Merge branch 'master' into b2_upgradevlan

2025-06-28 11:55:08 +03:00 · 2018-05-24 18:07:14 +09:00 · 2018-05-24 18:07:14 +09:00 · 8d3af21991
commit 8d3af21991
parent d7b30bf143 31f06bf923
1230 changed files with 10830 additions and 9336 deletions
--- a/.appveyor.yml
+++ b/.appveyor.yml
@ -2,20 +2,17 @@ version: '{build}'
 image: Visual Studio 2015
 pull_requests:
  do_not_increment_build_number: true
 skip_branch_with_pr: true
 clone_depth: 1
 init:
- ps: Update-AppveyorBuild -Version "build-$env:appveyor_build_number-$($env:appveyor_repo_commit.substring(0,7))"
+  - ps: Update-AppveyorBuild -Version "build-$env:appveyor_build_number-$($env:appveyor_repo_commit.substring(0,7))"
 build_script:
- cmd: >-
+  - cmd: >-
-    src\BuildAll.cmd
+      src\BuildAll.cmd
-    exit %errorlevel%
+      exit %errorlevel%
 artifacts:
  - path: output\pkg\*\*
--- a/.ci/before_install.sh
+++ b/.ci/before_install.sh
@ -0,0 +1,12 @@
 #!/bin/bash
 set -eux
 if [[ "${TRAVIS_OS_NAME}" == "linux" ]]; then
 	sudo apt-get update
 	sudo apt-get -y install debhelper
 	bash .ci/build-openssl.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1)
 elif [[ "${TRAVIS_OS_NAME}" == "osx" ]]; then
 	brew update && brew upgrade openssl
 else
 	exit 1
 fi
--- a/.ci/build-openssl.sh
+++ b/.ci/build-openssl.sh
@ -1,20 +1,20 @@
-#!/bin/sh
+#!/bin/bash
 set -eux
 download_openssl () {
-    if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then
+    if [[ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]]; then
        wget -P download-cache/ \
            "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
    fi
 }
 build_openssl () {
-    if [ "$(cat ${PREFIX}/.openssl-version)" != "${OPENSSL_VERSION}" ]; then
+    if [[ "$(cat ${OPENSSL_INSTALL_DIR}/.openssl-version)" != "${OPENSSL_VERSION}" ]]; then
        tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
        cd "openssl-${OPENSSL_VERSION}/"
-        ./config shared --prefix="${PREFIX}" --openssldir="${PREFIX}" -DPURIFY
+        ./config shared --prefix="${OPENSSL_INSTALL_DIR}" --openssldir="${OPENSSL_INSTALL_DIR}" -DPURIFY
        make all install_sw
-        echo "${OPENSSL_VERSION}" > "${PREFIX}/.openssl-version"
+        echo "${OPENSSL_VERSION}" > "${OPENSSL_INSTALL_DIR}/.openssl-version"
    fi
 }
--- a/.ci/script.sh
+++ b/.ci/script.sh
@ -0,0 +1,17 @@
 #!/bin/bash
 set -eux
 if [[ "${TRAVIS_OS_NAME}" == "linux" ]]; then
 	export LD_LIBRARY_PATH="${HOME}/opt/lib:${LD_LIBRARY_PATH:-}"
 	export CFLAGS="-I${HOME}/opt/include"
 	export LDFLAGS="-L${HOME}/opt/lib"
 	./configure
 	make -C tmp
 	ldd bin/vpnserver/vpnserver
 	dh build-arch
 elif [[ "${TRAVIS_OS_NAME}" == "osx" ]]; then
 	./configure
 	make -C tmp
 else
 	exit 1
 fi
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -12,3 +12,8 @@ You have two options which are described on the above policy.
 Could you please choose either option 1 or 2, and specify it clearly on the reply?
 -
 PRELIMINARY DECLARATION FOR FUTURE SWITCH TO A NON-GPL LICENSE
 I hereby agree in advance that my work will be licensed automatically under the Apache License or a similar BSD/MIT-like open-source license in case the SoftEther VPN Project adopts such a license in future.
--- a/.gitignore
+++ b/.gitignore
@ -1,10 +1,11 @@
 .cproject
 .project
 .settings/
 CMakeLists.txt
 Makefile
 bin/
 cmake-build-debug/
 src/bin/BuiltHamcoreFiles/
 tmp/
 .gitconfig
--- a/.travis.yml
+++ b/.travis.yml
@ -1,19 +1,10 @@
 sudo: required
 dist: trusty
 os: linux
 addons:
  apt:
    packages: [ debhelper ]
 language: c
 env:
  global:
-    - PREFIX="${HOME}/opt"
+    - OPENSSL_INSTALL_DIR="${HOME}/opt"
    - CFLAGS="-I${PREFIX}/include"
    - LDFLAGS="-L${PREFIX}/lib"
 matrix:
  include:
@ -29,16 +20,18 @@ matrix:
    - env: OPENSSL_VERSION="1.1.0f"
      os: linux
      compiler: clang
    - os: osx
      compiler: gcc
    - os: osx
      compiler: clang
 cache:
  directories:
  - download-cache
  - ${HOME}/opt
 before_install:
  - bash .ci/before_install.sh
 script:
-  - .ci/build-openssl.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1)
+  - bash .ci/script.sh
  - export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH:-}"
  - ./configure
  - make
  - ldd bin/vpnserver/vpnserver
  - dh build-arch
--- a/AUTHORS.TXT
+++ b/AUTHORS.TXT
@ -176,10 +176,16 @@ CONTRIBUTORS on GitHub:
    https://github.com/davidebeatrici
  - tidatida
-    tidatida@foxmail.com
+    https://github.com/tidatida
  - Tim Schneider
    https://github.com/timschneider
  - Max Miroshnikov
    https://github.com/mogikanin
  - Josh Soref
    https://github.com/jsoref
 JOIN THE SOFTETHER VPN DEVELOPMENT
 ----------------------------------
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -0,0 +1,7 @@
 cmake_minimum_required(VERSION 3.0)
 project(SoftEtherVPN LANGUAGES C)
 set(default_build_type "Release")
 add_subdirectory(src)
--- a/12
+++ b/12
@ -7,7 +7,7 @@ Allow specifying cipher suites instead of single ciphers. PR #343
 Add parameter "ListenIP" to server configuration (vpn_server.config). PR #202
 cppcheck findings. PR #275
 Add DhParamBits configuration to set Diffie-Hellman parameters. PR #129
-Fix log msg for IKE with agressive exchange mode. PR #425
+Fix log msg for IKE with aggressive exchange mode. PR #425
 Fixes 11 vulnerabilities found by Max Planck Institute for Molecular Genetics and Mr. Guido Vranken. PR #419
 Fixed the bug which occurs the L2TP/IPsec connection error with Android Oreo, etc. PR #405
 build documentation refactoring. PR #395
@ -22,7 +22,7 @@ Upgraded OpenSSL to 1.0.2l.
 Source code is now compatible with OpenSSL 1.1.x. Supports DHE-RSA-CHACHA 20-POLY 1305 and ECDHE-RSA-CHACHA 20-POLY 1305, which are new encryption methods of TLS 1.2. (In order to use this new function, you need to recompile yourself using OpenSSL 1.1.x.)
 TrafficServer / TrafficClient function (The traffic throughput measurement function) is now multithreaded and compatible with about 10 Gbps using NIC with the RSS feature.
 Changed the default algorithm for SSL from RC4-MD5 to AES128-SHA.
-Fixed a bug that occurr wrong checksum recalculation in special case of the TCP-MSS clamp processing.
+Fixed a bug that occur wrong checksum recalculation in special case of the TCP-MSS clamp processing.
 Fixed the calculation interval of update interval of DHCP client packet issued by kernel mode virtual NAT function of SecureNAT function.
 Driver upgrade and DLL name change with Crypto ID support of USB security token.
 Fixed a problem that CPU sleep processing was not performed when the wait time of the Select () function was INFINITE on Mac OS X.
@ -102,13 +102,13 @@ Added the compatibility with Cisco 800 series routers (e.g. Cisco 841M) on the L
 Added the support the compatibility to YAMAHA RTX series routers on the L2TPv3 over IPsec protocol.
-Added the support for EAP and PEAP. SoftEther VPN Server can now speak RFC3579 (EAP) or Protected EAP (PEAP) to request user authentications to the RADIUS server with the MS-CHAPv2 mechanism. If this function is enabled, all requests from L2TP VPN clients which contain MS-CHAPv2 authentication data will be converted automatically to EAP or PEAP when it is transferred to the RADIUS server. You must enable this function manually for each of Virtual Hubs. To enable the function converting from MS-CHAPv2 to EAP, set the "RadiusConvertAllMsChapv2AuthRequestToEap" value to "true" in the vpn_server.config. To enable the functin converting from MS-CHAPv2 to PEAP, set both "RadiusConvertAllMsChapv2AuthRequestToEap" and "RadiusUsePeapInsteadOfEap" options to "true".
+Added the support for EAP and PEAP. SoftEther VPN Server can now speak RFC3579 (EAP) or Protected EAP (PEAP) to request user authentications to the RADIUS server with the MS-CHAPv2 mechanism. If this function is enabled, all requests from L2TP VPN clients which contain MS-CHAPv2 authentication data will be converted automatically to EAP or PEAP when it is transferred to the RADIUS server. You must enable this function manually for each of Virtual Hubs. To enable the function converting from MS-CHAPv2 to EAP, set the "RadiusConvertAllMsChapv2AuthRequestToEap" value to "true" in the vpn_server.config. To enable the function converting from MS-CHAPv2 to PEAP, set both "RadiusConvertAllMsChapv2AuthRequestToEap" and "RadiusUsePeapInsteadOfEap" options to "true".
 SoftEther VPN 4.19 Build 9578 Beta (September 15, 2015)
 Solved the problem that kernel mode drivers do not pass the general tests of "Driver Verifier Manager" in Windows 10.
 SoftEther VPN 4.18 Build 9570 RTM (July 26, 2015)
-Compabible with Windows 10.
+Compatible with Windows 10.
 Solved the problem that the customized language setting on the "lang.config" file.
 config sometimes corrupts in the rare condition.
@ -279,7 +279,7 @@ Whole English UI texts are checked and corrected by a native speaker of English.
 SoftEther VPN 4.03 Build 9411 (January 7, 2014)
 Modified the source-code tree. In the build 9408, some C# build-utility source codes were missing. In this build, full set of all source codes including the BuildUtil program are appended. No functional differences between this build and the last build.
-SoftEther VPN 4.03 Build 9408 (Jaunary 4, 2014)
+SoftEther VPN 4.03 Build 9408 (January 4, 2014)
 SoftEther VPN became open source software from this build. More details on this page. Note that the major version 3.xx was skipped for internal reason of our project. So this open-sourced new version starts with major version 4.xx.
 SoftEther VPN 2.00 Build 9387 (September 16, 2013)
@ -345,7 +345,7 @@ Improvement of the stability of UDP-based communication.
 Fixed a problem: SecureNAT's connectivity polling packet interval was too short.
 SoftEther VPN 1.00 Build 9035 RC2 Fix8 (March 26, 2013)
-Fixed a crash bug: While you are changeing the X.509 server certificate, if a new SSL-VPN connection is being made, the new connection attempt will cause the crash because lack of critical section locking. However this bug was very rare. We found it in the heavy stress test.
+Fixed a crash bug: While you are changing the X.509 server certificate, if a new SSL-VPN connection is being made, the new connection attempt will cause the crash because lack of critical section locking. However this bug was very rare. We found it in the heavy stress test.
 SoftEther VPN 1.00 Build 9033 RC2 Fix7 (March 22, 2013)
 Fixed a minor bug.
--- a/DISCLAIMER.md
+++ b/DISCLAIMER.md
@ -42,7 +42,7 @@ RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL
 RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT
 JUST A STATEMENT FOR WARNING AND DISCLAIMER.
-READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE.
+READ AND UNDERSTAND THE ['WARNING.TXT'](src/WARNING.TXT) FILE BEFORE USING THIS SOFTWARE.
 SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE
-WITH LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE.
+WITH LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE ['THIRD_PARTY.TXT'](src/THIRD_PARTY.TXT) FILE.
--- a/8
+++ b/8
@ -70,9 +70,9 @@ STATEMENT FOR WARNING AND DISCLAIMER.
 THE FOLLOWING GPLV2 CONDITIONS APPLY ON ALL SOFTETHER VPN PROGRAMS WHICH ARE
 DEVELOPED BY SOFTETHER VPN PROJECT.
-READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE.
+READ AND UNDERSTAND THE 'src/WARNING.TXT' FILE BEFORE USING THIS SOFTWARE.
 SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH
-LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE.
+LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'src/THIRD_PARTY.TXT' FILE.
                    GNU GENERAL PUBLIC LICENSE
                       Version 2, June 1991
@ -339,7 +339,7 @@ DAMAGES.
                     END OF TERMS AND CONDITIONS
-READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE.
+READ AND UNDERSTAND THE 'src/WARNING.TXT' FILE BEFORE USING THIS SOFTWARE.
 SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH
-LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE.
+LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'src/THIRD_PARTY.TXT' FILE.
--- a/README.md
+++ b/README.md
@ -1,11 +1,17 @@
 # SoftEther VPN
-[![Build Status](https://ci.appveyor.com/api/projects/status/github/softethervpn/softethervpn?branch=master&svg=true)](https://ci.appveyor.com/project/softethervpn/softethervpn)
+[![AppVeyor build status](https://ci.appveyor.com/api/projects/status/github/softethervpn/softethervpn?branch=master&svg=true)](https://ci.appveyor.com/project/softethervpn/softethervpn) [![Travis CI build status](https://travis-ci.org/SoftEtherVPN/SoftEtherVPN.svg?branch=master)](https://travis-ci.org/SoftEtherVPN/SoftEtherVPN)
 [![Build Status](https://travis-ci.org/SoftEtherVPN/SoftEtherVPN.svg?branch=master)](https://travis-ci.org/SoftEtherVPN/SoftEtherVPN)
 ---
 - [SoftEther VPN](#softether-vpn)
 - [BOARD MEMBERS OF THIS REPOSITORY](#board-members-of-this-repository)
 - [SOFTETHER VPN ADVANTAGES](#softether-vpn-advantages)
 - [Installation](#installation)
  * [For Ubuntu](#for-ubuntu)
  * [From binary installers:](#from-binary-installers)
  * [Build from Source code](#build-from-source-code)
 - [TO CIRCUMVENT YOUR GOVERNMENT'S FIREWALL RESTRICTION](#to-circumvent-your-governments-firewall-restriction)
 - [SOURCE CODE CONTRIBUTION](#source-code-contribution)
 - [DEAR SECURITY EXPERTS](#dear-security-experts)
 SoftEther VPN (Developer Edition Master Repository)
 - An Open-Source Cross-platform Multi-protocol VPN Program
@ -18,7 +24,7 @@ Stable Edition is available on
 https://github.com/SoftEtherVPN/SoftEtherVPN_Stable
 which the non-developer user can stable use.
-Source code packages (.zip and .tar.gz) and binary files of Stable Edition are also available:
+Source code packages (.zip and .tar.gz) and binary files of Stable Edition are also available:  
 http://www.softether-download.com/
 We accept your patches by the acceptance policy:
@ -106,69 +112,25 @@ https://github.com/GildedHonour
 - More details at http://www.softether.org/.
-# GETTING STARTED
+# Installation
-Visit the SoftEther VPN Project official web site at first:
+## For Ubuntu
        http://www.softether.org/
-If you are not a developer, it is recommended to download the binary
+[Launchpad PPA](https://launchpad.net/~paskal-07/+archive/ubuntu/softethervpn/+packages) maintained by [Dmitry Verkhoturov](https://github.com/paskal)
 installers from:
        http://www.softether-download.com/
-To build from the source,
+## From binary installers:
 see [BUILD_UNIX](src/BUILD_UNIX.md) or [BUILD_WINDOWS](src/BUILD_WINDOWS.md) files.
 Those can be found under http://www.softether-download.com/
 There you can also find SoftEtherVPN source code in zip and tar formats.
-# HOW TO DOWNLOAD THE LATEST SOURCE CODE PACKAGE
+## Build from Source code
-Go to http://www.softether-download.com/ and you can find the latest
+see [BUILD_UNIX](src/BUILD_UNIX.md) or [BUILD_WINDOWS](src/BUILD_WINDOWS.md)
 source-code package file in both .ZIP and .TAR.GZ format.
-This is the easiest way to obtain the source code of SoftEther VPN.
+There are two flavours of SoftEtherVPN source code:
-
+1. Unstable. Found under https://github.com/SoftEtherVPN/SoftEtherVPN
-# HOW TO GET THE LATEST SOURCE CODE TREE FOR DEVELOPERS
+2. Stable. Found under https://github.com/SoftEtherVPN/SoftEtherVPN_Stable
 If you are an open-source developer, visit our GitHub repository:
 https://github.com/SoftEtherVPN/SoftEtherVPN/
 You can download the up-to-date source-code tree of SoftEther VPN
 from GitHub. You may make your own fork project from our project.
 ##  Requirements
 ### 1. Debian/Ubuntu
 - gcc
 - libncurses5-dev
 - libreadline-dev
 - make
 - libssl-dev
 - zlib1g-dev
 ### 2. Redhat/CentOS
 - gcc
 - openssl-devel
 - make
 - ncurses-devel
 - readline-devel
 - zlib-devel
 ## Compile and install
 The download and build instruction is following:
 ```sh
 $ git clone https://github.com/SoftEtherVPN/SoftEtherVPN.git
 $ cd SoftEtherVPN
 $ ./configure
 $ make
 $ make install
 ```
 Please see src/BUILD_UNIX.md for more build instructions.
 # TO CIRCUMVENT YOUR GOVERNMENT'S FIREWALL RESTRICTION
@ -205,7 +167,7 @@ about the problem immediately so that we can fix the security problem
 to protect a lot of users around the world as soon as possible.
 Our e-mail address for security reports is:
-softether-vpn-security [at] softether.org
+**softether-vpn-security at softether.org**
 Please note that the above e-mail address is not a technical support
 inquiry address. If you need technical assistance, please visit
--- a/THIRD_PARTY.TXT
+++ b/THIRD_PARTY.TXT
@ -1,724 +0,0 @@
 BitVisor(R) VPN Client Module (IPsec Driver):
 Copyright (c) 2007, 2008 University of Tsukuba.
 Copyright (C) 2007, 2008 National Institute of Information and Communications
 Technology.
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 1. Redistributions of source code must retain the above copyright notice, this
 list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 3. Neither the name of the University of Tsukuba nor the names of its
 contributors may be used to endorse or promote products derived from this
 software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 -------------------
 Microsoft(R) C Runtime Library:
 (c) 2007 Microsoft Corporation. All Rights Reserved.
 -------------------
 RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki):
 License to copy and use this software is granted provided that it is
 identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 (Cryptoki)" in all material mentioning or referencing this software.
 License is also granted to make and use derivative works provided that such
 works are identified as "derived from the RSA Security Inc. PKCS #11
 Cryptographic Token Interface (Cryptoki)" in all material mentioning or
 referencing the derived work.
 RSA Security Inc. makes no representations concerning either the
 merchantability of this software or the suitability of this software for any
 particular purpose. It is provided "as is" without express or implied warranty
 of any kind.
 -------------------
 WinPcap:
 Copyright (c) 2001 - 2003 NetGroup, Politecnico di Torino (Italy)
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 1. Redistributions of source code must retain the above copyright notice, this
 list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 3. Neither the name of the Politecnico di Torino nor the names of its
 contributors may be used to endorse or promote products derived from this
 software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 -------------------
 libedit:
 Copyright (c) 1992, 1993 The Regents of the University of California.  All
 rights reserved.
 This code is derived from software contributed to Berkeley by Christos Zoulas
 of Cornell University.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 1. Redistributions of source code must retain the above copyright notice, this
 list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 3. Neither the name of the University nor the names of its contributors may be
 used to endorse or promote products derived from this software without
 specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY
 EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
 DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 -------------------
 libiconv:
          GNU LIBRARY GENERAL PUBLIC LICENSE
               Version 2, June 1991
 Copyright (C) 1991 Free Software Foundation, Inc.
 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
 Everyone is permitted to copy and distribute verbatim copies of this license
 document, but changing it is not allowed.
 [This is the first released version of the library GPL. It is
 numbered 2 because it goes with version 2 of the ordinary GPL.]
                Preamble
  The licenses for most software are designed to take away your freedom to
 share and change it. By contrast, the GNU General Public Licenses are intended
 to guarantee your freedom to share and change free software--to make sure the
 software is free for all its users.
  This license, the Library General Public License, applies to some specially
 designated Free Software Foundation software, and to any other libraries whose
 authors decide to use it. You can use it for your libraries, too.
  When we speak of free software, we are referring to freedom, not price. Our
 General Public Licenses are designed to make sure that you have the freedom to
 distribute copies of free software (and charge for
 this service if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new free
 programs; and that you know you can do these things.
  To protect your rights, we need to make restrictions that forbid anyone to
 deny you these rights or to ask you to surrender the rights. These
 restrictions translate to certain responsibilities for you if you distribute
 copies of the library, or if you modify it.
  For example, if you distribute copies of the library, whether gratis or for
 a fee, you must give the recipients all the rights that we gave you. You must
 make sure that they, too, receive or can get the source
 code. If you link a program with the library, you must provide complete object
 files to the recipients so that they can relink them with the library, after
 making changes to the library and recompiling it. And you must show them these
 terms so they know their rights.
  Our method of protecting your rights has two steps: (1) copyright the
 library, and (2) offer you this license which gives you legal permission to
 copy, distribute and/or modify the library.
  Also, for each distributor's protection, we want to make certain that
 everyone understands that there is no warranty for this free library. If the
 library is modified by someone else and passed on, we want its recipients to
 know that what they have is not the original version, so that any problems
 introduced by others will not reflect on the original authors' reputations.
  Finally, any free program is threatened constantly by software patents. We
 wish to avoid the danger that companies distributing free software will
 individually obtain patent licenses, thus in effect transforming the program
 into proprietary software. To prevent this, we have made it clear that any
 patent must be licensed for everyone's free use or not licensed at all.
  Most GNU software, including some libraries, is covered by the ordinary GNU
 General Public License, which was designed for utility programs. This license,
 the GNU Library General Public License, applies to certain designated
 libraries. This license is quite different from the ordinary one; be sure to
 read it in full, and don't assume that anything in it is the same as in the
 ordinary license.
  The reason we have a separate public license for some libraries is that they
 blur the distinction we usually make between modifying or adding to a program
 and simply using it. Linking a program with a library, without changing the
 library, is in some sense simply using the library, and is analogous to
 running a utility program or application program. However, in a textual and
 legal sense, the linked executable is a combined work, a derivative of the
 original library, and the ordinary General Public License treats it as such.
  Because of this blurred distinction, using the ordinary General Public
 License for libraries did not effectively promote software sharing, because
 most developers did not use the libraries. We concluded that weaker conditions
 might promote sharing better.
  However, unrestricted linking of non-free programs would deprive the users
 of those programs of all benefit from the free status of the libraries
 themselves. This Library General Public License is intended to
 permit developers of non-free programs to use free libraries, while preserving
 your freedom as a user of such programs to change the free libraries that are
 incorporated in them. (We have not seen how to achieve this as regards changes
 in header files, but we have achieved it as regards changes in the actual
 functions of the Library.) The hope is that this will lead to faster
 development of free libraries.
  The precise terms and conditions for copying, distribution and modification
 follow. Pay close attention to the difference between a "work based on the
 library" and a "work that uses the library". The former contains code derived
 from the library, while the latter only works together with the library.
  Note that it is possible for a library to be covered by the ordinary General
 Public License rather than by this special one.
          GNU LIBRARY GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
  0. This License Agreement applies to any software library which contains a
 notice placed by the copyright holder or other authorized party saying it may
 be distributed under the terms of this Library
 General Public License (also called "this License"). Each licensee is
 addressed as "you".
  A "library" means a collection of software functions and/or data prepared so
 as to be conveniently linked with application programs (which use some of
 those functions and data) to form executables.
  The "Library", below, refers to any such software library or work which has
 been distributed under these terms. A "work based on the Library" means either
 the Library or any derivative work under copyright law: that is to say, a work
 containing the Library or a portion of it, either verbatim or with
 modifications and/or translated straightforwardly into another language.
 (Hereinafter, translation is included without limitation in the term
 "modification".)
  "Source code" for a work means the preferred form of the work for making
 modifications to it. For a library, complete source code means all the source
 code for all modules it contains, plus any associated interface definition
 files, plus the scripts used to control compilation and installation of the
 library.
  Activities other than copying, distribution and modification are not covered
 by this License; they are outside its scope. The act of running a program
 using the Library is not restricted, and output from such a program is covered
 only if its contents constitute a work based on the Library (independent of
 the use of the Library in a tool for writing it). Whether that is true depends
 on what the Library does and what the program that uses the Library does.
  1. You may copy and distribute verbatim copies of the Library's complete
 source code as you receive it, in any medium, provided that you conspicuously
 and appropriately publish on each copy an appropriate copyright notice and
 disclaimer of warranty; keep intact all the notices that refer to this License
 and to the absence of any warranty; and distribute a copy of this License
 along with the Library.
  You may charge a fee for the physical act of transferring a copy, and you
 may at your option offer warranty protection in exchange for a fee.
  2. You may modify your copy or copies of the Library or any portion of it,
 thus forming a work based on the Library, and copy and distribute such
 modifications or work under the terms of Section 1 above, provided that you
 also meet all of these conditions:
    a) The modified work must itself be a software library.
    b) You must cause the files modified to carry prominent notices stating
 that you changed the files and the date of any change.
    c) You must cause the whole of the work to be licensed at no charge to all
 third parties under the terms of this License.
    d) If a facility in the modified Library refers to a function or a table
 of data to be supplied by an application program that uses the facility, other
 than as an argument passed when the facility is invoked, then you must make a
 good faith effort to ensure that, in the event an application does not supply
 such function or table, the facility still operates, and performs whatever
 part of its purpose remains meaningful.
    (For example, a function in a library to compute square roots has a
 purpose that is entirely well-defined independent of the application.
 Therefore, Subsection 2d requires that any application-supplied function or
 table used by this function must be optional: if the application does not
 supply it, the square root function must still compute square roots.)
 These requirements apply to the modified work as a whole. If identifiable
 sections of that work are not derived from the Library, and can be reasonably
 considered independent and separate works in themselves, then this License,
 and its terms, do not apply to those sections when you distribute them as
 separate works. But when you distribute the same sections as part of a whole
 which is a work based on the Library, the distribution of the whole must be on
 the terms of this License, whose permissions for other licensees extend to the
 entire whole, and thus to each and every part regardless of who wrote it.
 Thus, it is not the intent of this section to claim rights or contest your
 rights to work written entirely by you; rather, the intent is to exercise the
 right to control the distribution of derivative or collective works based on
 the Library.
 In addition, mere aggregation of another work not based on the Library with
 the Library (or with a work based on the Library) on a volume of a storage or
 distribution medium does not bring the other work under the scope of this
 License.
  3. You may opt to apply the terms of the ordinary GNU General Public
 License instead of this License to a given copy of the Library. To do this,
 you must alter all the notices that refer to this License, so that they refer
 to the ordinary GNU General Public License, version 2, instead of to this
 License. (If a newer version than version 2 of the ordinary GNU General Public
 License has appeared, then you can specify that version instead if you wish.)
 Do not make any other change in these notices.
  Once this change is made in a given copy, it is irreversible for that copy,
 so the ordinary GNU General Public License applies to all subsequent copies
 and derivative works made from that copy.
  This option is useful when you wish to copy part of the code of the Library
 into a program that is not a library.
  4. You may copy and distribute the Library (or a portion or derivative of
 it, under Section 2) in object code or executable form under the terms of
 Sections 1 and 2 above provided that you accompany it with the complete
 corresponding machine-readable source code, which must be distributed under
 the terms of Sections 1 and 2 above on a medium customarily used for software
 interchange.
  If distribution of object code is made by offering access to copy from a
 designated place, then offering equivalent access to copy the source code from
 the same place satisfies the requirement to distribute the source code, even
 though third parties are not compelled to copy the source along with the
 object code.
  5. A program that contains no derivative of any portion of the Library, but
 is designed to work with the Library by being compiled or linked with it, is
 called a "work that uses the Library". Such a work, in isolation, is not a
 derivative work of the Library, and therefore falls outside the scope of this
 License.
  However, linking a "work that uses the Library" with the Library creates an
 executable that is a derivative of the Library (because it contains portions
 of the Library), rather than a "work that uses the library". The executable is
 therefore covered by this License.
 Section 6 states terms for distribution of such executables.
  When a "work that uses the Library" uses material from a header file that is
 part of the Library, the object code for the work may be a derivative work of
 the Library even though the source code is not.
 Whether this is true is especially significant if the work can be linked
 without the Library, or if the work is itself a library. The threshold for
 this to be true is not precisely defined by law.
  If such an object file uses only numerical parameters, data structure
 layouts and accessors, and small macros and small inline functions (ten lines
 or less in length), then the use of the object file is unrestricted,
 regardless of whether it is legally a derivative work. (Executables containing
 this object code plus portions of the Library will still fall under Section
 6.)
  Otherwise, if the work is a derivative of the Library, you may distribute
 the object code for the work under the terms of Section 6. Any executables
 containing that work also fall under Section 6, whether or not they are linked
 directly with the Library itself.
  6. As an exception to the Sections above, you may also compile or link a
 "work that uses the Library" with the Library to produce a work containing
 portions of the Library, and distribute that work under terms of your choice,
 provided that the terms permit modification of the work for the customer's own
 use and reverse engineering for debugging such modifications.
  You must give prominent notice with each copy of the work that the Library
 is used in it and that the Library and its use are covered by this License.
 You must supply a copy of this License. If the work during execution displays
 copyright notices, you must include the copyright notice for the Library among
 them, as well as a reference directing the user to the copy of this License.
 Also, you must do one of these things:
    a) Accompany the work with the complete corresponding machine-readable
 source code for the Library including whatever changes were used in the work
 (which must be distributed under Sections 1 and 2 above) ; and, if the work is
 an executable linked with the Library, with the complete machine-readable
 "work that uses the Library", as object code and/or source code, so that the
 user can modify the Library and then relink to produce a modified executable
 containing the modified Library. (It is understood that the user who changes
 the contents of definitions files in the Library will not necessarily be able
 to recompile the application to use the modified definitions.)
    b) Accompany the work with a written offer, valid for at least three
 years, to give the same user the materials specified in Subsection 6a, above,
 for a charge no more than the cost of performing this distribution.
    c) If distribution of the work is made by offering access to copy from a
 designated place, offer equivalent access to copy the above specified
 materials from the same place.
    d) Verify that the user has already received a copy of these materials or
 that you have already sent this user a copy.
  For an executable, the required form of the "work that uses the Library"
 must include any data and utility programs needed for reproducing the
 executable from it. However, as a special exception, the source code
 distributed need not include anything that is normally distributed (in either
 source or binary form) with the major components (compiler, kernel, and so on)
 of the operating system on which the executable runs, unless that component
 itself accompanies the executable.
  It may happen that this requirement contradicts the license restrictions of
 other proprietary libraries that do not normally accompany the operating
 system. Such a contradiction means you cannot use both them and the Library
 together in an executable that you distribute.
  7. You may place library facilities that are a work based on the Library
 side-by-side in a single library together with other library facilities not
 covered by this License, and distribute such a combined library, provided that
 the separate distribution of the work based on the Library and of the other
 library facilities is otherwise permitted, and provided that you do these two
 things:
    a) Accompany the combined library with a copy of the same work based on
 the Library, uncombined with any other library facilities. This must be
 distributed under the terms of the Sections above.
    b) Give prominent notice with the combined library of the fact that part
 of it is a work based on the Library, and explaining where to find the
 accompanying uncombined form of the same work.
  8. You may not copy, modify, sublicense, link with, or distribute the
 Library except as expressly provided under this License. Any attempt otherwise
 to copy, modify, sublicense, link with, or distribute the Library is void, and
 will automatically terminate your rights under this License. However, parties
 who have received copies, or rights, from you under this License will not have
 their licenses terminated so long as such parties remain in full compliance.
  9. You are not required to accept this License, since you have not signed
 it. However, nothing else grants you permission to modify or distribute the
 Library or its derivative works. These actions are prohibited by law if you do
 not accept this License. Therefore, by modifying or distributing the Library
 (or any work based on the Library), you indicate your acceptance of this
 License to do so, and all its terms and conditions for copying, distributing
 or modifying the Library or works based on it.
  10. Each time you redistribute the Library (or any work based on the
 Library), the recipient automatically receives a license from the original
 licensor to copy, distribute, link with or modify the Library subject to these
 terms and conditions. You may not impose any further restrictions on the
 recipients' exercise of the rights granted herein. You are not responsible for
 enforcing compliance by third parties to this License.
  11. If, as a consequence of a court judgment or allegation of patent
 infringement or for any other reason (not limited to patent issues),
 conditions are imposed on you (whether by court order, agreement or otherwise)
 that contradict the conditions of this License, they do not excuse you from
 the conditions of this License. If you cannot distribute so as to satisfy
 simultaneously your obligations under this License and any other pertinent
 obligations, then as a consequence you may not distribute the Library at all.
 For example, if a patent license would not permit royalty-free redistribution
 of the Library by all those who receive copies directly or indirectly through
 you, then the only way you could satisfy both it and this License would be to
 refrain entirely from distribution of the Library.
 If any portion of this section is held invalid or unenforceable under any
 particular circumstance, the balance of the section is intended to apply, and
 the section as a whole is intended to apply in other circumstances.
 It is not the purpose of this section to induce you to infringe any patents or
 other property right claims or to contest validity of any such claims; this
 section has the sole purpose of protecting the integrity of the free software
 distribution system which is implemented by public license practices. Many
 people have made generous contributions to the wide range of software
 distributed through that system in reliance on consistent application of that
 system; it is up to the author/donor to decide if he or she is willing to
 distribute software through any other system and a licensee cannot impose that
 choice.
 This section is intended to make thoroughly clear what is believed to be a
 consequence of the rest of this License.
  12. If the distribution and/or use of the Library is restricted in certain
 countries either by patents or by copyrighted interfaces, the original
 copyright holder who places the Library under this License may add an explicit
 geographical distribution limitation excluding those countries, so that
 distribution is permitted only in or among countries not thus excluded. In
 such case, this License incorporates the limitation as if written in the body
 of this License.
  13. The Free Software Foundation may publish revised and/or new versions of
 the Library General Public License from time to time. Such new versions will
 be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 Each version is given a distinguishing version number. If the Library
 specifies a version number of this License which applies to it and "any later
 version", you have the option of following the terms and conditions either of
 that version or of any later version published by the Free Software
 Foundation. If the Library does not specify a license version number, you may
 choose any version ever published by the Free Software Foundation.
  14. If you wish to incorporate parts of the Library into other free programs
 whose distribution conditions are incompatible with these, write to the author
 to ask for permission. For software which is copyrighted by the Free Software
 Foundation, write to the Free Software Foundation; we sometimes make
 exceptions for this. Our decision will be guided by the two goals of
 preserving the free status of all derivatives of our free software and of
 promoting the sharing and reuse of software generally.
                NO WARRANTY
  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR
 THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
 STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE
 LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
 FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
 PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE,
 YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
 REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
 INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
 OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO
 LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR
 THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE),
 EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
 DAMAGES.
             END OF TERMS AND CONDITIONS
 -------------------
 ncurses:
 Copyright (c) 1998-2005,2006 Free Software Foundation, Inc.
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, distribute with
 modifications, sublicense, and/or sell copies of the Software, and to permit
 persons to whom the Software is furnished to do so, subject to the following
 conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
 IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 Except as contained in this notice, the name(s) of the above copyright holders
 shall not be used in advertising or otherwise to promote the sale, use or
 other dealings in this Software without prior written authorization.
 -------------------
 OpenSSL:
 OpenSSL License
 Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 1. Redistributions of source code must retain the above copyright notice, this
 list of conditions and the following disclaimer. 
 2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 3. All advertising materials mentioning features or use of this software must
 display the following acknowledgment: "This product includes software
 developed by the OpenSSL Project for use in the OpenSSL Toolkit.
 (http://www.openssl.org/)"
 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 endorse or promote products derived from this software without prior written
 permission. For written permission, please contact openssl-core@openssl.org.
 5. Products derived from this software may not be called "OpenSSL" nor may
 "OpenSSL" appear in their names without prior written permission of the
 OpenSSL Project.
 6. Redistributions of any form whatsoever must retain the following
 acknowledgment: "This product includes software developed by the OpenSSL
 Project for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED
 OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
 EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 This product includes cryptographic software written by Eric Young
 (eay@cryptsoft.com).  This product includes software written by Tim Hudson
 (tjh@cryptsoft.com).
 Original SSLeay License
 Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
 This package is an SSL implementation written by Eric Young
 (eay@cryptsoft.com). The implementation was written so as to conform with
 Netscapes SSL.
 This library is free for commercial and non-commercial use as long as the
 following conditions are aheared to.  The following conditions apply to all
 code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code;
 not just the SSL code.  The SSL documentation included with this distribution
 is covered by the same copyright terms except that the holder is Tim Hudson
 (tjh@cryptsoft.com).
 Copyright remains Eric Young's, and as such any Copyright notices in the code
 are not to be removed. If this package is used in a product, Eric Young should
 be given attribution as the author of the parts of the library used. This can
 be in the form of a textual message at program startup or in documentation
 (online or textual) provided with the package.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 1. Redistributions of source code must retain the copyright notice, this list
 of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 3. All advertising materials mentioning features or use of this software must
 display the following acknowledgement: "This product includes cryptographic
 software written by Eric Young (eay@cryptsoft.com)" The word 'cryptographic'
 can be left out if the rouines from the library being used are not
 cryptographic related :-).
 4. If you include any Windows specific code (or a derivative thereof) from the
 apps directory (application code) you must include an acknowledgement: "This
 product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED
 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
 EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 The licence and distribution terms for any publically available version or
 derivative of this code cannot be changed.  i.e. this code cannot simply be
 copied and put under another distribution licence [including the GNU Public
 Licence.]
 -------------------
 zlib:
 Acknowledgments:
  The deflate format used by zlib was defined by Phil Katz. The deflate and
 zlib specifications were written by L. Peter Deutsch. Thanks to all the people
 who reported problems and suggested various improvements in zlib; they are too
 numerous to cite here.
 Copyright notice:
 (C) 1995-2004 Jean-loup Gailly and Mark Adler
  This software is provided 'as-is', without any express or implied warranty.
 In no event will the authors be held liable for any damages arising from the
 use of this software.
  Permission is granted to anyone to use this software for any purpose,
 including commercial applications, and to alter it and redistribute it freely,
 subject to the following restrictions:
  1. The origin of this software must not be misrepresented; you must not
 claim that you wrote the original software. If you use this software in a
 product, an acknowledgment in the product documentation would be appreciated
 but is not required.
  2. Altered source versions must be plainly marked as such, and must not be
 misrepresented as being the original software.
  3. This notice may not be removed or altered from any source distribution.
  Jean-loup Gailly        Mark Adler
  jloup@gzip.org          madler@alumni.caltech.edu
 If you use the zlib library in a product, we would appreciate *not* receiving
 lengthy legal documents to sign. The sources are provided for free but without
 warranty of any kind.  The library has been entirely written by Jean-loup
 Gailly and Mark Adler; it does not include third-party code.
 If you redistribute modified sources, we would appreciate that you include in
 the file ChangeLog history information documenting your changes. Please read
 the FAQ for more information on the distribution of modified source versions.
 -------------------
 Intel AESNI Sample Library:
 Copyright (c) 2010, Intel Corporation
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 * Redistributions of source code must retain the above copyright notice, this
 list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer in the documentation
 and/or other materials provided with the distribution.
 * Neither the name of Intel Corporation nor the names of its contributors may
 be used to endorse or promote products derived from this software without
 specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 Issue Date: Aug 6, 2010
--- a/WARNING.TXT
+++ b/WARNING.TXT
@ -1,565 +0,0 @@
 THE IMPORTANT NOTICES ABOUT SOFTETHER VPN
 FUNCTIONS OF VPN COMMUNICATIONS EMBEDDED ON THIS SOFTWARE ARE VERY POWERFUL
 THAN EVER. THIS STRONG VPN ABILITY WILL BRING YOU HUGE BENEFITS. HOWEVER, IF
 YOU MISUSE THIS SOFTWARE, IT MIGHT DAMAGE YOURSELF. IN ORDER TO AVOID SUCH
 RISKS, THIS DOCUMENT ACCOUNTS IMPORTANT NOTICES FOR CUSTOMERS WHO ARE WILLING
 TO USE THIS SOFTWARE. THE FOLLOWING INSTRUCTIONS ARE VERY IMPORTANT. READ AND
 UNDERSTAND IT CAREFULLY. ADDITIONALLY, IF YOU ARE PLANNING TO USE THE DYNAMIC
 DNS, THE NAT TRAVERSAL OR THE VPN AZURE FUNCTIONS, READ THE SECTION 3.5
 CAREFULLY. THESE FUNCTIONS ARE FREE SERVICES PROVIDED VIA THE INTERNET, ARE
 NOT GUARANTEED, AND ARE NOT INTENDED TO BE USED FOR BUSINESS OR COMMERCIAL
 USE. DO NOT USE THESE SERVICES FOR YOUR BUSINESS OR COMMERCIAL USE.
 1. VPN Communication Protocols
 1.1. SoftEther VPN Protocol
 SoftEther VPN can perform VPN communication. Unlike traditional VPN protocols,
 SoftEther VPN has an implementation of the newly-designed "SoftEther VPN
 Protocol (SE-VPN Protocol)" . SE-VPN protocol encapsulates any Ethernet
 packets into a HTTPS (HTTP over SSL) connection. Therefore SE-VPN protocol can
 communicate beyond firewalls even if the firewall is configured to block
 traditional VPN packets by network administrator. SE-VPN protocol is designed
 and implemented to comply TLS 1.0 (RFC 5246) and HTTPS (RFC 2818). However, it
 sometimes have different behavior to RFCs. If you are a network administrator
 and want to block SE-VPN protocols on the firewall, you can adopt a
 "white-list" policy on the firewall to filter any TCP or UDP packets on the
 border except explicitly allowed packets towards specific web sites and
 servers.
 1.2. NAT Traversal Function
 Generally, if you use traditional VPN systems you have to request a network
 administrator to make the NAT or firewall to "open" or "relay" specific TCP or
 UDP ports. However, there are demands somehow to eliminate such working costs
 on network administrators. In order to satisfy such demands, SoftEther VPN has
 the newly-implemented "NAT Traversal" function. NAT Traversal is enabled by
 default. A SoftEther VPN Server running on the computer behind NAT or firewall
 can accept VPN connections from the Internet, without any special
 configurations on firewalls or NATs. If you want to disable the NAT Traversal
 function, modify the "DisableNatTraversal" to "true" on the configuration file
 of SoftEther VPN Server. In order to disable it on the client-side, append
 "/tcp" suffix on the destination hostname.
 1.3. Dynamic DNS Function
 Traditional legacy VPN system requires a static global IP address on the VPN
 server. In consideration of shortage of global IP addresses, SoftEther
 Corporation implements the "Dynamic DNS Function" on SoftEther VPN Server.
 Dynamic DNS is enabled by default. Dynamic DNS function notify the current
 global IP address of the PC to the Dynamic DNS Servers which are operated by
 SoftEther Corporation. A globally-unique hostname (FQDN) such as
 "abc.softether.net" ( "abc" varies as unique per a user) will be assigned on
 the VPN Server. If you tell this unique hostname to a VPN user, the user can
 specify it as the destination VPN Sever hostname on the VPN Client and will be
 able to connect the VPN Server. No IP addresses are required to know
 beforehand. If the IP address of the VPN Server varies, the registered IP
 address related to the hostname of Dynamic DNS service will be changed
 automatically. By this mechanism, no longer need a static global IP address
 which costs monthly to ISPs. You can use consumer-level inexpensive Internet
 connection with dynamic IP address in order to operate an enterprise-level VPN
 system. If you want to disable Dynamic DNS, specify "true" on the "Disabled"
 items of the "DDnsClient" directive on the SoftEther VPN Server configuration
 file. * Note for residents in People's Republic of China: If your VPN Server
 is running on the People's Republic of China, the DNS suffix will be replaced
 to "sedns.cn" domain. The "sedns.cn" domain is the service possessed and
 operated by "Beijing Daiyuu SoftEther Technology Co., Ltd" which is a
 Chinese-local enterprise.
 1.4. VPN over ICMP / VPN over DNS functions
 If you want to make a VPN connection between SoftEther VPN Client / Bridge and
 SoftEther VPN Server, but if TCP and UDP packets are prohibited by the
 firewall, then you can encapsulates payloads into "ICMP" (as known as Ping) or
 "DNS" packets. This function can realize a VPN connection by using ICMP or DNS
 even if the firewall or router blocks every TCP or UDP connections. VPN over
 ICMP / VPN over DNS functions are designed to comply standard ICMP and DNS
 specifications as possible, however it sometimes has a behavior not to fully
 comply them. Therefore, few poor-quality routers may be caused a
 memory-overflow or something troubles when a lot of ICMP or DNS packets are
 passed, and such routers sometimes freezes or reboots. It might affects other
 users on the same network. To avoid such risks, append the suffix "/tcp" on
 the destination hostname which is specified on the VPN-client side to disable
 VPN over ICMP / DNS functions.
 1.5. VPN Azure Cloud Service
 If your SoftEther VPN Server is placed behind the NAT or firwall, and by some
 reason you cannot use NAT Traversal function, Dynamic DNS function or VPN over
 ICMP/DNS function, you can use VPN Azure Clouse Service. SoftEther Corporation
 operates VPN Azure Cloud on Internet. After the VPN Server makes a connection
 to the VPN Azure Cloud, the hostname "abc.vpnazure.net" ( "abc" is a unique
 hostname) can be specified to connect to the VPN Server via the VPN Azure
 Cloud. Practically, such a hostname is pointing a global IP address of one of
 cloud servers which are operated by SoftEther Corporation. If A VPN Client
 connects to such a VPN Azure host, then the VPN Azure host will relay all
 traffics between the VPN Client and the VPN Server. VPN Azure is disabled by
 default. You can activate it easily by using VPN Server Configuration Tool.
 1.6. UDP Acceleration
 SoftEther VPN has the UDP Acceleration Function. If a VPN consists of two
 sites detects that UDP channel can be established, UDP will be automatically
 used. By this function, throughput of UDP increases. If direct UDP channel can
 be established, direct UDP packets will be used. However, if there is
 something obstacles such as firewalls or NATs, the "UDP Hole Punching"
 technology will be used, instead. The "UDP Hole Punching" uses the cloud
 servers which SoftEther Corporation operates on Internet. UDP Acceleration can
 be disabled anytime by setting up so on the VPN-client side.
 2. VPN Software
 2.1. SoftEther VPN Client
 If you use SoftEther VPN Client on Windows, the Virtual Network Adapter device
 driver will be installed on Windows. The Virtual Network Adapter is
 implemented as a kernel-mode driver for Windows. The driver is
 digitally-signed by a certificate issued by VeriSign, Inc. and also sub-signed
 by Symantec Corporation. A message to ask you want to sure install the driver
 might be popped up on the screen. SoftEther VPN Client may response the
 message if possible. SoftEther VPN Client also optimizes the configuration of
 MMCSS (Multimedia Class Scheduler Service) on Windows. You can undo the
 optimizations of MMCSS afterwards.
 2.2. SoftEther VPN Server / Bridge
 If you use SoftEther VPN Server / Bridge on Windows with "Local Bridge"
 functions, you have to install the low-level Ethernet packet processing driver
 on the computer. The driver is digitally-signed by a certificate issued by
 VeriSign, Inc. and also sub-signed by Symantec Corporation. SoftEther VPN
 Server / Bridge may disable the TCP/IP offloading features on the physical
 network adapter for Local Bridge function. In Windows Vista / 2008 or greater
 version, VPN Server may inject a packet-filter driver which complies Windows
 Filter Platform (WPF) specification into the kernel in order to provide IPsec
 function. The packet-filter driver will be loaded available only if IPsec
 function is enabled. Once you enables IPsec function of SoftEther VPN Server,
 the built-in IPsec function of Windows will be disabled. After you disabled
 IPsec function of SoftEther VPN Server, then the built-in IPsec function of
 Windows will revive. In order to provide the Local Bridge function, SoftEther
 VPN Server / Bridge disables the TCP/IP offloading function on the operating
 system.
 2.3. User-mode Installation
 You can install SoftEther VPN Server and SoftEther VPN Bridge as "User-mode"
 on Windows. In other words, even if you don't have Windows system
 administrator's privileges, you can install SoftEther VPN as a normal user.
 User-mode install will disable a few functions, however other most functions
 work well. Therefore, for example, an employee can install SoftEther VPN
 Server on the computer in the office network, and he will be able to connect
 to the server from his home. In order to realize such a system by user-self,
 no system administrative privileges are required in the view-point of
 technical. However, breaking rules of the company to install software on the
 computer without authority might be regarded as an unfavorable behavior. If
 you are an employee and belong to the company, and the company-policy
 prohibits installing software or making communications towards Internet
 without permission, you have to obtain a permission from the network
 administrator or the executive officer of your company in advance to install
 SoftEther VPN. If you install VPN Server / Bridge as User-mode, an icon will
 be appeared on the Windows task-tray. If you feel that the icon disturbs you,
 you can hide it by your operation. However, you must not exploit this hiding
 function to install VPN Server on other person's computer as a spyware. Such
 behavior might be an offence against the criminal law.
 2.4. Keep Alive Function
 SoftEther VPN Server and SoftEther VPN Bridge has Keep Alive Function by
 default. The purpose of this function is to sustain the Internet line active.
 The function transmits UDP packets with a random-byte-array-payload
 periodically. This function is useful to avoid automatic disconnection on
 mobile or dial-up connections. You can disable Keep Alive Function anytime.
 2.5. Uninstallation
 The uninstallation process of SoftEther VPN software will delete all program
 files. However, non-program files (such as files and data which are generated
 by running of programs) ) will not be deleted. For technical reason, the exe
 and resource files of uninstaller might remain. Such remaining files never
 affects to use the computer, however you can delete it manually. Kernel-mode
 drivers might not be deleted, however such drivers will not be loaded after
 the next boot of Windows. You can use "sc" command of Windows to delete
 kernel-mode drivers manually.
 2.6. Security
 You should set the administrator's password on SoftEther VPN Server / Bridge
 after installation. If you neglect to do it, another person can access to
 SoftEther VPN Server / Bridge and can set the password without your
 permission. This caution might be also applied on SoftEther VPN Client for
 Linux.
 2.7. Automatic Update Notification
 SoftEther VPN software for Windows has an automatic update notification
 function. It accesses to the SoftEther Update server periodically to check
 whether or not the latest version of software is released. If the latest
 version is released, the notification message will be popped up on the screen.
 In order to achieve this purpose, the version, language settings, the unique
 identifier, the IP address of your computer and the hostname of VPN Server
 which is connected to will be sent to the SoftEther Update server. No personal
 information will be sent. Automatic Update Notification is enabled by default,
 however you can disable it on the configuration screen. The setting whether
 turned on or turned off will be saved individually corresponding to each
 destination VPN server, by VPN Server Manager.
 2.8. Virtual NAT Function
 A Virtual Hub on SoftEther VPN Server / Bridge has "Virtual NAT Function" .
 Virtual NAT Function can share a single IP address on the physical network by
 multiple private IP address of VPN Clients. There are two operation mode of
 Virtual NAT: User-mode and Kernel-mode. In the user-mode operation, Virtual
 NAT shares an IP address which is assigned on the host operating system.
 Unlike user-mode, the kernel-mode operation attempts to find DHCP servers on
 the physical network. If there are two or more physical networks, a DHCP
 server will be sought automatically for each segments serially. If a DHCP
 server found, and an IP address is acquired, the IP address will be used by
 the Virtual NAT. In this case, an IP entry as a DHCP client will be registered
 on the IP pool of the physical DHCP Server. The physical default gateway and
 the DNS server will be used by the Virtual NAT in order to communicate with
 hosts in Internet. In kernel-mode operation, a Virtual Hub has a virtual MAC
 address which is operating on the physical Ethernet segment. In order to check
 the connectivity to Internet, SoftEther VPN periodically sends DNS query
 packet to resolve the IP address of host "www.yahoo.com" or "www.baidu.com" ,
 and attempts to connect to the TCP port 80 of such a resulted IP address for
 connectivity check.
 2.9. Unattended Installation of Kernel-mode Components
 When SoftEther VPN will detect a necessity to install the kernel-mode
 components on Windows, a confirmation message will be appeared by Windows
 system. In this occasion, SoftEther VPN software will switch to the Unattended
 Installation mode in order to respond "Yes" to Windows. This is a solution to
 prevent dead-locks when a remote-administration is performed from remote
 place.
 2.10. Windows Firewall
 SoftEther VPN software will register itself as a safe-program. Such an entry
 will be remain after the uninstallation. You can remove it manually from the
 Control Panel of Windows.
 3. Internet Services
 3.1. Internet Services which are provided by SoftEther Corporation
 SoftEther Corporation provides Dynamic DNS, NAT Traversal and VPN Azure server
 services on the Internet. These services are free of charge. Customers can
 access to the services by using SoftEther VPN software, via Internet. These
 service will be planned to be available from Open-Source version of "SoftEther
 VPN" which will be released in the future.
 3.2. Sent Information and Privacy Protection
 SoftEther VPN software may send an IP address, hostname, the version of VPN
 software on the customer's computer to the cloud service operated by SoftEther
 Corporation, in order to use the above services. These sending of information
 are minimal necessary to use the services. No personal information will be
 sent. SoftEther Corporation records log files of the cloud service servers for
 90 days at least with the received information. Such logs will be used for
 troubleshooting and other legitimate activities. SoftEther Corporation may
 provide logs to a public servant of Japanese government who are belonging to
 courts, police stations and the prosecutor's office, in order to comply such
 authorities' order. (Every Japanese public servants are liable by law to keep
 the information close.) Moreover, the IP addresses or other information will
 be processed statistically and provided to the public, not to expose the each
 concrete IP address, in order to release the release of research activities.
 3.3. Communication Data via VPN Azure Service
 Regardless of the above 3.2 rule, if the customer sends or receives VPN
 packets using VPN Azure Cloud Service, the actual payloads will stored and
 forwarded via the volatile memory of the servers for very short period. Such a
 behavior is naturally needed to provide the "VPN relay service" . No payloads
 will be recorded on "fixed" storages such as hard-drives. However, the
 "Wiretapping for Criminals Procedures Act" (The 137th legislation ruled on
 August 18, 1999 in Japan) requires telecommunication companies to allow the
 Japanese government authority to conduct a wire-tapping on the line. VPN Azure
 Servers which are physically placed on Japan are subjects of this law.
 3.4. Comply to Japanese Telecommunication Laws
 SoftEther Corporation complies with Japanese Telecommunication Laws as
 necessary to provide online services via Internet.
 3.5. Free and Academic Experiment Services
 SoftEther provides Dynamic DNS, NAT Traversal and VPN Azure as academic
 experiment services. Therefore, there services can be used for free of charge.
 These services are not parts of "SoftEther VPN Software Products" . These
 services are provided without any warranty. The services may be suspended or
 discontinued by technical or operational matters. In such occasions, users
 will not be able to use the services. A user have to understand such risks,
 and to acknowledge that such risks are borne by a user-self. SoftEther will
 never be liable to results or damages of use or unable-to-use of the service.
 Even if the user has already paid the license-fee of the commercial version of
 SoftEther VPN, such paid fees don't include any fees of these services.
 Therefore, if the online services will stop or be discontinued, no refunds or
 recoveries of damages will be provided by SoftEther Corporation.
 3.6. DNS Proxy Cloud Servers
 In some regions, when a user uses Internet, a DNS query sometimes broken or
 lost when it is passing through the ISP line. If SoftEther VPN Server, Client
 or Bridge detects a possibility that the accessing to the actual VPN server
 might be unstable, then DNS queries will be also transferred to the DNS proxy
 cloud servers which are operated by SoftEther Corporation. A DNS proxy cloud
 server will respond DNS queries with answering correct a IP address.
 4. General Cautions
 4.1. Needs an Approval from Network Administrator
 SoftEther VPN has powerful functions which don't require special settings by
 network administrators. For example, you need not to ask the administrator to
 configure the existing firewall in order to "open" a TCP/UDP port. Such
 characteristic features are for the purpose to eliminate working times and
 costs of network administrators, and avoid misconfiguration-risks around the
 tasks to open specific exception ports on the firewall. However, any employees
 belong to the company have to obtain an approval from the network
 administrator before installs SoftEther VPN. If your network administrator
 neglects to provide such an approval, you can consider to take an approval
 from an upper authority. (For example, executive officer of the company.) If
 you use SoftEther VPN without any approvals from the authority of your
 company, you might have disadvantage. SoftEther Corporation will be never
 liable for results or damages of using SoftEther VPN.
 4.2. Observe Laws of Your Country
 If your country's law prohibits the use of encryption, you have to disable the
 encryption function of SoftEther VPN by yourself. Similarly, in some countries
 or regions, some functions of SoftEther VPN might be prohibited to use by
 laws. Other countries' laws are none of SoftEther Corporation's concern
 because SoftEther Corporation is an enterprise which is located and registered
 in Japan physically. For example, there might be a risk that a part of
 SoftEther VPN conflicts an existing patent which is valid only on the specific
 region. SoftEther Corporation has no interests in such specific region outside
 Japan's territory. Therefore, if you want to use SoftEther VPN in regions
 outside Japan, you have to be careful not to violate third-person's rights.
 You have to verify the legitimacy of the use of SoftEther VPN in the specific
 region before you actually use it in such region. By nature, there are almost
 200 countries in the World, and each country's law is different each other. It
 is practically impossible to verify every countries' laws and regulations and
 make the software comply with all countries' laws in advance to release the
 software. Therefore SoftEther Corporation has verified the legitimacy of
 SoftEther VPN against the laws and regulations of only Japan. If a user uses
 SoftEther VPN in a specific country, and damaged by public servants of the
 government authority, SoftEther Corporation will never be liable to recover or
 compensate such damages or criminal responsibilities.
 5. VPN Gate Academic Experiment Project
 (This chapter applies only on SoftEther VPN software package which contains
 the extension plug-in for VPN Gate Academic Experiment Project.)
 5.1. About VPN Gate Academic Experiment Project
 VPN Gate Academic Experiment Project is an online service operated for just
 the academic research purpose at the graduate school of University of Tsukuba,
 Japan. The purpose of this research is to expend our knowledge about the
 "Global Distributed Public VPN Relay Server" (GDPVRS) technology. For details,
 please visit http://www.vpngate.net/.
 5.2. About VPN Gate Service
 SoftEther VPN Server and SoftEther VPN Client may contain "VPN Gate Service"
 program. However, VPN Gate Service is disabled by default.
 VPN Gate Service should be activated and enabled by the voluntary intention of
 the owner of the computer which SoftEther VPN Server or SoftEther VPN Client
 is installed on. After you activate VPN Gate Service, the computer will be
 start to serve as a part of the Global Distributed Public VPN Relay Servers.
 The IP address, hostname and related information of the computer will be sent
 and registered to the directory server of VPN Gate Academic Experiment
 Project, and they will be published and disclosed to the public. This
 mechanism will allow any VPN Gate Client software's user to connect to the VPN
 Gate Service running on your computer. While the VPN session between a VPN
 Gate Client and your VPN Gate Service is established, the VPN Gate Client's
 user can send/receive any IP packets towards the Internet via the VPN Gate
 Service. The global IP address of the VPN Gate Service's hosing computer will
 be used as the source IP address of such communications which a VPN Gate
 Client initiates.
 VPN Gate Service will send some information to the VPN Gate Academic
 Experiment Service Directory Server. The information includes the operator's
 information which described in section 5.5, logging settings, uptime,
 operating system version, type of protocol, port numbers, quality information,
 statistical information, VPN Gate clients' log history data (includes dates,
 IP addresses, version numbers and IDs) and the version of the software. These
 information will be exposed on the directory. VPN Gate Service also receives a
 key for encoding which is described on the chapter 5.9 from the directory
 server.
 5.3. Details of VPN Gate Service's Behavior
 If you enable VPN Gate Service manually, which is disabled by default, the
 "VPNGATE" Virtual Hub will be created on the SoftEther VPN Server. If you are
 using SoftEther VPN Client and attempt to active VPN Gate Service on it, an
 equivalent program to SoftEther VPN Server will be invoked on the same process
 of SoftEther VPN Client, and the "VPNGATE" Virtual Hub will be created. The
 "VPNGATE" Virtual Hub contains a user named "VPN" by default which permits
 anyone on the Internet to make a VPN connection to the Virtual Hub. Once a VPN
 Client connects to the "VPNGATE" Virtual Hub, any communication between the
 user and the Internet will pass through the Virtual Hub, and
 transmitted/received using the physical network interface on the computer
 which SoftEther VPN Server (or SoftEther VPN Client) is running on. This will
 cause the result that a destination host specified by the VPN Client will
 identify that the source of the communication has initiated from the VPN Gate
 Service's hosting computer's IP address. However, for safety, any packets
 which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0
 or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to
 protect your local network. Therefore, if you run VPN Gate Service on your
 corporate network or private network, it is safe because anonymous VPN Client
 users will not be permitted to access such private networks. VPN Gate Service
 also serves as relay for accessing to the VPN Gate Directory Server.
 In order to make VPN Gate Service familiar with firewalls and NATs, it opens
 an UDP port by using the NAT Traversal function which is described on the
 section 1.2. It also opens and listens on some TCP ports, and some TCP and UDP
 ports will be specified as the target port of Universal Plug and Play (UPnP)
 Port Transfer entries which are requested to your local routers. UPnP request
 packets will be sent periodically. Some routers keep such an opened TCP/UDP
 port permanently on the device. If you wish to close them, do it manually.
 VPN Gate Service also provides the mirror-site function for www.vpngate.net.
 This is a mechanism that a copy of the latest contents from www.vpngate.net
 will be hosted by the mirror-site tiny HTTP server which is running on the VPN
 Gate Service program. It will register itself on the mirror-sites list in
 www.vpngate.net. However, it never relays any other communications which are
 not towards www.vpngate.net.
 5.4. Communication between Internet via VPN Gate Service
 VPN Gate Service provides a routing between users and the Internet, by using
 the Virtual NAT Function which is described on the section 2.8. VPN Gate
 Service sends polling Ping packets to the server which is located on
 University of Tsukuba, and the Google Public DNS Server which is identified as
 8.8.8.8, in order to check the latest quality of your Internet line. VPN Gate
 Service also sends and receives a lot of random packets to/from the Speed Test
 Server on University of Tsukuba. These quality data will be reported to VPN
 Gate Directory Server, automatically and periodically. The result will be
 saved and disclosed to the public. These periodical polling communication are
 adjusted not to occupy the Internet line, however in some circumstances they
 might occupy the line.
 5.5. Operator's Information of VPN Gate Service
 If you activate VPN Gate Service on your computer, the computer will be a part
 of the Global Distributed Public VPN Relay Servers. Therefore, the Operator's
 administrative information of your VPN Gate Service should be reported and
 registered on the VPN Gate Service Directory. Operator's information contains
 the name of the operator and the abuse-reporting contact e-mail address. These
 information can be inputted on the screen if the VPN Gate configuration.
 Inputted information will be transmitted to the VPN Gate Directory Server,
 stored and disclosed to the public. So you have to be careful to input
 information. By the way, until you specify something as the operator's
 information, the computer's hostname will be used automatically as the field
 of the name of the operator, by appending the "'s owner" string after the
 hostname.
 5.6. Observe Laws to Operate VPN Gate Service
 In some countries or regions, a user who is planning to activate and operate
 VPN Gate Service, he are mandated to obtain a license or register a service
 from/to the government. If your region has such a regulation, you must fulfill
 mandated process before activating VPN Gate Service in advance. Neither the
 developers nor operators of the VPN Gate Academic Experiment Project will be
 liable for legal/criminal responsibilities or damages which are occurred from
 failure to comply your local laws.
 5.7. Protect Privacy of Communication
 Most of countries have a law which requires communication service's operators,
 including VPN Gate Service operators, to protect the privacy of communication
 of third-persons. When you operate VPN Gate Service, you must always protect
 user's privacy.
 5.8. Packet Logs
 The packet logging function is implemented on VPN Gate Service. It records
 essential headers of major TCP/IP packets which are transmitted via the
 Virtual Hub. This function will be helpful to investigate the "original IP
 address" of the initiator of communication who was a connected user of your
 VPN Gate Service, by checking the packet logs and the connection logs. The
 packet logs are recorded only for such legitimate investigates purpose. Do not
 peek nor leak packet logs except the rightful purpose. Such act will be
 violate the section 5.7.
 5.9. Packet Logs Automatic Archiving and Encoding Function
 The VPN Gate Academic Experiment Service is operated and running under the
 Japanese constitution and laws. The Japanese constitution laws demand strictly
 protection over the privacy of communication. Because this service is under
 Japanese rules, the program of VPN Gate Service implements this "Automatic Log
 File Encoding" protection mechanism, and enabled by default.
 The VPN Gate Service is currently configured to encode packet log files which
 has passed two or more weeks automatically, by default. In order to protect
 privacy of communication, if a packet log file is once encoded, even the
 administrator of the local computer cannot censor the packet log file. This
 mechanism protects privacy of end-users of VPN Gate Service.
 You can change the VPN Gate Service setting to disable this automatic encoding
 function. Then packet log files will never be encoded even after two weeks
 passed. In such a configuration, all packet logs will remain as plain-text on
 the disk. Therefore you have to take care not to violate user's privacy.
 If you are liable to decode an encoded packet log files (for example: a VPN
 Gate Service's user illegally abused your VPN Gate Service and you have to
 decode the packet logs in order to comply the laws), contact the administrator
 of the VPN Gate Academic Experiment Service at Graduate School of University
 of Tsukuba, Japan. You can find the contact address at
 http://www.vpngate.net/. The administrator of VPN Gate Service will respond to
 decode the packet logs if there is an appropriate and legal request from court
 or other judicial authorities, according to laws.
 5.10. Caution if You Operate VPN Gate Service in the Japan's Territories
 When a user operates VPN Gate Service in the Japan's territories, such an act
 may be regulated under the Japanese Telecommunication Laws if the operation is
 a subject to the law. However, in such a circumstance, according to the
 "Japanese Telecommunication Business Compete Manual [supplemental version]" ,
 non- profitable operations of communications are not identified as a
 "telecommunication business" . So usual operators of VPN Gate Service are not
 subjects to "telecommunication business operators" , and not be mandated to
 register to the government. Even so, legalities to protect the privacy of
 communication still imposed. As a conclusion, if you operate VPN Gate Service
 in the Japan's Territories, you must not leak the secrets of communications
 which are transmitted via your operating VPN Gate Service.
 5.11. VPN Gate Client
 If SoftEther VPN Client contains the VPN Gate Client plug-in, you can use it
 to obtain the list of current operating VPN Gate Service servers in the
 Internet, and make a VPN connection to a specific server on the list.
 VPN Gate Client always keeps the latest list of the VPN Gate Services
 periodically. Be careful if you are using a pay-per-use Internet line.
 When you start the VPN Gate Client software, the screen which asks you
 activate or not VPN Gate Service will be appeared. For details of VPN Gate
 Service, read the above sections.
 5.12. Caution before Joining or Exploiting VPN Gate Academic Experiment
 Project
 The VPN Gate Academic Experiment Service is operated as a research project at
 the graduate school on University of Tsukuba, Japan. The service is governed
 under the Japanese laws. Other countries' laws are none of our concerns nor
 responsibilities.
 By nature, there are almost 200 countries in the World, with different laws.
 It is impossible to verify every countries' laws and regulations and make the
 software comply with all countries' laws in advance to release the software.
 If a user uses VPN Gate service in a specific country, and damaged by public
 servants of the authority, the developer of either the service or software
 will never be liable to recover or compensate such damages or criminal
 responsibilities.
 By using this software and service, the user must observe all concerned laws
 and rules with user's own responsibility. The user will be completely liable
 to any damages and responsibilities which are results of using this software
 and service, regardless of either inside or outside of Japan's territory.
 If you don't agree nor understand the above warnings, do not use any of VPN
 Gate Academic Experiment Service functions.
 VPN Gate is a research project for just academic purpose only. VPN Gate was
 developed as a plug-in for SoftEther VPN and UT-VPN. However, all parts of VPN
 Gate were developed on this research project at University of Tsukuba. Any
 parts of VPN Gate are not developed by SoftEther Corporation. The VPN Gate
 Research Project is not a subject to be led, operated, promoted nor guaranteed
 by SoftEther Corporation.
 5.13. The P2P Relay Function in the VPN Gate Client to strengthen the
 capability of circumvention of censorship firewalls
 VPN Gate Clients, which are published since January 2015, include the P2P
 Relay Function. The P2P Relay Function is implemented in order to strengthen
 the capability of circumvention of censorship firewalls. If the P2P Relay
 Function in your VPN Gate Client is enabled, then the P2P Relay Function will
 accept the incoming VPN connections from the VPN Gate users, which are located
 on mainly same regions around you, and will provide the relay function to the
 external remote VPN Gate Servers, which are hosted by third parties in the
 free Internet environment. This P2P Relay Function never provides the shared
 NAT functions nor replaces the outgoing IP address of the VPN Gate users to
 your IP addresses because this P2P Relay Function only provides the
 "reflection service" (hair-pin relaying), relaying from incoming VPN Gate
 users to an external VPN Gate Server. In this situation, VPN tunnels via your
 P2P Relay Function will be finally terminated on the external VPN Gate Server,
 not your VPN Gate Client. However, the VPN Gate Server as the final
 destination will record your IP address as the source IP address of VPN
 tunnels which will be initiated by your P2P Relay Function. Additionally, user
 packets which are transmitted via your P2P Relay Function will be recorded on
 your computer as packet logs as described on the section 5.8. After you
 installed the VPN Gate Client, and if the P2P Relay Function will be enabled
 automatically, then all matters on the 5.2, 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 5.9,
 5.10, 5.11 and 5.12 sections will be applied to you and your computer, as same
 to the situation when you enabled the VPN Gate Service (the VPN Gate Server
 function). If your P2P Function is enabled, then your computer's IP address
 and the default operator's name which is described on the section 5.5 will be
 listed on the VPN Gate Server List which is provided by the VPN Gate Project.
 You can change these strings by editing the "vpn_gate_relay.config" file
 manually. Note that you need to stop the VPN Client service before editing it.
 The VPN Gate Client will automatically enable the P2P Relay Function on your
 computer if the VPN Gate Client detects that your computer might be located in
 regions where there are existing censorship firewalls. If you want to disable
 the P2P Relay Function, you must set the "DisableRelayServer" flag to "true"
 on the "vpn_client.config" file which is the configuration file of the VPN
 Client. Note that you need to stop the VPN Client service before editing it.
 The VPN Gate Client does not recognize the particular regulation of your
 country or your region. The VPN Gate Client activates the P2P Relay Function
 even if your country or your region has the law to restrict running P2P relay
 functions. Therefore, in such a case, you must disable the P2P Relay Function
 on the VPN Gate Client manually by setting the "DisableRelayServer" flag if
 you reside in such a restricted area, in your own responsibility.
--- a/centos/README.md
+++ b/centos/README.md
@ -14,7 +14,7 @@ You can also have it start automatically:
 ## Files
-This project containts the following files to build an RPM of SoftEther VPN:
+This project contains the following files to build an RPM of SoftEther VPN:
 * SPEC/softethervpn.spec - The main spec file
 * SOURCES/fix-makefiles.sh - Script that modifies the original makefiles so it properly makes with BUILDROOT.
--- a/96
+++ b/96
@ -17,96 +17,12 @@ echo
 echo 'Welcome to the corner-cutting configure script !'
 echo
-OS=""
+if [ ! -d "tmp" ]; then
-case "`uname -s`" in
+  mkdir tmp
-Linux)
+fi
 	OS="linux"
 	;;
 FreeBSD)
 	OS="freebsd"
 	;;
 SunOS)
 	OS="solaris"
 	;;
 Darwin)
 	OS="macos"
 	;;
 OpenBSD)
 	OS="openbsd"
 	;;
 *)
 	echo 'Select your operating system below:'
 	echo ' 1: Linux'
 	echo ' 2: FreeBSD'
 	echo ' 3: Solaris'
 	echo ' 4: Mac OS X'
 	echo ' 5: OpenBSD'
 	echo
 	echo -n 'Which is your operating system (1 - 5) ? : '
 	read TMP
 	echo
 	if test "$TMP" = "1"
 	then
 		OS="linux"
 	fi
 	if test "$TMP" = "2"
 	then
 		OS="freebsd"
 	fi
 	if test "$TMP" = "3"
 	then
 		OS="solaris"
 	fi
 	if test "$TMP" = "4"
 	then
 		OS="macos"
 	fi
 	if test "$TMP" = "5"
 	then
 		OS="openbsd"
 	fi
-	if test "$OS" = ""
+(cd tmp && cmake .. || exit 1)
 	then
 		echo "Wrong number."
 		exit 1
 	fi
 	;;
 esac
-CPU=""
+echo ""
 case "`uname -m`" in
 x86_64|amd64|aarch64|arm64|armv8*|mips64|ppc64|sparc64|alpha|ia64)
 	CPU=64bit
 	;;
 i?86|x86pc|i86pc|armv4*|armv5*|armv6*|armv7*)
 	CPU=32bit
 	;;
 *)
 	echo 'Select your CPU bits below:'
 	echo ' 1: 32-bit'
 	echo ' 2: 64-bit'
 	echo
 	echo -n 'Which is the type of your CPU (1 - 2) ? : '
 	read TMP
 	echo
 	if test "$TMP" = "1"
 	then
 		CPU="32bit"
 	fi
 	if test "$TMP" = "2"
 	then
 		CPU="64bit"
 	fi
-	if test "$CPU" = ""
+echo "The Makefile is generated. Run 'make -C tmp' to build SoftEther VPN."
 	then
 		echo "Wrong number."
 		exit 1
 	fi
 	;;
 esac
 cp src/makefiles/${OS}_${CPU}.mak Makefile
 echo "The Makefile is generated. Run 'make' to build SoftEther VPN."
--- a/debian/control
+++ b/debian/control
@ -2,7 +2,7 @@ Source: softether-vpn
 Section: net
 Priority: optional
 Maintainer: Dmitry Orlov <me@mosquito.su>
-Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, linux-libc-dev, libssl-dev, zlib1g-dev, libreadline-dev, build-essential, dh-exec
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, linux-libc-dev, libssl-dev, zlib1g-dev, libreadline-dev, build-essential, cmake, dh-exec
 Standards-Version: 3.9.1
 Homepage: http://www.softether.org/
--- a/src/BUILD_UNIX.md
+++ b/src/BUILD_UNIX.md
@ -1,9 +1,16 @@
-How to build SoftEther VPN for UNIX
+This document describes how to build SoftEtherVPN for Unix based Operating systems
 ===================================
 - [Requirements](#requirements)
  * [Install requirements on Centos/RedHat](#install-requirements-on-centosredhat)
  * [Install Requirements on Debian/Ubuntu](#install-requirements-on-debianubuntu)
 - [Build from source code and instal](#build-from-source-code-and-instal)
 - [How to Run SoftEther](#how-to-run-softether)
  * [Start/Stop SoftEther VPN Server](#startstop-softether-vpn-server)
  * [Start/Stop SoftEther VPN Bridge](#startstop-softether-vpn-bridge)
  * [Start/Stop SoftEther VPN Client](#startstop-softether-vpn-client)
 - [Using SoftEther without installation.](#using-softether-without-installation)
-Requirements
+# Requirements
 ------------
 You need to install the following software to build SoftEther VPN for UNIX.
@ -17,77 +24,60 @@ You need to install the following software to build SoftEther VPN for UNIX.
 - readline.
 - ncurses.
-*** It has been noted that clang is also supported as an alternative to gcc.
+*It has been noted that clang is also supported as an alternative to gcc.*
-For example, the following commands help you to install the above programs
+
-on Fedora or CentOS Linux:
+## Install requirements on Centos/RedHat
-```
+
-$ sudo yum -y groupinstall "Development Tools"
+```bash
-$ sudo yum -y install readline-devel ncurses-devel openssl-devel
+sudo yum -y groupinstall "Development Tools"
 sudo yum -y install cmake ncurses-devel openssl-devel readline-devel zlib-devel
 ```
-And this command for Debian/Ubuntu:
+## Install Requirements on Debian/Ubuntu
-```
+```bash
-$ sudo apt -y install gcc libncurses5-dev libreadline-dev libssl-dev make 
+sudo apt -y install cmake gcc libncurses5-dev libreadline-dev libssl-dev make zlib1g-dev
 ```
-How to Build
+# Build from source code and instal
 ------------
 To build the programs from the source code, run the following commands:
 ```bash
 git clone https://github.com/SoftEtherVPN/SoftEtherVPN.git
 cd SoftEtherVPN
 ./configure
 make
 make install
 ```
-$ ./configure
+
-$ make
+This will compile and install SoftEther VPN Server, Bridge and Client binaries under your executable path.
 ```
 If any error occurs, please check the above requirements.
-How to Install SoftEther VPN Server, Bridge or Client
+# How to Run SoftEther
 -----------------------------------------------------
-To install the vpnserver, vpnbridge and vpnclient programs into the
+## Start/Stop SoftEther VPN Server
 /usr/bin directory, run the following as the root user:
 ```
 # make install
 ```
 After the installation will complete successfully:
 - Execute 'vpnserver start' to run the SoftEther VPN Server background service.
 - Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service.
 - Execute 'vpnclient start' to run the SoftEther VPN Client background service.
 - Execute 'vpncmd' to run SoftEther VPN Command-Line Utility to configure
  VPN Server, VPN Bridge or VPN Client.
 - You can also use VPN Server/Client Manager GUI Tool on other Windows PC to
  connect to VPN services remotely.
  You can download the GUI Tools from http://www.softether-download.com/.
 How to Run SoftEther VPN Server for Test
 ----------------------------------------
 To start the SoftEther VPN Server background service, run the following:
-```
+```bash
-$ bin/vpnserver/vpnserver start
+vpnserver start
 ```
 To stop the service, run the following:
-```
+```bash
-$ bin/vpnserver/vpnserver stop
+vpnserver stop
 ```
 To configure the running SoftEther VPN Server service,
 you can use SoftEther VPN Command Line Management Utility as following:
-```
+```bash
-$ bin/vpncmd/vpncmd
+vpncmd
 ```
 Or you can also use VPN Server Manager GUI Tool on other Windows PC to
@ -95,26 +85,25 @@ connect to the VPN Server remotely. You can download the GUI Tool
 from http://www.softether-download.com/.
-How to Run SoftEther VPN Bridge for Test
+## Start/Stop SoftEther VPN Bridge
 ----------------------------------------
 To start the SoftEther VPN Bridge background service, run the following:
-```
+```bash
-$ bin/vpnbridge/vpnbridge start
+vpnbridge start
 ```
 To stop the service, run the following:
-```
+```bash
-$ bin/vpnbridge/vpnbridge stop
+vpnbridge stop
 ```
 To configure the running SoftEther VPN Bridge service,
 you can use SoftEther VPN Command Line Management Utility as following:
-```
+```bash
-$ bin/vpncmd/vpncmd
+vpncmd
 ```
 Or you can also use VPN Server Manager GUI Tool on other Windows PC to
@ -122,26 +111,25 @@ connect to the VPN Bridge remotely. You can download the GUI Tool
 from http://www.softether-download.com/.
-How to Run SoftEther VPN Client for Test
+## Start/Stop SoftEther VPN Client
 ----------------------------------------
 To start the SoftEther VPN Client background service, run the following:
-```
+```bash
-$ bin/vpnclient/vpnclient start
+vpnclient start
 ```
 To stop the service, run the following:
-```
+```bash
-$ bin/vpnclient/vpnclient stop
+vpnclient stop
 ```
 To configure the running SoftEther VPN Client service,
 you can use SoftEther VPN Command Line Management Utility as following:
-```
+```bash
-$ bin/vpncmd/vpncmd
+vpncmd
 ```
 Or you can also use VPN Client Manager GUI Tool on other Windows PC to
@ -149,6 +137,12 @@ connect to the VPN Client remotely. You can download the GUI Tool
 from http://www.softether-download.com/.
 # Using SoftEther without installation.
 You can use any SoftEtherVPN component (server, client, bridge) without installing it, if you wish so.
 In this case please do not run the `make install` command after compiling the source code, and head directly to the **bin/** directory. There you will find the generated binaries for SoftEtherVPN and those could be used without installing SoftEtherVPN.
 ************************************
 Thank You Using SoftEther VPN !
 By SoftEther VPN Open-Source Project
--- a/src/BUILD_WINDOWS.md
+++ b/src/BUILD_WINDOWS.md
@ -10,14 +10,7 @@ You need to install the following software to build SoftEther VPN for Windows.
 - Microsoft Windows XP, Vista, 7, 8 or later.
 - Microsoft Visual Studio 2008 with the latest SP (SP1 9.0.30729.4462 QFE).
  Make sure that you installed the x64 compiler and build tools.
-
+- Microsoft Windows Driver Kit 7.1.0.
 * Note:
  Visual Studio 2008 SP1 is required to build SoftEther VPN on Windows.
  Please make sure that VS2008 'SP1' is installed.
  Visual Studio 2010, 2012 or 2013 is currently not supported.
  Visual Studio 2008 Express Edition is not supported.
  Standard Edition, Professional Edition, Team System or Team Suite is
  required.
 Full Build Instructions
--- a/src/BuildUtil/BuildUtilCommands.cs
+++ b/src/BuildUtil/BuildUtilCommands.cs
@ -142,7 +142,7 @@ namespace BuildUtil
 			"All [yes|no] [/NORMALIZESRC:yes|no] [/IGNOREERROR:yes|no] [/DEBUG:yes|no] [/SERIAL:yes|no]",
 			"Builds all sources and releases all packages.",
 			"[yes|no]:Specify 'yes' if you'd like to increment the build number.",
-			"NORMALIZESRC:Specity 'yes' if you'd like to normalize the build infomations in the source codes and resource scripts.",
+			"NORMALIZESRC:Specity 'yes' if you'd like to normalize the build informations in the source codes and resource scripts.",
 			"IGNOREERROR:Specify yes if you'd like to ignore the child process to show the error message.",
 			"SERIAL:Specify yes not to use parallel mode.",
 			"DEBUG:Specity yes to enable debug mode. (UNIX only)"
@ -945,7 +945,7 @@ namespace BuildUtil
 			"BuildWin32 [yes|no] [/NORMALIZESRC:yes|no]",
 			"Builds all executable files for win32 and HamCore for all OS.",
 			"[yes|no]:Specify 'yes' if you'd like to increment the build number.",
-			"NORMALIZESRC:Specity 'yes' if you'd like to normalize the build infomations in the source codes and resource scripts."
+			"NORMALIZESRC:Specity 'yes' if you'd like to normalize the build informations in the source codes and resource scripts."
 			)]
 		static int BuildWin32(ConsoleService c, string cmdName, string str)
 		{
--- a/src/BuildUtil/CoreUtil/Cache.cs
+++ b/src/BuildUtil/CoreUtil/Cache.cs
@ -296,11 +296,11 @@ namespace CoreUtil
 		{
 			bool do_delete = false;
 			long now = Tick64.Value;
-			long delete_inveral = expireSpan.Milliseconds / 10;
+			long delete_interval = expireSpan.Milliseconds / 10;
 			lock (lockObj)
 			{
-				if (last_deleted == 0 || now > (last_deleted + delete_inveral))
+				if (last_deleted == 0 || now > (last_deleted + delete_interval))
 				{
 					last_deleted = now;
 					do_delete = true;
--- a/src/BuildUtil/CoreUtil/Console.cs
+++ b/src/BuildUtil/CoreUtil/Console.cs
@ -1129,12 +1129,12 @@ namespace CoreUtil
 					}
 					else if (candidate.Count >= 2)
 					{
-						this.write(Str.FormatC(Resources.CON_AMBIGIOUS_CMD, cmd_name));
+						this.write(Str.FormatC(Resources.CON_AMBIGUOUS_CMD, cmd_name));
-						this.write(Resources.CON_AMBIGIOUS_CMD_1);
+						this.write(Resources.CON_AMBIGUOUS_CMD_1);
 						string[] candidateArray = candidate.ToArray();
 						PrintCandidateHelp(null, candidateArray, 1, cmdList);
-						this.write(Resources.CON_AMBIGIOUS_CMD_2);
+						this.write(Resources.CON_AMBIGUOUS_CMD_2);
 						this.retCode = ConsoleErrorCode.ERR_BAD_COMMAND_OR_PARAM;
 					}
@ -1552,14 +1552,14 @@ namespace CoreUtil
 				{
 					if (candidate.Length >= 2)
 					{
-						this.write(Str.FormatC(Resources.CON_AMBIGIOUS_PARAM,
+						this.write(Str.FormatC(Resources.CON_AMBIGUOUS_PARAM,
 							param_list[i]));
-						this.write(Str.FormatC(Resources.CON_AMBIGIOUS_PARAM_1,
+						this.write(Str.FormatC(Resources.CON_AMBIGUOUS_PARAM_1,
 							cmdName));
 						PrintCandidateHelp(cmdName, candidate, 1, this.currentCmdList);
-						this.write(Resources.CON_AMBIGIOUS_PARAM_2);
+						this.write(Resources.CON_AMBIGUOUS_PARAM_2);
 						ok = false;
 					}
--- a/src/BuildUtil/CoreUtil/MultiLang.cs
+++ b/src/BuildUtil/CoreUtil/MultiLang.cs
@ -257,7 +257,7 @@ public class MultiLang
 	public readonly Page Page;
 	public readonly HttpRequest Request;
 	public readonly HttpResponse Response;
-	public readonly bool IsUrlModefied;
+	public readonly bool IsUrlModified;
 	public readonly string OriginalUrl;
 	public readonly string PhysicalUrl;
 	public readonly bool IsFilenameModified;
@ -394,7 +394,7 @@ public class MultiLang
 		this.IsSSL = isSsl;
 		this.Host = host;
-		this.IsUrlModefied = Str.StrToBool((string)Request.Headers["SEISAPI_MODIFIED_URL"]);
+		this.IsUrlModified = Str.StrToBool((string)Request.Headers["SEISAPI_MODIFIED_URL"]);
 		this.OriginalUrl = (string)Request.Headers["SEISAPI_ORIGINAL_URL"];
 		int i;
@ -404,7 +404,7 @@ public class MultiLang
 			this.OriginalUrl = this.OriginalUrl.Substring(0, i);
 		}
-		if (Str.IsEmptyStr(this.OriginalUrl) || this.IsUrlModefied == false)
+		if (Str.IsEmptyStr(this.OriginalUrl) || this.IsUrlModified == false)
 		{
 			this.OriginalUrl = AspUtil.RemoveDefaultHtml(AspUtil.GetCurrentRequestUrl(Page));
 		}
--- a/src/BuildUtil/CoreUtil/Secure.cs
+++ b/src/BuildUtil/CoreUtil/Secure.cs
@ -872,7 +872,7 @@ namespace CoreUtil
 			RevocationCheckNone = 16,
 			RevocationCheckEndCert = 32,
 			RevocationCheckChain = 64,
-			RecovationCheckChainExcludeRoot = 128,
+			RevocationCheckChainExcludeRoot = 128,
 			Safer = 256,
 			HashOnly = 512,
 			UseDefaultOSVerCheck = 1024,
--- a/src/BuildUtil/CoreUtil/Util.cs
+++ b/src/BuildUtil/CoreUtil/Util.cs
@ -255,7 +255,7 @@ namespace CoreUtil
 			return DefaultLanguage;
 		}
-		public static CoreLanguageClass GetLangugageClassByEnum(CoreLanguage lang)
+		public static CoreLanguageClass GetLanguageClassByEnum(CoreLanguage lang)
 		{
 			foreach (CoreLanguageClass c in LanguageList)
 			{
--- a/src/BuildUtil/CoreUtil/ZLib.cs
+++ b/src/BuildUtil/CoreUtil/ZLib.cs
@ -4309,7 +4309,7 @@ namespace CoreUtil.Internal
 		/// Performs an unsigned bitwise right shift with the specified number
 		/// </summary>
 		/// <param name="number">Number to operate on</param>
-		/// <param name="bits">Ammount of bits to shift</param>
+		/// <param name="bits">Amount of bits to shift</param>
 		/// <returns>The resulting number from the shift operation</returns>
 		public static int URShift(int number, int bits)
 		{
@ -4323,7 +4323,7 @@ namespace CoreUtil.Internal
 		/// Performs an unsigned bitwise right shift with the specified number
 		/// </summary>
 		/// <param name="number">Number to operate on</param>
-		/// <param name="bits">Ammount of bits to shift</param>
+		/// <param name="bits">Amount of bits to shift</param>
 		/// <returns>The resulting number from the shift operation</returns>
 		public static int URShift(int number, long bits)
 		{
@ -4334,7 +4334,7 @@ namespace CoreUtil.Internal
 		/// Performs an unsigned bitwise right shift with the specified number
 		/// </summary>
 		/// <param name="number">Number to operate on</param>
-		/// <param name="bits">Ammount of bits to shift</param>
+		/// <param name="bits">Amount of bits to shift</param>
 		/// <returns>The resulting number from the shift operation</returns>
 		public static long URShift(long number, int bits)
 		{
@ -4348,7 +4348,7 @@ namespace CoreUtil.Internal
 		/// Performs an unsigned bitwise right shift with the specified number
 		/// </summary>
 		/// <param name="number">Number to operate on</param>
-		/// <param name="bits">Ammount of bits to shift</param>
+		/// <param name="bits">Amount of bits to shift</param>
 		/// <returns>The resulting number from the shift operation</returns>
 		public static long URShift(long number, long bits)
 		{
@ -4358,7 +4358,7 @@ namespace CoreUtil.Internal
 		/*******************************/
 		/// <summary>Reads a number of characters from the current source Stream and writes the data to the target array at the specified index.</summary>
 		/// <param name="sourceStream">The source Stream to read from.</param>
-		/// <param name="target">Contains the array of characteres read from the source Stream.</param>
+		/// <param name="target">Contains the array of characters read from the source Stream.</param>
 		/// <param name="start">The starting index of the target array.</param>
 		/// <param name="count">The maximum number of characters to read from the source Stream.</param>
 		/// <returns>The number of characters read. The number will be less than or equal to count depending on the data available in the source Stream. Returns -1 if the end of the stream is reached.</returns>
@ -4383,7 +4383,7 @@ namespace CoreUtil.Internal
 		/// <summary>Reads a number of characters from the current source TextReader and writes the data to the target array at the specified index.</summary>
 		/// <param name="sourceTextReader">The source TextReader to read from</param>
-		/// <param name="target">Contains the array of characteres read from the source TextReader.</param>
+		/// <param name="target">Contains the array of characters read from the source TextReader.</param>
 		/// <param name="start">The starting index of the target array.</param>
 		/// <param name="count">The maximum number of characters to read from the source TextReader.</param>
 		/// <returns>The number of characters read. The number will be less than or equal to count depending on the data available in the source TextReader. Returns -1 if the end of the stream is reached.</returns>
@ -4915,7 +4915,7 @@ namespace CoreUtil.Internal
 			{
 				if ((z.avail_in == 0) && (!nomoreinput))
 				{
-					// if buffer is empty and more input is avaiable, refill it
+					// if buffer is empty and more input is available, refill it
 					z.next_in_index = 0;
 					z.avail_in = SupportClass.ReadInput(in_Renamed, buf, 0, bufsize); //(bufsize<z.avail_out ? bufsize : z.avail_out));
 					if (z.avail_in == - 1)
--- a/src/BuildUtil/Properties/Resources.Designer.cs
+++ b/src/BuildUtil/Properties/Resources.Designer.cs
@ -651,7 +651,7 @@ namespace BuildUtil.Properties {
        }
        /// <summary>
-        ///   [j]入力が完了したら [OK] ボタンを、入力をキャンセルするには [キャンセル] ボタンをクリックしてください。[e]Please click the &quot;OK&quot; button after you complete filling all nessesary fields. To cancel inputting, click the &quot;Cancel&quot; button.[/] に類似しているローカライズされた文字列を検索します。
+        ///   [j]入力が完了したら [OK] ボタンを、入力をキャンセルするには [キャンセル] ボタンをクリックしてください。[e]Please click the &quot;OK&quot; button after you complete filling all necessary fields. To cancel inputting, click the &quot;Cancel&quot; button.[/] に類似しているローカライズされた文字列を検索します。
        /// </summary>
        internal static string CDF_TEXT_OK {
            get {
@ -904,9 +904,9 @@ namespace BuildUtil.Properties {
        /// <summary>
        ///   Input the port number:  に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CMD_PROPMT_PORT {
+        internal static string CMD_PROMPT_PORT {
            get {
-                return ResourceManager.GetString("CMD_PROPMT_PORT", resourceCulture);
+                return ResourceManager.GetString("CMD_PROMPT_PORT", resourceCulture);
            }
        }
@ -949,54 +949,54 @@ namespace BuildUtil.Properties {
        /// <summary>
        ///   &quot;%S&quot;: The command-name is ambiguous. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_CMD {
+        internal static string CON_AMBIGUOUS_CMD {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_CMD", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_CMD", resourceCulture);
            }
        }
        /// <summary>
        ///   The specified command name matches the following multiple commands. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_CMD_1 {
+        internal static string CON_AMBIGUOUS_CMD_1 {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_CMD_1", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_CMD_1", resourceCulture);
            }
        }
        /// <summary>
        ///   Please re-specify the command name more strictly. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_CMD_2 {
+        internal static string CON_AMBIGUOUS_CMD_2 {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_CMD_2", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_CMD_2", resourceCulture);
            }
        }
        /// <summary>
        ///   &quot;%S&quot;: The parameter name is ambiguous. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_PARAM {
+        internal static string CON_AMBIGUOUS_PARAM {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_PARAM", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_PARAM", resourceCulture);
            }
        }
        /// <summary>
        ///   The specified parameter name matches with the following parameters that can be specified as a parameter of command &quot;%S&quot;. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_PARAM_1 {
+        internal static string CON_AMBIGUOUS_PARAM_1 {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_PARAM_1", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_PARAM_1", resourceCulture);
            }
        }
        /// <summary>
        ///   Please re-specify the parameter name more strictly. に類似しているローカライズされた文字列を検索します。
        /// </summary>
-        internal static string CON_AMBIGIOUS_PARAM_2 {
+        internal static string CON_AMBIGUOUS_PARAM_2 {
            get {
-                return ResourceManager.GetString("CON_AMBIGIOUS_PARAM_2", resourceCulture);
+                return ResourceManager.GetString("CON_AMBIGUOUS_PARAM_2", resourceCulture);
            }
        }
--- a/src/BuildUtil/Properties/Resources.resx
+++ b/src/BuildUtil/Properties/Resources.resx
@ -283,7 +283,7 @@
    <value>[j]エラーが発生しました。内容を見直してください。修正する場合は [修正する] ボタンをクリックしてください。[e]An error has been occurred. Please confirm the fields. To modify it, click the "Modify" button.[/]</value>
  </data>
  <data name="CDF_TEXT_OK" xml:space="preserve">
-    <value>[j]入力が完了したら [OK] ボタンを、入力をキャンセルするには [キャンセル] ボタンをクリックしてください。[e]Please click the "OK" button after you complete filling all nessesary fields. To cancel inputting, click the "Cancel" button.[/]</value>
+    <value>[j]入力が完了したら [OK] ボタンを、入力をキャンセルするには [キャンセル] ボタンをクリックしてください。[e]Please click the "OK" button after you complete filling all necessary fields. To cancel inputting, click the "Cancel" button.[/]</value>
  </data>
  <data name="CDF_TIME_EMPTY" xml:space="preserve">
    <value>[j]時刻が入力されていません。[e]Time is empty.[/]</value>
@ -371,7 +371,7 @@ IP アドレスは 192.168.0.1 のように 10 進数をドットで区切って
  <data name="CMD_PROMPT" xml:space="preserve">
    <value>Enter a value: </value>
  </data>
-  <data name="CMD_PROPMT_PORT" xml:space="preserve">
+  <data name="CMD_PROMPT_PORT" xml:space="preserve">
    <value>Input the port number: </value>
  </data>
  <data name="CMD_UNKNOWM" xml:space="preserve">
@ -386,22 +386,22 @@ IP アドレスは 192.168.0.1 のように 10 進数をドットで区切って
  <data name="CMD_UNKNOWN_PARAM" xml:space="preserve">
    <value>There is no description for this parameter.</value>
  </data>
-  <data name="CON_AMBIGIOUS_CMD" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_CMD" xml:space="preserve">
    <value>"%S": The command-name is ambiguous.</value>
  </data>
-  <data name="CON_AMBIGIOUS_CMD_1" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_CMD_1" xml:space="preserve">
    <value>The specified command name matches the following multiple commands.</value>
  </data>
-  <data name="CON_AMBIGIOUS_CMD_2" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_CMD_2" xml:space="preserve">
    <value>Please re-specify the command name more strictly.</value>
  </data>
-  <data name="CON_AMBIGIOUS_PARAM" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_PARAM" xml:space="preserve">
    <value>"%S": The parameter name is ambiguous.</value>
  </data>
-  <data name="CON_AMBIGIOUS_PARAM_1" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_PARAM_1" xml:space="preserve">
    <value>The specified parameter name matches with the following parameters that can be specified as a parameter of command "%S".</value>
  </data>
-  <data name="CON_AMBIGIOUS_PARAM_2" xml:space="preserve">
+  <data name="CON_AMBIGUOUS_PARAM_2" xml:space="preserve">
    <value>Please re-specify the parameter name more strictly.</value>
  </data>
  <data name="CON_INFILE_ERROR" xml:space="preserve">
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@ -0,0 +1,246 @@
 include(GNUInstallDirs)
 macro(install_wrapper_script target destination)
  get_filename_component(filename ${target} NAME)
  file(WRITE ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "#!/bin/sh\n")
  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "${target} \"$@\"\n")
  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "exit $?\n")
  install(FILES ${CMAKE_SOURCE_DIR}/tmp/script/${filename}
    DESTINATION ${destination}
    PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
  )
 endmacro(install_wrapper_script)
 # Cedar communication module
 file(GLOB SOURCES_CEDAR "Cedar/*.c")
 file(GLOB HEADERS_CEDAR "Cedar/*.h")
 add_library(cedar STATIC ${SOURCES_CEDAR} ${HEADERS_CEDAR})
 set_target_properties(cedar
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Cedar"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Cedar"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Cedar"
 )
 # Mayaqua kernel
 file(GLOB SOURCES_MAYAQUA "Mayaqua/*.c")
 file(GLOB HEADERS_MAYAQUA "Mayaqua/*.h")
 add_library(mayaqua STATIC ${SOURCES_MAYAQUA} ${HEADERS_MAYAQUA})
 target_include_directories(mayaqua PUBLIC Mayaqua)
 set_target_properties(mayaqua
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Mayaqua"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Mayaqua"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/Mayaqua"
 )
 # hamcorebuilder utility
 add_executable(hamcorebuilder hamcorebuilder/hamcorebuilder.c)
 set_target_properties(hamcorebuilder
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp"
 )
 # vpnserver
 add_executable(vpnserver vpnserver/vpnserver.c)
 set_target_properties(vpnserver
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/vpnserver"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnserver"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnserver"
 )
 get_target_property(VPNSERVER_RUNTIME_OUTPUT_DIRECTORY vpnserver RUNTIME_OUTPUT_DIRECTORY)
 # vpnclient
 add_executable(vpnclient vpnclient/vpncsvc.c)
 set_target_properties(vpnclient
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/vpnclient"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnclient"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnclient"
 )
 get_target_property(VPNCLIENT_RUNTIME_OUTPUT_DIRECTORY vpnclient RUNTIME_OUTPUT_DIRECTORY)
 # vpnbridge
 add_executable(vpnbridge vpnbridge/vpnbridge.c)
 set_target_properties(vpnbridge
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/vpnbridge"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnbridge"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpnbridge"
 )
 get_target_property(VPNBRIDGE_RUNTIME_OUTPUT_DIRECTORY vpnbridge RUNTIME_OUTPUT_DIRECTORY)
 # vpncmd
 add_executable(vpncmd vpncmd/vpncmd.c)
 set_target_properties(vpncmd
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/tmp/vpncmd"
  LIBRARY_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpncmd"
  RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin/vpncmd"
 )
 get_target_property(VPNCMD_RUNTIME_OUTPUT_DIRECTORY vpncmd RUNTIME_OUTPUT_DIRECTORY)
 if(CMAKE_BUILD_TYPE STREQUAL "Debug")
  add_definitions(-D_DEBUG -DDEBUG)
 endif()
 if(CMAKE_BUILD_TYPE STREQUAL "Release")
  add_definitions(-DNDEBUG -DVPN_SPEED)
 endif()
 if(CMAKE_SIZEOF_VOID_P EQUAL 8)
    add_definitions(-DCPU_64)
 endif()
 add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsigned-char")
 # Add /src to the include paths
 include_directories(.)
 if(WIN32)
  message(FATAL_ERROR "Windows compilation via CMake is currently not supported.")
 endif()
 if(UNIX)
  set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -g")
  set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -O2")
  add_definitions(-DUNIX)
  find_library(LIB_PTHREAD pthread)
  find_library(LIB_READLINE readline)
  find_library(LIB_NCURSES ncurses)
  find_library(LIB_Z z)
  # In some cases libiconv is not included in libc
  find_library(LIB_ICONV iconv)
  # This is required in order to link to the correct OpenSSL library
  find_library(LIB_SSL
    NAMES ssl
    HINTS "/usr/local/opt/openssl/lib"
  )
  find_library(LIB_CRYPTO
    NAMES crypto
    HINTS "/usr/local/opt/openssl/lib"
  )
  if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    add_definitions(-DUNIX_LINUX)
  endif()
  if(${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD")
    add_definitions(-DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN)
    include_directories(SYSTEM /usr/local/include)
    link_directories(SYSTEM /usr/local/lib)
  endif()
  if(${CMAKE_SYSTEM_NAME} STREQUAL "OpenBSD")
    add_definitions(-DUNIX_BSD -DNO_VLAN)
    include_directories(SYSTEM /usr/local/include)
    link_directories(SYSTEM /usr/local/lib)
  endif()
  if(${CMAKE_SYSTEM_NAME} STREQUAL "SunOS")
    add_definitions(-DUNIX_SOLARIS -DNO_VLAN)
    target_link_libraries(mayaqua nsl socket)
  endif()
  if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin")
    add_definitions(-DUNIX_MACOS -DBRIDGE_PCAP)
    include_directories(SYSTEM /usr/local/opt/openssl/include)
    link_directories(SYSTEM /usr/local/opt/openssl/lib)
    target_link_libraries(cedar pcap)
  endif()
 endif()
 target_link_libraries(mayaqua ${LIB_PTHREAD} ${LIB_SSL} ${LIB_CRYPTO} ${LIB_READLINE} ${LIB_NCURSES} ${LIB_Z})
 if(LIB_ICONV)
  target_link_libraries(mayaqua ${LIB_ICONV})
 endif()
 target_link_libraries(hamcorebuilder cedar mayaqua)
 target_link_libraries(vpnserver cedar mayaqua)
 target_link_libraries(vpnclient cedar mayaqua)
 target_link_libraries(vpnbridge cedar mayaqua)
 target_link_libraries(vpncmd cedar mayaqua)
 # hamcore.se2 archive file
 add_custom_target(hamcore-archive-build
  ALL
  COMMAND hamcorebuilder ${CMAKE_SOURCE_DIR}/src/bin/hamcore/ ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2
  DEPENDS hamcorebuilder
  COMMENT "Building hamcore.se2 archive file..."
  VERBATIM
 )
 # Copy hamcore.se2 to vpnserver's directory
 add_custom_command(TARGET hamcore-archive-build
  POST_BUILD
  COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2 ${VPNSERVER_RUNTIME_OUTPUT_DIRECTORY}
 )
 # Copy hamcore.se2 to vpnclient's directory
 add_custom_command(TARGET hamcore-archive-build
  POST_BUILD
  COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2 ${VPNCLIENT_RUNTIME_OUTPUT_DIRECTORY}
 )
 # Copy hamcore.se2 to vpnbridge's directory
 add_custom_command(TARGET hamcore-archive-build
  POST_BUILD
  COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2 ${VPNBRIDGE_RUNTIME_OUTPUT_DIRECTORY}
 )
 # Copy hamcore.se2 to vpncmd's directory
 add_custom_command(TARGET hamcore-archive-build
  POST_BUILD
  COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2 ${VPNCMD_RUNTIME_OUTPUT_DIRECTORY}
 )
 # Copy contents of "bin" directory to /usr
 install(DIRECTORY "${CMAKE_SOURCE_DIR}/bin/"
  DESTINATION "/usr"
  PATTERN "*"
  PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 )
 # Create wrapper scripts in the user's binaries directory, which is usually "/usr/local/bin".
 # This is required because symlinks use the folder they are in as working directory.
 install_wrapper_script("/usr/vpnserver/vpnserver" ${CMAKE_INSTALL_FULL_BINDIR})
 install_wrapper_script("/usr/vpnclient/vpnclient" ${CMAKE_INSTALL_FULL_BINDIR})
 install_wrapper_script("/usr/vpnbridge/vpnbridge" ${CMAKE_INSTALL_FULL_BINDIR})
 install_wrapper_script("/usr/vpncmd/vpncmd" ${CMAKE_INSTALL_FULL_BINDIR})
 # Print message after installing the targets
 install(CODE "message(\"\n----------------------------------------------------------------------------------------------------------------------------\")")
 install(CODE "message(\"Build completed successfully.\n\")")
 install(CODE "message(\"Execute 'vpnserver start' to run the SoftEther VPN Server background service.\")")
 install(CODE "message(\"Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service.\")")
 install(CODE "message(\"Execute 'vpnclient start' to run the SoftEther VPN Client background service.\")")
 install(CODE "message(\"Execute 'vpncmd' to run the SoftEther VPN Command-Line Utility to configure VPN Server, VPN Bridge or VPN Client.\")")
 install(CODE "message(\"----------------------------------------------------------------------------------------------------------------------------\n\")")
--- a/src/Cedar/Account.c
+++ b/src/Cedar/Account.c
@ -1180,7 +1180,7 @@ void CleanupUser(USER *u)
 		ReleaseGroup(u->Group);
 	}
-	// Free authntication data
+	// Free authentication data
 	FreeAuthData(u->AuthType, u->AuthData);
 	if (u->Policy)
@ -1194,7 +1194,7 @@ void CleanupUser(USER *u)
 	Free(u);
 }
-// Free authntication data
+// Free authentication data
 void FreeAuthData(UINT authtype, void *authdata)
 {
 	AUTHPASSWORD *pw = (AUTHPASSWORD *)authdata;
--- a/src/Cedar/Admin.c
+++ b/src/Cedar/Admin.c
@ -465,7 +465,7 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p)
 	DECLARE_RPC("DeleteHub", RPC_DELETE_HUB, StDeleteHub, InRpcDeleteHub, OutRpcDeleteHub)
 	DECLARE_RPC("GetHubRadius", RPC_RADIUS, StGetHubRadius, InRpcRadius, OutRpcRadius)
 	DECLARE_RPC("SetHubRadius", RPC_RADIUS, StSetHubRadius, InRpcRadius, OutRpcRadius)
-	DECLARE_RPC_EX("EnumConnection", RPC_ENUM_CONNECTION, StEnumConnection, InRpcEnumConnection, OutRpcEnumConnection, FreeRpcEnumConnetion)
+	DECLARE_RPC_EX("EnumConnection", RPC_ENUM_CONNECTION, StEnumConnection, InRpcEnumConnection, OutRpcEnumConnection, FreeRpcEnumConnection)
 	DECLARE_RPC("DisconnectConnection", RPC_DISCONNECT_CONNECTION, StDisconnectConnection, InRpcDisconnectConnection, OutRpcDisconnectConnection)
 	DECLARE_RPC("GetConnectionInfo", RPC_CONNECTION_INFO, StGetConnectionInfo, InRpcConnectionInfo, OutRpcConnectionInfo)
 	DECLARE_RPC("SetHubOnline", RPC_SET_HUB_ONLINE, StSetHubOnline, InRpcSetHubOnline, OutRpcSetHubOnline)
@ -644,7 +644,7 @@ DECLARE_SC_EX("EnumHub", RPC_ENUM_HUB, ScEnumHub, InRpcEnumHub, OutRpcEnumHub, F
 DECLARE_SC("DeleteHub", RPC_DELETE_HUB, ScDeleteHub, InRpcDeleteHub, OutRpcDeleteHub)
 DECLARE_SC("GetHubRadius", RPC_RADIUS, ScGetHubRadius, InRpcRadius, OutRpcRadius)
 DECLARE_SC("SetHubRadius", RPC_RADIUS, ScSetHubRadius, InRpcRadius, OutRpcRadius)
-DECLARE_SC_EX("EnumConnection", RPC_ENUM_CONNECTION, ScEnumConnection, InRpcEnumConnection, OutRpcEnumConnection, FreeRpcEnumConnetion)
+DECLARE_SC_EX("EnumConnection", RPC_ENUM_CONNECTION, ScEnumConnection, InRpcEnumConnection, OutRpcEnumConnection, FreeRpcEnumConnection)
 DECLARE_SC("DisconnectConnection", RPC_DISCONNECT_CONNECTION, ScDisconnectConnection, InRpcDisconnectConnection, OutRpcDisconnectConnection)
 DECLARE_SC("GetConnectionInfo", RPC_CONNECTION_INFO, ScGetConnectionInfo, InRpcConnectionInfo, OutRpcConnectionInfo)
 DECLARE_SC("SetHubOnline", RPC_SET_HUB_ONLINE, ScSetHubOnline, InRpcSetHubOnline, OutRpcSetHubOnline)
@ -1113,11 +1113,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 		UCHAR *zero_buffer;
 		UINT zero_buffer_size = 128 * 1024;
 		char name_tmp[MAX_SIZE];
 		X *dummy_x = NULL;
 		K *dummy_private_k = NULL;
 		K *dummy_public_k = NULL;
 		BUF *dummy_x_buf = NULL;
 		BUF *dummy_k_buf = NULL;
 		zero_buffer = ZeroMalloc(zero_buffer_size);
@ -1155,34 +1150,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 		WriteBufChar(x_buf, 0);
 		SeekBufToBegin(x_buf);
 		// Generate a dummy certificate
 		if (x != NULL)
 		{
 			if (RsaGen(&dummy_private_k, &dummy_public_k, x->bits))
 			{
 				NAME *name;
 				wchar_t cn[128];
 				UniToStr64(cn, Rand64());
 				name = NewName(cn, cn, cn, L"US", NULL, NULL);
 				dummy_x = NewRootX(dummy_public_k, dummy_private_k, name, GetDaysUntil2038Ex(), NULL);
 				FreeName(name);
 				dummy_x_buf = XToBuf(dummy_x, true);
 				SeekBufToEnd(dummy_x_buf);
 				WriteBufChar(dummy_x_buf, 0);
 				SeekBufToBegin(dummy_x_buf);
 				dummy_k_buf = KToBuf(dummy_private_k, true, NULL);
 				SeekBufToEnd(dummy_k_buf);
 				WriteBufChar(dummy_k_buf, 0);
 				SeekBufToBegin(dummy_k_buf);
 			}
 		}
 		FreeX(x);
 		Zero(hostname, sizeof(hostname));
 		Zero(tag_before_hostname, sizeof(tag_before_hostname));
@ -1300,18 +1267,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 				"$CA$", x_buf->Buf, false);
 		}
 		if (dummy_x_buf != NULL)
 		{
 			ReplaceStrEx((char *)config_l3_buf->Buf, config_l3_buf->Size, (char *)config_l3_buf->Buf,
 				"$CERT$", dummy_x_buf->Buf, false);
 		}
 		if (dummy_k_buf != NULL)
 		{
 			ReplaceStrEx((char *)config_l3_buf->Buf, config_l3_buf->Size, (char *)config_l3_buf->Buf,
 				"$KEY$", dummy_k_buf->Buf, false);
 		}
 		Format(name_tmp, sizeof(name_tmp), "%sopenvpn_remote_access_l3.ovpn", my_hostname);
 		ZipAddFileSimple(p, name_tmp, LocalTime64(), 0, config_l3_buf->Buf, StrLen(config_l3_buf->Buf));
@ -1332,18 +1287,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 				"$CA$", x_buf->Buf, false);
 		}
 		if (dummy_x_buf != NULL)
 		{
 			ReplaceStrEx((char *)config_l2_buf->Buf, config_l2_buf->Size, (char *)config_l2_buf->Buf,
 				"$CERT$", dummy_x_buf->Buf, false);
 		}
 		if (dummy_k_buf != NULL)
 		{
 			ReplaceStrEx((char *)config_l2_buf->Buf, config_l2_buf->Size, (char *)config_l2_buf->Buf,
 				"$KEY$", dummy_k_buf->Buf, false);
 		}
 		Format(name_tmp, sizeof(name_tmp), "%sopenvpn_site_to_site_bridge_l2.ovpn", my_hostname);
 		ZipAddFileSimple(p, name_tmp, LocalTime64(), 0, config_l2_buf->Buf, StrLen(config_l2_buf->Buf));
@ -1364,13 +1307,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t)
 		FreeBuf(readme_pdf_buf);
 		FreeBuf(x_buf);
 		FreeX(dummy_x);
 		FreeK(dummy_private_k);
 		FreeK(dummy_public_k);
 		FreeBuf(dummy_k_buf);
 		FreeBuf(dummy_x_buf);
 		Free(zero_buffer);
 	}
@ -6139,7 +6075,7 @@ UINT StGetLinkStatus(ADMIN *a, RPC_LINK_STATUS *t)
 		return ERR_OBJECT_NOT_FOUND;
 	}
-	// Get status infomation from session
+	// Get status information from session
 	Lock(k->lock);
 	{
 		sess = k->ClientSession;
@ -7644,7 +7580,7 @@ UINT StEnumConnection(ADMIN *a, RPC_ENUM_CONNECTION *t)
 	SERVER_ADMIN_ONLY;
-	FreeRpcEnumConnetion(t);
+	FreeRpcEnumConnection(t);
 	Zero(t, sizeof(RPC_ENUM_CONNECTION));
 	LockList(c->ConnectionList);
@ -11571,7 +11507,7 @@ void OutRpcEnumConnection(PACK *p, RPC_ENUM_CONNECTION *t)
 		PackAddIntEx(p, "Type", e->Type, i, t->NumConnection);
 	}
 }
-void FreeRpcEnumConnetion(RPC_ENUM_CONNECTION *t)
+void FreeRpcEnumConnection(RPC_ENUM_CONNECTION *t)
 {
 	// Validate arguments
 	if (t == NULL)
@ -13466,7 +13402,7 @@ UINT AdminAccept(CONNECTION *c, PACK *p)
 		StrCpy(hubname, sizeof(hubname), "");
 	}
-	// Cehck source IP address
+	// Check source IP address
 	if (CheckAdminSourceAddress(sock, hubname) == false)
 	{
 		SLog(c->Cedar, "LA_IP_DENIED", c->Name);
--- a/src/Cedar/Admin.h
+++ b/src/Cedar/Admin.h
@ -172,7 +172,7 @@ struct RPC_SERVER_STATUS
 	UINT NumTcpConnectionsLocal;		// Number of Local TCP connections
 	UINT NumTcpConnectionsRemote;		// Number of remote TCP connections
 	UINT NumHubTotal;					// Total number of HUBs
-	UINT NumHubStandalone;				// Nymber of stand-alone HUB
+	UINT NumHubStandalone;				// Number of stand-alone HUB
 	UINT NumHubStatic;					// Number of static HUBs
 	UINT NumHubDynamic;					// Number of Dynamic HUBs
 	UINT NumSessionsTotal;				// Total number of sessions
@ -1355,7 +1355,7 @@ void InRpcDeleteHub(RPC_DELETE_HUB *t, PACK *p);
 void OutRpcDeleteHub(PACK *p, RPC_DELETE_HUB *t);
 void InRpcEnumConnection(RPC_ENUM_CONNECTION *t, PACK *p);
 void OutRpcEnumConnection(PACK *p, RPC_ENUM_CONNECTION *t);
-void FreeRpcEnumConnetion(RPC_ENUM_CONNECTION *t);
+void FreeRpcEnumConnection(RPC_ENUM_CONNECTION *t);
 void InRpcDisconnectConnection(RPC_DISCONNECT_CONNECTION *t, PACK *p);
 void OutRpcDisconnectConnection(PACK *p, RPC_DISCONNECT_CONNECTION *t);
 void InRpcConnectionInfo(RPC_CONNECTION_INFO *t, PACK *p);
--- a/src/Cedar/BridgeUnix.c
+++ b/src/Cedar/BridgeUnix.c
@ -648,7 +648,7 @@ ETH *OpenEthLinux(char *name, bool local, bool tapmode, char *tapaddr)
 	if (local == false)
 	{
-		// Enable promiscious mode
+		// Enable promiscuous mode
 		Zero(&ifr, sizeof(ifr));
 		StrCpy(ifr.ifr_name, sizeof(ifr.ifr_name), name);
 		if (ioctl(s, SIOCGIFFLAGS, &ifr) < 0)
@ -935,7 +935,7 @@ ETH *OpenEthSolaris(char *name, bool local, bool tapmode, char *tapaddr)
 	}
 	// Attach to the device
-	if (DlipAttatchRequest(fd, devid) == false)
+	if (DlipAttachRequest(fd, devid) == false)
 	{
 		// Failed
 		close(fd);
@ -1104,7 +1104,7 @@ bool DlipBindRequest(int fd)
 }
 // Attach to the device
-bool DlipAttatchRequest(int fd, UINT devid)
+bool DlipAttachRequest(int fd, UINT devid)
 {
 	dl_attach_req_t req;
 	struct strbuf ctl;
--- a/src/Cedar/BridgeUnix.h
+++ b/src/Cedar/BridgeUnix.h
@ -227,7 +227,7 @@ void EthSendIpPacketInnerIpRaw(ETH *e, void *data, UINT size, USHORT protocol);
 #ifdef	UNIX_SOLARIS
 // Function prototype for Solaris
-bool DlipAttatchRequest(int fd, UINT devid);
+bool DlipAttachRequest(int fd, UINT devid);
 bool DlipReceiveAck(int fd);
 bool DlipPromiscuous(int fd, UINT level);
 bool DlipBindRequest(int fd);
--- a/src/Cedar/CM.c
+++ b/src/Cedar/CM.c
@ -631,7 +631,7 @@ void CmRefreshEasy()
 	SendMessage(cm->hEasyWnd, WM_CM_EASY_REFRESH, 0, 0);
 }
-// Initialze the Simple Connect Manager
+// Initialize the Simple Connect Manager
 void CmEasyDlgInit(HWND hWnd, CM_EASY_DLG *d)
 {
 	HFONT hFontForList;
@ -4480,7 +4480,7 @@ UINT CmMainWindowProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *p
 // Specify the notification service to the foreground process
 void CmSetForegroundProcessToCnService()
 {
-	if (cm->MenuPopuping)
+	if (cm->PopupMenuOpen)
 	{
 		return;
 	}
@ -4657,7 +4657,7 @@ void CmShowTrayMenu(HWND hWnd)
 		return;
 	}
-	cm->MenuPopuping = true;
+	cm->PopupMenuOpen = true;
 	locked = cm->CmSetting.LockMode;
 	easy = cm->CmSetting.EasyMode;
@ -4786,7 +4786,7 @@ void CmShowTrayMenu(HWND hWnd)
 	DestroyMenu(h);
-	cm->MenuPopuping = false;
+	cm->PopupMenuOpen = false;
 }
 // Hide or show the main window
@ -9399,8 +9399,8 @@ void CmPrintStatusToListViewEx(LVB *b, RPC_CLIENT_GET_CONNECTION_STATUS *s, bool
 	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->StartTime), NULL);
 	LvInsertAdd(b, 0, NULL, 2, _UU("CM_ST_START_TIME"), tmp);
-	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->FirstConnectionEstablisiedTime), NULL);
+	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->FirstConnectionEstablishedTime), NULL);
-	LvInsertAdd(b, 0, NULL, 2, _UU("CM_ST_FIRST_ESTAB_TIME"), s->FirstConnectionEstablisiedTime == 0 ? _UU("CM_ST_NONE") : tmp);
+	LvInsertAdd(b, 0, NULL, 2, _UU("CM_ST_FIRST_ESTAB_TIME"), s->FirstConnectionEstablishedTime == 0 ? _UU("CM_ST_NONE") : tmp);
 	if (s->Connected)
 	{
@ -9410,7 +9410,7 @@ void CmPrintStatusToListViewEx(LVB *b, RPC_CLIENT_GET_CONNECTION_STATUS *s, bool
 	if (server_mode == false)
 	{
-		UniFormat(tmp, sizeof(tmp), _UU("CM_ST_NUM_STR"), s->NumConnectionsEatablished);
+		UniFormat(tmp, sizeof(tmp), _UU("CM_ST_NUM_STR"), s->NumConnectionsEstablished);
 		LvInsertAdd(b, 0, NULL, 2, _UU("CM_ST_NUM_ESTABLISHED"), tmp);
 	}
@ -10392,7 +10392,7 @@ void CmRefreshAccountListEx2(HWND hWnd, bool easy, bool style_changed)
 	UINT num_connecting = 0, num_connected = 0;
 	wchar_t tmp[MAX_SIZE];
 	wchar_t new_inserted_item[MAX_ACCOUNT_NAME_LEN + 1];
-	bool select_new_insteted_item = true;
+	bool select_new_inserted_item = true;
 	// Validate arguments
 	if (hWnd == NULL)
 	{
@ -10441,7 +10441,7 @@ void CmRefreshAccountListEx2(HWND hWnd, bool easy, bool style_changed)
 	if (LvNum(hWnd, L_ACCOUNT) == 0)
 	{
-		select_new_insteted_item = false;
+		select_new_inserted_item = false;
 	}
 	// Enumerate the account list
@ -10579,7 +10579,7 @@ void CmRefreshAccountListEx2(HWND hWnd, bool easy, bool style_changed)
 		CiFreeClientEnumAccount(&a);
-		if (select_new_insteted_item)
+		if (select_new_inserted_item)
 		{
 			if (UniStrLen(new_inserted_item) >= 1)
 			{
--- a/src/Cedar/CMInner.h
+++ b/src/Cedar/CMInner.h
@ -208,7 +208,7 @@ typedef struct CM
 	bool CheckedAndShowedAdminPackMessage;
 	INSTANCE *StartupMutex;
 	bool BadProcessChecked;
-	bool MenuPopuping;
+	bool PopupMenuOpen;
 	WINUI_UPDATE *Update;
 } CM;
--- a/src/Cedar/Cedar.h
+++ b/src/Cedar/Cedar.h
@ -274,7 +274,7 @@
 #define	MAX_RETRY_INTERVAL			(300 * 1000)	// Maximum retry interval
 #define	RETRY_INTERVAL_SPECIAL		(60 * 1000)		// Reconnection interval of a special case
-#define	MAX_ADDITONAL_CONNECTION_FAILED_COUNTER	16	// Allowable number that can be serially failed to additional connection
+#define	MAX_ADDITIONAL_CONNECTION_FAILED_COUNTER	16	// Allowable number that can be serially failed to additional connection
 #define	ADDITIONAL_CONNECTION_COUNTER_RESET_INTERVAL	(30 * 60 * 1000)	// Reset period of additional connection failure counter
 #define	MAC_MIN_LIMIT_COUNT			3		// Minimum number of MAC addresses
--- a/src/Cedar/CedarType.h
+++ b/src/Cedar/CedarType.h
@ -680,7 +680,7 @@ typedef struct IPC IPC;
 typedef struct IPC_ARP IPC_ARP;
 typedef struct IPC_ASYNC IPC_ASYNC;
 typedef struct IPC_PARAM IPC_PARAM;
-typedef struct IPC_DHCP_RELESAE_QUEUE IPC_DHCP_RELESAE_QUEUE;
+typedef struct IPC_DHCP_RELEASE_QUEUE IPC_DHCP_RELEASE_QUEUE;
 typedef struct IPC_MSCHAP_V2_AUTHINFO IPC_MSCHAP_V2_AUTHINFO;
--- a/src/Cedar/Client.c
+++ b/src/Cedar/Client.c
@ -235,7 +235,7 @@ void CiGetCurrentMachineHashOld(void *data)
 	}
 #ifdef	OS_WIN32
-	// Priduct ID
+	// Product ID
 	product_id = MsRegReadStr(REG_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", "ProductId");
 	if (product_id == NULL)
 	{
@ -431,7 +431,7 @@ void CiChangeAllVLanMacAddress(CLIENT *c)
 			RPC_CLIENT_ENUM_VLAN_ITEM *e = t.Items[i];
 			UCHAR mac[6];
-			if (StrToMac(mac, e->MacAddress) && mac[1] == 0xAC)
+			if (StrToMac(mac, e->MacAddress) && ((mac[0] == 0x00 && mac[1] == 0xAC) || (mac[0] == 0x5E)))
 			{
 				char *name = e->DeviceName;
 				RPC_CLIENT_SET_VLAN s;
@ -3377,7 +3377,7 @@ UINT CcEnumAccount(REMOTE_CLIENT *r, RPC_CLIENT_ENUM_ACCOUNT *e)
 	return err;
 }
-// Unset the startup flag of the accout
+// Unset the startup flag of the account
 UINT CcRemoveStartupAccount(REMOTE_CLIENT *r, RPC_CLIENT_DELETE_ACCOUNT *a)
 {
 	PACK *ret, *p;
@ -5000,14 +5000,14 @@ void InRpcClientGetConnectionStatus(RPC_CLIENT_GET_CONNECTION_STATUS *s, PACK *p
 	s->ServerPort = PackGetInt(p, "ServerPort");
 	s->ServerProductVer = PackGetInt(p, "ServerProductVer");
 	s->ServerProductBuild = PackGetInt(p, "ServerProductBuild");
-	s->NumConnectionsEatablished = PackGetInt(p, "NumConnectionsEatablished");
+	s->NumConnectionsEstablished = PackGetInt(p, "NumConnectionsEstablished");
 	s->MaxTcpConnections = PackGetInt(p, "MaxTcpConnections");
 	s->NumTcpConnections = PackGetInt(p, "NumTcpConnections");
 	s->NumTcpConnectionsUpload = PackGetInt(p, "NumTcpConnectionsUpload");
 	s->NumTcpConnectionsDownload = PackGetInt(p, "NumTcpConnectionsDownload");
 	s->StartTime = PackGetInt64(p, "StartTime");
-	s->FirstConnectionEstablisiedTime = PackGetInt64(p, "FirstConnectionEstablisiedTime");
+	s->FirstConnectionEstablishedTime = PackGetInt64(p, "FirstConnectionEstablishedTime");
 	s->CurrentConnectionEstablishTime = PackGetInt64(p, "CurrentConnectionEstablishTime");
 	s->TotalSendSize = PackGetInt64(p, "TotalSendSize");
 	s->TotalRecvSize = PackGetInt64(p, "TotalRecvSize");
@ -5073,7 +5073,7 @@ void OutRpcClientGetConnectionStatus(PACK *p, RPC_CLIENT_GET_CONNECTION_STATUS *
 	PackAddInt(p, "ServerPort", c->ServerPort);
 	PackAddInt(p, "ServerProductVer", c->ServerProductVer);
 	PackAddInt(p, "ServerProductBuild", c->ServerProductBuild);
-	PackAddInt(p, "NumConnectionsEatablished", c->NumConnectionsEatablished);
+	PackAddInt(p, "NumConnectionsEstablished", c->NumConnectionsEstablished);
 	PackAddInt(p, "HalfConnection", c->HalfConnection);
 	PackAddInt(p, "QoS", c->QoS);
 	PackAddInt(p, "MaxTcpConnections", c->MaxTcpConnections);
@ -5091,7 +5091,7 @@ void OutRpcClientGetConnectionStatus(PACK *p, RPC_CLIENT_GET_CONNECTION_STATUS *
 	PackAddBool(p, "IsMonitorMode", c->IsMonitorMode);
 	PackAddInt64(p, "StartTime", c->StartTime);
-	PackAddInt64(p, "FirstConnectionEstablisiedTime", c->FirstConnectionEstablisiedTime);
+	PackAddInt64(p, "FirstConnectionEstablishedTime", c->FirstConnectionEstablishedTime);
 	PackAddInt64(p, "CurrentConnectionEstablishTime", c->CurrentConnectionEstablishTime);
 	PackAddInt64(p, "TotalSendSize", c->TotalSendSize);
 	PackAddInt64(p, "TotalRecvSize", c->TotalRecvSize);
@ -5152,7 +5152,7 @@ void CiNotifyMain(CLIENT *c, SOCK *s)
 		return;
 	}
-	// Register a Cencel
+	// Register a Cancel
 	cancel = NewCancel();
 	LockList(c->NotifyCancelList);
 	{
@ -6088,9 +6088,9 @@ void CiGetSessionStatus(RPC_CLIENT_GET_CONNECTION_STATUS *st, SESSION *s)
 		// Connection start time
 		st->StartTime = TickToTime(s->CreatedTime);
 		// Connection completion time of the first connection
-		st->FirstConnectionEstablisiedTime = TickToTime(s->FirstConnectionEstablisiedTime);
+		st->FirstConnectionEstablishedTime = TickToTime(s->FirstConnectionEstablishedTime);
 		// Number of connections have been established so far
-		st->NumConnectionsEatablished = s->NumConnectionsEatablished;
+		st->NumConnectionsEstablished = s->NumConnectionsEstablished;
 	}
 	Unlock(s->lock);
 }
--- a/src/Cedar/Client.h
+++ b/src/Cedar/Client.h
@ -427,9 +427,9 @@ struct RPC_CLIENT_GET_CONNECTION_STATUS
 	X *ServerX;								// Server certificate
 	X *ClientX;								// Client certificate
 	UINT64 StartTime;						// Connection start time
-	UINT64 FirstConnectionEstablisiedTime;	// Connection completion time of the first connection
+	UINT64 FirstConnectionEstablishedTime;	// Connection completion time of the first connection
 	UINT64 CurrentConnectionEstablishTime;	// Connection completion time of this connection
-	UINT NumConnectionsEatablished;			// Number of connections have been established so far
+	UINT NumConnectionsEstablished;			// Number of connections have been established so far
 	bool HalfConnection;					// Half-connection
 	bool QoS;								// VoIP / QoS
 	UINT MaxTcpConnections;					// Maximum number of the TCP connections
--- a/src/Cedar/Command.c
+++ b/src/Cedar/Command.c
@ -5662,6 +5662,7 @@ UINT PcAccountDetailSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		{"MONITOR", CmdPrompt, _UU("CMD_AccountDetailSet_Prompt_MONITOR"), NULL, NULL},
 		{"NOTRACK", CmdPrompt, _UU("CMD_AccountDetailSet_Prompt_NOTRACK"), NULL, NULL},
 		{"NOQOS", CmdPrompt, _UU("CMD_AccountDetailSet_Prompt_NOQOS"), NULL, NULL},
 		{"DISABLEUDP", CmdPrompt, _UU("CMD_AccountDetailSet_Prompt_DISABLEUDP"), NULL, NULL},
 	};
 	// Get the parameter list
@ -5690,6 +5691,7 @@ UINT PcAccountDetailSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		t.ClientOption->RequireMonitorMode = GetParamYes(o, "MONITOR");
 		t.ClientOption->NoRoutingTracking = GetParamYes(o, "NOTRACK");
 		t.ClientOption->DisableQoS = GetParamYes(o, "NOQOS");
 		t.ClientOption->NoUdpAcceleration = GetParamYes(o, "DISABLEUDP");
 		Zero(&z, sizeof(z));
 		z.CheckServerCert = t.CheckServerCert;
@ -6159,7 +6161,7 @@ UINT PcAccountRetrySet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 	{
 		{"[name]", CmdPrompt, _UU("CMD_AccountCreate_Prompt_Name"), CmdEvalNotEmpty, NULL},
 		{"NUM", CmdPrompt, _UU("CMD_AccountRetrySet_PROMPT_NUM"), CmdEvalNotEmpty, NULL},
-		{"INTERVAL", CmdPrompt, _UU("CMD_AccountRetrySet_PROMPY_INTERVAL"), CmdEvalMinMax, &minmax},
+		{"INTERVAL", CmdPrompt, _UU("CMD_AccountRetrySet_PROMPT_INTERVAL"), CmdEvalMinMax, &minmax},
 	};
 	// Get the parameter list
@ -8789,7 +8791,7 @@ UINT PsConnectionList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 	CtFree(ct, c);
-	FreeRpcEnumConnetion(&t);
+	FreeRpcEnumConnection(&t);
 	FreeParamValueList(o);
@ -14184,7 +14186,7 @@ bool EditPolicy(CONSOLE *c, POLICY *pol, char *name, char *value, bool cascade_m
 	if (cascade_mode && (PolicyIsSupportedForCascade(id) == false))
 	{
-		UniFormat(tmp, sizeof(tmp), _UU("CMD_CascadePolicySet_Invalid_Name_For_Cadcade"), name);
+		UniFormat(tmp, sizeof(tmp), _UU("CMD_CascadePolicySet_Invalid_Name_For_Cascade"), name);
 		c->Write(c, tmp);
 		FreePack(p);
 		return false;
@ -14419,8 +14421,8 @@ void CmdPrintStatusToListViewEx(CT *ct, RPC_CLIENT_GET_CONNECTION_STATUS *s, boo
 	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->StartTime), NULL);
 	CtInsert(ct, _UU("CM_ST_START_TIME"), tmp);
-	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->FirstConnectionEstablisiedTime), NULL);
+	GetDateTimeStrEx64(tmp, sizeof(tmp), SystemToLocal64(s->FirstConnectionEstablishedTime), NULL);
-	CtInsert(ct, _UU("CM_ST_FIRST_ESTAB_TIME"), s->FirstConnectionEstablisiedTime == 0 ? _UU("CM_ST_NONE") : tmp);
+	CtInsert(ct, _UU("CM_ST_FIRST_ESTAB_TIME"), s->FirstConnectionEstablishedTime == 0 ? _UU("CM_ST_NONE") : tmp);
 	if (s->Connected)
 	{
@ -14430,7 +14432,7 @@ void CmdPrintStatusToListViewEx(CT *ct, RPC_CLIENT_GET_CONNECTION_STATUS *s, boo
 	if (server_mode == false)
 	{
-		UniFormat(tmp, sizeof(tmp), _UU("CM_ST_NUM_STR"), s->NumConnectionsEatablished);
+		UniFormat(tmp, sizeof(tmp), _UU("CM_ST_NUM_STR"), s->NumConnectionsEstablished);
 		CtInsert(ct, _UU("CM_ST_NUM_ESTABLISHED"), tmp);
 	}
@ -23119,7 +23121,7 @@ wchar_t *CmdPromptPort(CONSOLE *c, void *param)
 	}
 	else
 	{
-		prompt_str = _UU("CMD_PROPMT_PORT");
+		prompt_str = _UU("CMD_PROMPT_PORT");
 	}
 	return c->ReadLine(c, prompt_str, true);
--- a/src/Cedar/Connection.c
+++ b/src/Cedar/Connection.c
@ -667,7 +667,7 @@ void WriteSendFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size)
 	WriteFifo(ts->SendFifo, data, size);
 }
-// Write data to the reception FIFO (automatic deccyption)
+// Write data to the reception FIFO (automatic decryption)
 void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size)
 {
 	// Validate arguments
@ -892,7 +892,7 @@ void PutUDPPacketData(CONNECTION *c, void *data, UINT size)
 					block = NewBlock(tmp, size, 0);
 					// Insert Block
-					InsertReveicedBlockToQueue(c, block, false);
+					InsertReceivedBlockToQueue(c, block, false);
 				}
 			}
@ -909,7 +909,7 @@ void PutUDPPacketData(CONNECTION *c, void *data, UINT size)
 }
 // Add a block to the receive queue
-void InsertReveicedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock)
+void InsertReceivedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock)
 {
 	SESSION *s;
 	// Validate arguments
@ -1082,12 +1082,12 @@ void ConnectionSend(CONNECTION *c, UINT64 now)
 			for (i = 0;i < num;i++)
 			{
 				TCPSOCK *tcpsock = tcpsocks[i];
-				if (tcpsock->Sock->Connected && tcpsock->Sock->AsyncMode &&
+				if (s != NULL && tcpsock->Sock->Connected && tcpsock->Sock->AsyncMode &&
 					IS_SEND_TCP_SOCK(tcpsock))
 				{
 					// Processing of KeepAlive
 					if (now >= tcpsock->NextKeepAliveTime || tcpsock->NextKeepAliveTime == 0 ||
-						(s != NULL && s->UseUdpAcceleration && s->UdpAccel != NULL && s->UdpAccel->MyPortByNatTServerChanged))
+						(s->UseUdpAcceleration && s->UdpAccel != NULL && s->UdpAccel->MyPortByNatTServerChanged))
 					{
 						// Send the KeepAlive
 						SendKeepAlive(c, tcpsock);
@ -1831,7 +1831,7 @@ void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2)
 					else
 					{
 						// Add the data block to queue
-						InsertReveicedBlockToQueue(c, b, true);
+						InsertReceivedBlockToQueue(c, b, true);
 						if ((current_packet_index % 32) == 0)
 						{
@ -1914,7 +1914,7 @@ void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2)
 								else
 								{
 									// Add the data block to queue
-									InsertReveicedBlockToQueue(c, block, true);
+									InsertReceivedBlockToQueue(c, block, true);
 									if ((current_packet_index % 32) == 0)
 									{
@ -1979,7 +1979,7 @@ void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2)
 						else
 						{
 							// Add the data block to queue
-							InsertReveicedBlockToQueue(c, block, true);
+							InsertReceivedBlockToQueue(c, block, true);
 							if ((current_packet_index % 32) == 0)
 							{
@ -2208,7 +2208,7 @@ DISCONNECT_THIS_TCP:
 							else
 							{
 								// Add the data block to queue
-								InsertReveicedBlockToQueue(c, block, true);
+								InsertReceivedBlockToQueue(c, block, true);
 								if ((current_packet_index % 32) == 0)
 								{
@ -2477,7 +2477,7 @@ DISCONNECT_THIS_TCP:
 			else
 			{
 				// Add the data block to queue
-				InsertReveicedBlockToQueue(c, block, true);
+				InsertReceivedBlockToQueue(c, block, true);
 			}
 			num++;
 			if (num >= MAX_SEND_SOCKET_QUEUE_NUM)
@ -2558,7 +2558,7 @@ DISCONNECT_THIS_TCP:
 			}
 			else
 			{
-				InsertReveicedBlockToQueue(c, block, true);
+				InsertReceivedBlockToQueue(c, block, true);
 			}
 			num++;
@ -2675,7 +2675,7 @@ DISCONNECT_THIS_TCP:
 						}
 						else
 						{
-							InsertReveicedBlockToQueue(c, block, true);
+							InsertReceivedBlockToQueue(c, block, true);
 						}
 						num++;
 						if (num >= MAX_SEND_SOCKET_QUEUE_NUM)
@ -2690,7 +2690,7 @@ DISCONNECT_THIS_TCP:
 		else
 		{
 			ETH *e;
-			// Bridge is stopped cureently
+			// Bridge is stopped currently
 			Select(NULL, SELECT_TIME, c1, NULL);
 			if (b->LastBridgeTry == 0 || (b->LastBridgeTry + BRIDGE_TRY_SPAN) <= Tick64())
--- a/src/Cedar/Connection.h
+++ b/src/Cedar/Connection.h
@ -352,7 +352,7 @@ void SendKeepAlive(CONNECTION *c, TCPSOCK *ts);
 void DisconnectUDPSockets(CONNECTION *c);
 void PutUDPPacketData(CONNECTION *c, void *data, UINT size);
 void SendDataWithUDP(SOCK *s, CONNECTION *c);
-void InsertReveicedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock);
+void InsertReceivedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock);
 void InitTcpSockRc4Key(TCPSOCK *ts, bool server_mode);
 UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size);
 UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size);
--- a/src/Cedar/Console.c
+++ b/src/Cedar/Console.c
@ -933,11 +933,11 @@ RETRY:
 			wchar_t tmp[MAX_SIZE];
 			// There is more than one candidate
-			UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGIOUS_CMD"), cmd_name);
+			UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGUOUS_CMD"), cmd_name);
 			c->Write(c, tmp);
-			c->Write(c, _UU("CON_AMBIGIOUS_CMD_1"));
+			c->Write(c, _UU("CON_AMBIGUOUS_CMD_1"));
 			PrintCandidateHelp(c, NULL, candidate, 1);
-			c->Write(c, _UU("CON_AMBIGIOUS_CMD_2"));
+			c->Write(c, _UU("CON_AMBIGUOUS_CMD_2"));
 			c->RetCode = ERR_BAD_COMMAND_OR_PARAM;
 		}
@ -1338,14 +1338,14 @@ LIST *ParseCommandList(CONSOLE *c, char *cmd_name, wchar_t *command, PARAM param
 				wchar_t tmp[MAX_SIZE];
 				// There is more than one candidate
-				UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGIOUS_PARAM"), param_list->Token[i]);
+				UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGUOUS_PARAM"), param_list->Token[i]);
 				c->Write(c, tmp);
-				UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGIOUS_PARAM_1"), cmd_name);
+				UniFormat(tmp, sizeof(tmp), _UU("CON_AMBIGUOUS_PARAM_1"), cmd_name);
 				c->Write(c, tmp);
 				PrintCandidateHelp(c, cmd_name, candidate, 1);
-				c->Write(c, _UU("CON_AMBIGIOUS_PARAM_2"));
+				c->Write(c, _UU("CON_AMBIGUOUS_PARAM_2"));
 				ok = false;
 			}
--- a/src/Cedar/DDNS.c
+++ b/src/Cedar/DDNS.c
@ -227,7 +227,7 @@ UINT DCChangeHostName(DDNS_CLIENT *c, char *hostname)
 void DCThread(THREAD *thread, void *param)
 {
 	DDNS_CLIENT *c;
-	INTERRUPT_MANAGER *interrput;
+	INTERRUPT_MANAGER *interrupt;
 	UINT last_ip_hash = 0;
 	void *route_change_poller = NULL;
 	bool last_time_ip_changed = false;
@ -243,7 +243,7 @@ void DCThread(THREAD *thread, void *param)
 	c = (DDNS_CLIENT *)param;
-	interrput = NewInterruptManager();
+	interrupt = NewInterruptManager();
 	route_change_poller = NewRouteChange();
 	IsRouteChanged(route_change_poller);
@ -346,7 +346,7 @@ void DCThread(THREAD *thread, void *param)
 				c->NextGetMyIpTick_IPv4 = Tick64() + (UINT64)next_interval;
-				AddInterrupt(interrput, c->NextGetMyIpTick_IPv4);
+				AddInterrupt(interrupt, c->NextGetMyIpTick_IPv4);
 			}
 			// Self IPv6 address acquisition
@ -381,7 +381,7 @@ void DCThread(THREAD *thread, void *param)
 				c->NextGetMyIpTick_IPv6 = Tick64() + (UINT64)next_interval;
-				AddInterrupt(interrput, c->NextGetMyIpTick_IPv6);
+				AddInterrupt(interrupt, c->NextGetMyIpTick_IPv6);
 			}
 		}
@ -419,7 +419,7 @@ void DCThread(THREAD *thread, void *param)
 				SiApplyAzureConfig(c->Cedar->Server, &st);
 			}
-			AddInterrupt(interrput, c->NextRegisterTick_IPv4);
+			AddInterrupt(interrupt, c->NextRegisterTick_IPv4);
 		}
 		if (c->Halt)
@ -454,10 +454,10 @@ void DCThread(THREAD *thread, void *param)
 				SiApplyAzureConfig(c->Cedar->Server, &st);
 			}
-			AddInterrupt(interrput, c->NextRegisterTick_IPv6);
+			AddInterrupt(interrupt, c->NextRegisterTick_IPv6);
 		}
-		interval = GetNextIntervalForInterrupt(interrput);
+		interval = GetNextIntervalForInterrupt(interrupt);
 		interval = MIN(interval, 1234);
 		if (n == 1)
@ -490,7 +490,7 @@ void DCThread(THREAD *thread, void *param)
 	}
 	FreeRouteChange(route_change_poller);
-	FreeInterruptManager(interrput);
+	FreeInterruptManager(interrupt);
 }
 // Command to update immediately
--- a/src/Cedar/EM.c
+++ b/src/Cedar/EM.c
@ -781,7 +781,7 @@ void EmAddInit(HWND hWnd, EM_ADD *p)
 		// Edit mode (to obtain a configuration)
 		wchar_t tmp[MAX_PATH];
 		RPC_ADD_DEVICE t;
-		Hide(hWnd, R_PROMISCUS);
+		Hide(hWnd, R_PROMISCUOUS);
 		Zero(&t, sizeof(t));
 		StrCpy(t.DeviceName, sizeof(t.DeviceName), p->DeviceName);
@ -827,7 +827,7 @@ void EmAddOk(HWND hWnd, EM_ADD *p)
 	if (p->NewMode)
 	{
-		t.NoPromiscus = IsChecked(hWnd, R_PROMISCUS);
+		t.NoPromiscuous = IsChecked(hWnd, R_PROMISCUOUS);
 	}
 	if (p->NewMode)
--- a/src/Cedar/EMInner.h
+++ b/src/Cedar/EMInner.h
@ -114,7 +114,7 @@
 // Constants
 #define	EM_REG_KEY			"Software\\" GC_REG_COMPANY_NAME "\\EtherLogger\\Manager"
-// Innner structure
+// Inner structure
 typedef struct EM_ADD
 {
 	RPC *Rpc;
--- a/src/Cedar/EtherLog.c
+++ b/src/Cedar/EtherLog.c
@ -444,7 +444,7 @@ UINT EtSetPassword(EL *e, RPC_SET_PASSWORD *t)
 // Add a device
 UINT EtAddDevice(EL *e, RPC_ADD_DEVICE *t)
 {
-	if (ElAddCaptureDevice(e, t->DeviceName, &t->LogSetting, t->NoPromiscus) == false)
+	if (ElAddCaptureDevice(e, t->DeviceName, &t->LogSetting, t->NoPromiscuous) == false)
 	{
 		return ERR_CAPTURE_DEVICE_ADD_ERROR;
 	}
@ -485,7 +485,7 @@ UINT EtGetDevice(EL *e, RPC_ADD_DEVICE *t)
 			ret = ERR_NO_ERROR;
 			Copy(&t->LogSetting, &d->LogSetting, sizeof(HUB_LOG));
-			t->NoPromiscus = d->NoPromiscus;
+			t->NoPromiscuous = d->NoPromiscuous;
 		}
 	}
 	UnlockList(e->DeviceList);
@ -583,7 +583,7 @@ void InRpcAddDevice(RPC_ADD_DEVICE *t, PACK *p)
 	Zero(t, sizeof(RPC_ADD_DEVICE));
 	PackGetStr(p, "DeviceName", t->DeviceName, sizeof(t->DeviceName));
-	t->NoPromiscus = PackGetInt(p, "NoPromiscus");
+	t->NoPromiscuous = PackGetInt(p, "NoPromiscuous");
 	t->LogSetting.PacketLogSwitchType = PackGetInt(p, "PacketLogSwitchType");
 	for (i = 0;i < NUM_PACKET_LOG;i++)
@ -602,7 +602,7 @@ void OutRpcAddDevice(PACK *p, RPC_ADD_DEVICE *t)
 	}
 	PackAddStr(p, "DeviceName", t->DeviceName);
-	PackAddInt(p, "NoPromiscus", t->NoPromiscus);
+	PackAddInt(p, "NoPromiscuous", t->NoPromiscuous);
 	PackAddInt(p, "PacketLogSwitchType", t->LogSetting.PacketLogSwitchType);
 	for (i = 0;i < NUM_PACKET_LOG;i++)
@ -969,7 +969,7 @@ bool ElDeleteCaptureDevice(EL *e, char *name)
 }
 // Add a capture device
-bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscus)
+bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscuous)
 {
 	EL_DEVICE *d, t;
 	// Validate arguments
@ -995,7 +995,7 @@ bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscus)
 		d = ZeroMalloc(sizeof(EL_DEVICE));
 		StrCpy(d->DeviceName, sizeof(d->DeviceName), name);
 		Copy(&d->LogSetting, log, sizeof(HUB_LOG));
-		d->NoPromiscus = no_promiscus;
+		d->NoPromiscuous = no_promiscuous;
 		d->el = e;
 		Insert(e->DeviceList, d);
@ -1091,7 +1091,7 @@ void ElSaveConfigToFolder(EL *e, FOLDER *root)
 			f = CfgCreateFolder(devices, d->DeviceName);
 			SiWriteHubLogCfgEx(f, &d->LogSetting, true);
-			CfgAddBool(f, "NoPromiscusMode", d->NoPromiscus);
+			CfgAddBool(f, "NoPromiscuousMode", d->NoPromiscuous);
 		}
 	}
 	UnlockList(e->DeviceList);
@ -1157,7 +1157,7 @@ void ElLoadConfigFromFolder(EL *e, FOLDER *root)
 					Zero(&g, sizeof(g));
 					SiLoadHubLogCfg(&g, f);
-					ElAddCaptureDevice(e, name, &g, CfgGetBool(f, "NoPromiscusMode"));
+					ElAddCaptureDevice(e, name, &g, CfgGetBool(f, "NoPromiscuousMode"));
 				}
 			}
 			FreeToken(t);
--- a/src/Cedar/EtherLog.h
+++ b/src/Cedar/EtherLog.h
@ -133,7 +133,7 @@ struct RPC_ADD_DEVICE
 {
 	char DeviceName[MAX_SIZE];			// Device name
 	HUB_LOG LogSetting;					// Log settings
-	bool NoPromiscus;					// Without promiscuous mode
+	bool NoPromiscuous;					// Without promiscuous mode
 };
 struct RPC_DELETE_DEVICE
@ -173,7 +173,7 @@ struct EL_DEVICE
 	CANCEL *Cancel2;					// Cancel 2
 	volatile bool Halt;					// Halting flag
 	bool Active;						// Running flag
-	bool NoPromiscus;					// Without promiscuous mode
+	bool NoPromiscuous;					// Without promiscuous mode
 	LOG *Logger;						// Logger
 };
@ -219,7 +219,7 @@ void ElLoadConfigFromFolder(EL *e, FOLDER *root);
 void ElSaveConfig(EL *e);
 void ElSaveConfigToFolder(EL *e, FOLDER *root);
 int ElCompareDevice(void *p1, void *p2);
-bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscus);
+bool ElAddCaptureDevice(EL *e, char *name, HUB_LOG *log, bool no_promiscuous);
 bool ElDeleteCaptureDevice(EL *e, char *name);
 bool ElSetCaptureDeviceLogSetting(EL *e, char *name, HUB_LOG *log);
 void ElCaptureThread(THREAD *thread, void *param);
--- a/src/Cedar/Hub.c
+++ b/src/Cedar/Hub.c
@ -1835,7 +1835,7 @@ ESCAPE:
 	return;
 }
-// Eable / disable the SecureNAT
+// Enable / disable the SecureNAT
 void EnableSecureNAT(HUB *h, bool enable)
 {
 	EnableSecureNATEx(h, enable, false);
--- a/src/Cedar/Hub.h
+++ b/src/Cedar/Hub.h
@ -348,7 +348,7 @@ struct ACCESS
 	UCHAR DstMacAddress[6];				// Destination MAC address
 	UCHAR DstMacMask[6];				// Destination MAC address mask
 	bool CheckTcpState;					// The state of the TCP connection
-	bool Established;					// Establieshed(TCP)
+	bool Established;					// Established(TCP)
 	UINT Delay;							// Delay
 	UINT Jitter;						// Jitter
 	UINT Loss;							// Packet loss
--- a/src/Cedar/IPsec_IKE.c
+++ b/src/Cedar/IPsec_IKE.c
@ -206,7 +206,7 @@ void IPsecSendPacketByIPsecSa(IKE_SERVER *ike, IPSECSA *sa, UCHAR *data, UINT da
 				IPV4_SET_HEADER_LEN(&h, sizeof(IPV4_HEADER) / 4);
 				h.TotalLength = Endian16((USHORT)(data_size + sizeof(IPV4_HEADER)));
 				h.Identification = Endian16(c->TunnelSendIpId++);
-				h.FlagsAndFlagmentOffset[0] = h.FlagsAndFlagmentOffset[1] = 0;
+				h.FlagsAndFragmentOffset[0] = h.FlagsAndFragmentOffset[1] = 0;
 				h.TimeToLive = DEFAULT_IP_TTL;
 				h.Protocol = protocol_id;
 				h.SrcIP = IPToUINT(&c->TunnelModeServerIP);
@ -2839,7 +2839,7 @@ void ProcIkeAggressiveModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *
 			if ((caps.NatTraversalDraftIetf || caps.NatTraversalRfc3947) || (IsUdpPortOpened(ike->IPsec->UdpListener, &p->DstIP, IPSEC_PORT_IPSEC_ESP_RAW)))
 			{
-				sa = FindIkeSaByEndPointAndInitiatorCookie(ike, &p->DstIP, p->DestPort, &p->SrcIP, p->SrcPort, header->InitiatorCookie, IKE_SA_AGRESSIVE_MODE);
+				sa = FindIkeSaByEndPointAndInitiatorCookie(ike, &p->DstIP, p->DestPort, &p->SrcIP, p->SrcPort, header->InitiatorCookie, IKE_SA_AGGRESSIVE_MODE);
 				if (sa == NULL)
 				{
@ -2894,7 +2894,7 @@ void ProcIkeAggressiveModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *
 								IKE_PACKET_PAYLOAD *your_nat_d_2 = NULL;
 								// Create an IKE SA
-								sa = NewIkeSa(ike, c, header->InitiatorCookie, IKE_SA_AGRESSIVE_MODE, &setting);
+								sa = NewIkeSa(ike, c, header->InitiatorCookie, IKE_SA_AGGRESSIVE_MODE, &setting);
 								Copy(&sa->Caps, &caps, sizeof(IKE_CAPS));
 								sa->State= IKE_SA_AM_STATE_1_SA;
 								Insert(ike->IkeSaList, sa);
@ -3118,7 +3118,7 @@ void ProcIkeAggressiveModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *
 				header->ResponderCookie), true, header->InitiatorCookie, header->ResponderCookie);
 		}
-		if (sa != NULL && sa->Mode == IKE_SA_AGRESSIVE_MODE)
+		if (sa != NULL && sa->Mode == IKE_SA_AGGRESSIVE_MODE)
 		{
 			IKE_PACKET *pr = NULL;
@ -5757,7 +5757,7 @@ void ProcessIKEInterrupts(IKE_SERVER *ike)
 	while (ike->StateHasChanged);
 	// Maintenance of the thread list
-	MainteThreadList(ike->ThreadList);
+	MaintainThreadList(ike->ThreadList);
 	/*Debug("ike->ThreadList: %u\n", LIST_NUM(ike->ThreadList));
 	{
 		UINT i;
--- a/src/Cedar/IPsec_IKE.h
+++ b/src/Cedar/IPsec_IKE.h
@ -120,7 +120,7 @@
 // State
 #define	IKE_SA_MAIN_MODE					0	// Main mode
-#define	IKE_SA_AGRESSIVE_MODE				1	// Aggressive mode
+#define	IKE_SA_AGGRESSIVE_MODE				1	// Aggressive mode
 #define	IKE_SA_MM_STATE_1_SA				0	// Main mode state 1 (SA exchange is complete. Wait for key exchange)
 #define	IKE_SA_MM_STATE_2_KEY				1	// Main mode state 2 (Key exchange is complete. Wait for exchange ID)
--- a/src/Cedar/IPsec_IPC.c
+++ b/src/Cedar/IPsec_IPC.c
@ -561,7 +561,7 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	ipc->ArpTable = NewList(IPCCmpArpTable);
 	// Create an IPv4 reception queue
-	ipc->IPv4RecviedQueue = NewQueue();
+	ipc->IPv4ReceivedQueue = NewQueue();
 	return ipc;
@ -601,7 +601,7 @@ IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address)
 	ipc->ArpTable = NewList(IPCCmpArpTable);
 	// Create an IPv4 reception queue
-	ipc->IPv4RecviedQueue = NewQueue();
+	ipc->IPv4ReceivedQueue = NewQueue();
 	ipc->FlushList = NewTubeFlushList();
@ -671,7 +671,7 @@ void FreeIPC(IPC *ipc)
 	while (true)
 	{
-		BLOCK *b = GetNext(ipc->IPv4RecviedQueue);
+		BLOCK *b = GetNext(ipc->IPv4ReceivedQueue);
 		if (b == NULL)
 		{
 			break;
@ -680,7 +680,7 @@ void FreeIPC(IPC *ipc)
 		FreeBlock(b);
 	}
-	ReleaseQueue(ipc->IPv4RecviedQueue);
+	ReleaseQueue(ipc->IPv4ReceivedQueue);
 	Free(ipc);
 }
@ -872,7 +872,7 @@ LABEL_RETRY_FOR_OPENVPN:
 			char tmp[64];
 			DHCP_OPTION_LIST req;
-			IPC_DHCP_RELESAE_QUEUE *q;
+			IPC_DHCP_RELEASE_QUEUE *q;
 			// If the offered IP address is not used, place the address
 			// in release memo list to release at the end of this function
@ -880,7 +880,7 @@ LABEL_RETRY_FOR_OPENVPN:
 			req.Opcode = DHCP_RELEASE;
 			req.ServerAddress = d->ParsedOptionList->ServerAddress;
-			q = ZeroMalloc(sizeof(IPC_DHCP_RELESAE_QUEUE));
+			q = ZeroMalloc(sizeof(IPC_DHCP_RELEASE_QUEUE));
 			Copy(&q->Req, &req, sizeof(DHCP_OPTION_LIST));
 			q->TranId = tran_id;
 			Copy(q->MacAddress, ipc->MacAddress, 6);
@ -994,7 +994,7 @@ LABEL_CLEANUP:
 		for (i = 0;i < LIST_NUM(release_list);i++)
 		{
-			IPC_DHCP_RELESAE_QUEUE *q = LIST_DATA(release_list, i);
+			IPC_DHCP_RELEASE_QUEUE *q = LIST_DATA(release_list, i);
 			Copy(ipc->MacAddress, q->MacAddress, 6);
 			FreeDHCPv4Data(IPCSendDhcpRequest(ipc, NULL, q->TranId, &q->Req, 0, 0, NULL));
@ -1456,7 +1456,7 @@ void IPCAssociateOnArpTable(IPC *ipc, IP *ip, UCHAR *mac_address)
 	}
 }
-// Identifiy whether the MAC address is a normal unicast address
+// Identify whether the MAC address is a normal unicast address
 bool IsValidUnicastMacAddress(UCHAR *mac)
 {
 	// Validate arguments
@ -1626,7 +1626,7 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
 								IPCAssociateOnArpTable(ipc, &ip_src, src_mac);
 								// Place in the reception queue
-								InsertQueue(ipc->IPv4RecviedQueue, NewBlock(data, size, 0));
+								InsertQueue(ipc->IPv4ReceivedQueue, NewBlock(data, size, 0));
 							}
 							else
 							{
@ -2086,7 +2086,7 @@ BLOCK *IPCRecvIPv4(IPC *ipc)
 		return NULL;
 	}
-	b = GetNext(ipc->IPv4RecviedQueue);
+	b = GetNext(ipc->IPv4ReceivedQueue);
 	return b;
 }
--- a/src/Cedar/IPsec_IPC.h
+++ b/src/Cedar/IPsec_IPC.h
@ -140,7 +140,7 @@ struct IPC_ARP
 };
 // DHCP release queue
-struct IPC_DHCP_RELESAE_QUEUE
+struct IPC_DHCP_RELEASE_QUEUE
 {
 	DHCP_OPTION_LIST Req;
 	UINT TranId;
@ -206,7 +206,7 @@ struct IPC
 	UCHAR MacAddress[6];				// MAC address
 	UCHAR Padding[2];
 	LIST *ArpTable;						// ARP table
-	QUEUE *IPv4RecviedQueue;			// IPv4 reception queue
+	QUEUE *IPv4ReceivedQueue;			// IPv4 reception queue
 	TUBE_FLUSH_LIST *FlushList;			// Tube Flush List
 	UCHAR MsChapV2_ServerResponse[20];	// Server response
 	DHCP_CLASSLESS_ROUTE_TABLE ClasslessRoute;	// Classless routing table
--- a/src/Cedar/IPsec_L2TP.c
+++ b/src/Cedar/IPsec_L2TP.c
@ -2562,7 +2562,7 @@ void L2TPProcessInterrupts(L2TP_SERVER *l2tp)
 	// Maintenance the thread list
 	if (l2tp->IkeServer == NULL)
 	{
-		MainteThreadList(l2tp->ThreadList);
+		MaintainThreadList(l2tp->ThreadList);
 		//Debug("l2tp->ThreadList: %u\n", LIST_NUM(l2tp->ThreadList));
 	}
 }
--- a/src/Cedar/Interop_OpenVPN.c
+++ b/src/Cedar/Interop_OpenVPN.c
@ -1180,9 +1180,12 @@ UINT OvsParseKeyMethod2(OPENVPN_KEY_METHOD_2 *ret, UCHAR *data, UINT size, bool
 						// String
 						if (OvsReadStringFromBuf(b, ret->OptionString, sizeof(ret->OptionString)) &&
 							OvsReadStringFromBuf(b, ret->Username, sizeof(ret->Username)) &&
-							OvsReadStringFromBuf(b, ret->Password, sizeof(ret->Password)) &&
+							OvsReadStringFromBuf(b, ret->Password, sizeof(ret->Password)))
-							OvsReadStringFromBuf(b, ret->PeerInfo, sizeof(ret->PeerInfo)))
+							{
-						{
+								if (!OvsReadStringFromBuf(b, ret->PeerInfo, sizeof(ret->PeerInfo)))
 								{
 									Zero(ret->PeerInfo, sizeof(ret->PeerInfo));
 								}
 							read_size = b->Current;
 						}
 					}
--- a/src/Cedar/Interop_SSTP.c
+++ b/src/Cedar/Interop_SSTP.c
@ -137,7 +137,7 @@ void SstpProcessControlPacket(SSTP_SERVER *s, SSTP_PACKET *p)
 		return;
 	}
-	Debug("SSTP Control Packet Recv: Msg = %u, Num = %u\n", p->MessageType, LIST_NUM(p->AttibuteList));
+	Debug("SSTP Control Packet Recv: Msg = %u, Num = %u\n", p->MessageType, LIST_NUM(p->AttributeList));
 	switch (p->MessageType)
 	{
@ -266,7 +266,7 @@ void SstpSendPacket(SSTP_SERVER *s, SSTP_PACKET *p)
 	if (p->IsControl)
 	{
-		Debug("SSTP Control Packet Send: Msg = %u, Num = %u\n", p->MessageType, LIST_NUM(p->AttibuteList));
+		Debug("SSTP Control Packet Send: Msg = %u, Num = %u\n", p->MessageType, LIST_NUM(p->AttributeList));
 	}
 	else
 	{
@ -438,7 +438,7 @@ SSTP_PACKET *SstpNewControlPacketWithAnAttribute(USHORT message_type, SSTP_ATTRI
 	if (a != NULL)
 	{
-		Add(p->AttibuteList, a);
+		Add(p->AttributeList, a);
 	}
 	return p;
@ -452,7 +452,7 @@ SSTP_PACKET *SstpNewControlPacket(USHORT message_type)
 	p->IsControl = true;
 	p->MessageType = message_type;
 	p->Version = SSTP_VERSION_1;
-	p->AttibuteList = NewListFast(NULL);
+	p->AttributeList = NewListFast(NULL);
 	return p;
 }
@ -469,7 +469,7 @@ SSTP_PACKET *SstpNewDataPacket(UCHAR *data, UINT size)
 	return p;
 }
-// Get the Attibute with the specified ID from SSTP packet
+// Get the Attribute with the specified ID from SSTP packet
 SSTP_ATTRIBUTE *SstpFindAttribute(SSTP_PACKET *p, UCHAR attribute_id)
 {
 	UINT i;
@ -479,9 +479,9 @@ SSTP_ATTRIBUTE *SstpFindAttribute(SSTP_PACKET *p, UCHAR attribute_id)
 		return NULL;
 	}
-	for (i = 0;i < LIST_NUM(p->AttibuteList);i++)
+	for (i = 0;i < LIST_NUM(p->AttributeList);i++)
 	{
-		SSTP_ATTRIBUTE *a = LIST_DATA(p->AttibuteList, i);
+		SSTP_ATTRIBUTE *a = LIST_DATA(p->AttributeList, i);
 		if (a->AttributeId == attribute_id)
 		{
@ -665,7 +665,7 @@ BUF *SstpBuildPacket(SSTP_PACKET *p)
 			Free(p->Data);
 		}
-		ab = SstpBuildAttributeList(p->AttibuteList, p->MessageType);
+		ab = SstpBuildAttributeList(p->AttributeList, p->MessageType);
 		p->Data = ab->Buf;
 		p->DataSize = ab->Size;
 		Free(ab);
@ -753,9 +753,9 @@ SSTP_PACKET *SstpParsePacket(UCHAR *data, UINT size)
 	if (p->IsControl)
 	{
 		// Parse the Attribute list
-		p->AttibuteList = SstpParseAttributeList(p->Data, p->DataSize, p);
+		p->AttributeList = SstpParseAttributeList(p->Data, p->DataSize, p);
-		if (p->AttibuteList == NULL)
+		if (p->AttributeList == NULL)
 		{
 			// Failure of parsing list
 			SstpFreePacket(p);
@ -794,7 +794,7 @@ LIST *SstpParseAttributeList(UCHAR *data, UINT size, SSTP_PACKET *p)
 	data += sizeof(USHORT);
 	size -= sizeof(USHORT);
-	// Attibutes List
+	// Attributes List
 	o = NewListFast(NULL);
 	while (LIST_NUM(o) < num)
@ -874,7 +874,7 @@ SSTP_ATTRIBUTE *SstpParseAttribute(UCHAR *data, UINT size)
 	return a;
 }
-// Release the Attibute
+// Release the Attribute
 void SstpFreeAttribute(SSTP_ATTRIBUTE *a)
 {
 	// Validate arguments
@ -917,9 +917,9 @@ void SstpFreePacket(SSTP_PACKET *p)
 		return;
 	}
-	if (p->AttibuteList != NULL)
+	if (p->AttributeList != NULL)
 	{
-		SstpFreeAttributeList(p->AttibuteList);
+		SstpFreeAttributeList(p->AttributeList);
 	}
 	if (p->Data != NULL)
--- a/src/Cedar/Interop_SSTP.h
+++ b/src/Cedar/Interop_SSTP.h
@ -174,7 +174,7 @@
 //// Type
-// SSTP Attibute
+// SSTP Attribute
 struct SSTP_ATTRIBUTE
 {
 	UCHAR AttributeId;
@ -191,7 +191,7 @@ struct SSTP_PACKET
 	UCHAR *Data;
 	UINT DataSize;
 	USHORT MessageType;
-	LIST *AttibuteList;
+	LIST *AttributeList;
 };
 // SSTP Server
--- a/src/Cedar/Layer3.c
+++ b/src/Cedar/Layer3.c
@ -302,7 +302,7 @@ void L3RecvIp(L3IF *f, PKT *p, bool self)
 				ip->TimeToLive = 0xff;
 				// Recalculates the checksum
-				ip->FlagsAndFlagmentOffset[0] = ip->FlagsAndFlagmentOffset[1] = 0;
+				ip->FlagsAndFragmentOffset[0] = ip->FlagsAndFragmentOffset[1] = 0;
 				icmp->Checksum = 0;
 				icmp->Type = ICMP_TYPE_ECHO_RESPONSE;
 				icmp->Checksum = IpChecksum(icmp, p->PacketSize - sizeof(MAC_HEADER) - header_size);
@ -356,7 +356,7 @@ void L3RecvL2(L3IF *f, PKT *p)
 		return;
 	}
-	// Ignore any packets except a unicast packet which is destinated other
+	// Ignore any packets except a unicast packet which is at destination
 	// or a packet which I sent
 	if (Cmp(p->MacAddressSrc, f->MacAddress, 6) == 0 ||
 		(p->BroadcastPacket == false && Cmp(p->MacAddressDest, f->MacAddress, 6) != 0))
--- a/src/Cedar/Link.c
+++ b/src/Cedar/Link.c
@ -266,7 +266,7 @@ bool LinkPaPutPacket(SESSION *s, void *data, UINT size)
 	k->Flag1++;
 	if ((k->Flag1 % 32) == 0)
 	{
-		// Ommit for performance
+		// Omit for performance
 		UINT current_num;
 		int diff;
@ -313,7 +313,7 @@ bool LinkPaPutPacket(SESSION *s, void *data, UINT size)
 			}
 			else
 			{
-				InsertReveicedBlockToQueue(server_connection, block, true);
+				InsertReceivedBlockToQueue(server_connection, block, true);
 			}
 		}
 	}
--- a/src/Cedar/Listener.c
+++ b/src/Cedar/Listener.c
@ -562,7 +562,7 @@ void ListenerTCPMainLoop(LISTENER *r)
 			goto STOP;
 		}
-		// Accpet loop
+		// Accept loop
 		while (true)
 		{
 			// Accept
--- a/src/Cedar/Logging.c
+++ b/src/Cedar/Logging.c
@ -1750,7 +1750,7 @@ char *PacketLogParseProc(RECORD *rec)
 						}
 						else if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_AGGRESSIVE)
 						{
-							t->Token[7] = CopyStr("AgressiveMode");
+							t->Token[7] = CopyStr("AggressiveMode");
 						}
 						{
@ -2022,7 +2022,7 @@ char *PacketLogParseProc(RECORD *rec)
 						}
 						else if (p->L7.IkeHeader->ExchangeType == IKE_EXCHANGE_TYPE_AGGRESSIVE)
 						{
-							t->Token[7] = CopyStr("AgressiveMode");
+							t->Token[7] = CopyStr("AggressiveMode");
 						}
 						{
--- a/src/Cedar/Nat.h
+++ b/src/Cedar/Nat.h
@ -164,7 +164,7 @@ struct RPC_NAT_STATUS
 	char HubName[MAX_HUBNAME_LEN + 1];			// HUB name
 	UINT NumTcpSessions;						// Number of TCP sessions
 	UINT NumUdpSessions;						// Ntmber of UDP sessions
-	UINT NumIcmpSessions;						// Nymber of ICMP sessions
+	UINT NumIcmpSessions;						// Number of ICMP sessions
 	UINT NumDnsSessions;						// Number of DNS sessions
 	UINT NumDhcpClients;						// Number of DHCP clients
 	bool IsKernelMode;							// Whether kernel mode
--- a/src/Cedar/Protocol.c
+++ b/src/Cedar/Protocol.c
@ -1576,7 +1576,7 @@ bool ServerAccept(CONNECTION *c)
 		if (hub->ForceDisableComm)
 		{
-			// Commnunication function is disabled
+			// Communication function is disabled
 			FreePack(p);
 			c->Err = ERR_SERVER_CANT_ACCEPT;
 			error_detail = "ERR_COMM_DISABLED";
@ -1851,7 +1851,7 @@ bool ServerAccept(CONNECTION *c)
 						Add(o, "p");
 						Add(o, "guest");
 						Add(o, "anony");
-						Add(o, "anonymouse");
+						Add(o, "anonymous");
 						Add(o, "password");
 						Add(o, "passwd");
 						Add(o, "pass");
@ -2948,12 +2948,9 @@ bool ServerAccept(CONNECTION *c)
 			// VLAN ID
 			if (assigned_vlan_id != 0)
 			{
-				if (policy != NULL)
+				if (policy->VLanId == 0)
 				{
-					if (policy->VLanId == 0)
+					policy->VLanId = assigned_vlan_id;
 					{
 						policy->VLanId = assigned_vlan_id;
 					}
 				}
 			}
@ -3146,12 +3143,7 @@ bool ServerAccept(CONNECTION *c)
 			s->Timeout = timeout;
 			s->QoS = qos;
 			s->NoReconnectToSession = no_reconnect_to_session;
-
+			s->VLanId = policy->VLanId;
 			if (policy != NULL)
 			{
 				s->VLanId = policy->VLanId;
 			}
 			// User name
 			s->Username = CopyStr(username);
@ -4626,7 +4618,7 @@ void ClientCheckServerCertThread(THREAD *thread, void *param)
 	NoticeThreadInit(thread);
 	// Query for the selection to the user
-	p->Ok = p->CheckCertProc(p->Connection->Session, p->Connection, p->ServerX, &p->Exipred);
+	p->Ok = p->CheckCertProc(p->Connection->Session, p->Connection, p->ServerX, &p->Expired);
 	p->UserSelected = true;
 }
@ -4772,7 +4764,7 @@ bool ClientCheckServerCert(CONNECTION *c, bool *expired)
 	if (expired != NULL)
 	{
-		*expired = p->Exipred;
+		*expired = p->Expired;
 	}
 	ret = p->Ok;
@ -6500,7 +6492,7 @@ SOCK *ClientConnectGetSocket(CONNECTION *c, bool additional_connect, bool no_tls
 	volatile bool *cancel_flag = NULL;
 	void *hWnd;
 	UINT nat_t_err = 0;
-	bool is_additonal_rudp_session = false;
+	bool is_additional_rudp_session = false;
 	UCHAR uc = 0;
 	IP ret_ip;
 	// Validate arguments
@ -6516,7 +6508,7 @@ SOCK *ClientConnectGetSocket(CONNECTION *c, bool additional_connect, bool no_tls
 	if (sess != NULL)
 	{
 		cancel_flag = &sess->CancelConnect;
-		is_additonal_rudp_session = sess->IsRUDPSession;
+		is_additional_rudp_session = sess->IsRUDPSession;
 	}
 	hWnd = c->hWndForUI;
@ -6560,7 +6552,7 @@ SOCK *ClientConnectGetSocket(CONNECTION *c, bool additional_connect, bool no_tls
 				// If additional_connect == false, enable trying to NAT-T connection
 				// If additional_connect == true, follow the IsRUDPSession setting in this session
 				s = TcpIpConnectEx(host_for_direct_connection, port_for_direct_connection,
-					(bool *)cancel_flag, hWnd, &nat_t_err, (additional_connect ? (!is_additonal_rudp_session) : false),
+					(bool *)cancel_flag, hWnd, &nat_t_err, (additional_connect ? (!is_additional_rudp_session) : false),
 					true, no_tls, &ret_ip);
 			}
 		}
--- a/src/Cedar/Protocol.h
+++ b/src/Cedar/Protocol.h
@ -121,7 +121,7 @@ struct CHECK_CERT_THREAD_PROC
 	X *ServerX;
 	CHECK_CERT_PROC *CheckCertProc;
 	bool UserSelected;
-	bool Exipred;
+	bool Expired;
 	bool Ok;
 };
--- a/src/Cedar/Radius.c
+++ b/src/Cedar/Radius.c
@ -137,7 +137,7 @@ bool PeapClientSendMsChapv2AuthClientResponse(EAP_CLIENT *e, UCHAR *client_respo
 	msg1.Chap_Id = e->MsChapV2Challenge.Chap_Id;
 	msg1.Chap_Len = Endian16(54 + StrLen(e->Username));
 	msg1.Chap_ValueSize = 49;
-	Copy(msg1.Chap_PeerChallange, client_challenge, 16);
+	Copy(msg1.Chap_PeerChallenge, client_challenge, 16);
 	Copy(msg1.Chap_NtResponse, client_response, 24);
 	Copy(msg1.Chap_Name, e->Username, MIN(StrLen(e->Username), 255));
@ -757,7 +757,7 @@ bool EapClientSendMsChapv2AuthClientResponse(EAP_CLIENT *e, UCHAR *client_respon
 	eap1->Chap_Id = e->MsChapV2Challenge.Chap_Id;
 	eap1->Chap_Len = Endian16(54 + StrLen(e->Username));
 	eap1->Chap_ValueSize = 49;
-	Copy(eap1->Chap_PeerChallange, client_challenge, 16);
+	Copy(eap1->Chap_PeerChallenge, client_challenge, 16);
 	Copy(eap1->Chap_NtResponse, client_response, 24);
 	Copy(eap1->Chap_Name, e->Username, MIN(StrLen(e->Username), 255));
--- a/src/Cedar/Radius.h
+++ b/src/Cedar/Radius.h
@ -234,7 +234,7 @@ struct EAP_MSCHAPV2_RESPONSE
 	UCHAR Chap_Id;
 	USHORT Chap_Len;
 	UCHAR Chap_ValueSize;	// = 49
-	UCHAR Chap_PeerChallange[16];
+	UCHAR Chap_PeerChallenge[16];
 	UCHAR Chap_Reserved[8];
 	UCHAR Chap_NtResponse[24];
 	UCHAR Chap_Flags;
--- a/src/Cedar/SM.c
+++ b/src/Cedar/SM.c
@ -3470,7 +3470,7 @@ void SmSetupDlgOnOk(HWND hWnd, SM_SETUP *s)
 			s->s->IPsecMessageDisplayed = true;
 		}
-		// Confgure the VPN Azure if VPN Azure feature is available
+		// Configure the VPN Azure if VPN Azure feature is available
 		if (GetCapsBool(s->s->CapsList, "b_support_azure"))
 		{
 			SmAzure(hWnd, s->s, true);
@ -9465,7 +9465,7 @@ void SmSessionDlgUpdate(HWND hWnd, SM_HUB *s)
 	if (s->p->ServerInfo.ServerBuildInt < 2844)
 	{
-		// Old version doen't support for remote management of the sessions
+		// Old version doesn't support for remote management of the sessions
 		ok2 = ok;
 	}
@ -13776,7 +13776,7 @@ void SmEditUserDlgOk(HWND hWnd, SM_EDIT_USER *s)
 		}
 		FreeRpcSetUser(&t);
-		MsgBoxEx(hWnd, MB_ICONINFORMATION, _UU("SM_USER_CREEATE_OK"), u->Name);
+		MsgBoxEx(hWnd, MB_ICONINFORMATION, _UU("SM_USER_CREATE_OK"), u->Name);
 	}
 	else
 	{
@ -16120,7 +16120,7 @@ void SmConnectionDlgRefresh(HWND hWnd, SM_SERVER *p)
 	LvInsertEnd(b, hWnd, L_LIST);
-	FreeRpcEnumConnetion(&t);
+	FreeRpcEnumConnection(&t);
 }
 // Update the control
@ -17571,7 +17571,7 @@ void SmEditHubOnOk(HWND hWnd, SM_EDIT_HUB *s)
 	{
 		if (CALL(hWnd, ScCreateHub(s->p->Rpc, &t)))
 		{
-			MsgBoxEx(hWnd, MB_ICONINFORMATION, _UU("CM_EDIT_HUB_CREATER"), hubname);
+			MsgBoxEx(hWnd, MB_ICONINFORMATION, _UU("CM_EDIT_HUB_CREATED"), hubname);
 			EndDialog(hWnd, true);
 		}
 	}
--- a/src/Cedar/SW.c
+++ b/src/Cedar/SW.c
@ -665,7 +665,7 @@ bool SwSfxCopyVgFiles(HWND hWnd, wchar_t *src, wchar_t *dst)
 	}
 	msg = L"The file \"%s\" was not found on the directory which the installer \"%s\" is located on.\r\n\r\n"
-		L"To continue the installation, the file \"%s\" is required on the same direcotry.\r\n"
+		L"To continue the installation, the file \"%s\" is required on the same directory.\r\n"
 		L"If you have extracted the installer from a ZIP archive, you have to also extract the file \"%s\" from the ZIP archive together.";
 	MsgBoxEx(hWnd, MB_ICONINFORMATION, msg, srcfilename, exefilename, srcfilename, srcfilename);
@ -1759,7 +1759,7 @@ UINT SwFinish(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard,
 	return 0;
 }
-// Error occuring screen
+// Error occurring screen
 UINT SwError(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, WIZARD *wizard, WIZARD_PAGE *wizard_page, void *param)
 {
 	SW *sw = (SW *)param;
@ -4155,7 +4155,7 @@ L_RETRY_LINK:
 		{
 			// Show the error message if it fails
 			UINT msgret;
-			UniFormat(tmp, sizeof(tmp), _UU("SW_PERFORM_MSG_CRAETE_LINK_ERROR"), lnk_fullpath);
+			UniFormat(tmp, sizeof(tmp), _UU("SW_PERFORM_MSG_CREATE_LINK_ERROR"), lnk_fullpath);
 			msgret = SwPerformMsgBox(wp, MB_ICONEXCLAMATION | MB_YESNO, tmp);
 			if (msgret == IDYES)
--- a/src/Cedar/Sam.c
+++ b/src/Cedar/Sam.c
@ -113,6 +113,347 @@
 #include "CedarPch.h"
 int base64_enc_len(unsigned int plainLen) {
 	unsigned int n = plainLen;
 	return (n + 2 - ((n + 2) % 3)) / 3 * 4;
 }
 PID OpenChildProcess(const char* path, char* const parameter[], int fd[] )
 {
 #ifdef OS_WIN32
 	// not implemented
 	return -1;
 #else // OS_WIN32
 	// UNIX
 	int fds[2][2];
 	PID pid;
 	if (path == NULL || parameter == NULL || fd == NULL)
 	{
 		return (PID)-1;
 	}
 	if (pipe(fds[0]) != 0)
 	{
 		return (PID)-1;
 	}
 	if (pipe(fds[1]) != 0)
 	{
 		close(fds[0][0]);
 		close(fds[0][1]);
 		return (PID)-1;
 	}
 	pid = fork();
 	if (pid == (PID)0) {
 		int iError;
 		close(fds[0][1]);
 		close(fds[1][0]);
 		if (dup2(fds[0][0], fileno(stdin)) < 0 || dup2(fds[1][1], fileno(stdout)) < 0 )
 		{
 			close(fds[0][0]);
 			close(fds[1][1]);
 			_exit(EXIT_FAILURE);
 		}
 		iError = execvp(path, parameter);
 		// We should never come here 
 		close(fds[0][0]);
 		close(fds[1][1]);
 		_exit(iError);
 	}
 	else if (pid > (PID)0)
 	{
 		close(fds[0][0]);
 		close(fds[1][1]);
 		fd[0] = fds[1][0];
 		fd[1] = fds[0][1];
 		return pid;
 	}
 	else
 	{
 		close(fds[0][0]);
 		close(fds[1][1]);
 		close(fds[0][1]);
 		close(fds[1][0]);
 		return -1;
 	}
 #endif // OS_WIN32
 }
 void CloseChildProcess(PID pid, int* fd )
 {
 #ifdef OS_WIN32
 	// not implemented
 #else // OS_WIN32
 	if( fd != 0 )
 	{
 			close(fd[0]);
 			close(fd[1]);
 	}
 	if( pid > 0 )
 	{
 		kill(pid, SIGTERM);
 	}
 #endif // OS_WIN32
 }
 bool SmbAuthenticate(char* name, char* password, char* domainname, char* groupname, UINT timeout, UCHAR* challenge8, UCHAR* MsChapV2_ClientResponse, UCHAR* nt_pw_hash_hash)
 {
 	bool  auth = false;
 	int   fds[2];
 	FILE* out, *in;
 	PID   pid;
 	char  buffer[255];
 	char  ntlm_timeout[32];
 	char* proc_parameter[6];
 	if (name == NULL || password == NULL || domainname == NULL || groupname == NULL)
 	{
 		Debug("Sam.c - SmbAuthenticate - wrong password parameter\n");
 		return false;
 	}
 	if (password[0] == '\0' && (challenge8 == NULL || MsChapV2_ClientResponse == NULL || nt_pw_hash_hash == NULL))
 	{
 		Debug("Sam.c - SmbAuthenticate - wrong MsCHAPv2 parameter\n");
 		return false;
 	}
 	Zero(buffer, sizeof(buffer));
 	// Truncate string if unsafe char
 	EnSafeStr(domainname, '\0');
 	if (strlen(domainname) > 255)
 	{
 		// there is no domainname longer then 255 chars!
 		// http://tools.ietf.org/html/rfc1035 section 2.3.4
 		domainname[255] = '\0';
 	}
 	// set timeout to 15 minutes even if timeout is disabled, to prevent ntlm_auth from hung up
 	if (timeout <= 0 || timeout > 900)
 	{
 		timeout = 999;
 	}
 	snprintf(ntlm_timeout, sizeof(ntlm_timeout), "%is", timeout);
 	Debug("Sam.c - timeout for ntlm_auth %s\n", ntlm_timeout);
 	proc_parameter[0] = "timeout";
 	proc_parameter[1] = ntlm_timeout;
 	proc_parameter[2] = "ntlm_auth";
 	proc_parameter[3] = "--helper-protocol=ntlm-server-1";
 	proc_parameter[4] = 0;
 	if (strlen(groupname) > 1)
 	{
 		// DNS Name 255 chars + OU names are limited to 64 characters +  cmdline 32 + 1
 		char  requiremember[352];
 		// Truncate string if unsafe char
 		EnSafeStr(groupname, '\0');
 		snprintf(requiremember, sizeof(requiremember), "--require-membership-of=%s\\%s", domainname, groupname);
 		proc_parameter[4] = requiremember;
 		proc_parameter[5] = 0;
 	}
 	pid = OpenChildProcess("timeout", proc_parameter, fds);
 	if (pid < 0)
 	{
 		Debug("Sam.c - SmbCheckLogon - error fork child process (ntlm_auth)\n");
 		return false;
 	}
 	out = fdopen(fds[1], "w");
 	if (out == 0)
 	{
 		CloseChildProcess(pid, fds);
 		Debug("Sam.c - cant open out pipe (ntlm_auth)\n");
 		return false;
 	}
 	in = fdopen(fds[0], "r");
 	if (in == 0)
 	{
 		fclose(out);
 		CloseChildProcess(pid, fds);
 		Debug("Sam.c - cant open in pipe (ntlm_auth)\n");
 		return false;
 	}
 	if (base64_enc_len(strlen(name)) < sizeof(buffer)-1 &&
 		base64_enc_len(strlen(password)) < sizeof(buffer)-1 &&
 		base64_enc_len(strlen(domainname)) < sizeof(buffer)-1)
 	{
 		char  answer[300];
 		unsigned int end = B64_Encode(buffer, name, strlen(name));
 		buffer[end] = '\0';
 		fputs("Username:: ", out);
 		fputs(buffer, out);
 		fputs("\n", out);
 		Debug("Username: %s\n", buffer);
 		buffer[0] = 0;
 		end = B64_Encode(buffer, domainname, strlen(domainname));
 		buffer[end] = '\0';
 		fputs("NT-Domain:: ", out);
 		fputs(buffer, out);
 		fputs("\n", out);
 		Debug("NT-Domain: %s\n", buffer);
 		buffer[0] = 0;
 		if (password[0] != '\0')
 		{
 			Debug("Password authentication\n");
 			end = B64_Encode(buffer, password, strlen(password));
 			buffer[end] = '\0';
 			fputs("Password:: ", out);
 			fputs(buffer, out);
 			fputs("\n", out);
 			Debug("Password: %s\n", buffer);
 			buffer[0] = 0;
 		}
 		else
 		{
 			char* mschapv2_client_response;
 			char* base64_challenge8;
 			Debug("MsChapV2 authentication\n");
 			mschapv2_client_response = CopyBinToStr(MsChapV2_ClientResponse, 24);
 			end = B64_Encode(buffer, mschapv2_client_response, 48);
 			buffer[end] = '\0';
 			fputs("NT-Response:: ", out);
 			fputs(buffer, out);
 			fputs("\n", out);
 			Debug("NT-Response:: %s\n", buffer);
 			buffer[0] = 0;
 			Free(mschapv2_client_response);
 			base64_challenge8 = CopyBinToStr(challenge8, 8);
 			end = B64_Encode(buffer, base64_challenge8 , 16);
 			buffer[end] = '\0';
 			fputs("LANMAN-Challenge:: ", out);
 			fputs(buffer, out);
 			fputs("\n", out);
 			Debug("LANMAN-Challenge:: %s\n", buffer);
 			buffer[0] = 0;
 			Free(base64_challenge8);
 			fputs("Request-User-Session-Key: Yes\n", out);
 		}
 		// Start authentication
 		fputs( ".\n", out );
 		fflush (out);
 		// Request send!
 		Zero(answer, sizeof(answer));
 		while (fgets(answer, sizeof(answer)-1, in))
 		{
 			char* response_parameter;
 			if (strncmp(answer, ".\n", sizeof(answer)-1 ) == 0)
 			{
 				break;
 			}
 			/* Indicates a base64 encoded structure */
 			response_parameter = strstr(answer, ":: ");
 			if (!response_parameter) {
 				char* newline;
 				response_parameter = strstr(answer, ": ");
 				if (!response_parameter) {
 					continue;
 				}
 				response_parameter[0] ='\0';
 				response_parameter++;
 				response_parameter[0] ='\0';
 				response_parameter++;
 				newline  = strstr(response_parameter, "\n");
 				if( newline )
 					newline[0] = '\0';
 			} else {
 				response_parameter[0] ='\0';
 				response_parameter++;
 				response_parameter[0] ='\0';
 				response_parameter++;
 				response_parameter[0] ='\0';
 				response_parameter++;
 				end = Decode64(response_parameter, response_parameter);
 				response_parameter[end] = '\0';
 			}
 			if (strncmp(answer, "Authenticated", sizeof(answer)-1 ) == 0)
 			{
 				if (strcmp(response_parameter, "Yes") == 0)
 				{
 					Debug("Authenticated!\n");
 					auth = true;
 				}
 				else if (strcmp(response_parameter, "No") == 0)
 				{
 					Debug("Authentication failed!\n");
 					auth = false;
 				}
 			}
 			else if (strncmp(answer, "User-Session-Key", sizeof(answer)-1 ) == 0)
 			{
 				if (nt_pw_hash_hash != NULL)
 				{
 					BUF* Buf = StrToBin(response_parameter);
 					Copy(nt_pw_hash_hash, Buf->Buf, 16);
 					FreeBuf(Buf);
 				}
 			}
 		}
 	}
 	fclose(in);
 	fclose(out);
 	CloseChildProcess(pid, fds);
 	return auth;
 }
 bool SmbCheckLogon(char* name, char* password, char* domainname, char* groupname, UINT timeout)
 {
 	return SmbAuthenticate(name, password, domainname, groupname, timeout, NULL, NULL, NULL);
 }
 bool SmbPerformMsChapV2Auth(char* name, char* domainname, char* groupname, UCHAR* challenge8, UCHAR* MsChapV2_ClientResponse, UCHAR* nt_pw_hash_hash, UINT timeout)
 {
 	return SmbAuthenticate(name, "", domainname, groupname, timeout, challenge8, MsChapV2_ClientResponse, nt_pw_hash_hash);
 }
 // Password encryption
 void SecurePassword(void *secure_password, void *password, void *random)
 {
@ -132,7 +473,7 @@ void SecurePassword(void *secure_password, void *password, void *random)
 }
 // Generate 160bit random number
-void GenRamdom(void *random)
+void GenRandom(void *random)
 {
 	// Validate arguments
 	if (random == NULL)
@ -179,6 +520,8 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 {
 	bool b = false;
 	wchar_t *name = NULL;
 	wchar_t *groupname = NULL;
 	UINT timeout = 90;
 	bool auth_by_nt = false;
 	HUB *h;
 	// Validate arguments
@ -242,6 +585,14 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 					{
 						name = CopyUniStr(auth->NtUsername);
 					}
 					groupname = CopyStrToUni(u->GroupName);
 					if (u->Policy)
 					{
 						timeout = u->Policy->TimeOut;
 					}
 					auth_by_nt = true;
 				}
 			}
@ -298,7 +649,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 		}
 		else
 		{
-			// NT authentication (Not available for non-Win32)
+			// NT authentication
 #ifdef	OS_WIN32
 			IPC_MSCHAP_V2_AUTHINFO mschap;
 			Unlock(hub->lock);
@ -337,11 +688,60 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 			Lock(hub->lock);
 #else	// OS_WIN32
-			// Nothing to do other than Win32
+			// Unix / Samba Winbind
-#endif	// OS_WIN32
+
 			IPC_MSCHAP_V2_AUTHINFO mschap;
 			Unlock(hub->lock);
 			char nt_name[MAX_SIZE];
 			char nt_username[MAX_SIZE];
 			char nt_groupname[MAX_SIZE];
 			char nt_domainname[MAX_SIZE];
 			UCHAR challenge8[8];
 			UCHAR nt_pw_hash_hash[16];
 			nt_groupname[0] = 0;
 			UniToStr(nt_name, sizeof(nt_name), name);
 			if (groupname != NULL)
 				UniToStr(nt_groupname, sizeof(nt_groupname), groupname);
 			ParseNtUsername(nt_name, nt_username, sizeof(nt_username), nt_domainname, sizeof(nt_domainname), false);
 			if (ParseAndExtractMsChapV2InfoFromPassword(&mschap, password) == false)
 			{
 				// Plaintext password authentication
 				b = SmbCheckLogon(nt_username, password, nt_domainname, nt_groupname, timeout);
 			}
 			else
 			{
 				// MS-CHAPv2 authentication
 				MsChapV2_GenerateChallenge8(challenge8, mschap.MsChapV2_ClientChallenge,
 					mschap.MsChapV2_ServerChallenge,
 					mschap.MsChapV2_PPPUsername);
 				Debug("MsChapV2_PPPUsername = %s, nt_name = %s\n", mschap.MsChapV2_PPPUsername, nt_name);
 				b = SmbPerformMsChapV2Auth(nt_username, nt_domainname, nt_groupname, challenge8, mschap.MsChapV2_ClientResponse, nt_pw_hash_hash, timeout);
 				if (b)
 				{
 					if (mschap_v2_server_response_20 != NULL)
 					{
 						MsChapV2Server_GenerateResponse(mschap_v2_server_response_20, nt_pw_hash_hash,
 							mschap.MsChapV2_ClientResponse, challenge8);
 					}
 				}
 			}
 			Lock(hub->lock);
 #endif	// OS_WIN32 / OS_LINUX
 		}
 		// Memory release
 		if( groupname != NULL )
 			Free(groupname);
 		Free(name);
 	}
--- a/src/Cedar/Sam.h
+++ b/src/Cedar/Sam.h
@ -124,7 +124,7 @@ bool SamAuthUserByCert(HUB *h, char *username, X *x);
 bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *password, bool ast, UCHAR *mschap_v2_server_response_20, RADIUS_LOGIN_OPTION *opt);
 POLICY *SamGetUserPolicy(HUB *h, char *username);
-void GenRamdom(void *random);
+void GenRandom(void *random);
 void SecurePassword(void *secure_password, void *password, void *random);
 X *GetIssuerFromList(LIST *cert_list, X *cert);
--- a/src/Cedar/SeLowUser.c
+++ b/src/Cedar/SeLowUser.c
@ -839,7 +839,7 @@ LIST *SuGetAdapterList(SU *u)
 		return NULL;
 	}
-	ret = NewList(SuCmpAdaterList);
+	ret = NewList(SuCmpAdapterList);
 	// Enumerate adapters
 	Zero(&u->AdapterInfoList, sizeof(u->AdapterInfoList));
@ -869,7 +869,7 @@ LIST *SuGetAdapterList(SU *u)
 }
 // Comparison function of the adapter list
-int SuCmpAdaterList(void *p1, void *p2)
+int SuCmpAdapterList(void *p1, void *p2)
 {
 	int r;
 	SU_ADAPTER_LIST *a1, *a2;
--- a/src/Cedar/SeLowUser.h
+++ b/src/Cedar/SeLowUser.h
@ -168,7 +168,7 @@ bool SuPutPacket(SU_ADAPTER *a, void *buf, UINT size);
 SU_ADAPTER_LIST *SuAdapterInfoToAdapterList(SL_ADAPTER_INFO *info);
 LIST *SuGetAdapterList(SU *u);
 void SuFreeAdapterList(LIST *o);
-int SuCmpAdaterList(void *p1, void *p2);
+int SuCmpAdapterList(void *p1, void *p2);
 bool SuInstallDriver(bool force);
 bool SuInstallDriverInner(bool force);
--- a/src/Cedar/Server.c
+++ b/src/Cedar/Server.c
@ -1390,7 +1390,7 @@ UINT GetGlobalServerFlag(UINT index)
 	return global_server_flags[index];
 }
-// Main of the aquisition of Caps of the server
+// Main of the acquisition of Caps of the server
 void GetServerCapsMain(SERVER *s, CAPSLIST *t)
 {
 	bool is_restricted = false;
@ -1558,7 +1558,7 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
 	// Maximum NAT table size / Virtual HUB
 	AddCapsInt(t, "i_max_secnat_tables", NAT_MAX_SESSIONS);
-	// Cascade connction
+	// Cascade connection
 	if (s->ServerType == SERVER_TYPE_STANDALONE)
 	{
 		AddCapsBool(t, "b_support_cascade", true);
@ -1620,7 +1620,7 @@ void GetServerCapsMain(SERVER *s, CAPSLIST *t)
 		AddCapsBool(t, "b_tap_supported", GetOsInfo()->OsType == OSTYPE_LINUX ? true : false);
 	}
-	// Cascade connction
+	// Cascade connection
 	if (s->ServerType == SERVER_TYPE_STANDALONE)
 	{
 		AddCapsBool(t, "b_support_cascade", true);
@ -2794,7 +2794,7 @@ void SiInitConfiguration(SERVER *s)
 		}
 	}
-	if (s->DisableDosProction)
+	if (s->DisableDosProtection)
 	{
 		DisableDosProtect();
 	}
@ -5905,7 +5905,7 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
 		s->Cedar->DisableIPv6Listener = CfgGetBool(f, "DisableIPv6Listener");
 		// DoS
-		s->DisableDosProction = CfgGetBool(f, "DisableDosProction");
+		s->DisableDosProtection = CfgGetBool(f, "DisableDosProtection");
 		// Num Connections Per IP
 		SetMaxConnectionsPerIp(CfgGetInt(f, "MaxConnectionsPerIP"));
@ -6329,7 +6329,7 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
 		CfgAddBool(f, "DisableIPv6Listener", s->Cedar->DisableIPv6Listener);
 		// DoS
-		CfgAddBool(f, "DisableDosProction", s->DisableDosProction);
+		CfgAddBool(f, "DisableDosProtection", s->DisableDosProtection);
 		// MaxConnectionsPerIP
 		CfgAddInt(f, "MaxConnectionsPerIP", GetMaxConnectionsPerIp());
--- a/src/Cedar/Server.h
+++ b/src/Cedar/Server.h
@ -277,7 +277,7 @@ struct SERVER
 	bool DontBackupConfig;				// Do not save a backup of the configuration automatically
 	bool BackupConfigOnlyWhenModified;	// Save a backup of the configuration only if there is a modification
 	UINT ConfigRevision;				// Configuration file revision
-	bool DisableDosProction;			// Disable the DoS attack protection
+	bool DisableDosProtection;			// Disable the DoS attack protection
 	UCHAR MyRandomKey[SHA1_SIZE];		// Their own random key
 	bool FarmControllerInited;			// Initialization of farm controller has been completed
 	bool DisableDeadLockCheck;			// Disable the deadlock check
--- a/src/Cedar/Session.c
+++ b/src/Cedar/Session.c
@ -212,11 +212,11 @@ void SessionMain(SESSION *s)
 		s->NextConnectionTime = Tick64() + (UINT64)(s->ClientOption->AdditionalConnectionInterval * 1000);
 	}
-	s->NumConnectionsEatablished++;
+	s->NumConnectionsEstablished++;
 	s->CurrentConnectionEstablishTime = Tick64();
-	if (s->FirstConnectionEstablisiedTime == 0)
+	if (s->FirstConnectionEstablishedTime == 0)
 	{
-		s->FirstConnectionEstablisiedTime = Tick64();
+		s->FirstConnectionEstablishedTime = Tick64();
 	}
 	if (s->ServerMode == false && s->Cedar->Client != NULL)
@ -919,7 +919,7 @@ void IncrementUserTraffic(HUB *hub, char *username, SESSION *s)
 	Unlock(s->TrafficLock);
 }
-// Cummulate the traffic information of the connection
+// Cumulate the traffic information of the connection
 void AddTrafficForSession(SESSION *s, TRAFFIC *t)
 {
 	HUB *h;
@ -980,7 +980,7 @@ void ClientAdditionalConnectChance(SESSION *s)
 		return;
 	}
-	if (s->IsRUDPSession && (s->Connection->AdditionalConnectionFailedCounter > MAX_ADDITONAL_CONNECTION_FAILED_COUNTER))
+	if (s->IsRUDPSession && (s->Connection->AdditionalConnectionFailedCounter > MAX_ADDITIONAL_CONNECTION_FAILED_COUNTER))
 	{
 		// Not to make a large amount of repeated connection retry within a certain time in the case of R-UDP session
 		return;
--- a/src/Cedar/Session.h
+++ b/src/Cedar/Session.h
@ -265,9 +265,9 @@ struct SESSION
 	UINT NumDisconnected;			// Number of socket disconnection
 	bool NoReconnectToSession;		// Disable to reconnect to the session
 	char UnderlayProtocol[64];		// Physical communication protocol
-	UINT64 FirstConnectionEstablisiedTime;	// Connection completion time of the first connection
+	UINT64 FirstConnectionEstablishedTime;	// Connection completion time of the first connection
 	UINT64 CurrentConnectionEstablishTime;	// Completion time of this connection
-	UINT NumConnectionsEatablished;	// Number of connections established so far
+	UINT NumConnectionsEstablished;	// Number of connections established so far
 	UINT AdjustMss;					// MSS adjustment value
 	bool IsVPNClientAndVLAN_Win32;	// Is the VPN Client session with a VLAN card (Win32)
@ -309,7 +309,7 @@ struct SESSION
 	LIST *DelayedPacketList;		// Delayed packet list
 	UINT Flag1;
-	USER *NumLoginIncrementUserObject;	// User objects to increment the nymber of logins
+	USER *NumLoginIncrementUserObject;	// User objects to increment the number of logins
 	HUB *NumLoginIncrementHubObject;	// Virtual HUB object to increment the number of logins
 	UINT64 NumLoginIncrementTick;		// Time to perform increment a number of log
@ -317,7 +317,7 @@ struct SESSION
 	char FirstTimeHttpRedirectUrl[128];	// URL for redirection only the first time
 	UINT FirstTimeHttpAccessCheckIp;	// IP address for access checking
-	// To examine the maximum number of alowed logging target packets per minute
+	// To examine the maximum number of allowed logging target packets per minute
 	UINT64 MaxLoggedPacketsPerMinuteStartTick;	// Inspection start time
 	UINT CurrentNumPackets;				// Current number of packets
--- a/src/Cedar/VLanWin32.c
+++ b/src/Cedar/VLanWin32.c
@ -340,7 +340,7 @@ void RouteTrackingMain(SESSION *s)
 		UINT i;
 		bool route_to_server_erased = true;
 		bool is_vlan_want_to_be_default_gateway = false;
-		UINT vlan_default_gatewat_metric = 0;
+		UINT vlan_default_gateway_metric = 0;
 		UINT other_if_default_gateway_metric_min = INFINITE;
 		// Get whether the routing table have been changed
@ -383,10 +383,10 @@ void RouteTrackingMain(SESSION *s)
 				{
 					// The virtual LAN card think that he want to be a default gateway
 					is_vlan_want_to_be_default_gateway = true;
-					vlan_default_gatewat_metric = e->Metric;
+					vlan_default_gateway_metric = e->Metric;
-					if (vlan_default_gatewat_metric >= 2 &&
+					if (vlan_default_gateway_metric >= 2 &&
-						t->OldDefaultGatewayMetric == (vlan_default_gatewat_metric - 1))
+						t->OldDefaultGatewayMetric == (vlan_default_gateway_metric - 1))
 					{
 						// Restore because the PPP server rewrites
 						// the routing table selfishly
@ -408,7 +408,7 @@ void RouteTrackingMain(SESSION *s)
 					t->DefaultGatewayByVLan = ZeroMalloc(sizeof(ROUTE_ENTRY));
 					Copy(t->DefaultGatewayByVLan, e, sizeof(ROUTE_ENTRY));
-					t->OldDefaultGatewayMetric = vlan_default_gatewat_metric;
+					t->OldDefaultGatewayMetric = vlan_default_gateway_metric;
 				}
 				else
 				{
@ -509,10 +509,10 @@ void RouteTrackingMain(SESSION *s)
 		// there is no LAN card with smaller metric of 0.0.0.0/0 than
 		// the virtual LAN card, delete other default gateway entries
 		// to elect the virtual LAN card as the default gateway
-//		Debug("is_vlan_want_to_be_default_gateway = %u, rs = %u, route_to_server_erased = %u, other_if_default_gateway_metric_min = %u, vlan_default_gatewat_metric = %u\n",
+//		Debug("is_vlan_want_to_be_default_gateway = %u, rs = %u, route_to_server_erased = %u, other_if_default_gateway_metric_min = %u, vlan_default_gateway_metric = %u\n",
-//			is_vlan_want_to_be_default_gateway, rs, route_to_server_erased, other_if_default_gateway_metric_min, vlan_default_gatewat_metric);
+//			is_vlan_want_to_be_default_gateway, rs, route_to_server_erased, other_if_default_gateway_metric_min, vlan_default_gateway_metric);
 		if (is_vlan_want_to_be_default_gateway && (rs != NULL && route_to_server_erased == false) &&
-			other_if_default_gateway_metric_min >= vlan_default_gatewat_metric)
+			other_if_default_gateway_metric_min >= vlan_default_gateway_metric)
 		{
 			// Scan the routing table again
 			for (i = 0;i < table->NumEntry;i++)
--- a/src/Cedar/Virtual.c
+++ b/src/Cedar/Virtual.c
@ -436,7 +436,7 @@ void NnCombineIp(NATIVE_NAT *t, IP_COMBINE *c, UINT offset, void *data, UINT siz
 	if (last_packet)
 	{
-		// If No More Flagment packet arrives, the size of this datagram is finalized
+		// If No More Fragment packet arrives, the size of this datagram is finalized
 		c->Size = offset + size;
 	}
@ -1178,7 +1178,7 @@ void NnIpSendFragmentedForInternet(NATIVE_NAT *t, UCHAR ip_protocol, UINT src_ip
 	ip->TypeOfService = DEFAULT_IP_TOS;
 	ip->TotalLength = Endian16((USHORT)(size + IP_HEADER_SIZE));
 	ip->Identification = Endian16(id);
-	ip->FlagsAndFlagmentOffset[0] = ip->FlagsAndFlagmentOffset[1] = 0;
+	ip->FlagsAndFragmentOffset[0] = ip->FlagsAndFragmentOffset[1] = 0;
 	IPV4_SET_OFFSET(ip, (offset / 8));
 	if ((offset + size) >= total_size)
 	{
@ -7637,7 +7637,7 @@ void CombineIp(VH *v, IP_COMBINE *c, UINT offset, void *data, UINT size, bool la
 	if (last_packet)
 	{
-		// If No More Flagment packet arrives, the size of this datagram is finalized
+		// If No More Fragment packet arrives, the size of this datagram is finalized
 		c->Size = offset + size;
 	}
@ -8847,7 +8847,7 @@ void SendFragmentedIp(VH *v, UINT dest_ip, UINT src_ip, USHORT id, USHORT total_
 	ip->TypeOfService = DEFAULT_IP_TOS;
 	ip->TotalLength = Endian16((USHORT)(size + IP_HEADER_SIZE));
 	ip->Identification = Endian16(id);
-	ip->FlagsAndFlagmentOffset[0] = ip->FlagsAndFlagmentOffset[1] = 0;
+	ip->FlagsAndFragmentOffset[0] = ip->FlagsAndFragmentOffset[1] = 0;
 	IPV4_SET_OFFSET(ip, (offset / 8));
 	if ((offset + size) >= total_size)
 	{
@ -10306,12 +10306,12 @@ void GenMacAddress(UCHAR *mac)
 	Hash(hash, b->Buf, b->Size, true);
 	// Generate a MAC address
-	mac[0] = 0x00;
+	mac[0] = 0x5E;
-	mac[1] = 0xAC;		// AC hurray
+	mac[1] = hash[0];
-	mac[2] = hash[0];
+	mac[2] = hash[1];
-	mac[3] = hash[1];
+	mac[3] = hash[2];
-	mac[4] = hash[2];
+	mac[4] = hash[3];
-	mac[5] = hash[3];
+	mac[5] = hash[4];
 	FreeBuf(b);
 }
--- a/src/Cedar/WinUi.c
+++ b/src/Cedar/WinUi.c
@ -214,7 +214,7 @@ UINT UpdateConfigDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void
 		LoadUpdateUiSetting(u, &s);
 		Check(hWnd, S_ENABLE, s.DisableCheck == false);
-		Check(hWnd, S_DISBLE, s.DisableCheck);
+		Check(hWnd, S_DISABLE, s.DisableCheck);
 		DlgFont(hWnd, S_TITLE, 10, true);
 		FormatText(hWnd, S_TITLE, u->SoftwareTitle);
@ -246,7 +246,7 @@ UINT UpdateConfigDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void
 LABEL_CLOSE:
 		LoadUpdateUiSetting(u, &s);
-		s.DisableCheck = IsChecked(hWnd, S_DISBLE);
+		s.DisableCheck = IsChecked(hWnd, S_DISABLE);
 		if (s.DisableCheck)
 		{
--- a/src/Cedar/winpcap/Packet32.h
+++ b/src/Cedar/winpcap/Packet32.h
@ -306,7 +306,7 @@ struct _PACKET_OID_DATA {
    ULONG Oid;					///< OID code. See the Microsoft DDK documentation or the file ntddndis.h
 								///< for a complete list of valid codes.
    ULONG Length;				///< Length of the data field
-    UCHAR Data[1];				///< variable-lenght field that contains the information passed to or received 
+    UCHAR Data[1];				///< variable-length field that contains the information passed to or received 
 								///< from the adapter.
 }; 
 typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA;
@ -346,7 +346,7 @@ LONG PacketDumpRegistryKey(PCHAR KeyName, PCHAR FileName);
 #endif
 #endif
-/* We load dinamically the dag library in order link it only when it's present on the system */
+/* We load dynamically the dag library in order link it only when it's present on the system */
 #ifdef HAVE_DAG_API
 typedef dagc_t* (*dagc_open_handler)(const char *source, unsigned flags, char *ebuf);	///< prototype used to dynamically load the dag dll
 typedef void (*dagc_close_handler)(dagc_t *dagcfd);										///< prototype used to dynamically load the dag dll
--- a/src/Cedar/winpcap/pcap-bpf.h
+++ b/src/Cedar/winpcap/pcap-bpf.h
@ -445,7 +445,7 @@ struct bpf_version {
 * interface (irdaX), but not on a raw serial port.
 * Note the capture is done in "Linux-cooked" mode, so each packet include
 * a fake packet header (struct sll_header). This is because IrDA packet
- * decoding is dependant on the direction of the packet (incomming or
+ * decoding is dependant on the direction of the packet (incoming or
 * outgoing).
 * When/if other platform implement IrDA capture, we may revisit the
 * issue and define a real DLT_IRDA...
--- a/src/Cedar/winpcap/pcap-int.h
+++ b/src/Cedar/winpcap/pcap-int.h
@ -128,7 +128,7 @@ struct pcap_md {
 	\brief It keeps the number of packets that have been received by the application.
 	Packets dropped by the kernel buffer are not counted in this variable. The variable is always 
-	equal to (TotAccepted - TotDrops), exept for the case of remote capture, in which we have also
+	equal to (TotAccepted - TotDrops), except for the case of remote capture, in which we have also
 	packets in fligh, i.e. that have been transmitted by the remote host, but that have not been 
 	received (yet) from the client. In this case, (TotAccepted - TotDrops - TotNetDrops) gives a
 	wrong result, since this number does not corresponds always to the number of packet received by 
@ -228,7 +228,7 @@ struct pcap {
 	SOCKET rmt_sockctrl;		//!< socket ID of the socket used for the control connection
 	SOCKET rmt_sockdata;		//!< socket ID of the socket used for the data connection
 	int rmt_flags;				//!< we have to save flags, since they are passed by the pcap_open_live(), but they are used by the pcap_startcapture()
-	int rmt_capstarted;			//!< 'true' if the capture is already started (needed to knoe if we have to call the pcap_startcapture()
+	int rmt_capstarted;			//!< 'true' if the capture is already started (needed to know if we have to call the pcap_startcapture()
 	struct pcap_samp rmt_samp;	//!< Keeps the parameters related to the sampling process.
 	char *currentfilter;		//!< Pointer to a buffer (allocated at run-time) that stores the current filter. Needed when flag PCAP_OPENFLAG_NOCAPTURE_RPCAP is turned on.
 #endif /* HAVE_REMOTE */
--- a/src/Cedar/winpcap/pthread.h
+++ b/src/Cedar/winpcap/pthread.h
@ -543,7 +543,7 @@ enum {
  PTHREAD_SCOPE_SYSTEM		= 1,  /* Default */
 /*
- * pthread_setcancelstate paramters
+ * pthread_setcancelstate parameters
 */
  PTHREAD_CANCEL_ENABLE 	= 0,  /* Default */
  PTHREAD_CANCEL_DISABLE	= 1,
--- a/src/Cedar/winpcap/remote-ext.h
+++ b/src/Cedar/winpcap/remote-ext.h
@ -118,15 +118,15 @@ extern "C" {
 	- rpcap://devicename [opens the selected device devices available on the local host, without using the RPCAP protocol]
 	- rpcap://host/devicename [opens the selected device available on a remote host]
 	- rpcap://host:port/devicename [opens the selected device available on a remote host, using a non-standard port for RPCAP]
-	- adaptername [to open a local adapter; kept for compability, but it is strongly discouraged]
+	- adaptername [to open a local adapter; kept for compatibility, but it is strongly discouraged]
-	- (NULL) [to open the first local adapter; kept for compability, but it is strongly discouraged]
+	- (NULL) [to open the first local adapter; kept for compatibility, but it is strongly discouraged]
 	The formats allowed by the pcap_findalldevs_ex() are the following:
 	- file://folder/ [lists all the files in the given folder]
 	- rpcap:// [lists all local adapters]
 	- rpcap://host:port/ [lists the devices available on a remote host]
-	Referring to the 'host' and 'port' paramters, they can be either numeric or literal. Since
+	Referring to the 'host' and 'port' parameters, they can be either numeric or literal. Since
 	IPv6 is fully supported, these are the allowed formats:
 	- host (literal): e.g. host.foo.bar
@ -299,7 +299,7 @@ extern "C" {
 /*!
-	\brief This structure keeps the information needed to autheticate
+	\brief This structure keeps the information needed to authenticate
 	the user on a remote machine.
 	The remote machine can either grant or refuse the access according 
@ -371,7 +371,7 @@ struct pcap_samp
-//! Maximum lenght of an host name (needed for the RPCAP active mode)
+//! Maximum length of an host name (needed for the RPCAP active mode)
 #define RPCAP_HOSTLIST_SIZE 1024
--- a/src/Mayaqua/Cfg.c
+++ b/src/Mayaqua/Cfg.c
@ -296,7 +296,7 @@ CFG_RW *NewCfgRwEx2W(FOLDER **root, wchar_t *cfg_name, bool dont_backup, wchar_t
 			{
 				loaded_from_template = true;
-				goto LABEL_CONTIUNE;
+				goto LABEL_CONTINUE;
 			}
 		}
@ -311,7 +311,7 @@ CFG_RW *NewCfgRwEx2W(FOLDER **root, wchar_t *cfg_name, bool dont_backup, wchar_t
 		return rw;
 	}
-LABEL_CONTIUNE:
+LABEL_CONTINUE:
 	rw = ZeroMalloc(sizeof(CFG_RW));
 	rw->FileNameW = CopyUniStr(cfg_name);
 	rw->FileName = CopyUniToStr(cfg_name);
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@ -255,74 +255,6 @@ void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec,
 	Free(out2);
 }
 // Easy encryption
 BUF *EasyEncrypt(BUF *src_buf)
 {
 	UCHAR key[SHA1_SIZE];
 	BUF *tmp_data;
 	CRYPT *rc4;
 	BUF *ret;
 	// Validate arguments
 	if (src_buf == NULL)
 	{
 		return NULL;
 	}
 	Rand(key, SHA1_SIZE);
 	tmp_data = CloneBuf(src_buf);
 	rc4 = NewCrypt(key, SHA1_SIZE);
 	Encrypt(rc4, tmp_data->Buf, tmp_data->Buf, tmp_data->Size);
 	ret = NewBuf();
 	WriteBuf(ret, key, SHA1_SIZE);
 	WriteBufBuf(ret, tmp_data);
 	FreeCrypt(rc4);
 	FreeBuf(tmp_data);
 	SeekBufToBegin(ret);
 	return ret;
 }
 // Easy decryption
 BUF *EasyDecrypt(BUF *src_buf)
 {
 	UCHAR key[SHA1_SIZE];
 	BUF *tmp_buf;
 	CRYPT *rc4;
 	// Validate arguments
 	if (src_buf == NULL)
 	{
 		return NULL;
 	}
 	SeekBufToBegin(src_buf);
 	if (ReadBuf(src_buf, key, SHA1_SIZE) != SHA1_SIZE)
 	{
 		return NULL;
 	}
 	tmp_buf = ReadRemainBuf(src_buf);
 	if (tmp_buf == NULL)
 	{
 		return NULL;
 	}
 	rc4 = NewCrypt(key, SHA1_SIZE);
 	Encrypt(rc4, tmp_buf->Buf, tmp_buf->Buf, tmp_buf->Size);
 	FreeCrypt(rc4);
 	SeekBufToBegin(tmp_buf);
 	return tmp_buf;
 }
 // Calculation of HMAC (MD5)
 void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size)
 {
@ -666,62 +598,6 @@ void FreeCipher(CIPHER *c)
 	Free(c);
 }
 // Convert the buffer to the public key
 K *RsaBinToPublic(void *data, UINT size)
 {
 	RSA *rsa;
 	K *k;
 	BIO *bio;
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	BIGNUM *e, *n;
 #endif
 	// Validate arguments
 	if (data == NULL || size < 4)
 	{
 		return NULL;
 	}
 	rsa = RSA_new();
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	e = BN_new();
 	BN_set_word(e, RSA_F4);
 	n = BinToBigNum(data, size);
 	RSA_set0_key(rsa, n, e, NULL);
 #else
 	if (rsa->e != NULL)
 	{
 		BN_free(rsa->e);
 	}
 	rsa->e = BN_new();
 	BN_set_word(rsa->e, RSA_F4);
 	if (rsa->n != NULL)
 	{
 		BN_free(rsa->n);
 	}
 	rsa->n = BinToBigNum(data, size);
 #endif
 	bio = NewBio();
 	Lock(openssl_lock);
 	{
 		i2d_RSA_PUBKEY_bio(bio, rsa);
 	}
 	Unlock(openssl_lock);
 	BIO_seek(bio, 0);
 	k = BioToK(bio, false, false, NULL);
 	FreeBio(bio);
 	RSA_free(rsa);
 	return k;
 }
 // Convert the public key to a buffer
 BUF *RsaPublicToBuf(K *k)
 {
@ -767,27 +643,6 @@ BUF *RsaPublicToBuf(K *k)
 	return b;
 }
 // Convert the public key to a binary
 void RsaPublicToBin(K *k, void *data)
 {
 	BUF *b;
 	// Validate arguments
 	if (data == NULL)
 	{
 		return;
 	}
 	b = RsaPublicToBuf(k);
 	if (b == NULL)
 	{
 		return;
 	}
 	Copy(data, b->Buf, b->Size);
 	FreeBuf(b);
 }
 // Get public key size
 UINT RsaPublicSize(K *k)
 {
@ -970,19 +825,6 @@ void GetAllNameFromXEx(wchar_t *str, UINT size, X *x)
 	GetAllNameFromNameEx(str, size, x->subject_name);
 }
 void GetAllNameFromXExA(char *str, UINT size, X *x)
 {
 	wchar_t tmp[MAX_SIZE];
 	// Validate arguments
 	if (str == NULL || x == NULL)
 	{
 		return;
 	}
 	GetAllNameFromXEx(tmp, sizeof(tmp), x);
 	UniToStr(str, size, tmp);
 }
 // Get the display name from NAME
 void GetPrintNameFromName(wchar_t *str, UINT size, NAME *name)
@ -1058,18 +900,6 @@ void GetAllNameFromX(wchar_t *str, UINT size, X *x)
 	UniFormat(tmp3, sizeof(tmp3), L" (Digest: MD5=\"%S\", SHA1=\"%S\")", tmp1, tmp2);
 	UniStrCat(str, size, tmp3);
 }
 void GetAllNameFromA(char *str, UINT size, X *x)
 {
 	wchar_t tmp[MAX_SIZE];
 	// Validate arguments
 	if (str == NULL || x == NULL)
 	{
 		return;
 	}
 	GetAllNameFromX(tmp, sizeof(tmp), x);
 	UniToStr(str, size, tmp);
 }
 // Get the all name strings from NAME
 void GetAllNameFromName(wchar_t *str, UINT size, NAME *name)
@ -1321,13 +1151,6 @@ bool ParseP12(P12 *p12, X **x, K **k, char *password)
 }
 // Write the P12 to a file
 bool P12ToFile(P12 *p12, char *filename)
 {
 	wchar_t *filename_w = CopyStrToUni(filename);
 	bool ret = P12ToFileW(p12, filename_w);
 	return ret;
 }
 bool P12ToFileW(P12 *p12, wchar_t *filename)
 {
 	BUF *b;
@ -1355,15 +1178,6 @@ bool P12ToFileW(P12 *p12, wchar_t *filename)
 }
 // Read a P12 from the file
 P12 *FileToP12(char *filename)
 {
 	wchar_t *filename_w = CopyStrToUni(filename);
 	P12 *ret = FileToP12W(filename_w);
 	Free(filename_w);
 	return ret;
 }
 P12 *FileToP12W(wchar_t *filename)
 {
 	BUF *b;
@ -1520,33 +1334,6 @@ P12 *PKCS12ToP12(PKCS12 *pkcs12)
 	return p12;
 }
 // Convert a binary to a string
 char *ByteToStr(BYTE *src, UINT src_size)
 {
 	UINT size;
 	char *dst;
 	UINT i;
 	// Validate arguments
 	if (src == NULL)
 	{
 		return NULL;
 	}
 	size = MAX(src_size * 3, 1);
 	dst = Malloc(size);
 	dst[size - 1] = 0;
 	for (i = 0;i < src_size;i++)
 	{
 		char tmp[3];
 		Format(tmp, sizeof(tmp), "%02x", src[i]);
 		dst[i * 3 + 0] = tmp[0];
 		dst[i * 3 + 1] = tmp[1];
 		dst[i * 3 + 2] = ((i == (src_size - 1) ? 0 : ' '));
 	}
 	return dst;
 }
 // Release of X_SERIAL
 void FreeXSerial(X_SERIAL *serial)
 {
@ -2490,124 +2277,6 @@ bool HashForSign(void *dst, UINT dst_size, void *src, UINT src_size)
 	return true;
 }
 // Decrypt with the RSA public key
 bool RsaPublicDecrypt(void *dst, void *src, UINT size, K *k)
 {
 	void *tmp;
 	int ret;
 	// Validate arguments
 	if (src == NULL || size == 0 || k == NULL)
 	{
 		return false;
 	}
 	tmp = ZeroMalloc(size);
 	Lock(openssl_lock);
 	{
 		ret = RSA_public_decrypt(size, src, tmp, EVP_PKEY_get0_RSA(k->pkey), RSA_NO_PADDING);
 	}
 	Unlock(openssl_lock);
 	if (ret <= 0)
 	{
 /*		Debug("RSA Error: 0x%x\n",
 			ERR_get_error());
 */		Free(tmp);
 		return false;
 	}
 	Copy(dst, tmp, size);
 	Free(tmp);
 	return true;
 }
 // Encrypt with the RSA private key
 bool RsaPrivateEncrypt(void *dst, void *src, UINT size, K *k)
 {
 	void *tmp;
 	int ret;
 	// Validate arguments
 	if (src == NULL || size == 0 || k == NULL)
 	{
 		return false;
 	}
 	tmp = ZeroMalloc(size);
 	Lock(openssl_lock);
 	{
 		ret = RSA_private_encrypt(size, src, tmp, EVP_PKEY_get0_RSA(k->pkey), RSA_NO_PADDING);
 	}
 	Unlock(openssl_lock);
 	if (ret <= 0)
 	{
 /*		Debug("RSA Error: %u\n",
 			ERR_GET_REASON(ERR_get_error()));
 */		Free(tmp);
 		return false;
 	}
 	Copy(dst, tmp, size);
 	Free(tmp);
 	return true;
 }
 // Decrypt with the RSA private key
 bool RsaPrivateDecrypt(void *dst, void *src, UINT size, K *k)
 {
 	void *tmp;
 	int ret;
 	// Validate arguments
 	if (src == NULL || size == 0 || k == NULL)
 	{
 		return false;
 	}
 	tmp = ZeroMalloc(size);
 	Lock(openssl_lock);
 	{
 		ret = RSA_private_decrypt(size, src, tmp, EVP_PKEY_get0_RSA(k->pkey), RSA_NO_PADDING);
 	}
 	Unlock(openssl_lock);
 	if (ret <= 0)
 	{
 		return false;
 	}
 	Copy(dst, tmp, size);
 	Free(tmp);
 	return true;
 }
 // Encrypt with the RSA public key
 bool RsaPublicEncrypt(void *dst, void *src, UINT size, K *k)
 {
 	void *tmp;
 	int ret;
 	// Validate arguments
 	if (src == NULL || size == 0 || k == NULL)
 	{
 		return false;
 	}
 	tmp = ZeroMalloc(size);
 	Lock(openssl_lock);
 	{
 		ret = RSA_public_encrypt(size, src, tmp, EVP_PKEY_get0_RSA(k->pkey), RSA_NO_PADDING);
 	}
 	Unlock(openssl_lock);
 	if (ret <= 0)
 	{
 		return false;
 	}
 	Copy(dst, tmp, size);
 	Free(tmp);
 	return true;
 }
 // RSA operating environment check
 bool RsaCheckEx()
 {
@ -2759,10 +2428,6 @@ bool RsaGen(K **priv, K **pub, UINT bit)
 }
 // Confirm whether the certificate X is signed by the issuer of the certificate x_issuer
 bool CheckX(X *x, X *x_issuer)
 {
 	return CheckXEx(x, x_issuer, false, false);
 }
 bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date)
 {
 	K *k;
@ -3141,17 +2806,6 @@ bool XToFileW(X *x, wchar_t *filename, bool text)
 }
 // Read a K from the file
 K *FileToK(char *filename, bool private_key, char *password)
 {
 	wchar_t *filename_w = CopyStrToUni(filename);
 	K *ret;
 	ret = FileToKW(filename_w, private_key, password);
 	Free(filename_w);
 	return ret;
 }
 K *FileToKW(wchar_t *filename, bool private_key, char *password)
 {
 	bool text;
@ -3189,15 +2843,6 @@ K *FileToKW(wchar_t *filename, bool private_key, char *password)
 }
 // Save the K to a file
 bool KToFile(K *k, char *filename, bool text, char *password)
 {
 	wchar_t *filename_w = CopyStrToUni(filename);
 	bool ret = KToFileW(k, filename_w, text, password);
 	Free(filename_w);
 	return ret;
 }
 bool KToFileW(K *k, wchar_t *filename, bool text, char *password)
 {
 	BUF *b;
@ -3668,39 +3313,6 @@ X *BufToX(BUF *b, bool text)
 	return x;
 }
 // Create a new buffer by skipping the contents of the buffer to the specified string
 BUF *SkipBufBeforeString(BUF *b, char *str)
 {
 	char *tmp;
 	UINT tmp_size;
 	BUF *ret;
 	UINT i;
 	UINT offset = 0;
 	// Validate arguments
 	if (b == NULL || str == NULL)
 	{
 		return NULL;
 	}
 	tmp_size = b->Size + 1;
 	tmp = ZeroMalloc(tmp_size);
 	Copy(tmp, b->Buf, b->Size);
 	i = SearchStrEx(tmp, str, 0, false);
 	if (i != INFINITE)
 	{
 		offset = i;
 	}
 	ret = NewBuf();
 	WriteBuf(ret, ((UCHAR *)b->Buf) + offset, b->Size - offset);
 	SeekBuf(ret, 0, 0);
 	Free(tmp);
 	return ret;
 }
 // Get a digest of the X
 void GetXDigest(X *x, UCHAR *buf, bool sha1)
 {
@ -3979,12 +3591,6 @@ BIO *BufToBio(BUF *b)
 	return bio;
 }
 // 128-bit random number generation
 void Rand128(void *buf)
 {
 	Rand(buf, 16);
 }
 // 64-bit random number generation
 UINT64 Rand64()
 {
@ -4178,17 +3784,6 @@ void HashSha1(void *dst, void *src, UINT size)
 	SHA1(src, size, dst);
 }
 // SHA-256 specific hash function
 void HashSha256(void *dst, void *src, UINT size)
 {
 	// Validate arguments
 	if (dst == NULL || (size != 0 && src == NULL))
 	{
 		return;
 	}
 	SHA256(src, size, dst);
 }
 // Creating a new CRYPT object
 CRYPT *NewCrypt(void *key, UINT size)
 {
@ -4260,10 +3855,6 @@ void Sha1(void *dst, void *src, UINT size)
 	SHA1(src, size, dst);
 }
 void Sha1__(void *dst, void *src, UINT size) {
 	Sha(SHA1_160, dst, src, size);
 }
 void Sha2_256(void *dst, void *src, UINT size) {
 	Sha(SHA2_256, dst, src, size);
 }
@ -4287,24 +3878,6 @@ void Md5(void *dst, void *src, UINT size)
 }
 // 3DES encryption
 void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec)
 {
 	UCHAR ivec_copy[DES_IV_SIZE];
 	// Validate arguments
 	if (dest == NULL || src == NULL || size == 0 || key == NULL || ivec == NULL)
 	{
 		return;
 	}
 	Copy(ivec_copy, ivec, DES_IV_SIZE);
 	DES_ede3_cbc_encrypt(src, dest, size,
 		key->k1->KeySchedule,
 		key->k2->KeySchedule,
 		key->k3->KeySchedule,
 		(DES_cblock *)ivec_copy,
 		1);
 }
 void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec)
 {
 	UCHAR ivec_copy[DES_IV_SIZE];
@ -4343,24 +3916,6 @@ void DesEncrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec)
 }
 // 3DES decryption
 void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec)
 {
 	UCHAR ivec_copy[DES_IV_SIZE];
 	// Validate arguments
 	if (dest == NULL || src == NULL || size == 0 || key == NULL || ivec == NULL)
 	{
 		return;
 	}
 	Copy(ivec_copy, ivec, DES_IV_SIZE);
 	DES_ede3_cbc_encrypt(src, dest, size,
 		key->k1->KeySchedule,
 		key->k2->KeySchedule,
 		key->k3->KeySchedule,
 		(DES_cblock *)ivec_copy,
 		0);
 }
 void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec)
 {
 	UCHAR ivec_copy[DES_IV_SIZE];
@ -4430,30 +3985,6 @@ void DesDecrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec)
 		0);
 }
 // Generate a random 3DES key
 DES_KEY *Des3RandKey()
 {
 	DES_KEY *k = ZeroMalloc(sizeof(DES_KEY));
 	k->k1 = DesRandKeyValue();
 	k->k2 = DesRandKeyValue();
 	k->k3 = DesRandKeyValue();
 	return k;
 }
 // Generate a random DES key
 DES_KEY *DesRandKey()
 {
 	DES_KEY *k = ZeroMalloc(sizeof(DES_KEY));
 	k->k1 = DesRandKeyValue();
 	k->k2 = DesNewKeyValue(k->k1->KeyValue);
 	k->k3 = DesNewKeyValue(k->k1->KeyValue);
 	return k;
 }
 // Release the 3DES key
 void Des3FreeKey(DES_KEY *k)
 {
@ -4470,12 +4001,6 @@ void Des3FreeKey(DES_KEY *k)
 	Free(k);
 }
 // Release the DES key
 void DesFreeKey(DES_KEY *k)
 {
 	Des3FreeKey(k);
 }
 // Create a 3DES key
 DES_KEY *Des3NewKey(void *k1, void *k2, void *k3)
 {
@ -4495,12 +4020,6 @@ DES_KEY *Des3NewKey(void *k1, void *k2, void *k3)
 	return k;
 }
 // Create a DES key
 DES_KEY *DesNewKey(void *k1)
 {
 	return Des3NewKey(k1, k1, k1);
 }
 // Create a new DES key element
 DES_KEY_VALUE *DesNewKeyValue(void *value)
 {
@ -4717,21 +4236,6 @@ void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, voi
 }
 #endif	// USE_INTEL_AESNI_LIBRARY
 // Calculation of HMAC-SHA-1-96
 void MacSha196(void *dst, void *key, void *data, UINT data_size)
 {
 	UCHAR tmp[HMAC_SHA1_SIZE];
 	// Validate arguments
 	if (dst == NULL || key == NULL || data == NULL)
 	{
 		return;
 	}
 	MacSha1(tmp, key, HMAC_SHA1_96_KEY_SIZE, data, data_size);
 	Copy(dst, tmp, HMAC_SHA1_96_HASH_SIZE);
 }
 // Calculation of HMAC-SHA-1
 void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size)
 {
@ -4888,31 +4392,6 @@ DH_CTX *DhNewFromBits(UINT bits)
 	}
 }
 // Convert the DH parameters to file
 BUF *DhToBuf(DH_CTX *dh)
 {
 	BIO *bio;
 	BUF *buf = NULL;
 	int r;
 	// Validate arguments
 	if (dh == NULL)
 	{
 		return NULL;
 	}
 	bio = NewBio();
 	r = i2d_DHparams_bio(bio, dh->dh);
 	if (r > 1)
 	{
 		buf = BioToBuf(bio);
 	}
 	FreeBio(bio);
 	return buf;
 }
 // Creating a new DH
 DH_CTX *DhNew(char *prime, UINT g)
 {
--- a/src/Mayaqua/Encrypt.h
+++ b/src/Mayaqua/Encrypt.h
@ -374,12 +374,10 @@ void FreeCrypt(CRYPT *c);
 void Encrypt(CRYPT *c, void *dst, void *src, UINT size);
 void Hash(void *dst, void *src, UINT size, bool sha);
 void HashSha1(void *dst, void *src, UINT size);
 void HashSha256(void *dst, void *src, UINT size);
 void HashMd4(void *dst, void *src, UINT size);
 void HashMd4(void *dst, void *src, UINT size);
 void InitCryptLibrary();
 void Rand(void *buf, UINT size);
 void Rand128(void *buf);
 UINT HashToUINT(void *data, UINT size);
 UINT64 Rand64();
 UINT Rand32();
@ -394,7 +392,6 @@ BIO *NewBio();
 void FreeBio(BIO *bio);
 X *BioToX(BIO *bio, bool text);
 X *BufToX(BUF *b, bool text);
 BUF *SkipBufBeforeString(BUF *b, char *str);
 void FreeX509(X509 *x509);
 void FreeX(X *x);
 BIO *XToBio(X *x, bool text);
@ -412,9 +409,7 @@ X *FileToX(char *filename);
 X *FileToXW(wchar_t *filename);
 bool XToFile(X *x, char *filename, bool text);
 bool XToFileW(X *x, wchar_t *filename, bool text);
 K *FileToK(char *filename, bool private_key, char *password);
 K *FileToKW(wchar_t *filename, bool private_key, char *password);
 bool KToFile(K *k, char *filename, bool text, char *password);
 bool KToFileW(K *k, wchar_t *filename, bool text, char *password);
 bool CheckXandK(X *x, K *k);
 bool CompareX(X *x1, X *x2);
@ -427,7 +422,6 @@ bool CompareName(NAME *n1, NAME *n2);
 K *GetKFromX(X *x);
 bool CheckSignature(X *x, K *k);
 X *X509ToX(X509 *x509);
 bool CheckX(X *x, X *x_issuer);
 bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date);
 bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time);
 bool StrToSystem(SYSTEMTIME *s, char *str);
@ -451,7 +445,6 @@ UINT GetDaysUntil2038();
 UINT GetDaysUntil2038Ex();
 X_SERIAL *NewXSerial(void *data, UINT size);
 void FreeXSerial(X_SERIAL *serial);
 char *ByteToStr(BYTE *src, UINT src_size);
 P12 *BioToP12(BIO *bio);
 P12 *PKCS12ToP12(PKCS12 *pkcs12);
 P12 *BufToP12(BUF *b);
@ -459,9 +452,7 @@ BIO *P12ToBio(P12 *p12);
 BUF *P12ToBuf(P12 *p12);
 void FreePKCS12(PKCS12 *pkcs12);
 void FreeP12(P12 *p12);
 P12 *FileToP12(char *filename);
 P12 *FileToP12W(wchar_t *filename);
 bool P12ToFile(P12 *p12, char *filename);
 bool P12ToFileW(P12 *p12, wchar_t *filename);
 bool ParseP12(P12 *p12, X **x, K **k, char *password);
 bool IsEncryptedP12(P12 *p12);
@ -473,11 +464,9 @@ void GetPrintNameFromX(wchar_t *str, UINT size, X *x);
 void GetPrintNameFromXA(char *str, UINT size, X *x);
 void GetPrintNameFromName(wchar_t *str, UINT size, NAME *name);
 void GetAllNameFromX(wchar_t *str, UINT size, X *x);
 void GetAllNameFromA(char *str, UINT size, X *x);
 void GetAllNameFromName(wchar_t *str, UINT size, NAME *name);
 void GetAllNameFromNameEx(wchar_t *str, UINT size, NAME *name);
 void GetAllNameFromXEx(wchar_t *str, UINT size, X *x);
 void GetAllNameFromXExA(char *str, UINT size, X *x);
 BUF *BigNumToBuf(const BIGNUM *bn);
 BIGNUM *BinToBigNum(void *data, UINT size);
 X_SERIAL *CloneXSerial(X_SERIAL *src);
@ -489,32 +478,20 @@ NAME *CopyName(NAME *n);
 bool RsaGen(K **priv, K **pub, UINT bit);
 bool RsaCheck();
 bool RsaCheckEx();
 bool RsaPublicEncrypt(void *dst, void *src, UINT size, K *k);
 bool RsaPrivateDecrypt(void *dst, void *src, UINT size, K *k);
 bool RsaPrivateEncrypt(void *dst, void *src, UINT size, K *k);
 bool RsaPublicDecrypt(void *dst, void *src, UINT size, K *k);
 bool RsaSign(void *dst, void *src, UINT size, K *k);
 bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits);
 bool HashForSign(void *dst, UINT dst_size, void *src, UINT src_size);
 bool RsaVerify(void *data, UINT data_size, void *sign, K *k);
 bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits);
 UINT RsaPublicSize(K *k);
 void RsaPublicToBin(K *k, void *data);
 BUF *RsaPublicToBuf(K *k);
 K *RsaBinToPublic(void *data, UINT size);
 DES_KEY_VALUE *DesNewKeyValue(void *value);
 DES_KEY_VALUE *DesRandKeyValue();
 void DesFreeKeyValue(DES_KEY_VALUE *v);
 DES_KEY *Des3NewKey(void *k1, void *k2, void *k3);
 void Des3FreeKey(DES_KEY *k);
 DES_KEY *DesNewKey(void *k1);
 void DesFreeKey(DES_KEY *k);
 DES_KEY *Des3RandKey();
 DES_KEY *DesRandKey();
 void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec);
 void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec);
 void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec);
 void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec);
 void Sha(UINT sha_type, void *dst, void *src, UINT size);
 void Sha1(void *dst, void *src, UINT size);
@ -524,7 +501,6 @@ void Sha2_512(void *dst, void *src, UINT size);
 void Md5(void *dst, void *src, UINT size);
 void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
 void MacSha196(void *dst, void *key, void *data, UINT data_size);
 void DesEncrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec);
 void DesDecrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec);
 void DesEcbEncrypt(void *dst, void *src, void *key_7bytes);
@ -540,7 +516,6 @@ DH_CTX *DhNew4096();
 DH_CTX *DhNewFromBits(UINT bits);
 DH_CTX *DhNew(char *prime, UINT g);
 void DhFree(DH_CTX *dh);
 BUF *DhToBuf(DH_CTX *dh);
 AES_KEY_VALUE *AesNewKey(void *data, UINT size);
 void AesFreeKey(AES_KEY_VALUE *k);
@ -576,9 +551,6 @@ void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec,
 void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size);
 void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size);
 BUF *EasyEncrypt(BUF *src_buf);
 BUF *EasyDecrypt(BUF *src_buf);
 void DisableIntelAesAccel();
 int GetSslClientCertIndex();
--- a/src/Mayaqua/FileIO.c
+++ b/src/Mayaqua/FileIO.c
@ -1463,7 +1463,7 @@ void GetExeNameW(wchar_t *name, UINT size)
 	UniStrCpy(name, size, exe_file_name_w);
 }
-// Initialization of the aquisition of the EXE file name
+// Initialization of the acquisition of the EXE file name
 void InitGetExeName(char *arg)
 {
 	wchar_t *arg_w = NULL;
--- a/src/Mayaqua/Kernel.c
+++ b/src/Mayaqua/Kernel.c
@ -423,7 +423,7 @@ void AddThreadToThreadList(LIST *o, THREAD *t)
 }
 // Maintain thread list
-void MainteThreadList(LIST *o)
+void MaintainThreadList(LIST *o)
 {
 	UINT i;
 	LIST *delete_list = NULL;
--- a/src/Mayaqua/Kernel.h
+++ b/src/Mayaqua/Kernel.h
@ -274,7 +274,7 @@ UINT DoNothing();
 LIST *NewThreadList();
 void AddThreadToThreadList(LIST *o, THREAD *t);
 void DelThreadFromThreadList(LIST *o, THREAD *t);
-void MainteThreadList(LIST *o);
+void MaintainThreadList(LIST *o);
 void FreeThreadList(LIST *o);
 void StopThreadList(LIST *o);
 void WaitAllThreadsWillBeStopped(LIST *o);
--- a/src/Mayaqua/MayaType.h
+++ b/src/Mayaqua/MayaType.h
@ -254,6 +254,14 @@ typedef int (COMPARE)(void *p1, void *p2);
 // Type declaration
 // 
 // PID type
 #ifdef OS_UNIX
 typedef int PID;
 #endif // OS_UNIX
 #ifdef OS_WIN32
 typedef unsigned long PID;
 #endif // WINDOWS_H
 // bool type
 #ifndef	WINDOWS_H
 typedef	unsigned int		BOOL;
--- a/src/Mayaqua/Mayaqua.c
+++ b/src/Mayaqua/Mayaqua.c
@ -552,7 +552,7 @@ void InitMayaqua(bool memcheck, bool debug, int argc, char **argv)
 	// Initialize the network communication module
 	InitNetwork();
-	// Initialization of the aquisition of the EXE file name
+	// Initialization of the acquisition of the EXE file name
 	InitGetExeName(argc >= 1 ? argv[0] : NULL);
 	// Initialization of the command line string
--- a/src/Mayaqua/Memory.c
+++ b/src/Mayaqua/Memory.c
@ -778,7 +778,7 @@ void AddCandidate(LIST *o, wchar_t *str, UINT num_max)
 }
 // Comparison of candidates
-int ComapreCandidate(void *p1, void *p2)
+int CompareCandidate(void *p1, void *p2)
 {
 	CANDIDATE *c1, *c2;
 	if (p1 == NULL || p2 == NULL)
@ -828,7 +828,7 @@ void FreeCandidateList(LIST *o)
 // Creating a new candidate list
 LIST *NewCandidateList()
 {
-	return NewList(ComapreCandidate);
+	return NewList(CompareCandidate);
 }
 // Fill a range of memory
@ -1968,7 +1968,7 @@ bool IsInt64InList(LIST *o, UINT64 i)
 	return false;
 }
-// Remove all int from the interger list
+// Remove all int from the integer list
 void DelAllInt(LIST *o)
 {
 	UINT i;
--- a/src/Mayaqua/Memory.h
+++ b/src/Mayaqua/Memory.h
@ -265,7 +265,7 @@ UINT PRandInt(PRAND *p);
 LIST *NewCandidateList();
 void FreeCandidateList(LIST *o);
-int ComapreCandidate(void *p1, void *p2);
+int CompareCandidate(void *p1, void *p2);
 void AddCandidate(LIST *o, wchar_t *str, UINT num_max);
 BUF *CandidateToBuf(LIST *o);
 LIST *BufToCandidate(BUF *b);
--- a/src/Mayaqua/Microsoft.c
+++ b/src/Mayaqua/Microsoft.c
@ -3976,7 +3976,7 @@ void *MsLoadLibraryAsDataFile(char *name)
 	return MsLoadLibraryAsDataFileW(name_w);
 }
-// Simple LoadLibaray
+// Simple LoadLibrary
 void *MsLoadLibraryRawW(wchar_t *name)
 {
 	// Validate arguments
@ -6602,7 +6602,7 @@ UINT MsService(char *name, SERVICE_FUNCTION *start, SERVICE_FUNCTION *stop, UINT
 			mode == SVC_MODE_STOP || mode == SVC_MODE_SERVICE) &&
 			(ms->IsAdmin == false))
 		{
-			// Do not have Administrators privillage
+			// Do not have Administrators privilege
 			MsgBox(NULL, MB_ICONEXCLAMATION, _UU("SVC_NOT_ADMIN"));
 		}
 		else
@ -6970,7 +6970,7 @@ UINT MsService(char *name, SERVICE_FUNCTION *start, SERVICE_FUNCTION *stop, UINT
 			case SVC_MODE_SERVICE:
 				// Run as a service
-				// Obsolated (2012.12.31) (Do this in the above code)
+				// Obsoleted (2012.12.31) (Do this in the above code)
 				//MsServiceMode(start, stop);
 				break;
@ -7346,7 +7346,7 @@ bool MsIsRemoteDesktopEnabled()
 }
 // Examine whether the remote desktop becomes available by registry operation
-bool MsIsRemoteDesktopCanEnableByRegistory()
+bool MsIsRemoteDesktopCanEnableByRegistry()
 {
 	OS_INFO *info = GetOsInfo();
 	if (MsIsRemoteDesktopAvailable() == false)
@ -10421,12 +10421,12 @@ void MsGenMacAddress(UCHAR *mac)
 	Hash(hash, hash_src, sizeof(hash_src), true);
-	mac[0] = 0x00;
+	mac[0] = 0x5E;
-	mac[1] = 0xAC;
+	mac[1] = hash[0];
-	mac[2] = hash[0];
+	mac[2] = hash[1];
-	mac[3] = hash[1];
+	mac[3] = hash[2];
-	mac[4] = hash[2];
+	mac[4] = hash[3];
-	mac[5] = hash[3];
+	mac[5] = hash[4];
 }
 // Finish the driver installation
@ -11926,7 +11926,7 @@ TOKEN_LIST *MsEnumNeoDriverFilenames()
 	for (i = 0;i < neos->NumTokens;i++)
 	{
 		char filename[MAX_PATH];
-		if (MsGetNeoDeiverFilename(filename, sizeof(filename), neos->Token[i]))
+		if (MsGetNeoDriverFilename(filename, sizeof(filename), neos->Token[i]))
 		{
 			Add(o, CopyStr(filename));
 		}
@ -11941,7 +11941,7 @@ TOKEN_LIST *MsEnumNeoDriverFilenames()
 }
 // Get the driver file name of Neo
-bool MsGetNeoDeiverFilename(char *name, UINT size, char *instance_name)
+bool MsGetNeoDriverFilename(char *name, UINT size, char *instance_name)
 {
 	char tmp[MAX_SIZE];
 	char *ret;
--- a/src/Mayaqua/Microsoft.h
+++ b/src/Mayaqua/Microsoft.h
@ -764,7 +764,7 @@ bool MsCheckLogon(wchar_t *username, char *password);
 bool MsIsPasswordEmpty(wchar_t *username);
 TOKEN_LIST *MsEnumNetworkAdapters(char *start_with_name, char *start_with_name_2);
 TOKEN_LIST *MsEnumNetworkAdaptersNeo();
-bool MsGetNeoDeiverFilename(char *name, UINT size, char *instance_name);
+bool MsGetNeoDriverFilename(char *name, UINT size, char *instance_name);
 bool MsMakeNewNeoDriverFilename(char *name, UINT size);
 void MsGenerateNeoDriverFilenameFromInt(char *name, UINT size, UINT n);
 TOKEN_LIST *MsEnumNeoDriverFilenames();
@ -1052,7 +1052,7 @@ UINT64 MsGetScreenSaverTimeout();
 void *MsNoSleepStart(bool no_screensaver);
 void MsNoSleepEnd(void *p);
 bool MsIsRemoteDesktopAvailable();
-bool MsIsRemoteDesktopCanEnableByRegistory();
+bool MsIsRemoteDesktopCanEnableByRegistry();
 bool MsIsRemoteDesktopEnabled();
 bool MsEnableRemoteDesktop();
--- a/src/Mayaqua/Network.c
+++ b/src/Mayaqua/Network.c
@ -7289,7 +7289,7 @@ void IPToStr6Inner(char *str, IP *ip)
 		values[i] = Endian16(values[i]);
 	}
-	// Search for omitable part
+	// Search for omittable part
 	zero_started_index = INFINITE;
 	max_zero_len = 0;
 	max_zero_start = INFINITE;
@ -20735,7 +20735,7 @@ UINT GetUdpListenerPortList(UDPLISTENER *u, UINT **port_list)
 	return num_ports;
 }
-// Dekete all the UDP ports
+// Delete all the UDP ports
 void DeleteAllPortFromUdpListener(UDPLISTENER *u)
 {
 	// Validate arguments
@ -22144,7 +22144,7 @@ bool PostHttp(SOCK *s, HTTP_HEADER *header, void *post_data, UINT post_size)
 		return false;
 	}
-	// Check whether the Content-Lentgh exists?
+	// Check whether the Content-Length exists?
 	if (GetHttpValue(header, "Content-Length") == NULL)
 	{
 		char tmp[MAX_SIZE];
--- a/Show More
+++ b/Show More