v4.36-9754-beta

WARNING.TXT

@@ -398,10 +398,13 @@ identify that the source of the communication has initiated from the VPN Gate
 Service's hosting computer's IP address. However, for safety, any packets
 which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0
 or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to
-protect your local network. Therefore, if you run VPN Gate Service on your
-corporate network or private network, it is safe because anonymous VPN Client
-users will not be permitted to access such private networks. VPN Gate Service
-also serves as relay for accessing to the VPN Gate Directory Server.
+protect your local network. Any packets which destinations are within
+169.254.0.0/16, 224.0.0.0/4 or 100.64.0.0/10 will also be blocked for just in
+case. These packet filters except DNS, ICMP and ARP packets. Therefore, if you
+run VPN Gate Service on your corporate network or private network, it is safe
+because anonymous VPN Client users will not be permitted to access such
+private networks. VPN Gate Service also serves as relay for accessing to the
+VPN Gate Directory Server.
 In order to make VPN Gate Service familiar with firewalls and NATs, it opens
 an UDP port by using the NAT Traversal function which is described on the
 section 1.2. It also opens and listens on some TCP ports, and some TCP and UDP

configure

@@ -74,6 +74,13 @@ OpenBSD)
 	;;
 esac
 
+NOBITS=""
+case "`uname -m`" in
+aarch*|arm*|arm*)
+	NOBITS="_nobits"
+	;;
+esac
+
 CPU=""
 case "`uname -m`" in
 x86_64|amd64|aarch64|arm64|armv8*|mips64|ppc64|sparc64|alpha|ia64)
@@ -107,6 +114,6 @@ i?86|x86pc|i86pc|armv4*|armv5*|armv6*|armv7*)
 	;;
 esac
 
-cp src/makefiles/${OS}_${CPU}.mak Makefile
+cp src/makefiles/${OS}_${CPU}${NOBITS}.mak Makefile
 
 echo "The Makefile is generated. Run 'make' to build SoftEther VPN."

src/BuildFiles/Library/OpenSSL_Build_ID.txt

@@ -1 +1 @@
-crosslib_win32_191020_02
+crosslib_win32_210601_01

src/BuildFiles/Library/zlib_Build_ID.txt

@@ -1 +1 @@
-crosslib_win32_191020_02
+crosslib_win32_210601_01

src/BuildUtil/BuildUtilCommands.cs

@@ -1330,7 +1330,45 @@ namespace BuildUtil
 			int certid = vl["CERTID"].IntValue;
 			int shamode = vl["SHAMODE"].IntValue;
 
-			CodeSign.SignFile(destFileName, srcFileName, comment, kernel, false);
+			CodeSign.SignFile(destFileName, srcFileName, comment, kernel, false, false);
+
+			return 0;
+		}
+
+		// Sign the file
+		[ConsoleCommandMethod(
+			"Sign files using Authenticode certificates.",
+			"SignCode2 [filename] [/DEST:destfilename] [/COMMENT:comment] [/KERNEL:yes|no] [/CERT:certname]",
+			"Sign files using Authenticode certificates.",
+			"[filename]:Specify the target filename.",
+			"DEST:Specify the destination filename. If this parameter is not specified, the target file will be overwritten.",
+			"COMMENT:Provide a description of the signed content.",
+			"KERNEL:Specify \"yes\" if Windows Vista / 7 Kernel Mode Driver Signing is needed."
+			)]
+		static int SignCode2(ConsoleService c, string cmdName, string str)
+		{
+			ConsoleParam[] args =
+			{
+				new ConsoleParam("[filename]", ConsoleService.Prompt, "Filename: ", ConsoleService.EvalNotEmpty, null),
+				new ConsoleParam("DEST"),
+				new ConsoleParam("COMMENT", ConsoleService.Prompt, "Comment: ", ConsoleService.EvalNotEmpty, null),
+				new ConsoleParam("KERNEL"),
+				new ConsoleParam("CERT"),
+			};
+			ConsoleParamValueList vl = c.ParseCommandList(cmdName, str, args);
+
+			string destFileName = vl["DEST"].StrValue;
+			string srcFileName = vl.DefaultParam.StrValue;
+			if (Str.IsEmptyStr(destFileName))
+			{
+				destFileName = srcFileName;
+			}
+			string comment = vl["COMMENT"].StrValue;
+			bool kernel = vl["KERNEL"].BoolValue;
+
+			string cert = vl["CERT"].StrValue;
+
+			CodeSign.SignFile2(destFileName, srcFileName, comment, kernel, cert);
 
 			return 0;
 		}

src/BuildUtil/CodeSign.cs

@@ -192,11 +192,11 @@ namespace BuildUtil
 		static object lockObj = new object();
 		
 		// Digital-sign the data on the memory
-		public static byte[] SignMemory(byte[] srcData, string comment, bool kernelModeDriver, bool evCert)
+		public static byte[] SignMemory(byte[] srcData, string comment, bool kernelModeDriver, bool evCert, bool skipVerify)
 		{
 #if	!BU_OSS
 			// 2020/01/19 switch to the new system
-			return SignClient.Sign(srcData, evCert ? "SoftEtherEv" : "SoftEtherFile", kernelModeDriver ? "Driver" : "", comment);
+			return SignClient.Sign(srcData, evCert ? "SoftEtherEv" : "SoftEtherFile", (kernelModeDriver ? "Driver" : "") + "," + (skipVerify ? "SkipVerify" : ""), comment);
 
 			/*
 			int i;
@@ -297,14 +297,40 @@ namespace BuildUtil
 		}
 
 		// Digital-sign the data on the file
-		public static void SignFile(string destFileName, string srcFileName, string comment, bool kernelModeDriver, bool evCert)
+		public static void SignFile2(string destFileName, string srcFileName, string comment, bool kernelModeDriver, string certName)
 		{
 #if	!BU_OSS
 
 			Con.WriteLine("Signing for '{0}'...", Path.GetFileName(destFileName));
 			byte[] srcData = File.ReadAllBytes(srcFileName);
 
-			byte[] destData = SignMemory(srcData, comment, kernelModeDriver, evCert);
+			byte[] destData = SignClient.Sign(srcData, certName, kernelModeDriver ? "Driver" : "", comment);
+
+			try
+			{
+				File.Delete(destFileName);
+			}
+			catch
+			{
+			}
+
+			File.WriteAllBytes(destFileName, destData);
+
+			Con.WriteLine("Done.");
+#else	// BU_OSS
+			Con.WriteLine("Skipping the code signing for '{0}' in the build process. You can insert your own authenticode sign process here.", srcFileName);
+#endif	// BU_OSS
+		}
+
+		// Digital-sign the data on the file
+		public static void SignFile(string destFileName, string srcFileName, string comment, bool kernelModeDriver, bool evCert, bool skipVerify)
+		{
+#if	!BU_OSS
+
+			Con.WriteLine("Signing for '{0}'...", Path.GetFileName(destFileName));
+			byte[] srcData = File.ReadAllBytes(srcFileName);
+
+			byte[] destData = SignMemory(srcData, comment, kernelModeDriver, evCert, skipVerify);
 
 			try
 			{

src/BuildUtil/VpnBuilderConfig.cs

@@ -165,6 +165,10 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnserver, 0, 0, "", CpuList.armeabi, OSList.Linux,
 				"linux-armeabi-32bit", false, "linux-armeabi-32bit-4.3.2", false,
 				null);
+		public static readonly BuildSoftware vpnserver_linux_arm64_ja =
+			new BuildSoftwareUnix(Software.vpnserver, 0, 0, "", CpuList.arm64, OSList.Linux,
+				"linux-arm64-64bit", false, "linux-arm64-64bit-4.8.4", false,
+				null);
 		public static readonly BuildSoftware vpnserver_linux_mipsel_ja =
 			new BuildSoftwareUnix(Software.vpnserver, 0, 0, "", CpuList.mipsel, OSList.Linux,
 				"linux-mipsel-32bit", false, "linux-mipsel-32bit-3.4.6", false,
@@ -173,10 +177,6 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnserver, 0, 0, "", CpuList.ppc32, OSList.Linux,
 				"linux-ppc-32bit", false, "linux-ppc-32bit-3.4.6", false,
 				null);
-		public static readonly BuildSoftware vpnserver_linux_sh4_ja =
-			new BuildSoftwareUnix(Software.vpnserver, 0, 0, "", CpuList.sh4, OSList.Linux,
-				"linux-sh4-32bit", false, "linux-sh4-32bit-3.4.6", false,
-				null);
 
 		// Client
 		public static readonly BuildSoftware vpnclient_linux_x86_ja =
@@ -195,6 +195,10 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnclient, 0, 0, "", CpuList.armeabi, OSList.Linux,
 				"linux-armeabi-32bit", false, "linux-armeabi-32bit-4.3.2", false,
 				null);
+		public static readonly BuildSoftware vpnclient_linux_arm64_ja =
+			new BuildSoftwareUnix(Software.vpnclient, 0, 0, "", CpuList.arm64, OSList.Linux,
+				"linux-arm64-64bit", false, "linux-arm64-64bit-4.8.4", false,
+				null);
 		public static readonly BuildSoftware vpnclient_linux_mipsel_ja =
 			new BuildSoftwareUnix(Software.vpnclient, 0, 0, "", CpuList.mipsel, OSList.Linux,
 				"linux-mipsel-32bit", false, "linux-mipsel-32bit-3.4.6", false,
@@ -203,10 +207,6 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnclient, 0, 0, "", CpuList.ppc32, OSList.Linux,
 				"linux-ppc-32bit", false, "linux-ppc-32bit-3.4.6", false,
 				null);
-		public static readonly BuildSoftware vpnclient_linux_sh4_ja =
-			new BuildSoftwareUnix(Software.vpnclient, 0, 0, "", CpuList.sh4, OSList.Linux,
-				"linux-sh4-32bit", false, "linux-sh4-32bit-3.4.6", false,
-				null);
 
 		// Bridge
 		public static readonly BuildSoftware vpnbridge_linux_x86_ja =
@@ -225,6 +225,10 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnbridge, 0, 0, "", CpuList.armeabi, OSList.Linux,
 				"linux-armeabi-32bit", false, "linux-armeabi-32bit-4.3.2", false,
 				null);
+		public static readonly BuildSoftware vpnbridge_linux_arm64_ja =
+			new BuildSoftwareUnix(Software.vpnbridge, 0, 0, "", CpuList.arm64, OSList.Linux,
+				"linux-arm64-64bit", false, "linux-arm64-64bit-4.8.4", false,
+				null);
 		public static readonly BuildSoftware vpnbridge_linux_mipsel_ja =
 			new BuildSoftwareUnix(Software.vpnbridge, 0, 0, "", CpuList.mipsel, OSList.Linux,
 				"linux-mipsel-32bit", false, "linux-mipsel-32bit-3.4.6", false,
@@ -233,10 +237,6 @@ namespace BuildUtil
 			new BuildSoftwareUnix(Software.vpnbridge, 0, 0, "", CpuList.ppc32, OSList.Linux,
 				"linux-ppc-32bit", false, "linux-ppc-32bit-3.4.6", false,
 				null);
-		public static readonly BuildSoftware vpnbridge_linux_sh4_ja =
-			new BuildSoftwareUnix(Software.vpnbridge, 0, 0, "", CpuList.sh4, OSList.Linux,
-				"linux-sh4-32bit", false, "linux-sh4-32bit-3.4.6", false,
-				null);
 
 
 		// ========== FreeBSD ==========
@@ -437,9 +437,9 @@ namespace BuildUtil
 				CpuList.mipsel,
 				CpuList.ppc32,
 				CpuList.ppc64,
-				CpuList.sh4,
 				CpuList.arm,
 				CpuList.armeabi,
+				CpuList.arm64,
 			});
 
 		// FreeBSD
@@ -521,10 +521,10 @@ namespace BuildUtil
 		public static readonly Cpu intel = new Cpu("x86_x64", "Intel", CPUBits.Both);
 		public static readonly Cpu arm = new Cpu("arm", "ARM legacy ABI", CPUBits.Bits32);
 		public static readonly Cpu armeabi = new Cpu("arm_eabi", "ARM EABI", CPUBits.Bits32);
+		public static readonly Cpu arm64 = new Cpu("arm64", "ARM 64bit", CPUBits.Bits64);
 		public static readonly Cpu mipsel = new Cpu("mips_el", "MIPS Little-Endian", CPUBits.Bits32);
 		public static readonly Cpu ppc32 = new Cpu("powerpc", "PowerPC", CPUBits.Bits32);
 		public static readonly Cpu ppc64 = new Cpu("powerpc64", "PowerPC G5", CPUBits.Bits64);
-		public static readonly Cpu sh4 = new Cpu("sh4", "SH-4", CPUBits.Bits32);
 		public static readonly Cpu sparc32 = new Cpu("sparc", "SPARC", CPUBits.Bits32);
 		public static readonly Cpu sparc64 = new Cpu("sparc64", "SPARC", CPUBits.Bits64);
 

src/BuildUtil/Win32BuildSoftware.cs

@@ -170,7 +170,7 @@ namespace BuildUtil
 			Win32BuildUtil.ExecCommand(vpnsetup_exe, string.Format("/SFXMODE:{1} /SFXOUT:\"{0}\"",
 				outFileName, Software.ToString()));
 
-			CodeSign.SignFile(outFileName, outFileName, "VPN Software Installer", false, true);
+			CodeSign.SignFile(outFileName, outFileName, "VPN Software Installer", false, true, false);
 		}
 	}
 }

src/BuildUtil/Win32BuildUtil.cs

@@ -166,7 +166,7 @@ namespace BuildUtil
 				m.ReleaseMutex();
 			}
 
-			CodeSign.SignFile(cabFileName, cabFileName, "VPN Software", false, false);
+			CodeSign.SignFile(cabFileName, cabFileName, "VPN Software", false, false, false);
 
 			File.Copy(cabFileName, dstFileName, true);
 		}
@@ -1040,8 +1040,8 @@ namespace BuildUtil
 			ExecCommand(makecat1, string.Format("\"{0}\"", cdfFileName2));
 
 			// sign catalog file
-			CodeSign.SignFile(catFileName, catFileName, "Catalog File", false, false);
-			CodeSign.SignFile(catFileName2, catFileName2, "Catalog File", false, false);
+			CodeSign.SignFile(catFileName, catFileName, "Catalog File", false, false, false);
+			CodeSign.SignFile(catFileName2, catFileName2, "Catalog File", false, false, false);
 
 			// delete cdf file
 			File.Delete(cdfFileName);
@@ -1138,7 +1138,7 @@ namespace BuildUtil
 
 			if (no_sign == false)
 			{
-				CodeSign.SignFile(catname, catname, "Catalog File", false, false);
+				CodeSign.SignFile(catname, catname, "Catalog File", false, false, true);
 			}
 
 			File.Delete(cdf_file_name);
@@ -1397,7 +1397,7 @@ namespace BuildUtil
 					{
 						Con.WriteLine("Signing...");
 
-						CodeSign.SignFile(file, file, "VPN Software", isDriver, false);
+						CodeSign.SignFile(file, file, "VPN Software", isDriver, false, false);
 					}
 				}
 			}
@@ -1445,7 +1445,7 @@ namespace BuildUtil
 
 			Con.WriteLine("Signing...");
 
-			CodeSign.SignFile(filename, filename, "VPN Software", isDriver, false);
+			CodeSign.SignFile(filename, filename, "VPN Software", isDriver, false, false);
 		}
 	}
 }

src/Cedar/Cedar.h

@@ -126,10 +126,10 @@
 
 
 // Version number
-#define	CEDAR_VER					434
+#define	CEDAR_VER					436
 
 // Build Number
-#define	CEDAR_BUILD					9745
+#define	CEDAR_BUILD					9754
 
 // Beta number
 //#define	BETA_NUMBER					3
@@ -148,12 +148,12 @@
 #endif	// BUILD_PLACE
 
 // Specifies the build date
-#define	BUILD_DATE_Y		2020
-#define	BUILD_DATE_M		4
-#define	BUILD_DATE_D		5
-#define	BUILD_DATE_HO		23
-#define	BUILD_DATE_MI		20
-#define	BUILD_DATE_SE		52
+#define	BUILD_DATE_Y		2021
+#define	BUILD_DATE_M		6
+#define	BUILD_DATE_D		7
+#define	BUILD_DATE_HO		21
+#define	BUILD_DATE_MI		29
+#define	BUILD_DATE_SE		54
 
 // Tolerable time difference
 #define	ALLOW_TIMESTAMP_DIFF		(UINT64)(3 * 24 * 60 * 60 * 1000)

src/Cedar/Connection.c

@@ -1709,7 +1709,7 @@ void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2)
 				num = LIST_NUM(tcp->TcpSockList);
 				if (num >= s->MaxConnection)
 				{
-					TCPSOCK *ts;
+					TCPSOCK *ts = NULL;
 					for (i = 0;i < num;i++)
 					{
 						ts = LIST_DATA(tcp->TcpSockList, i);
@@ -1722,11 +1722,14 @@ void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2)
 							c2s++;
 						}
 					}
-					if (s2c == 0 || c2s == 0)
+					if (ts != NULL)
 					{
-						// Disconnect the last socket
-						Disconnect(ts->Sock);
-						Debug("Disconnect (s2c=%u, c2s=%u)\n", s2c, c2s);
+						if (s2c == 0 || c2s == 0)
+						{
+							// Disconnect the last socket
+							Disconnect(ts->Sock);
+							Debug("Disconnect (s2c=%u, c2s=%u)\n", s2c, c2s);
+						}
 					}
 				}
 			}

src/Cedar/Interop_OpenVPN.c

@@ -234,7 +234,7 @@ void OvsProceccRecvPacket(OPENVPN_SERVER *s, UDPPACKET *p, UINT protocol)
 				}
 				se->Channels[recv_packet->KeyId] = c;
 				Debug("OpenVPN New Channel :%u\n", recv_packet->KeyId);
-				OvsLog(s, se, c, "LO_NEW_CHANNEL");
+				//OvsLog(s, se, c, "LO_NEW_CHANNEL");
 			}
 /*			else if (recv_packet->OpCode == OPENVPN_P_CONTROL_SOFT_RESET_V1)
 			{
@@ -1810,7 +1810,7 @@ OPENVPN_SESSION *OvsNewSession(OPENVPN_SERVER *s, IP *server_ip, UINT server_por
 	Debug("OpenVPN New Session: %s:%u -> %s:%u Proto=%u\n", server_ip_str, server_port,
 		client_ip_str, client_port, protocol);
 
-	OvsLog(s, se, NULL, "LO_NEW_SESSION", (protocol == OPENVPN_PROTOCOL_UDP ? "UDP" : "TCP"));
+	//OvsLog(s, se, NULL, "LO_NEW_SESSION", (protocol == OPENVPN_PROTOCOL_UDP ? "UDP" : "TCP"));
 
 	return se;
 }
@@ -2434,7 +2434,7 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 			OPENVPN_SESSION *se = LIST_DATA(delete_session_list, i);
 
 			Debug("Deleting Session %p\n", se);
-			OvsLog(s, se, NULL, "LO_DELETE_SESSION");
+			//OvsLog(s, se, NULL, "LO_DELETE_SESSION");
 
 			OvsFreeSession(se);
 

src/CurrentBuild.txt

@@ -1,4 +1,4 @@
-BUILD_NUMBER 9745
-VERSION 434
+BUILD_NUMBER 9754
+VERSION 436
 BUILD_NAME beta
-BUILD_DATE 20200405_232052
+BUILD_DATE 20210607_212954

src/Mayaqua/Mayaqua.c

@@ -150,13 +150,17 @@ static bool probe_enabled = false;
 // The function which should be called once as soon as possible after the process is started
 static bool init_proc_once_flag = false;
 void InitProcessCallOnce()
+{
+	InitProcessCallOnceEx(false);
+}
+void InitProcessCallOnceEx(int restricted_mode)
 {
 	if (init_proc_once_flag == false)
 	{
 		init_proc_once_flag = true;
 
 #ifdef	OS_WIN32
-		MsInitProcessCallOnce();
+		MsInitProcessCallOnce(restricted_mode);
 #endif	// OS_WIN32
 	}
 }

src/Mayaqua/Mayaqua.h

@@ -124,6 +124,7 @@
 
 #endif	// VPN_SPEED
 
+void InitProcessCallOnceEx(int restricted_mode);
 void InitProcessCallOnce();
 
 #ifdef	VPN_EXE

src/Mayaqua/Microsoft.c

@@ -265,7 +265,7 @@ typedef struct MS_MSCHAPV2_PARAMS
 } MS_MSCHAPV2_PARAMS;
 
 // The function which should be called once as soon as possible after the process is started
-void MsInitProcessCallOnce()
+void MsInitProcessCallOnce(bool restricted_mode)
 {
 	// Mitigate the DLL injection attack
 	char system_dir[MAX_PATH];
@@ -288,15 +288,36 @@ void MsInitProcessCallOnce()
 	if (hKernel32 != NULL)
 	{
 		BOOL (WINAPI *_SetDllDirectoryA)(LPCTSTR);
+		BOOL (WINAPI *_SetDllDirectoryW)(LPCWSTR);
 
 		_SetDllDirectoryA = (BOOL (WINAPI *)(LPCTSTR))
 			GetProcAddress(hKernel32, "SetDllDirectoryA");
 
+		_SetDllDirectoryW = (BOOL (WINAPI *)(LPCWSTR))
+			GetProcAddress(hKernel32, "SetDllDirectoryW");
+
 		if (_SetDllDirectoryA != NULL)
 		{
 			_SetDllDirectoryA("");
 		}
 
+		if (_SetDllDirectoryW != NULL)
+		{
+			_SetDllDirectoryW(L"");
+		}
+
+		if (restricted_mode)
+		{
+			BOOL (WINAPI *_SetDefaultDllDirectories)(DWORD) =
+				(BOOL (WINAPI *)(DWORD))
+				GetProcAddress(hKernel32, "SetDefaultDllDirectories");
+
+			if (_SetDefaultDllDirectories != NULL)
+			{
+				_SetDefaultDllDirectories(0x00000800); // LOAD_LIBRARY_SEARCH_SYSTEM32
+			}
+		}
+
 		FreeLibrary(hKernel32);
 	}
 }

src/Mayaqua/Microsoft.h

@@ -1154,7 +1154,7 @@ void MsTest();
 
 bool MsSaveSystemInfo(wchar_t *dst_filename);
 bool MsCollectVpnInfo(BUF *bat, char *tmpdir, char *svc_name, wchar_t *config_name, wchar_t *logdir_name);
-void MsInitProcessCallOnce();
+void MsInitProcessCallOnce(bool restricted_mode);
 
 MS_SUSPEND_HANDLER *MsNewSuspendHandler();
 void MsFreeSuspendHandler(MS_SUSPEND_HANDLER *h);

src/Mayaqua/Secure.c

@@ -283,6 +283,7 @@ bool Win32LoadSecModule(SECURE *sec)
 
 	if (get_function_list == NULL)
 	{
+		Debug("err:%x\n",GetLastError());
 		// Failure
 		FreeLibrary(hInst);
 		return false;
@@ -331,7 +332,7 @@ void Win32FreeSecModule(SECURE *sec)
 // Whether the specified device is a JPKI
 bool IsJPKI(bool id)
 {
-	if (id == 9 || id == 13)
+	if (id == 9 || id == 13 || id == 24)
 	{
 		return true;
 	}
@@ -1861,10 +1862,13 @@ bool LoadSecModule(SECURE *sec)
 
 #ifdef	OS_WIN32
 	ret = Win32LoadSecModule(sec);
+	if(!ret){
+		return false;
+	}
 #endif	// OS_WIN32
 
 	// Initialization
-	if (sec->Api->C_Initialize(NULL) != CKR_OK)
+	if (sec->Api == NULL || sec->Api->C_Initialize(NULL) != CKR_OK)
 	{
 		// Initialization Failed
 		FreeSecModule(sec);

src/Mayaqua/Secure.h

@@ -301,6 +301,7 @@ SECURE_DEVICE SupportedList[] =
 	{21,	SECURE_USB_TOKEN,	"ePass 1000ND/2000/3000",			"Feitian Technologies",	"ngp11v211.dll"},
 	{22,	SECURE_USB_TOKEN,	"CryptoID",				"Longmai Technology",	"cryptoide_pkcs11.dll"},
 	{23,	SECURE_USB_TOKEN,	"RuToken",				"Aktiv Co.",			"rtPKCS11.dll"},
+	{24,	SECURE_IC_CARD,		"JPKI IC Card (64-bit)",	"Japanese Government",	"JPKIPKCS1164.DLL"},
 };
 
 #ifdef	OS_WIN32

src/Mayaqua/TcpIp.c

@@ -3642,8 +3642,8 @@ DHCP_OPTION *NewDhcpOption(UINT id, void *data, UINT size)
 	ret = ZeroMalloc(sizeof(DHCP_OPTION));
 	ret->Data = ZeroMalloc(size);
 	Copy(ret->Data, data, size);
-	ret->Size = (UCHAR)size;
-	ret->Id = (UCHAR)id;
+	ret->Size = size;
+	ret->Id = id;
 
 	return ret;
 }

src/Mayaqua/Unix.c

@@ -943,7 +943,6 @@ void *UnixNewSingleInstance(char *instance_name)
 	if (fcntl(fd, F_SETLK, &lock) == -1)
 	{
 		close(fd);
-		(void)remove(name);
 		return NULL;
 	}
 	else

src/Mayaqua/win32_inc/openssl/asn1err.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,9 +11,7 @@
 #ifndef HEADER_ASN1ERR_H
 # define HEADER_ASN1ERR_H
 
-# ifndef HEADER_SYMHACKS_H
-#  include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
 
 # ifdef  __cplusplus
 extern "C"
@@ -53,6 +51,7 @@ int ERR_load_ASN1_strings(void);
 # define ASN1_F_ASN1_ITEM_DUP                             191
 # define ASN1_F_ASN1_ITEM_EMBED_D2I                       120
 # define ASN1_F_ASN1_ITEM_EMBED_NEW                       121
+# define ASN1_F_ASN1_ITEM_EX_I2D                          144
 # define ASN1_F_ASN1_ITEM_FLAGS_I2D                       118
 # define ASN1_F_ASN1_ITEM_I2D_BIO                         192
 # define ASN1_F_ASN1_ITEM_I2D_FP                          193
@@ -145,6 +144,7 @@ int ERR_load_ASN1_strings(void);
 # define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
 # define ASN1_R_AUX_ERROR                                 100
 # define ASN1_R_BAD_OBJECT_HEADER                         102
+# define ASN1_R_BAD_TEMPLATE                              230
 # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
 # define ASN1_R_BN_LIB                                    105
 # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106

src/Mayaqua/win32_inc/openssl/bio.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -169,6 +169,7 @@ extern "C" {
  */
 # define BIO_FLAGS_MEM_RDONLY    0x200
 # define BIO_FLAGS_NONCLEAR_RST  0x400
+# define BIO_FLAGS_IN_EOF        0x800
 
 typedef union bio_addr_st BIO_ADDR;
 typedef struct bio_addrinfo_st BIO_ADDRINFO;

src/Mayaqua/win32_inc/openssl/bn.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -56,7 +56,7 @@ extern "C" {
  * avoid leaking exponent information through timing,
  * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
  * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ * BN_mod_inverse() will call bn_mod_inverse_no_branch.
  */
 # define BN_FLG_CONSTTIME        0x04
 # define BN_FLG_SECURE           0x08

src/Mayaqua/win32_inc/openssl/ct.h

@@ -463,8 +463,6 @@ __owur int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
 
 /*
  * Loads the default CT log list into a |store|.
- * See internal/cryptlib.h for the environment variable and file path that are
- * consulted to find the default file.
  * Returns 1 if loading is successful, or 0 otherwise.
  */
 __owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);

src/Mayaqua/win32_inc/openssl/dsa.h

@@ -162,6 +162,12 @@ DH *DSA_dup_DH(const DSA *r);
 # define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
                                 EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+# define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+                                EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL)
+# define EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+                                EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md))
 
 # define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS         (EVP_PKEY_ALG_CTRL + 1)
 # define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS       (EVP_PKEY_ALG_CTRL + 2)

src/Mayaqua/win32_inc/openssl/dtls1.h

@@ -43,7 +43,7 @@ extern "C" {
 
 # define DTLS1_AL_HEADER_LENGTH                   2
 
-/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
+/* Timeout multipliers */
 # define DTLS1_TMO_READ_COUNT                      2
 # define DTLS1_TMO_WRITE_COUNT                     2
 

src/Mayaqua/win32_inc/openssl/e_os2.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -241,7 +241,7 @@ typedef UINT64 uint64_t;
      defined(__osf__) || defined(__sgi) || defined(__hpux) || \
      defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)
 #  include <inttypes.h>
-# elif defined(_MSC_VER) && _MSC_VER<=1500
+# elif defined(_MSC_VER) && _MSC_VER<1600
 /*
  * minimally required typdefs for systems not supporting inttypes.h or
  * stdint.h: currently just older VC++

src/Mayaqua/win32_inc/openssl/ec.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -829,6 +829,8 @@ void EC_KEY_set_flags(EC_KEY *key, int flags);
 
 void EC_KEY_clear_flags(EC_KEY *key, int flags);
 
+int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);
+
 /** Creates a new EC_KEY object using a named curve as underlying
  *  EC_GROUP object.
  *  \param  nid  NID of the named curve.

src/Mayaqua/win32_inc/openssl/ecerr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -243,6 +243,7 @@ int ERR_load_EC_strings(void);
 #  define EC_R_LADDER_POST_FAILURE                         136
 #  define EC_R_LADDER_PRE_FAILURE                          153
 #  define EC_R_LADDER_STEP_FAILURE                         162
+#  define EC_R_MISSING_OID                                 167
 #  define EC_R_MISSING_PARAMETERS                          124
 #  define EC_R_MISSING_PRIVATE_KEY                         125
 #  define EC_R_NEED_NEW_SETUP_VALUES                       157

src/Mayaqua/win32_inc/openssl/evp.h

@@ -180,7 +180,7 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
  * if the following flag is set.
  */
 # define EVP_MD_CTX_FLAG_FINALISE        0x0200
-/* NOTE: 0x0400 is reserved for internal usage in evp_int.h */
+/* NOTE: 0x0400 is reserved for internal usage */
 
 EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
 EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
@@ -1512,6 +1512,20 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
                                              const char *type,
                                              const char *value));
 
+void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
+                                  int (*digestsign) (EVP_MD_CTX *ctx,
+                                                     unsigned char *sig,
+                                                     size_t *siglen,
+                                                     const unsigned char *tbs,
+                                                     size_t tbslen));
+
+void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
+                                    int (*digestverify) (EVP_MD_CTX *ctx,
+                                                         const unsigned char *sig,
+                                                         size_t siglen,
+                                                         const unsigned char *tbs,
+                                                         size_t tbslen));
+
 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
                              int (*check) (EVP_PKEY *pkey));
 
@@ -1617,6 +1631,20 @@ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
                                                const char *type,
                                                const char *value));
 
+void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
+                                  int (**digestsign) (EVP_MD_CTX *ctx,
+                                                      unsigned char *sig,
+                                                      size_t *siglen,
+                                                      const unsigned char *tbs,
+                                                      size_t tbslen));
+
+void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
+                                    int (**digestverify) (EVP_MD_CTX *ctx,
+                                                          const unsigned char *sig,
+                                                          size_t siglen,
+                                                          const unsigned char *tbs,
+                                                          size_t tbslen));
+
 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
                              int (**pcheck) (EVP_PKEY *pkey));
 

src/Mayaqua/win32_inc/openssl/evperr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,9 +11,7 @@
 #ifndef HEADER_EVPERR_H
 # define HEADER_EVPERR_H
 
-# ifndef HEADER_SYMHACKS_H
-#  include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
 
 # ifdef  __cplusplus
 extern "C"
@@ -160,6 +158,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_INPUT_NOT_INITIALIZED                      111
 # define EVP_R_INVALID_DIGEST                             152
 # define EVP_R_INVALID_FIPS_MODE                          168
+# define EVP_R_INVALID_IV_LENGTH                          194
 # define EVP_R_INVALID_KEY                                163
 # define EVP_R_INVALID_KEY_LENGTH                         130
 # define EVP_R_INVALID_OPERATION                          148
@@ -178,6 +177,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151
+# define EVP_R_OUTPUT_WOULD_OVERFLOW                      184
 # define EVP_R_PARTIALLY_OVERLAPPING                      162
 # define EVP_R_PBKDF2_ERROR                               181
 # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179

src/Mayaqua/win32_inc/openssl/lhash.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -120,9 +120,8 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
 
 # define DEFINE_LHASH_OF(type) \
     LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
-    static ossl_inline LHASH_OF(type) * \
-        lh_##type##_new(unsigned long (*hfn)(const type *), \
-                        int (*cfn)(const type *, const type *)) \
+    static ossl_unused ossl_inline LHASH_OF(type) *lh_##type##_new(unsigned long (*hfn)(const type *), \
+                                                                   int (*cfn)(const type *, const type *)) \
     { \
         return (LHASH_OF(type) *) \
             OPENSSL_LH_new((OPENSSL_LH_HASHFUNC)hfn, (OPENSSL_LH_COMPFUNC)cfn); \

src/Mayaqua/win32_inc/openssl/obj_mac.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by crypto/objects/objects.pl
  *
- * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
@@ -1290,12 +1290,12 @@
 #define OBJ_ms_efs              1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
 
 #define SN_ms_smartcard_login           "msSmartcardLogin"
-#define LN_ms_smartcard_login           "Microsoft Smartcardlogin"
+#define LN_ms_smartcard_login           "Microsoft Smartcard Login"
 #define NID_ms_smartcard_login          648
 #define OBJ_ms_smartcard_login          1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
 
 #define SN_ms_upn               "msUPN"
-#define LN_ms_upn               "Microsoft Universal Principal Name"
+#define LN_ms_upn               "Microsoft User Principal Name"
 #define NID_ms_upn              649
 #define OBJ_ms_upn              1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
 

src/Mayaqua/win32_inc/openssl/ocsp.h

@@ -123,7 +123,7 @@ typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
      (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST, \
      bp,(char **)(x),cb,NULL)
 
-#  define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
+#  define PEM_read_bio_OCSP_RESPONSE(bp,x,cb) (OCSP_RESPONSE *)PEM_ASN1_read_bio(\
      (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE, \
      bp,(char **)(x),cb,NULL)
 

src/Mayaqua/win32_inc/openssl/opensslconf.h

@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by makefile from include\openssl\opensslconf.h.in
  *
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -96,9 +96,6 @@ extern "C" {
 #ifndef OPENSSL_NO_DYNAMIC_ENGINE
 # define OPENSSL_NO_DYNAMIC_ENGINE
 #endif
-#ifndef OPENSSL_NO_AFALGENG
-# define OPENSSL_NO_AFALGENG
-#endif
 
 
 /*
@@ -120,6 +117,11 @@ extern "C" {
 #   undef DECLARE_DEPRECATED
 #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
 #  endif
+# elif defined(__SUNPRO_C)
+#  if (__SUNPRO_C >= 0x5130)
+#   undef DECLARE_DEPRECATED
+#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#  endif
 # endif
 #endif
 

src/Mayaqua/win32_inc/openssl/opensslconf.h.in

@@ -1,7 +1,7 @@
 /*
  * {- join("\n * ", @autowarntext) -}
  *
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -77,6 +77,11 @@ extern "C" {
 #   undef DECLARE_DEPRECATED
 #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
 #  endif
+# elif defined(__SUNPRO_C)
+#  if (__SUNPRO_C >= 0x5130)
+#   undef DECLARE_DEPRECATED
+#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#  endif
 # endif
 #endif
 

src/Mayaqua/win32_inc/openssl/opensslv.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x1010104fL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1d  10 Sep 2019"
+# define OPENSSL_VERSION_NUMBER  0x101010bfL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1k  25 Mar 2021"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)

src/Mayaqua/win32_inc/openssl/ossl_typ.h

@@ -109,6 +109,7 @@ typedef struct dsa_method DSA_METHOD;
 
 typedef struct rsa_st RSA;
 typedef struct rsa_meth_st RSA_METHOD;
+typedef struct rsa_pss_params_st RSA_PSS_PARAMS;
 
 typedef struct ec_key_st EC_KEY;
 typedef struct ec_key_method_st EC_KEY_METHOD;

src/Mayaqua/win32_inc/openssl/pemerr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -61,6 +61,7 @@ int ERR_load_PEM_strings(void);
 # define PEM_F_PEM_SIGNFINAL                              112
 # define PEM_F_PEM_WRITE                                  113
 # define PEM_F_PEM_WRITE_BIO                              114
+# define PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL       147
 # define PEM_F_PEM_WRITE_PRIVATEKEY                       139
 # define PEM_F_PEM_X509_INFO_READ                         115
 # define PEM_F_PEM_X509_INFO_READ_BIO                     116
@@ -99,5 +100,6 @@ int ERR_load_PEM_strings(void);
 # define PEM_R_UNSUPPORTED_CIPHER                         113
 # define PEM_R_UNSUPPORTED_ENCRYPTION                     114
 # define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE                110
 
 #endif

src/Mayaqua/win32_inc/openssl/randerr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -21,6 +21,7 @@ int ERR_load_RAND_strings(void);
 /*
  * RAND function codes.
  */
+# define RAND_F_DATA_COLLECT_METHOD                       127
 # define RAND_F_DRBG_BYTES                                101
 # define RAND_F_DRBG_GET_ENTROPY                          105
 # define RAND_F_DRBG_SETUP                                117
@@ -46,6 +47,7 @@ int ERR_load_RAND_strings(void);
 # define RAND_F_RAND_POOL_BYTES_NEEDED                    115
 # define RAND_F_RAND_POOL_GROW                            125
 # define RAND_F_RAND_POOL_NEW                             116
+# define RAND_F_RAND_PSEUDO_BYTES                         126
 # define RAND_F_RAND_WRITE_FILE                           112
 
 /*

src/Mayaqua/win32_inc/openssl/rsa.h

@@ -224,6 +224,7 @@ const BIGNUM *RSA_get0_q(const RSA *d);
 const BIGNUM *RSA_get0_dmp1(const RSA *r);
 const BIGNUM *RSA_get0_dmq1(const RSA *r);
 const BIGNUM *RSA_get0_iqmp(const RSA *r);
+const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r);
 void RSA_clear_flags(RSA *r, int flags);
 int RSA_test_flags(const RSA *r, int flags);
 void RSA_set_flags(RSA *r, int flags);
@@ -279,14 +280,14 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
-typedef struct rsa_pss_params_st {
+struct rsa_pss_params_st {
     X509_ALGOR *hashAlgorithm;
     X509_ALGOR *maskGenAlgorithm;
     ASN1_INTEGER *saltLength;
     ASN1_INTEGER *trailerField;
     /* Decoded hash algorithm from maskGenAlgorithm */
     X509_ALGOR *maskHash;
-} RSA_PSS_PARAMS;
+};
 
 DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 

src/Mayaqua/win32_inc/openssl/ssl.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -1393,7 +1393,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 # define SSL_get1_groups(s, glist) \
         SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(int*)(glist))
 # define SSL_CTX_set1_groups(ctx, glist, glistlen) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(int *)(glist))
 # define SSL_CTX_set1_groups_list(ctx, s) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
 # define SSL_set1_groups(s, glist, glistlen) \

src/Mayaqua/win32_inc/openssl/ssl3.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -292,6 +292,9 @@ extern "C" {
 
 # define TLS1_FLAGS_STATELESS                    0x0800
 
+/* Set if extended master secret extension required on renegotiation */
+# define TLS1_FLAGS_REQUIRED_EXTMS               0x1000
+
 # define SSL3_MT_HELLO_REQUEST                   0
 # define SSL3_MT_CLIENT_HELLO                    1
 # define SSL3_MT_SERVER_HELLO                    2

src/Mayaqua/win32_inc/openssl/sslerr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -88,6 +88,7 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE       431
 # define SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE    601
 # define SSL_F_OSSL_STATEM_SERVER_POST_WORK               602
+# define SSL_F_OSSL_STATEM_SERVER_PRE_WORK                640
 # define SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE         603
 # define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION         418
 # define SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION        604

src/Mayaqua/win32_inc/openssl/x509.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -478,6 +478,7 @@ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
                      const void **ppval, const X509_ALGOR *algor);
 void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
 int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
+int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src);
 
 X509_NAME *X509_NAME_dup(X509_NAME *xn);
 X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
@@ -679,6 +680,8 @@ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
 int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
 void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg);
+void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig);
+int X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg);
 int X509_REQ_get_signature_nid(const X509_REQ *req);
 int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
 int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
@@ -930,7 +933,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
                                                   int type,
                                                   const unsigned char *bytes,
                                                   int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x,
                               const ASN1_OBJECT *obj, int lastpos, int type);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
                                              int atrtype, const void *data,

src/Mayaqua/win32_inc/openssl/x509_vfy.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -184,6 +184,10 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 # define         X509_V_ERR_OCSP_VERIFY_NEEDED                   73  /* Need OCSP verification */
 # define         X509_V_ERR_OCSP_VERIFY_FAILED                   74  /* Couldn't verify cert through OCSP */
 # define         X509_V_ERR_OCSP_CERT_UNKNOWN                    75  /* Certificate wasn't recognized by the OCSP responder */
+# define         X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH         76
+# define         X509_V_ERR_NO_ISSUER_PUBLIC_KEY                 77
+# define         X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM      78
+# define         X509_V_ERR_EC_KEY_EXPLICIT_PARAMS               79
 
 /* Certificate verify flags */
 

src/Mayaqua/win32_inc/openssl/x509err.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,9 +11,7 @@
 #ifndef HEADER_X509ERR_H
 # define HEADER_X509ERR_H
 
-# ifndef HEADER_SYMHACKS_H
-#  include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
 
 # ifdef  __cplusplus
 extern "C"
@@ -65,6 +63,7 @@ int ERR_load_X509_strings(void);
 # define X509_F_X509_OBJECT_NEW                           150
 # define X509_F_X509_PRINT_EX_FP                          118
 # define X509_F_X509_PUBKEY_DECODE                        148
+# define X509_F_X509_PUBKEY_GET                           161
 # define X509_F_X509_PUBKEY_GET0                          119
 # define X509_F_X509_PUBKEY_SET                           120
 # define X509_F_X509_REQ_CHECK_PRIVATE_KEY                144

src/Mayaqua/win32_inc/openssl/x509v3.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -364,8 +364,9 @@ struct ISSUING_DIST_POINT_st {
 
 # define EXFLAG_INVALID_POLICY   0x800
 # define EXFLAG_FRESHEST         0x1000
-/* Self signed */
-# define EXFLAG_SS               0x2000
+# define EXFLAG_SS               0x2000 /* cert is apparently self-signed */
+
+# define EXFLAG_NO_FINGERPRINT   0x100000
 
 # define KU_DIGITAL_SIGNATURE    0x0080
 # define KU_NON_REPUDIATION      0x0040

src/WARNING.TXT

@@ -398,10 +398,13 @@ identify that the source of the communication has initiated from the VPN Gate
 Service's hosting computer's IP address. However, for safety, any packets
 which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0
 or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to
-protect your local network. Therefore, if you run VPN Gate Service on your
-corporate network or private network, it is safe because anonymous VPN Client
-users will not be permitted to access such private networks. VPN Gate Service
-also serves as relay for accessing to the VPN Gate Directory Server.
+protect your local network. Any packets which destinations are within
+169.254.0.0/16, 224.0.0.0/4 or 100.64.0.0/10 will also be blocked for just in
+case. These packet filters except DNS, ICMP and ARP packets. Therefore, if you
+run VPN Gate Service on your corporate network or private network, it is safe
+because anonymous VPN Client users will not be permitted to access such
+private networks. VPN Gate Service also serves as relay for accessing to the
+VPN Gate Directory Server.
 In order to make VPN Gate Service familiar with firewalls and NATs, it opens
 an UDP port by using the NAT Traversal function which is described on the
 section 1.2. It also opens and listens on some TCP ports, and some TCP and UDP

src/bin/hamcore/warning_cn.txt

@@ -97,7 +97,7 @@ VPN Gate 服务通过安装了 SoftEther VPN 服务器或 SoftEther VPN 客户
 VPN Gate 服务将发送一些信息至 VPN Gate 学术实验服务目录服务器。这些信息包括第 5.5 节中描述的运营商的信息、日志设置、正常运行时间、操作系统版本、协议类型、端口号、质量信息、统计信息、VPN Gate 客户端的日志历史数据 (包括日期，IP 地址，版本号和 ID) 、VPN Gate 通信的目标 HTTP/HTTPS 主机名或 IP 地址和端口号的日志记录和软件的版本。此信息可能会在目录中披露。VPN Gate 服务从目录服务器接收到一个密钥以进行在 5.9 章中描述的编码。
 
 5.3. VPN Gate 服务行为的详细信息
-如果您手动启用 VPN Gate 服务，在默认情况下是禁用的， "VPNGATE" 虚拟 Hub 将在 SoftEther VPN 服务器上被创建。如果您使用的是 SoftEther VPN 客户端，并尝试激活 VPN Gate 服务，相当于 SoftEther VPN 服务器的程序在 SoftEther VPN 客户端的同一进程将被调用，虚拟 HUB "VPNGATE" 将被创建。虚拟 HUB "VPNGATE" 包含一个默认情况下名为 "VPN" 的用户，此用户允许在互联网上的任何人建立 VPN 连接到虚拟 HUB。一旦 VPN 客户端连接到虚拟 HUB "VPNGATE" ，用户与互联网之间的任何通信将穿过虚拟 Hub ，使用运行有 SoftEther VPN 服务器 (或 SoftEther VPN 客户端) 的计算机上的物理网络接口发送 / 接收。这将导致以下结果，目标主机通过 VPN 客户端确定通信的源发起是从 VPN Gate 服务的主机的 IP 地址指定的。不过，为了安全，目的地是在 192.168.0.0/255.255.0.0 ， 172.16.0.0/255.240.0.0 或 10.0.0.0/255.0.0.0 以内的任何数据包将被虚拟 HUB "VPNGATE" 拦截，以保护您的本地网络。因此，如果在您的企业网络或私人网络运行 VPN Gate 服务，这是安全的，因为匿名 VPN 客户端用户将不被允许访问这些私人网络。VPN Gate 服务也可作为中继访问 VPN Gate 目录服务器。
+如果您手动启用 VPN Gate 服务，在默认情况下是禁用的， "VPNGATE" 虚拟 Hub 将在 SoftEther VPN 服务器上被创建。如果您使用的是 SoftEther VPN 客户端，并尝试激活 VPN Gate 服务，相当于 SoftEther VPN 服务器的程序在 SoftEther VPN 客户端的同一进程将被调用，虚拟 HUB "VPNGATE" 将被创建。虚拟 HUB "VPNGATE" 包含一个默认情况下名为 "VPN" 的用户，此用户允许在互联网上的任何人建立 VPN 连接到虚拟 HUB。一旦 VPN 客户端连接到虚拟 HUB "VPNGATE" ，用户与互联网之间的任何通信将穿过虚拟 Hub ，使用运行有 SoftEther VPN 服务器 (或 SoftEther VPN 客户端) 的计算机上的物理网络接口发送 / 接收。这将导致以下结果，目标主机通过 VPN 客户端确定通信的源发起是从 VPN Gate 服务的主机的 IP 地址指定的。不过，为了安全，目的地是在 192.168.0.0/255.255.0.0 ， 172.16.0.0/255.240.0.0 或 10.0.0.0/255.0.0.0 以内的任何数据包将被虚拟 HUB "VPNGATE" 拦截，以保护您的本地网络。Any packets which destinations are within 169.254.0.0/16, 224.0.0.0/4 or 100.64.0.0/10 will also be blocked for just in case. These packet filters except DNS, ICMP and ARP packets. 因此，如果在您的企业网络或私人网络运行 VPN Gate 服务，这是安全的，因为匿名 VPN 客户端用户将不被允许访问这些私人网络。VPN Gate 服务也可作为中继访问 VPN Gate 目录服务器。
 为了使 VPN Gate 服务熟悉防火墙和 NAT ，通过使用 1.2 章描述的 NAT 穿透功能打开一个 UDP 端口。还打开了一些 TCP 端口并监听，一些 TCP 和 UDP 端口将被指定为本地路由器要求的通用即插即用 (UPnP) 传输条目的目标端口。UPnP 请求数据包将被定期发送。有些路由器在设备上永久保持一个开放的 TCP/UDP 端口。如果你想关闭他们，可以手动关闭。
 VPN Gate 服务还提供了镜像网站功能 www.vpngate.net。这是一种机制，将的最新内容 www.vpngate.net 的副本被托管的镜像站点微小的 HTTP 服务器上运行的 VPN Gate 服务程序。它都将自己注册上镜的站点列表中 www.vpngate.net。然而，它从来不向 www.vpngate.net 任何其他通讯中继。
 

src/bin/hamcore/warning_en.txt

@@ -96,7 +96,7 @@ VPN Gate Service should be activated and enabled by the voluntary intention of t
 VPN Gate Service will send some information to the VPN Gate Academic Experiment Service Directory Server. The information includes the operator's information which described in section 5.5, logging settings, uptime, operating system version, type of protocol, port numbers, quality information, statistical information, VPN Gate clients' log history data (includes dates, IP addresses, version numbers and IDs), log records of destination HTTP/HTTPS hostnames or IP addresses and port numbers of VPN Gate communications, and the version of the software. These information may be exposed on the directory. VPN Gate Service also receives a key for encoding which is described on the chapter 5.9 from the directory server.
 
 5.3. Details of VPN Gate Service's Behavior
-If you enable VPN Gate Service manually, which is disabled by default, the "VPNGATE" Virtual Hub will be created on the SoftEther VPN Server. If you are using SoftEther VPN Client and attempt to active VPN Gate Service on it, an equivalent program to SoftEther VPN Server will be invoked on the same process of SoftEther VPN Client, and the "VPNGATE" Virtual Hub will be created. The "VPNGATE" Virtual Hub contains a user named "VPN" by default which permits anyone on the Internet to make a VPN connection to the Virtual Hub. Once a VPN Client connects to the "VPNGATE" Virtual Hub, any communication between the user and the Internet will pass through the Virtual Hub, and transmitted/received using the physical network interface on the computer which SoftEther VPN Server (or SoftEther VPN Client) is running on. This will cause the result that a destination host specified by the VPN Client will identify that the source of the communication has initiated from the VPN Gate Service's hosting computer's IP address. However, for safety, any packets which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0 or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to protect your local network. Therefore, if you run VPN Gate Service on your corporate network or private network, it is safe because anonymous VPN Client users will not be permitted to access such private networks. VPN Gate Service also serves as relay for accessing to the VPN Gate Directory Server.
+If you enable VPN Gate Service manually, which is disabled by default, the "VPNGATE" Virtual Hub will be created on the SoftEther VPN Server. If you are using SoftEther VPN Client and attempt to active VPN Gate Service on it, an equivalent program to SoftEther VPN Server will be invoked on the same process of SoftEther VPN Client, and the "VPNGATE" Virtual Hub will be created. The "VPNGATE" Virtual Hub contains a user named "VPN" by default which permits anyone on the Internet to make a VPN connection to the Virtual Hub. Once a VPN Client connects to the "VPNGATE" Virtual Hub, any communication between the user and the Internet will pass through the Virtual Hub, and transmitted/received using the physical network interface on the computer which SoftEther VPN Server (or SoftEther VPN Client) is running on. This will cause the result that a destination host specified by the VPN Client will identify that the source of the communication has initiated from the VPN Gate Service's hosting computer's IP address. However, for safety, any packets which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0 or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to protect your local network. Any packets which destinations are within 169.254.0.0/16, 224.0.0.0/4 or 100.64.0.0/10 will also be blocked for just in case. These packet filters except DNS, ICMP and ARP packets. Therefore, if you run VPN Gate Service on your corporate network or private network, it is safe because anonymous VPN Client users will not be permitted to access such private networks. VPN Gate Service also serves as relay for accessing to the VPN Gate Directory Server.
 In order to make VPN Gate Service familiar with firewalls and NATs, it opens an UDP port by using the NAT Traversal function which is described on the section 1.2. It also opens and listens on some TCP ports, and some TCP and UDP ports will be specified as the target port of Universal Plug and Play (UPnP) Port Transfer entries which are requested to your local routers. UPnP request packets will be sent periodically. Some routers keep such an opened TCP/UDP port permanently on the device. If you wish to close them, do it manually.
 VPN Gate Service also provides the mirror-site function for www.vpngate.net. This is a mechanism that a copy of the latest contents from www.vpngate.net will be hosted by the mirror-site tiny HTTP server which is running on the VPN Gate Service program. It will register itself on the mirror-sites list in www.vpngate.net. However, it never relays any other communications which are not towards www.vpngate.net.
 

src/makefiles/freebsd_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/freebsd_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/linux_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/linux_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/macos_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/macos_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/openbsd_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/openbsd_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/solaris_32bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/makefiles/solaris_64bit.mak

@@ -1,7 +1,7 @@
 # SoftEther VPN Source Code
 # 
-# Copyright (c) 2012-2020 SoftEther VPN Project at University of Tsukuba, Japan.
-# Copyright (c) 2012-2020 Daiyuu Nobori.
+# Copyright (c) 2012-2021 SoftEther VPN Project at University of Tsukuba, Japan.
+# Copyright (c) 2012-2021 Daiyuu Nobori.
 # All Rights Reserved.
 # 
 # https://www.softether.org/

src/vpnsetup/vpnsetup.c

@@ -125,7 +125,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
 {
 	UINT ret;
 
-	InitProcessCallOnce();
+	InitProcessCallOnceEx(true);
 
 	VgUseStaticLink();
 

src/vpnsetup/vpnsetup.vcproj

@@ -255,7 +255,7 @@
 				AdditionalLibraryDirectories=""C:\Program Files (x86)\Microsoft Visual Studio 8\VC\lib""
 				GenerateManifest="false"
 				AdditionalManifestDependencies="type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='x86'  publicKeyToken='6595b64144ccf1df' language='*'"
-				DelayLoadDLLs="setupapi.dll;advapi32.dll;user32.dll"
+				DelayLoadDLLs="setupapi.dll;advapi32.dll;user32.dll;dbghelp.dll;version.dll;netapi32.dll;version.dll;urlmon.dll;winmm.dll"
 				GenerateDebugInformation="true"
 				ProgramDatabaseFile="$(SolutionDir)DebugFiles\pdb\$(PlatformName)_$(ConfigurationName)\$(ProjectName).pdb"
 				GenerateMapFile="true"
@@ -351,7 +351,7 @@
 				AdditionalLibraryDirectories=""
 				GenerateManifest="false"
 				AdditionalManifestDependencies="type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' processorArchitecture='amd64'  publicKeyToken='6595b64144ccf1df' language='*'"
-				DelayLoadDLLs="setupapi.dll;advapi32.dll;user32.dll"
+				DelayLoadDLLs="setupapi.dll;advapi32.dll;user32.dll;dbghelp.dll;version.dll;netapi32.dll;version.dll;urlmon.dll;winmm.dll"
 				GenerateDebugInformation="true"
 				ProgramDatabaseFile="$(SolutionDir)DebugFiles\pdb\$(PlatformName)_$(ConfigurationName)\$(ProjectName).pdb"
 				GenerateMapFile="true"

src/vpnweb/vpnweb.h

@@ -4,7 +4,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Sun Apr 05 23:21:10 2020
+/* at Mon Jun 07 21:30:12 2021
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)

src/vpnweb/vpnweb_i.c

@@ -6,7 +6,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Sun Apr 05 23:21:10 2020
+/* at Mon Jun 07 21:30:12 2021
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)

src/vpnweb/vpnweb_p.c

@@ -4,7 +4,7 @@
 
 
  /* File created by MIDL compiler version 7.00.0500 */
-/* at Sun Apr 05 23:21:10 2020
+/* at Mon Jun 07 21:30:12 2021
  */
 /* Compiler settings for .\vpnweb.idl:
     Oicf, W1, Zp8, env=Win32 (32b run)