->Exists = true;

			
 
				+

			
 
				+									UINTToIP(&cr->Gateway, v->HostIP);

			
 
				+

			
 
				+									if (v->UseNat == false && ret.ClasslessRoute.NumExistingRoutes >= 1)

			
 
				+									{

			
 
				+										Copy(&cr->Gateway, &ret.ClasslessRoute.Entries[0].Gateway, sizeof(IP));

			
 
				+									}

			
 
				+

			
 
				+									Copy(&cr->Network, &dhcp_network, sizeof(IP));

			
 
				+									Copy(&cr->SubnetMask, &dhcp_mask, sizeof(IP));

			
 
				+									cr->SubnetMaskLen = SubnetMaskToInt(&dhcp_mask);

			
 
				+

			
 
				+									ret.ClasslessRoute.NumExistingRoutes++;

			
 
				+								}

			
 
				+							}

			
 
				+						}

			
 
				+					}

			
 
				 				}

			
 
				 

			
 
				 				if (opt->Opcode != DHCP_INFORM)

			
--- a/src/Cedar/WinUi.h
+++ b/src/Cedar/WinUi.h
@@ -485,6 +485,7 @@ typedef struct BAD_PROCESS
 
				 static BAD_PROCESS bad_processes[] =

			
 
				 {

			
 
				 	{"nod32krn.exe", "NOD32 Antivirus",},

			
 
				+	{"avp.exe", "Kaspersky",},

			
 
				 };

			
 
				 

			
 
				 static UINT num_bad_processes = sizeof(bad_processes) / sizeof(bad_processes[0]);

			
--- a/src/CurrentBuild.txt
+++ b/src/CurrentBuild.txt
@@ -1,4 +1,4 @@
 
				-BUILD_NUMBER 9437

			
 
				-VERSION 406

			
 
				-BUILD_NAME beta

			
 
				-BUILD_DATE 20140409_093904

			
 
				+BUILD_NUMBER 9448

			
 
				+VERSION 407

			
 
				+BUILD_NAME rtm

			
 
				+BUILD_DATE 20140606_030739

			
--- a/src/Mayaqua/Cfg.h
+++ b/src/Mayaqua/Cfg.h
@@ -116,7 +116,7 @@
 
				 #define	TAG_END				"end"

			
 
				 #define	TAG_ROOT			"root"

			
 
				 

			
 
				-#define	TAG_CPYRIGHT		"\xef\xbb\xbf# Software Configuration File\r\n# \r\n# You can edit this file when the program is not working.\r\n# \r\n"

			
 
				+#define	TAG_CPYRIGHT		"\xef\xbb\xbf# Software Configuration File\r\n# ---------------------------\r\n# \r\n# You may edit this file when the VPN Server / Client / Bridge program is not running.\r\n# \r\n# In prior to edit this file manually by your text editor,\r\n# shutdown the VPN Server / Client / Bridge background service.\r\n# Otherwise, all changes will be lost.\r\n# \r\n"

			
 
				 #define	TAG_BINARY			"SEVPN_DB"

			
 
				 

			
 
				 // Data type

			
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@@ -126,6 +126,8 @@
 
				 #include <openssl/aes.h>

			
 
				 #include <openssl/dh.h>

			
 
				 #include <openssl/pem.h>

			
 
				+#include <openssl/conf.h>

			
 
				+#include <openssl/x509v3.h>

			
 
				 #include <Mayaqua/Mayaqua.h>

			
 
				 

			
 
				 #ifdef	USE_INTEL_AESNI_LIBRARY

			
@@ -1149,13 +1151,13 @@ void GetAllNameFromA(char *str, UINT size, X *x)
 
				 // Get the all name strings from NAME

			
 
				 void GetAllNameFromName(wchar_t *str, UINT size, NAME *name)

			
 
				 {

			
 
				+	UniStrCpy(str, size, L"");

			
 
				 	// Validate arguments

			
 
				 	if (str == NULL || name == NULL)

			
 
				 	{

			
 
				 		return;

			
 
				 	}

			
 
				 

			
 
				-	UniStrCpy(str, size, L"");

			
 
				 	if (name->CommonName != NULL)

			
 
				 	{

			
 
				 		UniFormat(str, size, L"%sCN=%s, ", str, name->CommonName);

			
@@ -1896,6 +1898,7 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
 
				 	UINT64 notBefore, notAfter;

			
 
				 	ASN1_TIME *t1, *t2;

			
 
				 	X509_NAME *subject_name, *issuer_name;

			
 
				+	X509_EXTENSION *ex = NULL;

			
 
				 	// Validate arguments

			
 
				 	if (pub == NULL || name == NULL || priv == NULL)

			
 
				 	{

			
@@ -1981,6 +1984,11 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
 
				 		s->length = serial->size;

			
 
				 	}

			
 
				 

			
 
				+	// Extensions

			
 
				+	ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,	"critical,CA:TRUE");

			
 
				+	X509_add_ext(x509, ex, -1);

			
 
				+	X509_EXTENSION_free(ex);

			
 
				+

			
 
				 	Lock(openssl_lock);

			
 
				 	{

			
 
				 		// Set the public key

			
@@ -2663,6 +2671,10 @@ bool RsaGen(K **priv, K **pub, UINT bit)
 
				 

			
 
				 // Confirm whether the certificate X is signed by the issuer of the certificate x_issuer

			
 
				 bool CheckX(X *x, X *x_issuer)

			
 
				+{

			
 
				+	return CheckXEx(x, x_issuer, false, false);

			
 
				+}

			
 
				+bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date)

			
 
				 {

			
 
				 	K *k;

			
 
				 	bool ret;

			
@@ -2679,6 +2691,26 @@ bool CheckX(X *x, X *x_issuer)
 
				 	}

			
 
				 

			
 
				 	ret = CheckSignature(x, k);

			
 
				+

			
 
				+	if (ret)

			
 
				+	{

			
 
				+		if (check_name)

			
 
				+		{

			
 
				+			if (CompareName(x->issuer_name, x_issuer->subject_name) == false)

			
 
				+			{

			
 
				+				ret = false;

			
 
				+			}

			
 
				+		}

			
 
				+

			
 
				+		if (check_date)

			
 
				+		{

			
 
				+			if (CheckXDateNow(x_issuer) == false)

			
 
				+			{

			
 
				+				ret = false;

			
 
				+			}

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				 	FreeK(k);

			
 
				 

			
 
				 	return ret;

			
@@ -3680,6 +3712,43 @@ X *X509ToX(X509 *x509)
 
				 		}

			
 
				 	}

			
 
				 

			
 
				+	// Check whether there is basic constraints

			
 
				+	if (X509_get_ext_by_NID(x509, NID_basic_constraints, -1) != -1)

			
 
				+	{

			
 
				+		x->has_basic_constraints = true;

			
 
				+	}

			
 
				+

			
 
				+	// Get the "Certification Authority Issuer" (1.3.6.1.5.5.7.48.2) field value

			
 
				+	if (x->root_cert == false)

			
 
				+	{

			
 
				+		AUTHORITY_INFO_ACCESS *ads = (AUTHORITY_INFO_ACCESS *)X509_get_ext_d2i(x509, NID_info_access, NULL, NULL);

			
 
				+

			
 
				+		if (ads != NULL)

			
 
				+		{

			
 
				+			int i;

			
 
				+

			
 
				+			for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ads); i++)

			
 
				+			{

			
 
				+				ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(ads, i);

			
 
				+				if (ad != NULL)

			
 
				+				{

			
 
				+					if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI)

			
 
				+					{

			
 
				+						char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier);

			
 
				+

			
 
				+						if (IsEmptyStr(uri) == false)

			
 
				+						{

			
 
				+							StrCpy(x->issuer_url, sizeof(x->issuer_url), uri);

			
 
				+							break;

			
 
				+						}

			
 
				+					}

			
 
				+				}

			
 
				+			}

			
 
				+

			
 
				+			AUTHORITY_INFO_ACCESS_free(ads);

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				 	// Get the Serial Number

			
 
				 	x->serial = NewXSerial(x509->cert_info->serialNumber->data,

			
 
				 		x509->cert_info->serialNumber->length);

			
--- a/src/Mayaqua/Encrypt.h
+++ b/src/Mayaqua/Encrypt.h
@@ -197,6 +197,8 @@ struct X
 
				 	bool do_not_free;

			
 
				 	bool is_compatible_bit;

			
 
				 	UINT bits;

			
 
				+	bool has_basic_constraints;

			
 
				+	char issuer_url[256];

			
 
				 };

			
 
				 

			
 
				 // Key

			
@@ -339,6 +341,7 @@ K *GetKFromX(X *x);
 
				 bool CheckSignature(X *x, K *k);

			
 
				 X *X509ToX(X509 *x509);

			
 
				 bool CheckX(X *x, X *x_issuer);

			
 
				+bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date);

			
 
				 bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time);

			
 
				 bool StrToSystem(SYSTEMTIME *s, char *str);

			
 
				 UINT64 Asn1TimeToUINT64(void *asn1_time);

			
--- a/src/Mayaqua/MayaType.h
+++ b/src/Mayaqua/MayaType.h
@@ -485,6 +485,7 @@ typedef struct ICMP_RESULT ICMP_RESULT;
 
				 typedef struct SSL_PIPE SSL_PIPE;

			
 
				 typedef struct SSL_BIO SSL_BIO;

			
 
				 typedef struct RUDP_STACK RUDP_STACK;

			
 
				+typedef struct RUDP_SOURCE_IP RUDP_SOURCE_IP;

			
 
				 typedef struct RUDP_SESSION RUDP_SESSION;

			
 
				 typedef struct RUDP_SEGMENT RUDP_SEGMENT;

			
 
				 typedef struct CONNECT_TCP_RUDP_PARAM CONNECT_TCP_RUDP_PARAM;

			
--- a/src/Mayaqua/Memory.c
+++ b/src/Mayaqua/Memory.c
@@ -2005,6 +2005,41 @@ int CompareInt64(void *p1, void *p2)
 
				 	return COMPARE_RET(*v1, *v2);

			
 
				 }

			
 
				 

			
 
				+// Randomize the contents of the list

			
 
				+void RandomizeList(LIST *o)

			
 
				+{

			
 
				+	LIST *o2;

			
 
				+	UINT i;

			
 
				+	// Validate arguments

			
 
				+	if (o == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	o2 = NewListFast(NULL);

			
 
				+

			
 
				+	while (LIST_NUM(o) != 0)

			
 
				+	{

			
 
				+		UINT num = LIST_NUM(o);

			
 
				+		UINT i = Rand32() % num;

			
 
				+		void *p = LIST_DATA(o, i);

			
 
				+

			
 
				+		Add(o2, p);

			
 
				+		Delete(o, p);

			
 
				+	}

			
 
				+

			
 
				+	DeleteAll(o);

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(o2);i++)

			
 
				+	{

			
 
				+		void *p = LIST_DATA(o2, i);

			
 
				+

			
 
				+		Add(o, p);

			
 
				+	}

			
 
				+

			
 
				+	ReleaseList(o2);

			
 
				+}

			
 
				+

			
 
				 // Add an integer to the list

			
 
				 void AddInt(LIST *o, UINT i)

			
 
				 {

			
--- a/src/Mayaqua/Memory.h
+++ b/src/Mayaqua/Memory.h
@@ -387,6 +387,7 @@ void InsertInt(LIST *o, UINT i);
 
				 void InsertInt64(LIST *o, UINT64 i);

			
 
				 void InsertIntDistinct(LIST *o, UINT i);

			
 
				 void InsertInt64Distinct(LIST *o, UINT64 i);

			
 
				+void RandomizeList(LIST *o);

			
 
				 

			
 
				 void *GetNext(QUEUE *q);

			
 
				 void *GetNextWithLock(QUEUE *q);

			
--- a/src/Mayaqua/Network.c
+++ b/src/Mayaqua/Network.c
@@ -225,6 +225,7 @@ static UINT rand_port_numbers[256] = {0};
 
				 

			
 
				 

			
 
				 static bool g_use_privateip_file = false;

			
 
				+static bool g_source_ip_validation_force_disable = false;

			
 
				 

			
 
				 typedef struct PRIVATE_IP_SUBNET

			
 
				 {

			
@@ -1537,6 +1538,17 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
 
				 					// Save the IP address and port number at the time of registration

			
 
				 					PackGetStr(p, "your_ip_and_port", r->NatT_Registered_IPAndPort, sizeof(r->NatT_Registered_IPAndPort));

			
 
				 

			
 
				+					if (g_source_ip_validation_force_disable == false)

			
 
				+					{

			
 
				+						// Enable the source IP address validation mechanism

			
 
				+						r->NatT_EnableSourceIpValidation = PackGetBool(p, "enable_source_ip_validation");

			
 
				+					}

			
 
				+					else

			
 
				+					{

			
 
				+						// Force disable the source IP address validation mechanism

			
 
				+						r->NatT_EnableSourceIpValidation = false;

			
 
				+					}

			
 
				+

			
 
				 					// Global port of itself

			
 
				 					my_global_port = PackGetInt(p, "your_port");

			
 
				 

			
@@ -1569,6 +1581,11 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
 
				 						UCHAR *rand_data;

			
 
				 						UINT rand_size;

			
 
				 

			
 
				+						if (r->NatT_EnableSourceIpValidation)

			
 
				+						{

			
 
				+							RUDPAddIpToValidateList(r, &client_ip);

			
 
				+						}

			
 
				+

			
 
				 						rand_size = Rand32() % 19;

			
 
				 						rand_data = Malloc(rand_size);

			
 
				 

			
@@ -1588,6 +1605,12 @@ void RUDPProcess_NatT_Recv(RUDP_STACK *r, UDPPACKET *udp)
 
				 	FreeBuf(b);

			
 
				 }

			
 
				 

			
 
				+// Set the flag of the source IP address validation function

			
 
				+void RUDPSetSourceIpValidationForceDisable(bool b)

			
 
				+{

			
 
				+	g_source_ip_validation_force_disable = b;

			
 
				+}

			
 
				+

			
 
				 // Process such as packet transmission for NAT-T server

			
 
				 void RUDPDo_NatT_Interrupt(RUDP_STACK *r)

			
 
				 {

			
@@ -1826,6 +1849,11 @@ void RUDPRecvProc(RUDP_STACK *r, UDPPACKET *p)
 
				 					// Entire number of sessions exceeds the limit

			
 
				 					ok = false;

			
 
				 				}

			
 
				+				else if (r->NatT_EnableSourceIpValidation && RUDPIsIpInValidateList(r, &p->SrcIP) == false)

			
 
				+				{

			
 
				+					// Invalid source IP address, which is not registered on the validated source IP address list

			
 
				+					ok = false;

			
 
				+				}

			
 
				 				else

			
 
				 				{

			
 
				 					UINT i;

			
@@ -1942,6 +1970,138 @@ void RUDPRecvProc(RUDP_STACK *r, UDPPACKET *p)
 
				 	}

			
 
				 }

			
 
				 

			
 
				+// Check whether the specificed IP address is in the validated source IP address list

			
 
				+bool RUDPIsIpInValidateList(RUDP_STACK *r, IP *ip)

			
 
				+{

			
 
				+	UINT i;

			
 
				+	UINT64 now = Tick64();

			
 
				+	LIST *o = NULL;

			
 
				+	bool ret = false;

			
 
				+	// Validate arguments

			
 
				+	if (r == NULL || ip == NULL)

			
 
				+	{

			
 
				+		return false;

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)

			
 
				+	{

			
 
				+		RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);

			
 
				+

			
 
				+		if (s->ExpiresTick <= now)

			
 
				+		{

			
 
				+			if (o == NULL)

			
 
				+			{

			
 
				+				o = NewListFast(NULL);

			
 
				+			}

			
 
				+

			
 
				+			Add(o, s);

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	if (o != NULL)

			
 
				+	{

			
 
				+		for (i = 0;i < LIST_NUM(o);i++)

			
 
				+		{

			
 
				+			RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(o, i);

			
 
				+

			
 
				+			Delete(r->NatT_SourceIpList, s);

			
 
				+

			
 
				+			Free(s);

			
 
				+		}

			
 
				+

			
 
				+		ReleaseList(o);

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)

			
 
				+	{

			
 
				+		RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);

			
 
				+

			
 
				+		if (CmpIpAddr(&s->ClientIP, ip) == 0)

			
 
				+		{

			
 
				+			ret = true;

			
 
				+			break;

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	Debug("RUDP: NAT-T: Validate IP: %r, ret=%u (current list len = %u)\n", ip, ret, LIST_NUM(r->NatT_SourceIpList));

			
 
				+

			
 
				+	return ret;

			
 
				+}

			
 
				+

			
 
				+// Add an IP address to the validated source IP address list

			
 
				+void RUDPAddIpToValidateList(RUDP_STACK *r, IP *ip)

			
 
				+{

			
 
				+	UINT i;

			
 
				+	RUDP_SOURCE_IP *sip;

			
 
				+	UINT64 now = Tick64();

			
 
				+	LIST *o = NULL;

			
 
				+	// Validate arguments

			
 
				+	if (r == NULL || ip == NULL)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	if (LIST_NUM(r->NatT_SourceIpList) >= RUDP_MAX_VALIDATED_SOURCE_IP_ADDRESSES)

			
 
				+	{

			
 
				+		return;

			
 
				+	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)

			
 
				+	{

			
 
				+		RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);

			
 
				+

			
 
				+		if (s->ExpiresTick <= now)

			
 
				+		{

			
 
				+			if (o == NULL)

			
 
				+			{

			
 
				+				o = NewListFast(NULL);

			
 
				+			}

			
 
				+

			
 
				+			Add(o, s);

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	if (o != NULL)

			
 
				+	{

			
 
				+		for (i = 0;i < LIST_NUM(o);i++)

			
 
				+		{

			
 
				+			RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(o, i);

			
 
				+

			
 
				+			Delete(r->NatT_SourceIpList, s);

			
 
				+

			
 
				+			Free(s);

			
 
				+		}

			
 
				+

			
 
				+		ReleaseList(o);

			
 
				+	}

			
 
				+

			
 
				+	sip = NULL;

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)

			
 
				+	{

			
 
				+		RUDP_SOURCE_IP *s = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);

			
 
				+

			
 
				+		if (CmpIpAddr(&s->ClientIP, ip) == 0)

			
 
				+		{

			
 
				+			sip = s;

			
 
				+			break;

			
 
				+		}

			
 
				+	}

			
 
				+

			
 
				+	if (sip == NULL)

			
 
				+	{

			
 
				+		sip = ZeroMalloc(sizeof(RUDP_SOURCE_IP));

			
 
				+

			
 
				+		Copy(&sip->ClientIP, ip, sizeof(IP));

			
 
				+

			
 
				+		Add(r->NatT_SourceIpList, sip);

			
 
				+	}

			
 
				+

			
 
				+	sip->ExpiresTick = now + (UINT64)RUDP_VALIDATED_SOURCE_IP_ADDRESS_EXPIRES;

			
 
				+

			
 
				+	Debug("RUDP: NAT-T: Src IP added: %r (current list len = %u)\n", ip, LIST_NUM(r->NatT_SourceIpList));

			
 
				+}

			
 
				+

			
 
				 // R-UDP interrupt processing procedure

			
 
				 void RUDPInterruptProc(RUDP_STACK *r)

			
 
				 {

			
@@ -4759,6 +4919,7 @@ SOCK *NewRUDPClientNatT(char *svc_name, IP *ip, UINT *error_code, UINT timeout,
 
				 		UINT result_port;

			
 
				 		SOCK *ret = NULL;

			
 
				 		UINT num_tries = 0;

			
 
				+		UINT64 current_cookie = 0;

			
 
				 

			
 
				 		AddInterrupt(interrupt, giveup_tick);

			
 
				 

			
@@ -4832,6 +4993,12 @@ LABEL_TIMEOUT:
 
				 

			
 
				 						if (p != NULL)

			
 
				 						{

			
 
				+							UINT64 cookie = PackGetInt64(p, "cookie");

			
 
				+							if (cookie != 0)

			
 
				+							{

			
 
				+								current_cookie = cookie;

			
 
				+							}

			
 
				+

			
 
				 							// Compare tran_id

			
 
				 							if (PackGetInt64(p, "tran_id") == tran_id)

			
 
				 							{

			
@@ -4901,6 +5068,7 @@ LABEL_TIMEOUT:
 
				 				PackAddInt64(p, "tran_id", tran_id);

			
 
				 				IPToStr(ip_str, sizeof(ip_str), ip);

			
 
				 				PackAddStr(p, "dest_ip", ip_str);

			
 
				+				PackAddInt64(p, "cookie", current_cookie);

			
 
				 				if (IsEmptyStr(hint_str) == false)

			
 
				 				{

			
 
				 					PackAddStr(p, "hint", hint_str);

			
@@ -5194,6 +5362,8 @@ RUDP_STACK *NewRUDP(bool server_mode, char *svc_name, RUDP_STACK_INTERRUPTS_PROC
 
				 	r->NewSockQueue = NewQueue();

			
 
				 	r->NatT_TranId = Rand64();

			
 
				 

			
 
				+	r->NatT_SourceIpList = NewListFast(NULL);

			
 
				+

			
 
				 	StrCpy(tmp, sizeof(tmp), r->SvcName);

			
 
				 	Trim(tmp);

			
 
				 	StrLower(tmp);

			
@@ -5359,6 +5529,15 @@ void FreeRUDP(RUDP_STACK *r)
 
				 		ReleaseSock(s);

			
 
				 	}

			
 
				 

			
 
				+	for (i = 0;i < LIST_NUM(r->NatT_SourceIpList);i++)

			
 
				+	{

			
 
				+		RUDP_SOURCE_IP *sip = (RUDP_SOURCE_IP *)LIST_DATA(r->NatT_SourceIpList, i);

			
 
				+

			
 
				+		Free(sip);

			
 
				+	}

			
 
				+

			
 
				+	ReleaseList(r->NatT_SourceIpList);

			
 
				+

			
 
				 	ReleaseQueue(r->NewSockQueue);

			
 
				 

			
 
				 	ReleaseList(r->SendPacketList);

			
@@ -5559,7 +5738,7 @@ SSL_PIPE *NewSslPipe(bool server_mode, X *x, K *k, DH_CTX *dh)
 
				 {

			
 
				 	SSL_PIPE *s;

			
 
				 	SSL *ssl;

			
 
				-	SSL_CTX *ssl_ctx = NewSSLCtx();

			
 
				+	SSL_CTX *ssl_ctx = NewSSLCtx(server_mode);

			
 
				 

			
 
				 	Lock(openssl_lock);

			
 
				 	{

			
@@ -11473,7 +11652,7 @@ UINT RecvFrom(SOCK *sock, IP *src_addr, UINT *src_port, void *data, UINT size)
 
				 

			
 
				 #ifdef	OS_WIN32

			
 
				 		if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||

			
 
				-			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS)

			
 
				+			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEADDRNOTAVAIL || WSAGetLastError() == WSAEADDRNOTAVAIL)

			
 
				 		{

			
 
				 			sock->IgnoreRecvErr = true;

			
 
				 		}

			
@@ -11553,7 +11732,7 @@ UINT RecvFrom6(SOCK *sock, IP *src_addr, UINT *src_port, void *data, UINT size)
 
				 

			
 
				 #ifdef	OS_WIN32

			
 
				 		if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||

			
 
				-			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS)

			
 
				+			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEADDRNOTAVAIL || WSAGetLastError() == WSAEADDRNOTAVAIL)

			
 
				 		{

			
 
				 			sock->IgnoreRecvErr = true;

			
 
				 		}

			
@@ -11665,7 +11844,7 @@ UINT SendToEx(SOCK *sock, IP *dest_addr, UINT dest_port, void *data, UINT size,
 
				 

			
 
				 #ifdef	OS_WIN32

			
 
				 		if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||

			
 
				-			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL)

			
 
				+			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL || WSAGetLastError() == WSAEADDRNOTAVAIL)

			
 
				 		{

			
 
				 			sock->IgnoreSendErr = true;

			
 
				 		}

			
@@ -11768,7 +11947,7 @@ UINT SendTo6Ex(SOCK *sock, IP *dest_addr, UINT dest_port, void *data, UINT size,
 
				 

			
 
				 #ifdef	OS_WIN32

			
 
				 		if (WSAGetLastError() == WSAECONNRESET || WSAGetLastError() == WSAENETRESET || WSAGetLastError() == WSAEMSGSIZE || WSAGetLastError() == WSAENETUNREACH ||

			
 
				-			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL)

			
 
				+			WSAGetLastError() == WSAENOBUFS || WSAGetLastError() == WSAEHOSTUNREACH || WSAGetLastError() == WSAEUSERS || WSAGetLastError() == WSAEINVAL || WSAGetLastError() == WSAEADDRNOTAVAIL)

			
 
				 		{

			
 
				 			sock->IgnoreSendErr = true;

			
 
				 		}

			
@@ -12354,6 +12533,7 @@ bool SendAll(SOCK *sock, void *data, UINT size, bool secure)
 
				 // Set the cipher algorithm name to want to use

			
 
				 void SetWantToUseCipher(SOCK *sock, char *name)

			
 
				 {

			
 
				+	char tmp[254];

			
 
				 	// Validate arguments

			
 
				 	if (sock == NULL || name == NULL)

			
 
				 	{

			
@@ -12364,7 +12544,13 @@ void SetWantToUseCipher(SOCK *sock, char *name)
 
				 	{

			
 
				 		Free(sock->WaitToUseCipher);

			
 
				 	}

			
 
				-	sock->WaitToUseCipher = CopyStr(name);

			
 
				+

			
 
				+	Zero(tmp, sizeof(tmp));

			
 
				+	StrCpy(tmp, sizeof(tmp), name);

			
 
				+	StrCat(tmp, sizeof(tmp), " ");

			
 
				+	StrCat(tmp, sizeof(tmp), cipher_list);

			
 
				+

			
 
				+	sock->WaitToUseCipher = CopyStr(tmp);

			
 
				 }

			
 
				 

			
 
				 // Add all the chain certificates in the chain_certs directory

			
@@ -12372,7 +12558,10 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
 
				 {

			
 
				 	wchar_t dirname[MAX_SIZE];

			
 
				 	wchar_t exedir[MAX_SIZE];

			
 
				+	wchar_t txtname[MAX_SIZE];

			
 
				 	DIRLIST *dir;

			
 
				+	LIST *o;

			
 
				+	UINT i;

			
 
				 

			
 
				 	// Validate arguments

			
 
				 	if (ctx == NULL)

			
@@ -12380,18 +12569,25 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
 
				 		return;

			
 
				 	}

			
 
				 

			
 
				+	o = NewListFast(NULL);

			
 
				+

			
 
				 	GetExeDirW(exedir, sizeof(exedir));

			
 
				 

			
 
				 	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");

			
 
				 

			
 
				 	MakeDirExW(dirname);

			
 
				 

			
 
				+	CombinePathW(txtname, sizeof(txtname), dirname, L"Readme_Chain_Certs.txt");

			
 
				+

			
 
				+	if (IsFileExistsW(txtname) == false)

			
 
				+	{

			
 
				+		FileCopyW(L"|chain_certs.txt", txtname);

			
 
				+	}

			
 
				+

			
 
				 	dir = EnumDirW(dirname);

			
 
				 

			
 
				 	if (dir != NULL)

			
 
				 	{

			
 
				-		UINT i;

			
 
				-

			
 
				 		for (i = 0;i < dir->NumFiles;i++)

			
 
				 		{

			
 
				 			DIRENT *e = dir->File[i];

			
@@ -12407,7 +12603,28 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
 
				 

			
 
				 				if (x != NULL)

			
 
				 				{

			
 
				-					AddChainSslCert(ctx, x);

			
 
				+					UINT j;

			
 
				+					bool exists = false;

			
 
				+					UCHAR hash[SHA1_SIZE];

			
 
				+

			
 
				+					GetXDigest(x, hash, true);

			
 
				+

			
 
				+					for (j = 0;j < LIST_NUM(o);j++)

			
 
				+					{

			
 
				+						UCHAR *hash2 = LIST_DATA(o, j);

			
 
				+

			
 
				+						if (Cmp(hash, hash2, SHA1_SIZE) == 0)

			
 
				+						{

			
 
				+							exists = true;

			
 
				+						}

			
 
				+					}

			
 
				+

			
 
				+					if (exists == false)

			
 
				+					{

			
 
				+						AddChainSslCert(ctx, x);

			
 
				+

			
 
				+						Add(o, Clone(hash, SHA1_SIZE));

			
 
				+					}

			
 
				 

			
 
				 					FreeX(x);

			
 
				 				}

			
@@ -12416,6 +12633,15 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
 
				 

			
 
				 		FreeDir(dir);

			
 
				 	}

			
 
				+

			
 
				+	for (i = 0;i < LIST_NUM(o);i++)

			
 
				+	{

			
 
				+		UCHAR *hash = LIST_DATA(o, i);

			
 
				+

			
 
				+		Free(hash);

			
 
				+	}

			
 
				+

			
 
				+	ReleaseList(o);

			
 
				 }

			
 
				 

			
 
				 // Add the chain certificate

			
@@ -12503,7 +12729,7 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, bool client_tls, UINT ssl_timeout, ch
 
				 		return true;

			
 
				 	}

			
 
				 

			
 
				-	ssl_ctx = NewSSLCtx();

			
 
				+	ssl_ctx = NewSSLCtx(sock->ServerMode);

			
 
				 

			
 
				 	Lock(openssl_lock);

			
 
				 	{

			
@@ -16964,7 +17190,7 @@ void UnlockDnsCache()
 
				 }

			
 
				 

			
 
				 // Create the SSL_CTX

			
 
				-struct ssl_ctx_st *NewSSLCtx()

			
 
				+struct ssl_ctx_st *NewSSLCtx(bool server_mode)

			
 
				 {

			
 
				 	struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());

			
 
				 

			
@@ -16972,6 +17198,13 @@ struct ssl_ctx_st *NewSSLCtx()
 
				 	SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET);

			
 
				 #endif	// SSL_OP_NO_TICKET

			
 
				 

			
 
				+#ifdef	SSL_OP_CIPHER_SERVER_PREFERENCE

			
 
				+	if (server_mode)

			
 
				+	{

			
 
				+		SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);

			
 
				+	}

			
 
				+#endif	// SSL_OP_CIPHER_SERVER_PREFERENCE

			
 
				+

			
 
				 	return ctx;

			
 
				 }

			
 
				 

			
--- a/src/Mayaqua/Network.h
+++ b/src/Mayaqua/Network.h
@@ -780,6 +780,16 @@ typedef bool (RUDP_STACK_RPC_RECV_PROC)(RUDP_STACK *r, UDPPACKET *p);
 
				 // Minimum time to wait for a trial to connect by ICMP and DNS in case failing to connect by TCP

			
 
				 #define	SOCK_CONNECT_WAIT_FOR_ICMP_AND_DNS_AT_LEAST		5000

			
 
				 

			
 
				+#define	RUDP_MAX_VALIDATED_SOURCE_IP_ADDRESSES		512

			
 
				+#define	RUDP_VALIDATED_SOURCE_IP_ADDRESS_EXPIRES	(RUDP_TIMEOUT * 2)

			
 
				+

			
 
				+// Validated Source IP Addresses for R-UDP

			
 
				+struct RUDP_SOURCE_IP

			
 
				+{

			
 
				+	UINT64 ExpiresTick;					// Expires

			
 
				+	IP ClientIP;						// Client IP address

			
 
				+};

			
 
				+

			
 
				 // R-UDP stack

			
 
				 struct RUDP_STACK

			
 
				 {

			
@@ -832,6 +842,8 @@ struct RUDP_STACK
 
				 	UINT LastDDnsFqdnHash;				// DNS FQDN hash value when last checked

			
 
				 	volatile UINT *NatTGlobalUdpPort;	// NAT-T global UDP port

			
 
				 	UCHAR RandPortId;					// Random UDP port ID

			
 
				+	bool NatT_EnableSourceIpValidation;	// Enable the source IP address validation mechanism

			
 
				+	LIST *NatT_SourceIpList;			// Authenticated source IP adddress list

			
 
				 

			
 
				 	// For Client

			
 
				 	bool TargetIpAndPortInited;			// The target IP address and the port number are initialized

			
@@ -926,7 +938,7 @@ struct HTTP_HEADER
 
				 };

			
 
				 

			
 
				 // HTTPS server / client related string constant

			
 
				-#define	DEFAULT_USER_AGENT	"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"

			
 
				+#define	DEFAULT_USER_AGENT	"Mozilla/5.0 (Windows NT 6.3; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0"

			
 
				 #define	DEFAULT_ACCEPT		"image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-powerpoint, application/vnd.ms-excel, */*"

			
 
				 #define	DEFAULT_ENCODING	"gzip, deflate"

			
 
				 #define	HTTP_CONTENT_TYPE	"text/html; charset=iso-8859-1"

			
@@ -1061,6 +1073,9 @@ bool RUDPProcessBulkRecvPacket(RUDP_STACK *r, RUDP_SESSION *se, void *recv_data,
 
				 UINT RUDPCalcBestMssForBulk(RUDP_STACK *r, RUDP_SESSION *se);

			
 
				 bool IsIPLocalHostOrMySelf(IP *ip);

			
 
				 UINT RUDPGetRandPortNumber(UCHAR rand_port_id);

			
 
				+void RUDPSetSourceIpValidationForceDisable(bool b);

			
 
				+bool RUDPIsIpInValidateList(RUDP_STACK *r, IP *ip);

			
 
				+void RUDPAddIpToValidateList(RUDP_STACK *r, IP *ip);

			
 
				 

			
 
				 bool GetBestLocalIpForTarget(IP *local_ip, IP *target_ip);

			
 
				 SOCK *NewUDP4ForSpecificIp(IP *target_ip, UINT port);

			
@@ -1558,7 +1573,7 @@ bool IsMacAddressLocalInner(LIST *o, void *addr);
 
				 bool IsMacAddressLocalFast(void *addr);

			
 
				 void RefreshLocalMacAddressList();

			
 
				 

			
 
				-struct ssl_ctx_st *NewSSLCtx();

			
 
				+struct ssl_ctx_st *NewSSLCtx(bool server_mode);

			
 
				 void FreeSSLCtx(struct ssl_ctx_st *ctx);

			
 
				 

			
 
				 void SetCurrentDDnsFqdn(char *name);

			
--- a/src/Mayaqua/Table.c
+++ b/src/Mayaqua/Table.c
@@ -1409,11 +1409,11 @@ bool LoadTableMain(wchar_t *filename)
 
				 

			
 
				 		SaveUnicodeCache(filename, b->Size, hash);

			
 
				 

			
 
				-		Debug("Unicode Source: strtable.stb\n");

			
 
				+		//Debug("Unicode Source: strtable.stb\n");

			
 
				 	}

			
 
				 	else

			
 
				 	{

			
 
				-		Debug("Unicode Source: unicode_cache\n");

			
 
				+		//Debug("Unicode Source: unicode_cache\n");

			
 
				 	}

			
 
				 

			
 
				 	FreeBuf(b);

			
@@ -1434,7 +1434,7 @@ bool LoadTableMain(wchar_t *filename)
 
				 		return false;

			
 
				 	}

			
 
				 

			
 
				-	Debug("Unicode File Read Cost: %u (%u Lines)\n", (UINT)(t2 - t1), LIST_NUM(TableList));

			
 
				+	//Debug("Unicode File Read Cost: %u (%u Lines)\n", (UINT)(t2 - t1), LIST_NUM(TableList));

			
 
				 

			
 
				 	return true;

			
 
				 }

			
--- a/src/Mayaqua/TcpIp.c
+++ b/src/Mayaqua/TcpIp.c
@@ -1813,12 +1813,13 @@ PKT *ParsePacketEx4(UCHAR *buf, UINT size, bool no_l3, UINT vlan_type_id, bool b
 
				 	if (no_http == false)

			
 
				 	{

			
 
				 		USHORT port_raw = Endian16(80);

			
 
				+		USHORT port_raw2 = Endian16(8080);

			
 
				 

			
 
				 		// Analyze if the packet is a part of HTTP

			
 
				 		if ((p->TypeL3 == L3_IPV4 || p->TypeL3 == L3_IPV6) && p->TypeL4 == L4_TCP)

			
 
				 		{

			
 
				 			TCP_HEADER *tcp = p->L4.TCPHeader;

			
 
				-			if (tcp->DstPort == port_raw)

			
 
				+			if (tcp->DstPort == port_raw || tcp->DstPort == port_raw2)

			
 
				 			{

			
 
				 				if (tcp != NULL && (!((tcp->Flag & TCP_SYN) || (tcp->Flag & TCP_RST) || (tcp->Flag & TCP_FIN))))

			
 
				 				{

			
--- a/src/Wfp/Wfp.c
+++ b/src/Wfp/Wfp.c
@@ -521,7 +521,7 @@ void NTAPI CalloutClassify(const FWPS_INCOMING_VALUES0* inFixedValues,
 
				 		{

			
 
				 			NET_BUFFER *nb = NET_BUFFER_LIST_FIRST_NB(nbl);

			
 
				 

			
 
				-			if (nb != NULL && NET_BUFFER_NEXT_NB(nb) == NULL)

			
 
				+			if (nb != NULL && NET_BUFFER_NEXT_NB(nb) == NULL && (NET_BUFFER_DATA_OFFSET(nb) >= inMetaValues->ipHeaderSize))

			
 
				 			{

			
 
				 				if (OK(NdisRetreatNetBufferDataStart(nb, inMetaValues->ipHeaderSize, 0, NULL)))

			
 
				 				{

			
--- a/src/bin/hamcore/SeLow_x64.sys
+++ b/src/bin/hamcore/SeLow_x64.sys
--- a/src/bin/hamcore/SeLow_x86.sys
+++ b/src/bin/hamcore/SeLow_x86.sys
--- a/src/bin/hamcore/inf/selow_x64/SeLow_x64.inf
+++ b/src/bin/hamcore/inf/selow_x64/SeLow_x64.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= NetTrans

			
 
				 ClassGUID					= {4D36E975-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_selow.cat

			
 
				 

			
@@ -66,5 +66,5 @@ SeLow_Description			= "A lightweight helper kernel-mode module for PacketiX VPN
 
				 

			
 
				 

			
 
				 

			
 
				-; Auto Generated 20140409_021333.421

			
 
				+; Auto Generated 20140419_144301.339

			
 
				 

			
--- a/src/bin/hamcore/inf/selow_x64/inf.cat
+++ b/src/bin/hamcore/inf/selow_x64/inf.cat
--- a/src/bin/hamcore/inf/selow_x86/SeLow_x86.inf
+++ b/src/bin/hamcore/inf/selow_x86/SeLow_x86.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= NetTrans

			
 
				 ClassGUID					= {4D36E975-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_selow.cat

			
 
				 

			
@@ -66,5 +66,5 @@ SeLow_Description			= "A lightweight helper kernel-mode module for PacketiX VPN
 
				 

			
 
				 

			
 
				 

			
 
				-; Auto Generated 20140409_021215.535

			
 
				+; Auto Generated 20140419_144133.148

			
 
				 

			
--- a/src/bin/hamcore/inf/selow_x86/inf.cat
+++ b/src/bin/hamcore/inf/selow_x86/inf.cat
--- a/src/bin/hamcore/inf/x64/INF_VPN.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN10.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN10.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN10.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN100.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN100.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN100.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN101.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN101.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN101.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN102.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN102.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN102.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN103.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN103.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN103.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN104.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN104.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN104.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN105.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN105.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN105.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN106.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN106.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN106.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN107.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN107.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN107.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN108.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN108.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN108.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN109.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN109.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN109.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN11.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN11.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN11.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN110.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN110.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN110.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN111.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN111.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN111.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN112.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN112.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN112.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN113.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN113.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN113.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN114.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN114.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN114.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN115.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN115.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN115.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN116.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN116.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN116.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN117.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN117.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN117.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN118.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN118.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN118.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN119.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN119.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN119.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN12.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN12.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN12.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN120.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN120.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN120.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN121.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN121.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN121.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN122.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN122.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN122.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN123.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN123.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN123.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN124.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN124.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN124.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN125.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN125.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN125.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN126.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN126.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN126.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN127.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN127.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN127.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN13.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN13.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN13.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN14.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN14.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN14.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN15.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN15.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN15.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN16.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN16.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN16.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN17.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN17.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN17.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN18.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN18.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN18.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN19.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN19.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN19.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN2.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN2.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN2.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN20.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN20.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN20.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN21.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN21.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN21.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN22.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN22.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN22.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN23.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN23.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN23.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN24.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN24.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN24.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN25.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN25.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN25.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN26.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN26.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN26.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN27.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN27.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN27.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN28.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN28.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN28.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN29.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN29.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN29.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN3.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN3.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN3.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN30.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN30.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN30.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN31.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN31.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN31.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN32.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN32.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN32.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN33.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN33.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN33.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN34.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN34.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN34.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN35.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN35.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN35.cat

			
 
				 

			
--- a/src/bin/hamcore/inf/x64/INF_VPN36.inf
+++ b/src/bin/hamcore/inf/x64/INF_VPN36.inf
@@ -8,7 +8,7 @@ Signature					= "$Windows NT$"
 
				 Class						= Net

			
 
				 ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}

			
 
				 Provider					= %CompanyName%

			
 
				-DriverVer					= 04/09/2014, 4.6.0.9436

			
 
				+DriverVer					= 04/19/2014, 4.6.0.9438

			
 
				 

			
 
				 CatalogFile.NT				= inf_VPN36.cat