diff --git a/DISCLAIMER.md b/DISCLAIMER.md index 8739dcf9..dc4608e8 100644 --- a/DISCLAIMER.md +++ b/DISCLAIMER.md @@ -42,7 +42,7 @@ RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT JUST A STATEMENT FOR WARNING AND DISCLAIMER. -READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. +READ AND UNDERSTAND THE ['WARNING.TXT'](src/WARNING.TXT) FILE BEFORE USING THIS SOFTWARE. SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE -WITH LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE. +WITH LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE ['THIRD_PARTY.TXT'](src/THIRD_PARTY.TXT) FILE. diff --git a/LICENSE b/LICENSE index a93edd01..bf65f661 100644 --- a/LICENSE +++ b/LICENSE @@ -70,9 +70,9 @@ STATEMENT FOR WARNING AND DISCLAIMER. THE FOLLOWING GPLV2 CONDITIONS APPLY ON ALL SOFTETHER VPN PROGRAMS WHICH ARE DEVELOPED BY SOFTETHER VPN PROJECT. -READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. +READ AND UNDERSTAND THE 'src/WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH -LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE. +LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'src/THIRD_PARTY.TXT' FILE. GNU GENERAL PUBLIC LICENSE Version 2, June 1991 @@ -339,7 +339,7 @@ DAMAGES. END OF TERMS AND CONDITIONS -READ AND UNDERSTAND THE 'WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. +READ AND UNDERSTAND THE 'src/WARNING.TXT' FILE BEFORE USING THIS SOFTWARE. SOME SOFTWARE PROGRAMS FROM THIRD PARTIES ARE INCLUDED ON THIS SOFTWARE WITH -LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'THIRD_PARTY.TXT' FILE. +LICENSE CONDITIONS WHICH ARE DESCRIBED ON THE 'src/THIRD_PARTY.TXT' FILE. diff --git a/README.md b/README.md index 1c7a07a9..91e491c5 100644 --- a/README.md +++ b/README.md @@ -132,7 +132,6 @@ There are two flavours of SoftEtherVPN source code: 1. Unstable. Found under https://github.com/SoftEtherVPN/SoftEtherVPN 2. Stable. Found under https://github.com/SoftEtherVPN/SoftEtherVPN_Stable - # TO CIRCUMVENT YOUR GOVERNMENT'S FIREWALL RESTRICTION Because SoftEther VPN is overly strong tool to build a VPN tunnel, diff --git a/THIRD_PARTY.TXT b/THIRD_PARTY.TXT deleted file mode 100644 index 6846f45e..00000000 --- a/THIRD_PARTY.TXT +++ /dev/null @@ -1,724 +0,0 @@ -BitVisor(R) VPN Client Module (IPsec Driver): -Copyright (c) 2007, 2008 University of Tsukuba. -Copyright (C) 2007, 2008 National Institute of Information and Communications -Technology. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. -3. Neither the name of the University of Tsukuba nor the names of its -contributors may be used to endorse or promote products derived from this -software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -------------------- - -Microsoft(R) C Runtime Library: -(c) 2007 Microsoft Corporation. All Rights Reserved. - -------------------- - -RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki): - -License to copy and use this software is granted provided that it is -identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface -(Cryptoki)" in all material mentioning or referencing this software. - -License is also granted to make and use derivative works provided that such -works are identified as "derived from the RSA Security Inc. PKCS #11 -Cryptographic Token Interface (Cryptoki)" in all material mentioning or -referencing the derived work. - -RSA Security Inc. makes no representations concerning either the -merchantability of this software or the suitability of this software for any -particular purpose. It is provided "as is" without express or implied warranty -of any kind. - -------------------- - -WinPcap: -Copyright (c) 2001 - 2003 NetGroup, Politecnico di Torino (Italy) -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. -3. Neither the name of the Politecnico di Torino nor the names of its -contributors may be used to endorse or promote products derived from this -software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY -OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, -EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -------------------- - -libedit: -Copyright (c) 1992, 1993 The Regents of the University of California. All -rights reserved. - -This code is derived from software contributed to Berkeley by Christos Zoulas -of Cornell University. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: -1. Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. -3. Neither the name of the University nor the names of its contributors may be -used to endorse or promote products derived from this software without -specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY -EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -------------------- - -libiconv: - - GNU LIBRARY GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - Everyone is permitted to copy and distribute verbatim copies of this license -document, but changing it is not allowed. - -[This is the first released version of the library GPL. It is - numbered 2 because it goes with version 2 of the ordinary GPL.] - - Preamble - - The licenses for most software are designed to take away your freedom to -share and change it. By contrast, the GNU General Public Licenses are intended -to guarantee your freedom to share and change free software--to make sure the -software is free for all its users. - - This license, the Library General Public License, applies to some specially -designated Free Software Foundation software, and to any other libraries whose -authors decide to use it. You can use it for your libraries, too. - - When we speak of free software, we are referring to freedom, not price. Our -General Public Licenses are designed to make sure that you have the freedom to -distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new free -programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid anyone to -deny you these rights or to ask you to surrender the rights. These -restrictions translate to certain responsibilities for you if you distribute -copies of the library, or if you modify it. - - For example, if you distribute copies of the library, whether gratis or for -a fee, you must give the recipients all the rights that we gave you. You must -make sure that they, too, receive or can get the source -code. If you link a program with the library, you must provide complete object -files to the recipients so that they can relink them with the library, after -making changes to the library and recompiling it. And you must show them these -terms so they know their rights. - - Our method of protecting your rights has two steps: (1) copyright the -library, and (2) offer you this license which gives you legal permission to -copy, distribute and/or modify the library. - - Also, for each distributor's protection, we want to make certain that -everyone understands that there is no warranty for this free library. If the -library is modified by someone else and passed on, we want its recipients to -know that what they have is not the original version, so that any problems -introduced by others will not reflect on the original authors' reputations. - - Finally, any free program is threatened constantly by software patents. We -wish to avoid the danger that companies distributing free software will -individually obtain patent licenses, thus in effect transforming the program -into proprietary software. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - Most GNU software, including some libraries, is covered by the ordinary GNU -General Public License, which was designed for utility programs. This license, -the GNU Library General Public License, applies to certain designated -libraries. This license is quite different from the ordinary one; be sure to -read it in full, and don't assume that anything in it is the same as in the -ordinary license. - - The reason we have a separate public license for some libraries is that they -blur the distinction we usually make between modifying or adding to a program -and simply using it. Linking a program with a library, without changing the -library, is in some sense simply using the library, and is analogous to -running a utility program or application program. However, in a textual and -legal sense, the linked executable is a combined work, a derivative of the -original library, and the ordinary General Public License treats it as such. - - Because of this blurred distinction, using the ordinary General Public -License for libraries did not effectively promote software sharing, because -most developers did not use the libraries. We concluded that weaker conditions -might promote sharing better. - - However, unrestricted linking of non-free programs would deprive the users -of those programs of all benefit from the free status of the libraries -themselves. This Library General Public License is intended to -permit developers of non-free programs to use free libraries, while preserving -your freedom as a user of such programs to change the free libraries that are -incorporated in them. (We have not seen how to achieve this as regards changes -in header files, but we have achieved it as regards changes in the actual -functions of the Library.) The hope is that this will lead to faster -development of free libraries. - - The precise terms and conditions for copying, distribution and modification -follow. Pay close attention to the difference between a "work based on the -library" and a "work that uses the library". The former contains code derived -from the library, while the latter only works together with the library. - - Note that it is possible for a library to be covered by the ordinary General -Public License rather than by this special one. - - GNU LIBRARY GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License Agreement applies to any software library which contains a -notice placed by the copyright holder or other authorized party saying it may -be distributed under the terms of this Library -General Public License (also called "this License"). Each licensee is -addressed as "you". - - A "library" means a collection of software functions and/or data prepared so -as to be conveniently linked with application programs (which use some of -those functions and data) to form executables. - - The "Library", below, refers to any such software library or work which has -been distributed under these terms. A "work based on the Library" means either -the Library or any derivative work under copyright law: that is to say, a work -containing the Library or a portion of it, either verbatim or with -modifications and/or translated straightforwardly into another language. -(Hereinafter, translation is included without limitation in the term -"modification".) - - "Source code" for a work means the preferred form of the work for making -modifications to it. For a library, complete source code means all the source -code for all modules it contains, plus any associated interface definition -files, plus the scripts used to control compilation and installation of the -library. - - Activities other than copying, distribution and modification are not covered -by this License; they are outside its scope. The act of running a program -using the Library is not restricted, and output from such a program is covered -only if its contents constitute a work based on the Library (independent of -the use of the Library in a tool for writing it). Whether that is true depends -on what the Library does and what the program that uses the Library does. - - 1. You may copy and distribute verbatim copies of the Library's complete -source code as you receive it, in any medium, provided that you conspicuously -and appropriately publish on each copy an appropriate copyright notice and -disclaimer of warranty; keep intact all the notices that refer to this License -and to the absence of any warranty; and distribute a copy of this License -along with the Library. - - You may charge a fee for the physical act of transferring a copy, and you -may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Library or any portion of it, -thus forming a work based on the Library, and copy and distribute such -modifications or work under the terms of Section 1 above, provided that you -also meet all of these conditions: - - a) The modified work must itself be a software library. - - b) You must cause the files modified to carry prominent notices stating -that you changed the files and the date of any change. - - c) You must cause the whole of the work to be licensed at no charge to all -third parties under the terms of this License. - - d) If a facility in the modified Library refers to a function or a table -of data to be supplied by an application program that uses the facility, other -than as an argument passed when the facility is invoked, then you must make a -good faith effort to ensure that, in the event an application does not supply -such function or table, the facility still operates, and performs whatever -part of its purpose remains meaningful. - - (For example, a function in a library to compute square roots has a -purpose that is entirely well-defined independent of the application. -Therefore, Subsection 2d requires that any application-supplied function or -table used by this function must be optional: if the application does not -supply it, the square root function must still compute square roots.) - -These requirements apply to the modified work as a whole. If identifiable -sections of that work are not derived from the Library, and can be reasonably -considered independent and separate works in themselves, then this License, -and its terms, do not apply to those sections when you distribute them as -separate works. But when you distribute the same sections as part of a whole -which is a work based on the Library, the distribution of the whole must be on -the terms of this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest your -rights to work written entirely by you; rather, the intent is to exercise the -right to control the distribution of derivative or collective works based on -the Library. - -In addition, mere aggregation of another work not based on the Library with -the Library (or with a work based on the Library) on a volume of a storage or -distribution medium does not bring the other work under the scope of this -License. - - 3. You may opt to apply the terms of the ordinary GNU General Public -License instead of this License to a given copy of the Library. To do this, -you must alter all the notices that refer to this License, so that they refer -to the ordinary GNU General Public License, version 2, instead of to this -License. (If a newer version than version 2 of the ordinary GNU General Public -License has appeared, then you can specify that version instead if you wish.) -Do not make any other change in these notices. - - Once this change is made in a given copy, it is irreversible for that copy, -so the ordinary GNU General Public License applies to all subsequent copies -and derivative works made from that copy. - - This option is useful when you wish to copy part of the code of the Library -into a program that is not a library. - - 4. You may copy and distribute the Library (or a portion or derivative of -it, under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you accompany it with the complete -corresponding machine-readable source code, which must be distributed under -the terms of Sections 1 and 2 above on a medium customarily used for software -interchange. - - If distribution of object code is made by offering access to copy from a -designated place, then offering equivalent access to copy the source code from -the same place satisfies the requirement to distribute the source code, even -though third parties are not compelled to copy the source along with the -object code. - - 5. A program that contains no derivative of any portion of the Library, but -is designed to work with the Library by being compiled or linked with it, is -called a "work that uses the Library". Such a work, in isolation, is not a -derivative work of the Library, and therefore falls outside the scope of this -License. - - However, linking a "work that uses the Library" with the Library creates an -executable that is a derivative of the Library (because it contains portions -of the Library), rather than a "work that uses the library". The executable is -therefore covered by this License. -Section 6 states terms for distribution of such executables. - - When a "work that uses the Library" uses material from a header file that is -part of the Library, the object code for the work may be a derivative work of -the Library even though the source code is not. -Whether this is true is especially significant if the work can be linked -without the Library, or if the work is itself a library. The threshold for -this to be true is not precisely defined by law. - - If such an object file uses only numerical parameters, data structure -layouts and accessors, and small macros and small inline functions (ten lines -or less in length), then the use of the object file is unrestricted, -regardless of whether it is legally a derivative work. (Executables containing -this object code plus portions of the Library will still fall under Section -6.) - - Otherwise, if the work is a derivative of the Library, you may distribute -the object code for the work under the terms of Section 6. Any executables -containing that work also fall under Section 6, whether or not they are linked -directly with the Library itself. - - 6. As an exception to the Sections above, you may also compile or link a -"work that uses the Library" with the Library to produce a work containing -portions of the Library, and distribute that work under terms of your choice, -provided that the terms permit modification of the work for the customer's own -use and reverse engineering for debugging such modifications. - - You must give prominent notice with each copy of the work that the Library -is used in it and that the Library and its use are covered by this License. -You must supply a copy of this License. If the work during execution displays -copyright notices, you must include the copyright notice for the Library among -them, as well as a reference directing the user to the copy of this License. -Also, you must do one of these things: - - a) Accompany the work with the complete corresponding machine-readable -source code for the Library including whatever changes were used in the work -(which must be distributed under Sections 1 and 2 above) ; and, if the work is -an executable linked with the Library, with the complete machine-readable -"work that uses the Library", as object code and/or source code, so that the -user can modify the Library and then relink to produce a modified executable -containing the modified Library. (It is understood that the user who changes -the contents of definitions files in the Library will not necessarily be able -to recompile the application to use the modified definitions.) - - b) Accompany the work with a written offer, valid for at least three -years, to give the same user the materials specified in Subsection 6a, above, -for a charge no more than the cost of performing this distribution. - - c) If distribution of the work is made by offering access to copy from a -designated place, offer equivalent access to copy the above specified -materials from the same place. - - d) Verify that the user has already received a copy of these materials or -that you have already sent this user a copy. - - For an executable, the required form of the "work that uses the Library" -must include any data and utility programs needed for reproducing the -executable from it. However, as a special exception, the source code -distributed need not include anything that is normally distributed (in either -source or binary form) with the major components (compiler, kernel, and so on) -of the operating system on which the executable runs, unless that component -itself accompanies the executable. - - It may happen that this requirement contradicts the license restrictions of -other proprietary libraries that do not normally accompany the operating -system. Such a contradiction means you cannot use both them and the Library -together in an executable that you distribute. - - 7. You may place library facilities that are a work based on the Library -side-by-side in a single library together with other library facilities not -covered by this License, and distribute such a combined library, provided that -the separate distribution of the work based on the Library and of the other -library facilities is otherwise permitted, and provided that you do these two -things: - - a) Accompany the combined library with a copy of the same work based on -the Library, uncombined with any other library facilities. This must be -distributed under the terms of the Sections above. - - b) Give prominent notice with the combined library of the fact that part -of it is a work based on the Library, and explaining where to find the -accompanying uncombined form of the same work. - - 8. You may not copy, modify, sublicense, link with, or distribute the -Library except as expressly provided under this License. Any attempt otherwise -to copy, modify, sublicense, link with, or distribute the Library is void, and -will automatically terminate your rights under this License. However, parties -who have received copies, or rights, from you under this License will not have -their licenses terminated so long as such parties remain in full compliance. - - 9. You are not required to accept this License, since you have not signed -it. However, nothing else grants you permission to modify or distribute the -Library or its derivative works. These actions are prohibited by law if you do -not accept this License. Therefore, by modifying or distributing the Library -(or any work based on the Library), you indicate your acceptance of this -License to do so, and all its terms and conditions for copying, distributing -or modifying the Library or works based on it. - - 10. Each time you redistribute the Library (or any work based on the -Library), the recipient automatically receives a license from the original -licensor to copy, distribute, link with or modify the Library subject to these -terms and conditions. You may not impose any further restrictions on the -recipients' exercise of the rights granted herein. You are not responsible for -enforcing compliance by third parties to this License. - - 11. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or otherwise) -that contradict the conditions of this License, they do not excuse you from -the conditions of this License. If you cannot distribute so as to satisfy -simultaneously your obligations under this License and any other pertinent -obligations, then as a consequence you may not distribute the Library at all. -For example, if a patent license would not permit royalty-free redistribution -of the Library by all those who receive copies directly or indirectly through -you, then the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Library. - -If any portion of this section is held invalid or unenforceable under any -particular circumstance, the balance of the section is intended to apply, and -the section as a whole is intended to apply in other circumstances. - -It is not the purpose of this section to induce you to infringe any patents or -other property right claims or to contest validity of any such claims; this -section has the sole purpose of protecting the integrity of the free software -distribution system which is implemented by public license practices. Many -people have made generous contributions to the wide range of software -distributed through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing to -distribute software through any other system and a licensee cannot impose that -choice. - -This section is intended to make thoroughly clear what is believed to be a -consequence of the rest of this License. - - 12. If the distribution and/or use of the Library is restricted in certain -countries either by patents or by copyrighted interfaces, the original -copyright holder who places the Library under this License may add an explicit -geographical distribution limitation excluding those countries, so that -distribution is permitted only in or among countries not thus excluded. In -such case, this License incorporates the limitation as if written in the body -of this License. - - 13. The Free Software Foundation may publish revised and/or new versions of -the Library General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Library -specifies a version number of this License which applies to it and "any later -version", you have the option of following the terms and conditions either of -that version or of any later version published by the Free Software -Foundation. If the Library does not specify a license version number, you may -choose any version ever published by the Free Software Foundation. - - 14. If you wish to incorporate parts of the Library into other free programs -whose distribution conditions are incompatible with these, write to the author -to ask for permission. For software which is copyrighted by the Free Software -Foundation, write to the Free Software Foundation; we sometimes make -exceptions for this. Our decision will be guided by the two goals of -preserving the free status of all derivatives of our free software and of -promoting the sharing and reuse of software generally. - - NO WARRANTY - - 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR -THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE -STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE -LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, -INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND -PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, -YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO -LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR -THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH -DAMAGES. - - END OF TERMS AND CONDITIONS - -------------------- - -ncurses: -Copyright (c) 1998-2005,2006 Free Software Foundation, Inc. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, distribute with -modifications, sublicense, and/or sell copies of the Software, and to permit -persons to whom the Software is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, -WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Except as contained in this notice, the name(s) of the above copyright holders -shall not be used in advertising or otherwise to promote the sale, use or -other dealings in this Software without prior written authorization. - -------------------- - -OpenSSL: -OpenSSL License -Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. - -3. All advertising materials mentioning features or use of this software must -display the following acknowledgment: "This product includes software -developed by the OpenSSL Project for use in the OpenSSL Toolkit. -(http://www.openssl.org/)" - -4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -endorse or promote products derived from this software without prior written -permission. For written permission, please contact openssl-core@openssl.org. - -5. Products derived from this software may not be called "OpenSSL" nor may -"OpenSSL" appear in their names without prior written permission of the -OpenSSL Project. - -6. Redistributions of any form whatsoever must retain the following -acknowledgment: "This product includes software developed by the OpenSSL -Project for use in the OpenSSL Toolkit (http://www.openssl.org/)" - -THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED -OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, -INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY -OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, -EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This product includes cryptographic software written by Eric Young -(eay@cryptsoft.com). This product includes software written by Tim Hudson -(tjh@cryptsoft.com). - -Original SSLeay License -Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved. - -This package is an SSL implementation written by Eric Young -(eay@cryptsoft.com). The implementation was written so as to conform with -Netscapes SSL. - -This library is free for commercial and non-commercial use as long as the -following conditions are adhered to. The following conditions apply to all -code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; -not just the SSL code. The SSL documentation included with this distribution -is covered by the same copyright terms except that the holder is Tim Hudson -(tjh@cryptsoft.com). - -Copyright remains Eric Young's, and as such any Copyright notices in the code -are not to be removed. If this package is used in a product, Eric Young should -be given attribution as the author of the parts of the library used. This can -be in the form of a textual message at program startup or in documentation -(online or textual) provided with the package. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: -1. Redistributions of source code must retain the copyright notice, this list -of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software must -display the following acknowledgement: "This product includes cryptographic -software written by Eric Young (eay@cryptsoft.com)" The word 'cryptographic' -can be left out if the rouines from the library being used are not -cryptographic related :-). -4. If you include any Windows specific code (or a derivative thereof) from the -apps directory (application code) you must include an acknowledgement: "This -product includes software written by Tim Hudson (tjh@cryptsoft.com)" - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, -EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -The licence and distribution terms for any publically available version or -derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distribution licence [including the GNU Public -Licence.] - -------------------- - -zlib: -Acknowledgments: - The deflate format used by zlib was defined by Phil Katz. The deflate and -zlib specifications were written by L. Peter Deutsch. Thanks to all the people -who reported problems and suggested various improvements in zlib; they are too -numerous to cite here. - -Copyright notice: - (C) 1995-2004 Jean-loup Gailly and Mark Adler - - This software is provided 'as-is', without any express or implied warranty. -In no event will the authors be held liable for any damages arising from the -use of this software. - - Permission is granted to anyone to use this software for any purpose, -including commercial applications, and to alter it and redistribute it freely, -subject to the following restrictions: - - 1. The origin of this software must not be misrepresented; you must not -claim that you wrote the original software. If you use this software in a -product, an acknowledgment in the product documentation would be appreciated -but is not required. - 2. Altered source versions must be plainly marked as such, and must not be -misrepresented as being the original software. - 3. This notice may not be removed or altered from any source distribution. - - Jean-loup Gailly Mark Adler - jloup@gzip.org madler@alumni.caltech.edu - -If you use the zlib library in a product, we would appreciate *not* receiving -lengthy legal documents to sign. The sources are provided for free but without -warranty of any kind. The library has been entirely written by Jean-loup -Gailly and Mark Adler; it does not include third-party code. - -If you redistribute modified sources, we would appreciate that you include in -the file ChangeLog history information documenting your changes. Please read -the FAQ for more information on the distribution of modified source versions. - -------------------- - -Intel AESNI Sample Library: - -Copyright (c) 2010, Intel Corporation -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. -* Neither the name of Intel Corporation nor the names of its contributors may -be used to endorse or promote products derived from this software without -specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -Issue Date: Aug 6, 2010 - diff --git a/WARNING.TXT b/WARNING.TXT deleted file mode 100644 index 3fda535d..00000000 --- a/WARNING.TXT +++ /dev/null @@ -1,565 +0,0 @@ -THE IMPORTANT NOTICES ABOUT SOFTETHER VPN - -FUNCTIONS OF VPN COMMUNICATIONS EMBEDDED ON THIS SOFTWARE ARE VERY POWERFUL -THAN EVER. THIS STRONG VPN ABILITY WILL BRING YOU HUGE BENEFITS. HOWEVER, IF -YOU MISUSE THIS SOFTWARE, IT MIGHT DAMAGE YOURSELF. IN ORDER TO AVOID SUCH -RISKS, THIS DOCUMENT ACCOUNTS IMPORTANT NOTICES FOR CUSTOMERS WHO ARE WILLING -TO USE THIS SOFTWARE. THE FOLLOWING INSTRUCTIONS ARE VERY IMPORTANT. READ AND -UNDERSTAND IT CAREFULLY. ADDITIONALLY, IF YOU ARE PLANNING TO USE THE DYNAMIC -DNS, THE NAT TRAVERSAL OR THE VPN AZURE FUNCTIONS, READ THE SECTION 3.5 -CAREFULLY. THESE FUNCTIONS ARE FREE SERVICES PROVIDED VIA THE INTERNET, ARE -NOT GUARANTEED, AND ARE NOT INTENDED TO BE USED FOR BUSINESS OR COMMERCIAL -USE. DO NOT USE THESE SERVICES FOR YOUR BUSINESS OR COMMERCIAL USE. - - -1. VPN Communication Protocols -1.1. SoftEther VPN Protocol -SoftEther VPN can perform VPN communication. Unlike traditional VPN protocols, -SoftEther VPN has an implementation of the newly-designed "SoftEther VPN -Protocol (SE-VPN Protocol)" . SE-VPN protocol encapsulates any Ethernet -packets into a HTTPS (HTTP over SSL) connection. Therefore SE-VPN protocol can -communicate beyond firewalls even if the firewall is configured to block -traditional VPN packets by network administrator. SE-VPN protocol is designed -and implemented to comply TLS 1.0 (RFC 5246) and HTTPS (RFC 2818). However, it -sometimes have different behavior to RFCs. If you are a network administrator -and want to block SE-VPN protocols on the firewall, you can adopt a -"white-list" policy on the firewall to filter any TCP or UDP packets on the -border except explicitly allowed packets towards specific web sites and -servers. - -1.2. NAT Traversal Function -Generally, if you use traditional VPN systems you have to request a network -administrator to make the NAT or firewall to "open" or "relay" specific TCP or -UDP ports. However, there are demands somehow to eliminate such working costs -on network administrators. In order to satisfy such demands, SoftEther VPN has -the newly-implemented "NAT Traversal" function. NAT Traversal is enabled by -default. A SoftEther VPN Server running on the computer behind NAT or firewall -can accept VPN connections from the Internet, without any special -configurations on firewalls or NATs. If you want to disable the NAT Traversal -function, modify the "DisableNatTraversal" to "true" on the configuration file -of SoftEther VPN Server. In order to disable it on the client-side, append -"/tcp" suffix on the destination hostname. - -1.3. Dynamic DNS Function -Traditional legacy VPN system requires a static global IP address on the VPN -server. In consideration of shortage of global IP addresses, SoftEther -Corporation implements the "Dynamic DNS Function" on SoftEther VPN Server. -Dynamic DNS is enabled by default. Dynamic DNS function notify the current -global IP address of the PC to the Dynamic DNS Servers which are operated by -SoftEther Corporation. A globally-unique hostname (FQDN) such as -"abc.softether.net" ( "abc" varies as unique per a user) will be assigned on -the VPN Server. If you tell this unique hostname to a VPN user, the user can -specify it as the destination VPN Sever hostname on the VPN Client and will be -able to connect the VPN Server. No IP addresses are required to know -beforehand. If the IP address of the VPN Server varies, the registered IP -address related to the hostname of Dynamic DNS service will be changed -automatically. By this mechanism, no longer need a static global IP address -which costs monthly to ISPs. You can use consumer-level inexpensive Internet -connection with dynamic IP address in order to operate an enterprise-level VPN -system. If you want to disable Dynamic DNS, specify "true" on the "Disabled" -items of the "DDnsClient" directive on the SoftEther VPN Server configuration -file. * Note for residents in People's Republic of China: If your VPN Server -is running on the People's Republic of China, the DNS suffix will be replaced -to "sedns.cn" domain. The "sedns.cn" domain is the service possessed and -operated by "Beijing Daiyuu SoftEther Technology Co., Ltd" which is a -Chinese-local enterprise. - -1.4. VPN over ICMP / VPN over DNS functions -If you want to make a VPN connection between SoftEther VPN Client / Bridge and -SoftEther VPN Server, but if TCP and UDP packets are prohibited by the -firewall, then you can encapsulates payloads into "ICMP" (as known as Ping) or -"DNS" packets. This function can realize a VPN connection by using ICMP or DNS -even if the firewall or router blocks every TCP or UDP connections. VPN over -ICMP / VPN over DNS functions are designed to comply standard ICMP and DNS -specifications as possible, however it sometimes has a behavior not to fully -comply them. Therefore, few poor-quality routers may be caused a -memory-overflow or something troubles when a lot of ICMP or DNS packets are -passed, and such routers sometimes freezes or reboots. It might affects other -users on the same network. To avoid such risks, append the suffix "/tcp" on -the destination hostname which is specified on the VPN-client side to disable -VPN over ICMP / DNS functions. - -1.5. VPN Azure Cloud Service -If your SoftEther VPN Server is placed behind the NAT or firewall, and by some -reason you cannot use NAT Traversal function, Dynamic DNS function or VPN over -ICMP/DNS function, you can use VPN Azure Cloud Service. SoftEther Corporation -operates VPN Azure Cloud on Internet. After the VPN Server makes a connection -to the VPN Azure Cloud, the hostname "abc.vpnazure.net" ( "abc" is a unique -hostname) can be specified to connect to the VPN Server via the VPN Azure -Cloud. Practically, such a hostname is pointing a global IP address of one of -cloud servers which are operated by SoftEther Corporation. If A VPN Client -connects to such a VPN Azure host, then the VPN Azure host will relay all -traffics between the VPN Client and the VPN Server. VPN Azure is disabled by -default. You can activate it easily by using VPN Server Configuration Tool. - -1.6. UDP Acceleration -SoftEther VPN has the UDP Acceleration Function. If a VPN consists of two -sites detects that UDP channel can be established, UDP will be automatically -used. By this function, throughput of UDP increases. If direct UDP channel can -be established, direct UDP packets will be used. However, if there is -something obstacles such as firewalls or NATs, the "UDP Hole Punching" -technology will be used, instead. The "UDP Hole Punching" uses the cloud -servers which SoftEther Corporation operates on Internet. UDP Acceleration can -be disabled anytime by setting up so on the VPN-client side. - - -2. VPN Software -2.1. SoftEther VPN Client -If you use SoftEther VPN Client on Windows, the Virtual Network Adapter device -driver will be installed on Windows. The Virtual Network Adapter is -implemented as a kernel-mode driver for Windows. The driver is -digitally-signed by a certificate issued by VeriSign, Inc. and also sub-signed -by Symantec Corporation. A message to ask you want to sure install the driver -might be popped up on the screen. SoftEther VPN Client may response the -message if possible. SoftEther VPN Client also optimizes the configuration of -MMCSS (Multimedia Class Scheduler Service) on Windows. You can undo the -optimizations of MMCSS afterwards. - -2.2. SoftEther VPN Server / Bridge -If you use SoftEther VPN Server / Bridge on Windows with "Local Bridge" -functions, you have to install the low-level Ethernet packet processing driver -on the computer. The driver is digitally-signed by a certificate issued by -VeriSign, Inc. and also sub-signed by Symantec Corporation. SoftEther VPN -Server / Bridge may disable the TCP/IP offloading features on the physical -network adapter for Local Bridge function. In Windows Vista / 2008 or greater -version, VPN Server may inject a packet-filter driver which complies Windows -Filter Platform (WPF) specification into the kernel in order to provide IPsec -function. The packet-filter driver will be loaded available only if IPsec -function is enabled. Once you enables IPsec function of SoftEther VPN Server, -the built-in IPsec function of Windows will be disabled. After you disabled -IPsec function of SoftEther VPN Server, then the built-in IPsec function of -Windows will revive. In order to provide the Local Bridge function, SoftEther -VPN Server / Bridge disables the TCP/IP offloading function on the operating -system. - -2.3. User-mode Installation -You can install SoftEther VPN Server and SoftEther VPN Bridge as "User-mode" -on Windows. In other words, even if you don't have Windows system -administrator's privileges, you can install SoftEther VPN as a normal user. -User-mode install will disable a few functions, however other most functions -work well. Therefore, for example, an employee can install SoftEther VPN -Server on the computer in the office network, and he will be able to connect -to the server from his home. In order to realize such a system by user-self, -no system administrative privileges are required in the view-point of -technical. However, breaking rules of the company to install software on the -computer without authority might be regarded as an unfavorable behavior. If -you are an employee and belong to the company, and the company-policy -prohibits installing software or making communications towards Internet -without permission, you have to obtain a permission from the network -administrator or the executive officer of your company in advance to install -SoftEther VPN. If you install VPN Server / Bridge as User-mode, an icon will -be appeared on the Windows task-tray. If you feel that the icon disturbs you, -you can hide it by your operation. However, you must not exploit this hiding -function to install VPN Server on other person's computer as a spyware. Such -behavior might be an offence against the criminal law. - -2.4. Keep Alive Function -SoftEther VPN Server and SoftEther VPN Bridge has Keep Alive Function by -default. The purpose of this function is to sustain the Internet line active. -The function transmits UDP packets with a random-byte-array-payload -periodically. This function is useful to avoid automatic disconnection on -mobile or dial-up connections. You can disable Keep Alive Function anytime. - -2.5. Uninstallation -The uninstallation process of SoftEther VPN software will delete all program -files. However, non-program files (such as files and data which are generated -by running of programs) ) will not be deleted. For technical reason, the exe -and resource files of uninstaller might remain. Such remaining files never -affects to use the computer, however you can delete it manually. Kernel-mode -drivers might not be deleted, however such drivers will not be loaded after -the next boot of Windows. You can use "sc" command of Windows to delete -kernel-mode drivers manually. - -2.6. Security -You should set the administrator's password on SoftEther VPN Server / Bridge -after installation. If you neglect to do it, another person can access to -SoftEther VPN Server / Bridge and can set the password without your -permission. This caution might be also applied on SoftEther VPN Client for -Linux. - -2.7. Automatic Update Notification -SoftEther VPN software for Windows has an automatic update notification -function. It accesses to the SoftEther Update server periodically to check -whether or not the latest version of software is released. If the latest -version is released, the notification message will be popped up on the screen. -In order to achieve this purpose, the version, language settings, the unique -identifier, the IP address of your computer and the hostname of VPN Server -which is connected to will be sent to the SoftEther Update server. No personal -information will be sent. Automatic Update Notification is enabled by default, -however you can disable it on the configuration screen. The setting whether -turned on or turned off will be saved individually corresponding to each -destination VPN server, by VPN Server Manager. - -2.8. Virtual NAT Function -A Virtual Hub on SoftEther VPN Server / Bridge has "Virtual NAT Function" . -Virtual NAT Function can share a single IP address on the physical network by -multiple private IP address of VPN Clients. There are two operation mode of -Virtual NAT: User-mode and Kernel-mode. In the user-mode operation, Virtual -NAT shares an IP address which is assigned on the host operating system. -Unlike user-mode, the kernel-mode operation attempts to find DHCP servers on -the physical network. If there are two or more physical networks, a DHCP -server will be sought automatically for each segments serially. If a DHCP -server found, and an IP address is acquired, the IP address will be used by -the Virtual NAT. In this case, an IP entry as a DHCP client will be registered -on the IP pool of the physical DHCP Server. The physical default gateway and -the DNS server will be used by the Virtual NAT in order to communicate with -hosts in Internet. In kernel-mode operation, a Virtual Hub has a virtual MAC -address which is operating on the physical Ethernet segment. In order to check -the connectivity to Internet, SoftEther VPN periodically sends DNS query -packet to resolve the IP address of host "www.yahoo.com" or "www.baidu.com" , -and attempts to connect to the TCP port 80 of such a resulted IP address for -connectivity check. - -2.9. Unattended Installation of Kernel-mode Components -When SoftEther VPN will detect a necessity to install the kernel-mode -components on Windows, a confirmation message will be appeared by Windows -system. In this occasion, SoftEther VPN software will switch to the Unattended -Installation mode in order to respond "Yes" to Windows. This is a solution to -prevent dead-locks when a remote-administration is performed from remote -place. - -2.10. Windows Firewall -SoftEther VPN software will register itself as a safe-program. Such an entry -will be remain after the uninstallation. You can remove it manually from the -Control Panel of Windows. - - -3. Internet Services -3.1. Internet Services which are provided by SoftEther Corporation -SoftEther Corporation provides Dynamic DNS, NAT Traversal and VPN Azure server -services on the Internet. These services are free of charge. Customers can -access to the services by using SoftEther VPN software, via Internet. These -service will be planned to be available from Open-Source version of "SoftEther -VPN" which will be released in the future. - -3.2. Sent Information and Privacy Protection -SoftEther VPN software may send an IP address, hostname, the version of VPN -software on the customer's computer to the cloud service operated by SoftEther -Corporation, in order to use the above services. These sending of information -are minimal necessary to use the services. No personal information will be -sent. SoftEther Corporation records log files of the cloud service servers for -90 days at least with the received information. Such logs will be used for -troubleshooting and other legitimate activities. SoftEther Corporation may -provide logs to a public servant of Japanese government who are belonging to -courts, police stations and the prosecutor's office, in order to comply such -authorities' order. (Every Japanese public servants are liable by law to keep -the information close.) Moreover, the IP addresses or other information will -be processed statistically and provided to the public, not to expose the each -concrete IP address, in order to release the release of research activities. - -3.3. Communication Data via VPN Azure Service -Regardless of the above 3.2 rule, if the customer sends or receives VPN -packets using VPN Azure Cloud Service, the actual payloads will stored and -forwarded via the volatile memory of the servers for very short period. Such a -behavior is naturally needed to provide the "VPN relay service" . No payloads -will be recorded on "fixed" storages such as hard-drives. However, the -"Wiretapping for Criminals Procedures Act" (The 137th legislation ruled on -August 18, 1999 in Japan) requires telecommunication companies to allow the -Japanese government authority to conduct a wire-tapping on the line. VPN Azure -Servers which are physically placed on Japan are subjects of this law. - -3.4. Comply to Japanese Telecommunication Laws -SoftEther Corporation complies with Japanese Telecommunication Laws as -necessary to provide online services via Internet. - -3.5. Free and Academic Experiment Services -SoftEther provides Dynamic DNS, NAT Traversal and VPN Azure as academic -experiment services. Therefore, there services can be used for free of charge. -These services are not parts of "SoftEther VPN Software Products" . These -services are provided without any warranty. The services may be suspended or -discontinued by technical or operational matters. In such occasions, users -will not be able to use the services. A user have to understand such risks, -and to acknowledge that such risks are borne by a user-self. SoftEther will -never be liable to results or damages of use or unable-to-use of the service. -Even if the user has already paid the license-fee of the commercial version of -SoftEther VPN, such paid fees don't include any fees of these services. -Therefore, if the online services will stop or be discontinued, no refunds or -recoveries of damages will be provided by SoftEther Corporation. - -3.6. DNS Proxy Cloud Servers -In some regions, when a user uses Internet, a DNS query sometimes broken or -lost when it is passing through the ISP line. If SoftEther VPN Server, Client -or Bridge detects a possibility that the accessing to the actual VPN server -might be unstable, then DNS queries will be also transferred to the DNS proxy -cloud servers which are operated by SoftEther Corporation. A DNS proxy cloud -server will respond DNS queries with answering correct a IP address. - - -4. General Cautions -4.1. Needs an Approval from Network Administrator -SoftEther VPN has powerful functions which don't require special settings by -network administrators. For example, you need not to ask the administrator to -configure the existing firewall in order to "open" a TCP/UDP port. Such -characteristic features are for the purpose to eliminate working times and -costs of network administrators, and avoid misconfiguration-risks around the -tasks to open specific exception ports on the firewall. However, any employees -belong to the company have to obtain an approval from the network -administrator before installs SoftEther VPN. If your network administrator -neglects to provide such an approval, you can consider to take an approval -from an upper authority. (For example, executive officer of the company.) If -you use SoftEther VPN without any approvals from the authority of your -company, you might have disadvantage. SoftEther Corporation will be never -liable for results or damages of using SoftEther VPN. - -4.2. Observe Laws of Your Country -If your country's law prohibits the use of encryption, you have to disable the -encryption function of SoftEther VPN by yourself. Similarly, in some countries -or regions, some functions of SoftEther VPN might be prohibited to use by -laws. Other countries' laws are none of SoftEther Corporation's concern -because SoftEther Corporation is an enterprise which is located and registered -in Japan physically. For example, there might be a risk that a part of -SoftEther VPN conflicts an existing patent which is valid only on the specific -region. SoftEther Corporation has no interests in such specific region outside -Japan's territory. Therefore, if you want to use SoftEther VPN in regions -outside Japan, you have to be careful not to violate third-person's rights. -You have to verify the legitimacy of the use of SoftEther VPN in the specific -region before you actually use it in such region. By nature, there are almost -200 countries in the World, and each country's law is different each other. It -is practically impossible to verify every countries' laws and regulations and -make the software comply with all countries' laws in advance to release the -software. Therefore SoftEther Corporation has verified the legitimacy of -SoftEther VPN against the laws and regulations of only Japan. If a user uses -SoftEther VPN in a specific country, and damaged by public servants of the -government authority, SoftEther Corporation will never be liable to recover or -compensate such damages or criminal responsibilities. - - -5. VPN Gate Academic Experiment Project -(This chapter applies only on SoftEther VPN software package which contains -the extension plug-in for VPN Gate Academic Experiment Project.) -5.1. About VPN Gate Academic Experiment Project -VPN Gate Academic Experiment Project is an online service operated for just -the academic research purpose at the graduate school of University of Tsukuba, -Japan. The purpose of this research is to expend our knowledge about the -"Global Distributed Public VPN Relay Server" (GDPVRS) technology. For details, -please visit http://www.vpngate.net/. - -5.2. About VPN Gate Service -SoftEther VPN Server and SoftEther VPN Client may contain "VPN Gate Service" -program. However, VPN Gate Service is disabled by default. -VPN Gate Service should be activated and enabled by the voluntary intention of -the owner of the computer which SoftEther VPN Server or SoftEther VPN Client -is installed on. After you activate VPN Gate Service, the computer will be -start to serve as a part of the Global Distributed Public VPN Relay Servers. -The IP address, hostname and related information of the computer will be sent -and registered to the directory server of VPN Gate Academic Experiment -Project, and they will be published and disclosed to the public. This -mechanism will allow any VPN Gate Client software's user to connect to the VPN -Gate Service running on your computer. While the VPN session between a VPN -Gate Client and your VPN Gate Service is established, the VPN Gate Client's -user can send/receive any IP packets towards the Internet via the VPN Gate -Service. The global IP address of the VPN Gate Service's hosing computer will -be used as the source IP address of such communications which a VPN Gate -Client initiates. -VPN Gate Service will send some information to the VPN Gate Academic -Experiment Service Directory Server. The information includes the operator's -information which described in section 5.5, logging settings, uptime, -operating system version, type of protocol, port numbers, quality information, -statistical information, VPN Gate clients' log history data (includes dates, -IP addresses, version numbers and IDs) and the version of the software. These -information will be exposed on the directory. VPN Gate Service also receives a -key for encoding which is described on the chapter 5.9 from the directory -server. - -5.3. Details of VPN Gate Service's Behavior -If you enable VPN Gate Service manually, which is disabled by default, the -"VPNGATE" Virtual Hub will be created on the SoftEther VPN Server. If you are -using SoftEther VPN Client and attempt to active VPN Gate Service on it, an -equivalent program to SoftEther VPN Server will be invoked on the same process -of SoftEther VPN Client, and the "VPNGATE" Virtual Hub will be created. The -"VPNGATE" Virtual Hub contains a user named "VPN" by default which permits -anyone on the Internet to make a VPN connection to the Virtual Hub. Once a VPN -Client connects to the "VPNGATE" Virtual Hub, any communication between the -user and the Internet will pass through the Virtual Hub, and -transmitted/received using the physical network interface on the computer -which SoftEther VPN Server (or SoftEther VPN Client) is running on. This will -cause the result that a destination host specified by the VPN Client will -identify that the source of the communication has initiated from the VPN Gate -Service's hosting computer's IP address. However, for safety, any packets -which destinations are within 192.168.0.0/255.255.0.0, 172.16.0.0/255.240.0.0 -or 10.0.0.0/255.0.0.0 will be blocked by the "VPNGATE" Virtual Hub in order to -protect your local network. Therefore, if you run VPN Gate Service on your -corporate network or private network, it is safe because anonymous VPN Client -users will not be permitted to access such private networks. VPN Gate Service -also serves as relay for accessing to the VPN Gate Directory Server. -In order to make VPN Gate Service familiar with firewalls and NATs, it opens -an UDP port by using the NAT Traversal function which is described on the -section 1.2. It also opens and listens on some TCP ports, and some TCP and UDP -ports will be specified as the target port of Universal Plug and Play (UPnP) -Port Transfer entries which are requested to your local routers. UPnP request -packets will be sent periodically. Some routers keep such an opened TCP/UDP -port permanently on the device. If you wish to close them, do it manually. -VPN Gate Service also provides the mirror-site function for www.vpngate.net. -This is a mechanism that a copy of the latest contents from www.vpngate.net -will be hosted by the mirror-site tiny HTTP server which is running on the VPN -Gate Service program. It will register itself on the mirror-sites list in -www.vpngate.net. However, it never relays any other communications which are -not towards www.vpngate.net. - -5.4. Communication between Internet via VPN Gate Service -VPN Gate Service provides a routing between users and the Internet, by using -the Virtual NAT Function which is described on the section 2.8. VPN Gate -Service sends polling Ping packets to the server which is located on -University of Tsukuba, and the Google Public DNS Server which is identified as -8.8.8.8, in order to check the latest quality of your Internet line. VPN Gate -Service also sends and receives a lot of random packets to/from the Speed Test -Server on University of Tsukuba. These quality data will be reported to VPN -Gate Directory Server, automatically and periodically. The result will be -saved and disclosed to the public. These periodical polling communication are -adjusted not to occupy the Internet line, however in some circumstances they -might occupy the line. - -5.5. Operator's Information of VPN Gate Service -If you activate VPN Gate Service on your computer, the computer will be a part -of the Global Distributed Public VPN Relay Servers. Therefore, the Operator's -administrative information of your VPN Gate Service should be reported and -registered on the VPN Gate Service Directory. Operator's information contains -the name of the operator and the abuse-reporting contact e-mail address. These -information can be inputted on the screen if the VPN Gate configuration. -Inputted information will be transmitted to the VPN Gate Directory Server, -stored and disclosed to the public. So you have to be careful to input -information. By the way, until you specify something as the operator's -information, the computer's hostname will be used automatically as the field -of the name of the operator, by appending the "'s owner" string after the -hostname. - -5.6. Observe Laws to Operate VPN Gate Service -In some countries or regions, a user who is planning to activate and operate -VPN Gate Service, he are mandated to obtain a license or register a service -from/to the government. If your region has such a regulation, you must fulfill -mandated process before activating VPN Gate Service in advance. Neither the -developers nor operators of the VPN Gate Academic Experiment Project will be -liable for legal/criminal responsibilities or damages which are occurred from -failure to comply your local laws. - -5.7. Protect Privacy of Communication -Most of countries have a law which requires communication service's operators, -including VPN Gate Service operators, to protect the privacy of communication -of third-persons. When you operate VPN Gate Service, you must always protect -user's privacy. - -5.8. Packet Logs -The packet logging function is implemented on VPN Gate Service. It records -essential headers of major TCP/IP packets which are transmitted via the -Virtual Hub. This function will be helpful to investigate the "original IP -address" of the initiator of communication who was a connected user of your -VPN Gate Service, by checking the packet logs and the connection logs. The -packet logs are recorded only for such legitimate investigates purpose. Do not -peek nor leak packet logs except the rightful purpose. Such act will be -violate the section 5.7. - -5.9. Packet Logs Automatic Archiving and Encoding Function -The VPN Gate Academic Experiment Service is operated and running under the -Japanese constitution and laws. The Japanese constitution laws demand strictly -protection over the privacy of communication. Because this service is under -Japanese rules, the program of VPN Gate Service implements this "Automatic Log -File Encoding" protection mechanism, and enabled by default. -The VPN Gate Service is currently configured to encode packet log files which -has passed two or more weeks automatically, by default. In order to protect -privacy of communication, if a packet log file is once encoded, even the -administrator of the local computer cannot censor the packet log file. This -mechanism protects privacy of end-users of VPN Gate Service. -You can change the VPN Gate Service setting to disable this automatic encoding -function. Then packet log files will never be encoded even after two weeks -passed. In such a configuration, all packet logs will remain as plain-text on -the disk. Therefore you have to take care not to violate user's privacy. -If you are liable to decode an encoded packet log files (for example: a VPN -Gate Service's user illegally abused your VPN Gate Service and you have to -decode the packet logs in order to comply the laws), contact the administrator -of the VPN Gate Academic Experiment Service at Graduate School of University -of Tsukuba, Japan. You can find the contact address at -http://www.vpngate.net/. The administrator of VPN Gate Service will respond to -decode the packet logs if there is an appropriate and legal request from court -or other judicial authorities, according to laws. - -5.10. Caution if You Operate VPN Gate Service in the Japan's Territories -When a user operates VPN Gate Service in the Japan's territories, such an act -may be regulated under the Japanese Telecommunication Laws if the operation is -a subject to the law. However, in such a circumstance, according to the -"Japanese Telecommunication Business Compete Manual [supplemental version]" , -non- profitable operations of communications are not identified as a -"telecommunication business" . So usual operators of VPN Gate Service are not -subjects to "telecommunication business operators" , and not be mandated to -register to the government. Even so, legalities to protect the privacy of -communication still imposed. As a conclusion, if you operate VPN Gate Service -in the Japan's Territories, you must not leak the secrets of communications -which are transmitted via your operating VPN Gate Service. - -5.11. VPN Gate Client -If SoftEther VPN Client contains the VPN Gate Client plug-in, you can use it -to obtain the list of current operating VPN Gate Service servers in the -Internet, and make a VPN connection to a specific server on the list. -VPN Gate Client always keeps the latest list of the VPN Gate Services -periodically. Be careful if you are using a pay-per-use Internet line. -When you start the VPN Gate Client software, the screen which asks you -activate or not VPN Gate Service will be appeared. For details of VPN Gate -Service, read the above sections. - -5.12. Caution before Joining or Exploiting VPN Gate Academic Experiment -Project -The VPN Gate Academic Experiment Service is operated as a research project at -the graduate school on University of Tsukuba, Japan. The service is governed -under the Japanese laws. Other countries' laws are none of our concerns nor -responsibilities. -By nature, there are almost 200 countries in the World, with different laws. -It is impossible to verify every countries' laws and regulations and make the -software comply with all countries' laws in advance to release the software. -If a user uses VPN Gate service in a specific country, and damaged by public -servants of the authority, the developer of either the service or software -will never be liable to recover or compensate such damages or criminal -responsibilities. -By using this software and service, the user must observe all concerned laws -and rules with user's own responsibility. The user will be completely liable -to any damages and responsibilities which are results of using this software -and service, regardless of either inside or outside of Japan's territory. -If you don't agree nor understand the above warnings, do not use any of VPN -Gate Academic Experiment Service functions. -VPN Gate is a research project for just academic purpose only. VPN Gate was -developed as a plug-in for SoftEther VPN and UT-VPN. However, all parts of VPN -Gate were developed on this research project at University of Tsukuba. Any -parts of VPN Gate are not developed by SoftEther Corporation. The VPN Gate -Research Project is not a subject to be led, operated, promoted nor guaranteed -by SoftEther Corporation. - -5.13. The P2P Relay Function in the VPN Gate Client to strengthen the -capability of circumvention of censorship firewalls -VPN Gate Clients, which are published since January 2015, include the P2P -Relay Function. The P2P Relay Function is implemented in order to strengthen -the capability of circumvention of censorship firewalls. If the P2P Relay -Function in your VPN Gate Client is enabled, then the P2P Relay Function will -accept the incoming VPN connections from the VPN Gate users, which are located -on mainly same regions around you, and will provide the relay function to the -external remote VPN Gate Servers, which are hosted by third parties in the -free Internet environment. This P2P Relay Function never provides the shared -NAT functions nor replaces the outgoing IP address of the VPN Gate users to -your IP addresses because this P2P Relay Function only provides the -"reflection service" (hair-pin relaying), relaying from incoming VPN Gate -users to an external VPN Gate Server. In this situation, VPN tunnels via your -P2P Relay Function will be finally terminated on the external VPN Gate Server, -not your VPN Gate Client. However, the VPN Gate Server as the final -destination will record your IP address as the source IP address of VPN -tunnels which will be initiated by your P2P Relay Function. Additionally, user -packets which are transmitted via your P2P Relay Function will be recorded on -your computer as packet logs as described on the section 5.8. After you -installed the VPN Gate Client, and if the P2P Relay Function will be enabled -automatically, then all matters on the 5.2, 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 5.9, -5.10, 5.11 and 5.12 sections will be applied to you and your computer, as same -to the situation when you enabled the VPN Gate Service (the VPN Gate Server -function). If your P2P Function is enabled, then your computer's IP address -and the default operator's name which is described on the section 5.5 will be -listed on the VPN Gate Server List which is provided by the VPN Gate Project. -You can change these strings by editing the "vpn_gate_relay.config" file -manually. Note that you need to stop the VPN Client service before editing it. -The VPN Gate Client will automatically enable the P2P Relay Function on your -computer if the VPN Gate Client detects that your computer might be located in -regions where there are existing censorship firewalls. If you want to disable -the P2P Relay Function, you must set the "DisableRelayServer" flag to "true" -on the "vpn_client.config" file which is the configuration file of the VPN -Client. Note that you need to stop the VPN Client service before editing it. -The VPN Gate Client does not recognize the particular regulation of your -country or your region. The VPN Gate Client activates the P2P Relay Function -even if your country or your region has the law to restrict running P2P relay -functions. Therefore, in such a case, you must disable the P2P Relay Function -on the VPN Gate Client manually by setting the "DisableRelayServer" flag if -you reside in such a restricted area, in your own responsibility. -