Merge a366bdbf02 into 9c0b5f7001

bump version for upcoming 5183 release

.github/ISSUE_TEMPLATE.md

@@ -1,51 +0,0 @@
-Hi, there!
-
-Thank you for using SoftEther.
-
-If you are running SoftEther VPN 4.x (i.e. Stable Edition), please read the comparison with Developer Edition at: 
-
-https://github.com/SoftEtherVPN/SoftEtherVPN#comparison-with-stable-edition
-
-Before you submit an issue, please read the following:
-
-Is this a question?
-
-- If the answer is "yes", then please ask your question on [www.vpnusers.com](http://www.vpnusers.com).
-The issue section on GitHub is reserved for bugs and feature requests.
-
-- If the answer is "no", please read the following:
-
-We provide a template which is specifically made for bug reports, in order to be sure that the report includes enough details to be helpful.
-
-Please use or adapt it as needed.
-
----
-
-### Prerequisites
-
-* [ ] Can you reproduce?
-* [ ] Are you running the latest version of SoftEtherVPN?
-
-**SoftEther version:**
-**Component:** [Server, Client, Bridge, etc.]
-**Operating system:** [Windows, Linux, BSD, macOS, etc.]
-**Architecture:** [64 bit, 32 bit]
-
-[In case it's a computer with known specs, such as the Raspberry Pi, you can specify it omitting the details.]
-**Processor:** [Specify brand and model. Example: AMD Ryzen 7 1800x]
-
-### Description
-
-[Description of the bug]
-
-**Expected behavior:**
-[What you expected to happen]
-
-**Actual behavior:**
-[What actually happened]
-
-### Steps to reproduce
-
-1. [First step]
-2. [Second step]
-3. [And so on...]

.github/ISSUE_TEMPLATE/bug_report_or_issue_report.yml

@@ -0,0 +1,87 @@
+name: Bug Report or Issue Report
+description: File a bug report or an issue report
+labels: "needs-triage"
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!         
+        We provide a template which is specifically made for bug reports, to be sure that the report includes enough details to be helpful.
+  
+  - type: checkboxes
+    attributes:
+      label: Are you using SoftEther VPN 5.x?
+      description: |
+        This issue tracker is for SoftEther VPN Developer Edition versioned 5.x.
+        Please report issues about SoftEther VPN Stable Edition versioned 4.x through the correct path.
+        See also [the top  of the issue tracker](https://github.com/SoftEtherVPN/SoftEtherVPN/issues/new/choose).
+      options:
+        - label: Yes, I'm using SoftEther VPN 5.x, not 4.x.
+          required: true
+
+  - type: input
+    attributes:
+      label: Version
+      description: |
+          The exact version you are using.
+          It would be very nice if you let us know version tag or commit hash.
+      placeholder: "5.02.5180 / 09b7e4f / 5.01.9674+git20200806+8181039+dfsg2-2build1"
+    
+  - type: dropdown
+    attributes:
+      label: Component
+      description: Which component did you encounter an issue with?
+      multiple: true
+      options:
+        - VPN Server
+        - VPN Bridge
+        - VPN Client
+        - VPN Tools
+        - Other
+    validations:
+      required: true
+
+  - type: input
+    attributes:
+      label: Operating system & version
+      placeholder: "Windows 11 Pro 23H2 / Ubuntu 22.04 / FreeBSD 14.0 / macOS Sonoma / Independent"
+      description: |
+        Let us know about your operating system and version.
+    validations:
+      required: true
+      
+  - type: input
+    attributes:
+      label: Architecture or Hardware model
+      placeholder: "amd64 / aarch64 / Raspberry Pi 4B+ / Apple M2"
+      description: |
+        Necessary if your issue is architecture-specific.
+
+  - type: textarea
+    attributes:
+      label: Steps to reproduce
+      placeholder: Having detailed steps helps us reproduce the bug.
+    validations:
+      required: true
+      
+  - type: textarea
+    attributes:
+      label: ✔️ Expected Behavior
+      placeholder: What do you expect to happen?
+    validations:
+      required: false
+      
+  - type: textarea
+    attributes:
+      label: ❌ Actual Behavior
+      placeholder: What happened actually?
+    validations:
+      required: false
+      
+  - type: textarea
+    attributes:
+      label: Anything else?
+      description: |
+        Links? References?  
+        Anything that will give us more context about the issue you are encountering!
+  

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+contact_links:
+  - name: Are you using SoftEther VPN 4.x?
+    about: This repository is for SoftEther VPN 5.x Developer Edition, developed independently from SoftEther VPN 4.x. Visit vpnusers.com if you would like to report issues or ask questions about version 4.x!
+    url: https://www.vpnusers.com/
+
+  - name: Questions about SoftEtherVPN 5.x
+    about: Visit Discussions to ask community to help.
+    url: https://github.com/SoftEtherVPN/SoftEtherVPN/discussions/new?category=q-a

.gitignore

@@ -209,4 +209,4 @@ developer_tools/stbchecker/**/ASALocalRun/
 developer_tools/stbchecker/**/*.binlog
 developer_tools/stbchecker/**/*.nvuser
 developer_tools/stbchecker/**/.mfractor/
-
+/vcpkg_installed

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "cmake.configureOnOpen": false
+}

CMakeLists.txt

@@ -3,7 +3,7 @@ cmake_minimum_required(VERSION 3.10)
 set(BUILD_NUMBER CACHE STRING "The number of the current build.")
 
 if ("${BUILD_NUMBER}" STREQUAL "")
-	set(BUILD_NUMBER "5180")
+	set(BUILD_NUMBER "5183")
 endif()
 
 if (BUILD_NUMBER LESS 5180)

CMakeSettings.json

@@ -1,5 +1,5 @@
 {
-  "environments": [ { "BuildNumber": "5180" } ],
+  "environments": [ { "BuildNumber": "5183" } ],
   "configurations": [
     {
       "name": "x64-native",

developer_tools/vpnserver-jsonrpc-clients/README.html

@@ -30,6 +30,7 @@
 <ul>
 <li>Older versions of SoftEther VPN before June 2019 don't support JSON-RPC APIs.</li>
 <li>If you want to completely disable the JSON-RPC on your VPN Server, set the <code>DisableJsonRpcWebApi</code> variable to <code>true</code> on the <code>vpn_server.config</code>.</li>
+<li>You may also restrict access to JSON-RPC API to a specific subnet, e.g. your internal network, by setting the <code>JsonRpcWebApiAllowedSubnet</code> variable to, for example, <code>192.168.0.0/16</code>.</li>
 </ul>
 <h3 id="json-rpc-specification">JSON-RPC specification</h3>
 <p>You must use HTTPS 1.1 <code>POST</code> method to call each of JSON-RPC APIs.<br />

developer_tools/vpnserver-jsonrpc-clients/README.md

@@ -25,6 +25,7 @@ https://<vpn_server_hostname>:<port>/api/
 
   - Older versions of SoftEther VPN before June 2019 don't support JSON-RPC APIs.
   - If you want to completely disable the JSON-RPC on your VPN Server, set the `DisableJsonRpcWebApi` variable to `true` on the `vpn_server.config`.
+  - You may also restrict access to JSON-RPC API to a specific subnet, e.g. your internal network, by setting the `JsonRpcWebApiAllowedSubnet` variable to, for example, `192.168.0.0/16`.
 
 
 ### JSON-RPC specification

developer_tools/vpnserver-jsonrpc-codegen/Templates/doc.txt

@@ -25,6 +25,7 @@ https://<vpn_server_hostname>:<port>/api/
 
   - Older versions of SoftEther VPN before June 2019 don't support JSON-RPC APIs.
   - If you want to completely disable the JSON-RPC on your VPN Server, set the `DisableJsonRpcWebApi` variable to `true` on the `vpn_server.config`.
+  - You may also restrict access to JSON-RPC API to a specific subnet, e.g. your internal network, by setting the `JsonRpcWebApiAllowedSubnet` variable to, for example, `192.168.0.0/16`.
 
 
 ### JSON-RPC specification

src/BUILD_UNIX.md

@@ -228,7 +228,7 @@ You can write your own VPN Server management application in your favorite langua
 
 You can use any SoftEtherVPN component (server, client, bridge) without installing it, if you wish so.
 
-In this case please do not run the `make install` command after compiling the source code, and head directly to the **bin/** directory. There you will find the generated binaries for SoftEtherVPN and those could be used without installing SoftEtherVPN.
+In this case please do not run the `make install` command after compiling the source code, and head directly to the **build/** directory. There you will find the generated binaries for SoftEtherVPN and those could be used without installing SoftEtherVPN.
 
 ************************************
 Thank You Using SoftEther VPN !

src/Cedar/BridgeWin32.c

@@ -1161,7 +1161,8 @@ void Win32EthMakeCombinedName(char *dst, UINT dst_size, char *nicname, char *gui
 
 	if (IsEmptyStr(guid) == false)
 	{
-		Format(dst, dst_size, "%s (ID=%010u)", nicname, Win32EthGenIdFromGuid(guid));
+		// Allow to combine "FriendlyName" consisting of a NULL character and ID.
+		Format(dst, dst_size, "%s(ID=%010u)", nicname, Win32EthGenIdFromGuid(guid));
 	}
 	else
 	{
@@ -1185,18 +1186,19 @@ UINT Win32EthGetNameAndIdFromCombinedName(char *name, UINT name_size, char *str)
 
 	len = StrLen(str);
 
-	if (len >= 16)
+	// Allow to combine "FriendlyName" consisting of a NULL character and ID beginning with "(ID=".
+	if (len >= 15)
 	{
-		StrCpy(id_str, sizeof(id_str), str + len - 16);
+		StrCpy(id_str, sizeof(id_str), str + len - 15);
 
-		if (StartWith(id_str, " (ID="))
+		if (StartWith(id_str, "(ID="))
 		{
 			if (EndWith(id_str, ")"))
 			{
 				char num[MAX_SIZE];
 
 				Zero(num, sizeof(num));
-				StrCpy(num, sizeof(num), id_str + 5);
+				StrCpy(num, sizeof(num), id_str + 4);
 
 				num[StrLen(num) - 1] = 0;
 
@@ -1204,7 +1206,7 @@ UINT Win32EthGetNameAndIdFromCombinedName(char *name, UINT name_size, char *str)
 
 				if (ret != 0)
 				{
-					name[len - 16] = 0;
+					name[len - 15] = 0;
 				}
 			}
 		}
@@ -1346,6 +1348,8 @@ TOKEN_LIST *GetEthListEx(UINT *total_num_including_hidden, bool enum_normal, boo
 
 			Debug("%s - %s\n", a->Guid, a->Title);
 		}
+		// Make sure that "FriendlyName" does not cosist a NULL character.
+		Debug("%s,- s=%d, t=%s, %s,\n", a->Guid, show, tmp, a->Title[0] == 0 ? "check=NG FriendlyName(Title) is NULL !" : "check=OK");
 	}
 
 	*total_num_including_hidden = ret->NumTokens;
@@ -1405,7 +1409,7 @@ LIST *GetEthAdapterListInternal()
 	UINT size;
 	char *buf;
 	UINT i, j;
-	char *qos_tag = " (Microsoft's Packet Scheduler)";
+	char *qos_tag = "(Microsoft's Packet Scheduler)";	// Allow to combine "FriendlyName" consisting of a NULL character and QOS tag.
 	SU *su = NULL;
 	LIST *su_adapter_list = NULL;
 
@@ -1660,7 +1664,8 @@ ANSI_STR:
 				}
 				else
 				{
-					Format(tmp, sizeof(tmp), "%s (%u)", a->Title, k + 1);
+					// Allow to combine "FriendlyName" consisting of a NULL character and SEQ number.
+					Format(tmp, sizeof(tmp), "%s(%u)", a->Title, k + 1);
 				}
 
 				ok = true;

src/Cedar/IPC.c

@@ -1537,7 +1537,8 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
 								// Remove link-layer address options for Windows clients (required on Windows 11)
 								if (header_size > 0)
 								{
-									UCHAR *src = p->ICMPv6HeaderPacketInfo.Headers.HeaderPointer + header_size;
+									//UCHAR *src = p->ICMPv6HeaderPacketInfo.Headers.HeaderPointer + header_size;
+									UCHAR* src = (UCHAR *)p->ICMPv6HeaderPacketInfo.Headers.HeaderPointer + header_size;// Cast the pointer to UCHAR *.
 									UINT opt_size = p->ICMPv6HeaderPacketInfo.DataSize - header_size;
 									UCHAR *dst = src;
 									UINT removed = 0;

src/Cedar/Protocol.c

@@ -5740,6 +5740,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 	UINT num = 0, max = 19;
 	SERVER *server;
 	char *vpn_http_target = HTTP_VPN_TARGET2;
+	bool disableJsonRpcWebApi;
 	// Validate arguments
 	if (c == NULL)
 	{
@@ -5750,6 +5751,15 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 
 	s = c->FirstSock;
 
+	disableJsonRpcWebApi = server->DisableJsonRpcWebApi;
+	if (!disableJsonRpcWebApi && !IsZeroIP(&server->JsonRpcWebApiAllowedSubnetAddr)
+				&& !IsZeroIP(&server->JsonRpcWebApiAllowedSubnetMask)) {
+		// restrict JSON-RPC Web API to specified subnet only
+		if (!IsInSameNetwork(&s->RemoteIP, &server->JsonRpcWebApiAllowedSubnetAddr, &server->JsonRpcWebApiAllowedSubnetMask)) {
+			disableJsonRpcWebApi = true;
+		}
+	}
+
 	while (true)
 	{
 		bool not_found_error = false;
@@ -5782,7 +5792,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 			// Receive the data since it's POST
 			data_size = GetContentLength(h);
 
-			if (server->DisableJsonRpcWebApi == false)
+			if (disableJsonRpcWebApi == false)
 			{
 				if (StrCmpi(h->Target, "/api") == 0 || StrCmpi(h->Target, "/api/") == 0)
 				{
@@ -5868,7 +5878,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 		}
 		else if (StrCmpi(h->Method, "OPTIONS") == 0)
 		{
-			if (server->DisableJsonRpcWebApi == false)
+			if (disableJsonRpcWebApi == false)
 			{
 				if (StrCmpi(h->Target, "/api") == 0 || StrCmpi(h->Target, "/api/") == 0 || StartWith(h->Target, "/admin"))
 				{
@@ -5939,7 +5949,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 					BUF *b = NULL;
 					*error_detail_str = "HTTP_ROOT";
 
-					if (server->DisableJsonRpcWebApi == false)
+					if (disableJsonRpcWebApi == false)
 					{
 						b = ReadDump("|wwwroot/index.html");
 					}
@@ -6019,7 +6029,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 
 					if (b == false)
 					{
-						if (server->DisableJsonRpcWebApi == false)
+						if (disableJsonRpcWebApi == false)
 						{
 							if (StartWith(h->Target, "/api?") || StartWith(h->Target, "/api/") || StrCmpi(h->Target, "/api") == 0)
 							{

src/Cedar/SeLowUser.c

@@ -753,12 +753,46 @@ LIST *SuGetAdapterList(SU *u)
 	for (i = 0;i < u->AdapterInfoList.NumAdapters;i++)
 	{
 		SL_ADAPTER_INFO *info = &u->AdapterInfoList.Adapters[i];
+
+		if (IsEmptyStr(info->FriendlyName))
+		{
+			// Some NetAdapterCx drivers doesn't report the FriendlyName in the kernel mode.
+			// So we attempt to obtain the DriverDesc string from NetCfg registry key alternatively.
+			char regkey[MAX_PATH] = {0};
+			char tmp[MAX_PATH] = {0};
+			char adapter_guid[MAX_PATH] = {0};
+
+			UniToStr(adapter_guid, sizeof(adapter_guid), info->AdapterId + StrLen(SL_ADAPTER_ID_PREFIX));
+
+			if (GetClassRegKeyWin32(regkey, sizeof(regkey), tmp, sizeof(tmp), adapter_guid))
+			{
+				char *driver_desc = MsRegReadStrEx2(REG_LOCAL_MACHINE, regkey, "DriverDesc", false, true);
+
+				if (driver_desc != NULL)
+				{
+					StrCpy(info->FriendlyName, sizeof(info->FriendlyName), driver_desc);
+					Free(driver_desc);
+				}
+			}
+		}
+
+		{
 			SU_ADAPTER_LIST *a = SuAdapterInfoToAdapterList(info);
 
+			char macstr[128] = {0};
+			BinToStr(macstr, sizeof(macstr), info->MacAddress, sizeof(info->MacAddress));
+
 			if (a != NULL)
 			{
+				// Debug("SU: Adapter %u (OK): ID=%S, MAC=%s, FriendlyName=%s\n", i, info->AdapterId, macstr, info->FriendlyName);
+
 				Add(ret, a);
 			}
+			else
+			{
+				// Debug("SU: Adapter %u (NG): ID=%S, MAC=%s, FriendlyName=%s\n", i, info->AdapterId, macstr, info->FriendlyName);
+			}
+		}
 	}
 
 	// Sort
@@ -827,7 +861,8 @@ SU_ADAPTER_LIST *SuAdapterInfoToAdapterList(SL_ADAPTER_INFO *info)
 	Copy(&t.Info, info, sizeof(SL_ADAPTER_INFO));
 
 	UniToStr(tmp, sizeof(tmp), info->AdapterId);
-	if (IsEmptyStr(tmp) || IsEmptyStr(info->FriendlyName) || StartWith(tmp, SL_ADAPTER_ID_PREFIX) == false)
+	// Make the NIC appear in the "Local Bridge Settings" list regardless of a NULL character consisted in "FriendlyName".
+	if (IsEmptyStr(tmp) || /* IsEmptyStr(info->FriendlyName) || */ StartWith(tmp, SL_ADAPTER_ID_PREFIX) == false)
 	{
 		// Name is invalid
 		return NULL;

src/Cedar/Server.c

@@ -30,6 +30,7 @@
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
+#include "Mayaqua/Network.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/OS.h"
 #include "Mayaqua/Pack.h"
@@ -6032,6 +6033,15 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
 		// Disable JSON-RPC Web API
 		s->DisableJsonRpcWebApi = CfgGetBool(f, "DisableJsonRpcWebApi");
 
+		char tmpaddr[MAX_PATH];
+		if (CfgGetStr(f, "JsonRpcWebApiAllowedSubnet", tmpaddr, sizeof(tmpaddr))) {
+			IP _subnet, _mask;
+			if (ParseIpAndMask46(tmpaddr, &_subnet, &_mask)) {
+				s->JsonRpcWebApiAllowedSubnetAddr = _subnet;
+				s->JsonRpcWebApiAllowedSubnetMask = _mask;
+			}
+		}
+
 		// Bits of Diffie-Hellman parameters
 		c->DhParamBits = CfgGetInt(f, "DhParamBits");
 		if (c->DhParamBits == 0)
@@ -6365,6 +6375,11 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
 
 		// Disable JSON-RPC Web API
 		CfgAddBool(f, "DisableJsonRpcWebApi", s->DisableJsonRpcWebApi);
+
+		char tmpaddr[MAX_PATH];
+		IPAndMaskToStr(tmpaddr, sizeof(tmpaddr),
+			&s->JsonRpcWebApiAllowedSubnetAddr, &s->JsonRpcWebApiAllowedSubnetMask);
+		CfgAddStr(f, "JsonRpcWebApiAllowedSubnet", tmpaddr);
 	}
 	Unlock(c->lock);
 }

src/Cedar/Server.h

@@ -276,6 +276,9 @@ struct SERVER
 	IP ListenIP;						// Listen IP
 	bool StrictSyslogDatetimeFormat;	// Make syslog datetime format strict RFC3164
 	bool DisableJsonRpcWebApi;					// Disable JSON-RPC Web API
+
+	IP JsonRpcWebApiAllowedSubnetAddr;  // If set, allow access to JSON-RPC Web API from
+	IP JsonRpcWebApiAllowedSubnetMask;  //   this subnet only
 };
 
 

src/Cedar/Session.c

@@ -615,7 +615,7 @@ void SessionMain(SESSION *s)
 					UINT max_conn = s->ClientOption->MaxConnection;
 
 					if ((s->CurrentConnectionEstablishTime +
-						(UINT64)(s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
+						(UINT64)(num_tcp_conn * s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
 						<= Tick64())
 					{
 						if (s->ClientOption->BindLocalPort != 0 || num_tcp_conn == 0)

src/Mayaqua/FileIO.c

@@ -2124,6 +2124,24 @@ IO *FileOpenEx(char *name, bool write_mode, bool read_lock)
 
 	return ret;
 }
+
+// Replace the specified character in the string with a new character
+wchar_t *UniReplaceCharW(wchar_t *src, UINT size, wchar_t c, wchar_t  newc) {
+	if (src == NULL)
+	{
+		return NULL;
+	}
+	for (; *src; src++, size -= sizeof(wchar_t)) {
+		if (size < sizeof(wchar_t)) {
+			break;
+		}
+		if (*src == c) {
+			*src = newc;
+		}
+	}
+	return (wchar_t *)src;
+}
+
 IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 {
 	wchar_t tmp[MAX_SIZE];
@@ -2140,9 +2158,12 @@ IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 		IO *o = ZeroMalloc(sizeof(IO));
 		name++;
 		UniStrCpy(o->NameW, sizeof(o->NameW), name);
+#ifdef	OS_WIN32
+		UniReplaceCharW(o->NameW, sizeof(o->NameW), L'\\', L'/');		// Path separator "/" is used.
+#endif	// OS_WIN32
 		UniToStr(o->Name, sizeof(o->Name), o->NameW);
 		o->HamMode = true;
-		o->HamBuf = ReadHamcoreW(name);
+		o->HamBuf = ReadHamcoreW(o->NameW);
 		if (o->HamBuf == NULL)
 		{
 			Free(o);

src/Mayaqua/Network.c

@@ -6986,6 +6986,18 @@ void IPToStr6Inner(char *str, IP *ip)
 	}
 }
 
+// Format IP and subnet mask as "<ip>/<masksize>"
+void IPAndMaskToStr(char *str, UINT size, IP *ip, IP *subnet)
+{
+	int iplen;
+	UINT masksize;
+
+	IPToStr(str, size, ip);
+	iplen = StrLen(str);
+	masksize = SubnetMaskToInt(subnet);
+	Format(str + iplen, size - iplen, "/%d", masksize);
+}
+
 // Convert the string to an IP address
 bool StrToIP6(IP *ip, char *str)
 {

src/Mayaqua/Network.h

@@ -1289,6 +1289,7 @@ void IPToStr6(char *str, UINT size, IP *ip);
 void IP6AddrToStr(char *str, UINT size, IPV6_ADDR *addr);
 void IPToStr6Array(char *str, UINT size, UCHAR *bytes);
 void IPToStr6Inner(char *str, IP *ip);
+void IPAndMaskToStr(char *str, UINT size, IP *ip, IP *subnet);
 void IntToSubnetMask6(IP *ip, UINT i);
 void IPAnd6(IP *dst, IP *a, IP *b);
 void GetAllRouterMulticastAddress6(IP *ip);

src/Mayaqua/pkcs11f.h

@@ -73,7 +73,7 @@ CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
 (
   CK_BBOOL       tokenPresent,  /* only slots with tokens? */
   CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
-  CK_ULONG_PTR   pulCount       /* receives number of slots */
+  CK_UINT_PTR   pulCount       /* receives number of slots */
 );
 #endif
 
@@ -351,7 +351,7 @@ CK_PKCS11_FUNCTION_INFO(C_FindObjects)
  CK_SESSION_HANDLE    hSession,          /* session's handle */
  CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
  CK_ULONG             ulMaxObjectCount,  /* max handles to get */
- CK_ULONG_PTR         pulObjectCount     /* actual # returned */
+ CK_UINT_PTR         pulObjectCount     /* actual # returned */
 );
 #endif
 
@@ -558,7 +558,7 @@ CK_PKCS11_FUNCTION_INFO(C_Sign)
   CK_BYTE_PTR       pData,           /* the data to sign */
   CK_ULONG          ulDataLen,       /* count of bytes to sign */
   CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
+  CK_UINT_PTR      pulSignatureLen  /* gets signature length */
 );
 #endif
 

src/Mayaqua/pkcs11t.h

@@ -51,6 +51,8 @@ typedef CK_BYTE           CK_BBOOL;
 /* an unsigned value, at least 32 bits long */
 typedef unsigned long int CK_ULONG;
 
+typedef unsigned int CK_UINT;
+
 /* a signed value, the same size as a CK_ULONG */
 /* CK_LONG is new for v2.0 */
 typedef long int          CK_LONG;
@@ -68,6 +70,7 @@ typedef CK_BYTE     CK_PTR   CK_BYTE_PTR;
 typedef CK_CHAR     CK_PTR   CK_CHAR_PTR;
 typedef CK_UTF8CHAR CK_PTR   CK_UTF8CHAR_PTR;
 typedef CK_ULONG    CK_PTR   CK_ULONG_PTR;
+typedef CK_UINT     CK_PTR   CK_UINT_PTR;
 typedef void        CK_PTR   CK_VOID_PTR;
 
 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
@@ -110,7 +113,7 @@ typedef CK_ULONG CK_NOTIFICATION;
 #define CKN_SURRENDER       0
 
 
-typedef CK_ULONG          CK_SLOT_ID;
+typedef CK_UINT          CK_SLOT_ID;
 
 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
 
@@ -262,7 +265,7 @@ typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
 
 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
  * identifies a session */
-typedef CK_ULONG          CK_SESSION_HANDLE;
+typedef CK_UINT          CK_SESSION_HANDLE;
 
 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 
 
@@ -310,7 +313,7 @@ typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
 
 /* CK_OBJECT_HANDLE is a token-specific identifier for an
  * object  */
-typedef CK_ULONG          CK_OBJECT_HANDLE;
+typedef CK_UINT          CK_OBJECT_HANDLE;
 
 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;