Merge 36505e3896 into f6c185f279

2026-04-23 23:39:27 +03:00 · 2024-03-11 14:02:12 -07:00
34 changed files with 329 additions and 473 deletions
@@ -0,0 +1,33 @@
 version: '{build}'
 image: Ubuntu2004
 configuration: Release
 skip_branch_with_pr: true
 clone_depth: 1
 skip_commits:
  files:
    - .travis.yml
    - .gitlab-ci.yml
    - .azure-pipelines.yml
    - .cirrus.yml
 init:
  - ps: Update-AppveyorBuild -Version "build-$env:APPVEYOR_BUILD_NUMBER-$($env:APPVEYOR_REPO_COMMIT.substring(0,7))"
 install:
  - sudo apt-get -y install libsodium-dev libcap-ng-dev
 before_build:
  - git submodule update --init --recursive
  - ./configure
 build_script:
  - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
  - .ci/memory-leak-test.sh
 test_script:
  - .ci/appveyor-deb-install-test.sh
  - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev libnl-genl-3-dev # openvpn build deps
  - sudo .ci/start-se-openvpn.sh
  - sudo .ci/run-openvpn-tests.sh
@@ -0,0 +1,4 @@
 jobs:
  - template: .ci/azure-pipelines/linux.yml
  - template: .ci/azure-pipelines/windows.yml
  - template: .ci/azure-pipelines/macos.yml
@@ -0,0 +1,20 @@
 jobs:
 - job: Ubuntu_x64
  pool:
    vmImage: ubuntu-22.04
  steps:
  - checkout: self
    submodules: true
    persistCredentials: true
  - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev
    displayName: 'Prepare environment'
  - script: "$(Build.SourcesDirectory)/.ci/azure-pipelines/linux_build.sh"
    env:
      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
    displayName: 'Build'
  - script: |
      .ci/appveyor-deb-install-test.sh
      sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/start-se-openvpn.sh
      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/run-openvpn-tests.sh
    displayName: 'Test'
@@ -0,0 +1,15 @@
 #!/bin/bash
 if [[ "${#SE_BUILD_NUMBER_TOKEN}" -eq 64 ]]; then
 	VERSION=$(python3 "version.py")
 	BUILD_NUMBER=$(curl "https://softether.network/get-build-number?commit=${BUILD_SOURCEVERSION}&version=${VERSION}&token=${SE_BUILD_NUMBER_TOKEN}")
 else
 	BUILD_NUMBER=0
 fi
 cd ${BUILD_BINARIESDIRECTORY}
 cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_NUMBER=${BUILD_NUMBER} ${BUILD_SOURCESDIRECTORY}
 cmake --build .
 cpack -C Release -G DEB 
@@ -0,0 +1,14 @@
 jobs:
 - job: macOS
  pool:
    vmImage: macOS-latest
  steps:
  - checkout: self
    submodules: true
    persistCredentials: true
  - script: brew install pkg-config cmake ninja ncurses readline libsodium openssl zlib
    displayName: 'Prepare environment'
  - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/macos_build.sh'
    env:
      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
    displayName: 'Build'
@@ -0,0 +1,13 @@
 #!/bin/bash
 if [[ "${#SE_BUILD_NUMBER_TOKEN}" -eq 64 ]]; then
 	VERSION=$(python3 "version.py")
 	BUILD_NUMBER=$(curl "https://softether.network/get-build-number?commit=${BUILD_SOURCEVERSION}&version=${VERSION}&token=${SE_BUILD_NUMBER_TOKEN}")
 else
 	BUILD_NUMBER=0
 fi
 cd ${BUILD_BINARIESDIRECTORY}
 cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_NUMBER=${BUILD_NUMBER} -DOPENSSL_ROOT_DIR="/usr/local/opt/openssl" ${BUILD_SOURCESDIRECTORY}
 cmake --build .
@@ -0,0 +1,41 @@
 parameters:
 - name: architecture
  type: string
 - name: compilerPath
  type: string
 - name: vcpkgTriplet
  type: string
 - name: vcvarsPath
  type: string
 steps:
 - task: Cache@2
  inputs:
    key: '"vcpkg-manifest" | "$(Agent.OS)" | "${{parameters.vcpkgTriplet}}" | C:/vcpkg/.git/refs/heads/master'
    path: '$(Build.BinariesDirectory)/vcpkg_installed'
  displayName: 'Environment storage'
 - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/windows_build.bat'
  env:
    ARCHITECTURE: ${{parameters.architecture}}
    COMPILER_PATH: ${{parameters.compilerPath}}
    VCPKG_TRIPLET: ${{parameters.vcpkgTriplet}}
    VCVARS_PATH: ${{parameters.vcvarsPath}}
    SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
  displayName: 'Build'
 - powershell: |
    . .ci/appveyor-vpntest.ps1
  displayName: 'Test'
 - task: CopyFiles@2
  inputs:
    sourceFolder: '$(Build.BinariesDirectory)'
    contents: '?(*.exe|*.se2|*.pdb)'
    TargetFolder: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
    flattenFolders: true
 - task: PublishBuildArtifacts@1
  inputs:
    pathtoPublish: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
    artifactName: 'Binaries_${{parameters.architecture}}'
 - task: PublishBuildArtifacts@1
  inputs:
    pathtoPublish: '$(Build.StagingDirectory)/installers'
    artifactName: 'Installers'
@@ -0,0 +1,27 @@
 jobs:
 - job: Windows_x64
  pool:
    vmImage: windows-latest
  steps:
  - checkout: self
    submodules: true
    persistCredentials: true
  - template: "windows-steps.yml"
    parameters:
      architecture: "x64"
      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe"
      vcpkgTriplet: "x64-windows-static"
      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"
 - job: Windows_x86
  pool:
    vmImage: windows-latest
  steps:
  - checkout: self
    submodules: true
    persistCredentials: true
  - template: "windows-steps.yml"
    parameters:
      architecture: "x86"
      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe"
      vcpkgTriplet: "x86-windows-static"
      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"
@@ -0,0 +1,26 @@
@echo on
 :: The method we use to store a command's output into a variable:
 :: https://stackoverflow.com/a/6362922
 for /f "tokens=* USEBACKQ" %%g in (`python "version.py"`) do (set "VERSION=%%g")
 :: https://stackoverflow.com/a/8566001
 echo %SE_BUILD_NUMBER_TOKEN%> "%tmp%\length.txt"
 for %%? in ("%tmp%\length.txt") do ( set /A SE_BUILD_NUMBER_TOKEN_LENGTH=%%~z? - 2 )
 if %SE_BUILD_NUMBER_TOKEN_LENGTH% equ 64 (
 	for /f "tokens=* USEBACKQ" %%g in (`curl "https://softether.network/get-build-number?commit=%BUILD_SOURCEVERSION%&version=%VERSION%&token=%SE_BUILD_NUMBER_TOKEN%"`) do (set "BUILD_NUMBER=%%g")
 ) else (
 	set BUILD_NUMBER=0
 )
 cd %BUILD_BINARIESDIRECTORY%
 call "%VCVARS_PATH%"
 cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% "%BUILD_SOURCESDIRECTORY%"
 cmake --build .
 mkdir "%BUILD_STAGINGDIRECTORY%\installers"
 vpnsetup /SFXMODE:vpnclient /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
 vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
@@ -11,7 +11,7 @@ FreeBSD_task:
      SSL:
  matrix:
    freebsd_instance:
-      image_family: freebsd-14-0
+      image_family: freebsd-13-2
  prepare_script:
    - pkg install -y pkgconf cmake git libsodium $SSL
    - git submodule update --init --recursive
@@ -1,34 +0,0 @@
 on: [push, pull_request]
 permissions:
  contents: read
 jobs:
  build_and_test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
      with:
        submodules: true
    - name: Install dependencies
      run: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev 
    - name: Build
      run: |
        mkdir build
        cd build
        cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
        cmake --build .
    - name: Build deb packages
      run: |
        cd build
        cpack -C Release -G DEB 
    - name: Test
      run: |
       .ci/appveyor-deb-install-test.sh
       sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
       sudo .ci/start-se-openvpn.sh
       sudo .ci/run-openvpn-tests.sh
@@ -7,7 +7,7 @@ jobs:
  build_and_test:
    strategy:
      matrix:
-        os: [macos-14, macos-13, macos-12]
+        os: [macos-13, macos-12, macos-11]
    name: ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    steps:
@@ -1,63 +0,0 @@
 on: [push, pull_request]
 permissions:
  contents: read
 jobs:
  build_and_test:
    strategy:
      matrix:
        platform: [
          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"},
          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
        ]
    runs-on: windows-latest
    name: ${{ matrix.platform.ARCHITECTURE }}
    steps:
    - uses: actions/checkout@v4
      with:
        submodules: true
    - name: Cache vcpkg
      uses: actions/cache@v4
      with:
        path: 'build/vcpkg_installed/'
        key: vcpkg-${{ matrix.platform.VCPKG_TRIPLET }}
    - name: Set version variables
      run: |
        $v = python version.py
        echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
      shell: pwsh
    - name: Build
      env:
        ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
        COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
        VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
        VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
      run: |
        set BUILD_NUMBER=0
        mkdir build
        cd build
        call "%VCVARS_PATH%"
        cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% ..
        cmake --build .
        mkdir installers
        vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
        vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
      shell: cmd
    - name: Test
      shell: powershell
      run: |
        . .ci/appveyor-vpntest.ps1
    - uses: actions/upload-artifact@v4
      with:
        if-no-files-found: error
        name: Binaries-${{ matrix.platform.ARCHITECTURE }}
        path: |
          build/*.exe
          build/*.pdb
          build/*.se2
    - uses: actions/upload-artifact@v4
      with:
        if-no-files-found: error
        name: Installers-${{ matrix.platform.ARCHITECTURE }}
        path: build/installers
@@ -1,94 +0,0 @@
 name: "Release"
 on:
  push:
    tags:
      - '*'
 concurrency:
  group: "${{ github.workflow }}-${{ github.ref }}"
  cancel-in-progress: true
 permissions:
  contents: write
 jobs:
  release:
    runs-on: windows-latest
    outputs:
      upload_url: "${{ steps.create_release.outputs.upload_url }}"
    steps:
      - name: "Checkout repository"
        uses: actions/checkout@v4
      - name: "Create GitHub release"
        id: create_release
        uses: softprops/action-gh-release@v1
  build-windows:
    name: ${{ matrix.platform.ARCHITECTURE }}
    runs-on: windows-latest
    needs: ["release"]
    strategy:
      matrix:
        platform: [
          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"},
          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
        ]
    steps:
      - name: "Checkout repository"
        uses: actions/checkout@v4
        with:
          submodules: true
      - name: Cache vcpkg
        uses: actions/cache@v4
        with:
          path: 'build/vcpkg_installed/'
          key: vcpkg-release-${{ matrix.platform.VCPKG_TRIPLET }}
      - name: Set version variables
        run: |
          $b=(Get-Content CMakeSettings.json | Out-String | ConvertFrom-Json).environments.BuildNumber		
          echo "BUILD_NUMBER=$b" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
          $v = python version.py
          echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
        shell: pwsh
      - name: Build
        env:
          ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
          COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
          VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
          VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
        run: |
          mkdir build
          cd build
          call "%VCVARS_PATH%"
          cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% ..
          cmake --build .
          mkdir installers
          vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
          vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
        shell: cmd
      - name: dir
        run: |
          Get-ChildItem -Recurse build/installers
        shell: pwsh
      - name: "Upload softether-vpnclient"
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: "${{ github.token }}"
        with:
          upload_url: "${{ needs.release.outputs.upload_url }}"
          asset_path: "build/installers/softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
          asset_name: "softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
          asset_content_type: "application/octet-stream"
      - name: "Upload softether-vpnserver_vpnbridge"
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: "${{ github.token }}"
        with:
          upload_url: "${{ needs.release.outputs.upload_url }}"
          asset_path: "build/installers/softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
          asset_name: "softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
          asset_content_type: "application/octet-stream"
@@ -1,3 +0,0 @@
 {
    "cmake.configureOnOpen": false
 }
@@ -3,7 +3,7 @@ cmake_minimum_required(VERSION 3.10)
 set(BUILD_NUMBER CACHE STRING "The number of the current build.")
 if ("${BUILD_NUMBER}" STREQUAL "")
-	set(BUILD_NUMBER "5185")
+	set(BUILD_NUMBER "5182")
 endif()
 if (BUILD_NUMBER LESS 5180)
@@ -53,7 +53,7 @@ if(UNIX)
  #
  # use rpath for locating installed libraries
  #
-  set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}")
+  set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
  set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
  include(CheckIncludeFile)
@@ -1,5 +1,5 @@
 {
-  "environments": [ { "BuildNumber": "5185" } ],
+  "environments": [ { "BuildNumber": "5182" } ],
  "configurations": [
    {
      "name": "x64-native",
@@ -2,8 +2,10 @@
 ||Badges|
 |---|---|
 |AppVeyor|[![AppVeyor build status](https://ci.appveyor.com/api/projects/status/github/softethervpn/softethervpn?branch=master&svg=true)](https://ci.appveyor.com/project/softethervpn/softethervpn) |
 |GitLab CI|[![GitLab CI build status](https://gitlab.com/SoftEther/SoftEtherVPN/badges/master/pipeline.svg)](https://gitlab.com/SoftEther/SoftEtherVPN/pipelines)|
 |Coverity Scan|[![Coverity Scan build status](https://scan.coverity.com/projects/16304/badge.svg)](https://scan.coverity.com/projects/softethervpn-softethervpn)|
 |Azure Pipelines|[![Azure Pipelines build status for Nightly](https://dev.azure.com/SoftEther-VPN/SoftEther%20VPN/_apis/build/status/6?api-version=6.0-preview.1)](https://dev.azure.com/SoftEther-VPN/SoftEther%20VPN/_build?definitionId=6)|
 |Cirrus CI|[![Cirrus CI build status](https://api.cirrus-ci.com/github/SoftEtherVPN/SoftEtherVPN.svg)](https://cirrus-ci.com/github/SoftEtherVPN/SoftEtherVPN)|
 - [SoftEther VPN](#softether-vpn)
@@ -65,23 +65,12 @@
      }
    },
    "braces": {
-      "version": "3.0.3",
+      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
+      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
      "dev": true,
      "requires": {
-        "fill-range": "^7.1.1"
+        "fill-range": "^7.0.1"
      },
      "dependencies": {
        "fill-range": {
          "version": "7.1.1",
          "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
          "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
          "dev": true,
          "requires": {
            "to-regex-range": "^5.0.1"
          }
        }
      }
    },
    "builtin-modules": {
@@ -162,6 +151,15 @@
      "integrity": "sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs=",
      "dev": true
    },
    "fill-range": {
      "version": "7.0.1",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
      "dev": true,
      "requires": {
        "to-regex-range": "^5.0.1"
      }
    },
    "fs.realpath": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
@@ -805,12 +805,7 @@ bool EthIsChangeMtuSupported(ETH *e)
 		return false;
 	}
 // FreeBSD seriously dislikes MTU changes; disable if compiled on that platform
 #ifndef	__FreeBSD__
 	return true;
 #else
 	return false;
 #endif
 #else	// defined(UNIX_LINUX) || defined(UNIX_BSD) || defined(UNIX_SOLARIS)
 	return false;
 #endif	// defined(UNIX_LINUX) || defined(UNIX_BSD) || defined(UNIX_SOLARIS)
@@ -1517,9 +1517,7 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
 									// We save the router advertisement data for later use
 									IPCIPv6AddRouterPrefixes(ipc, &p->ICMPv6HeaderPacketInfo.OptionList, src_mac, &ip_src);
 									IPCIPv6AssociateOnNDTEx(ipc, &ip_src, src_mac, true);
-									if (p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer != NULL) {
+									IPCIPv6AssociateOnNDTEx(ipc, &ip_src, p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer->Address, true);
 										IPCIPv6AssociateOnNDTEx(ipc, &ip_src, p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer->Address, true);
 									}
 									ndtProcessed = true;
 									header_size = sizeof(ICMPV6_ROUTER_ADVERTISEMENT_HEADER);
 									break;
@@ -2356,14 +2354,7 @@ void IPCIPv6AddRouterPrefixes(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *m
 				IntToSubnetMask6(&newRA->RoutedMask, recvPrefix->Prefix[i]->SubnetLength);
 				CopyIP(&newRA->RouterAddress, ip);
 				Copy(newRA->RouterMacAddress, macAddress, 6);
-				if (recvPrefix->SourceLinkLayer != NULL)
+				Copy(newRA->RouterLinkLayerAddress, recvPrefix->SourceLinkLayer->Address, 6);
 				{
 					Copy(newRA->RouterLinkLayerAddress, recvPrefix->SourceLinkLayer->Address, 6);
 				}
 				else
 				{
 					Zero(newRA->RouterLinkLayerAddress, 6);
 				}
 				Add(ipc->IPv6RouterAdvs, newRA);
 			}
 		}
@@ -2666,7 +2657,7 @@ void IPCIPv6SendUnicast(IPC *ipc, void *data, UINT size, IP *next_ip)
 		}
 		destMac = ra.RouterMacAddress;
-		if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterLinkLayerAddress))
+		if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterMacAddress))
 		{
 			destMac = ra.RouterLinkLayerAddress;
 		}
@@ -463,13 +463,39 @@ void ProcIPsecEspPacketRecv(IKE_SERVER *ike, UDPPACKET *p)
 	seq = READ_UINT(src + sizeof(UINT));
 	// Search and retrieve the IPsec SA from SPI
 	// thank to @phillibert report, responding to bad SA might lead to amplification
 	// according to RFC4303 we should drop such packets
 	ipsec_sa = SearchClientToServerIPsecSaBySpi(ike, spi);
 	if (ipsec_sa == NULL)
 	{
 		// Invalid SPI
 		UINT64 init_cookie = Rand64();
 		UINT64 resp_cookie = 0;
 		IKE_CLIENT *c = NULL;
 		IKE_CLIENT t;
 		Copy(&t.ClientIP, &p->SrcIP, sizeof(IP));
 		t.ClientPort = p->SrcPort;
 		Copy(&t.ServerIP, &p->DstIP, sizeof(IP));
 		t.ServerPort = p->DestPort;
 		t.CurrentIkeSa = NULL;
 		if (p->DestPort == IPSEC_PORT_IPSEC_ESP_RAW)
 		{
 			t.ClientPort = t.ServerPort = IPSEC_PORT_IPSEC_ISAKMP;
 		}
 		c = Search(ike->ClientList, &t);
 		if (c != NULL && c->CurrentIkeSa != NULL)
 		{
 			init_cookie = c->CurrentIkeSa->InitiatorCookie;
 			resp_cookie = c->CurrentIkeSa->ResponderCookie;
 		}
 		SendInformationalExchangePacketEx(ike, (c == NULL ? &t : c), IkeNewNoticeErrorInvalidSpiPayload(spi), false,
 			init_cookie, resp_cookie);
 		SendDeleteIPsecSaPacket(ike, (c == NULL ? &t : c), spi);
 		return;
 	}
@@ -6773,6 +6773,7 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)
 	p = NewPack();
 	PackAddStr(p, "method", "login");
 	PackAddStr(p, "hubname", hubname);
 	if (IsEmptyStr(username))
 	{
@@ -6781,26 +6782,12 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)
 			FreePack(p);
 			return NULL;
 		}
 		UniToStr(cn_username, sizeof(cn_username), x->subject_name->CommonName);
-
+		PackAddStr(p, "username", cn_username);
 		if (strchr(cn_username, '@') != NULL)
 		{
 			PackAddStr(p, "username", strtok(cn_username, "@"));
 			PackAddStr(p, "hubname", strtok(NULL, ""));
 		}
 		else
 		{
 			PackAddStr(p, "username", cn_username);
 			PackAddStr(p, "hubname", hubname);
 		}
 	}
 	else
 	{
 		PackAddStr(p, "username", username);
 		PackAddStr(p, "hubname", hubname);
 	}
 	PackAddInt(p, "authtype", AUTHTYPE_OPENVPN_CERT);
@@ -615,7 +615,7 @@ void SessionMain(SESSION *s)
 					UINT max_conn = s->ClientOption->MaxConnection;
 					if ((s->CurrentConnectionEstablishTime +
-						(UINT64)(num_tcp_conn * s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
+						(UINT64)(s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
 						<= Tick64())
 					{
 						if (s->ClientOption->BindLocalPort != 0 || num_tcp_conn == 0)
@@ -9340,48 +9340,20 @@ UINT ServeDhcpDiscoverEx(VH *v, UCHAR *mac, UINT request_ip, bool is_static_ip)
 		return 0;
 	}
 	UINT ret = 0;
 	DHCP_LEASE *d = SearchDhcpLeaseByIp(v, request_ip);
 	if (d != NULL)
 	{
-		// If an entry for the same IP address already exists,
+		// The requested IP address is used already
-		// check whether it is a request from the same MAC address
+		return 0;
 		if (Cmp(mac, d->MacAddress, 6) == 0)
 		{
 			// Examine whether the specified IP address is within the range of static assignment
 			if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
 				Endian32(request_ip) > Endian32(v->DhcpIpEnd))
 			{
 				// Accept if within the range of static assignment
 				ret = request_ip;
 			}
 		}
 		else {
 			// Duplicated IPV4 address found. The specified IP address is not available for use
 			char ipstr[MAX_HOST_NAME_LEN + 1] = { 0 };
 			char macstr[128] = { 0 };
 			IPToStr32(ipstr, sizeof(ipstr), request_ip);
 			MacToStr(macstr, sizeof(macstr), d->MacAddress);
 			Debug("Virtual DHC Server: Duplicated IP address detected. Static IP: %s, with the MAC: %s\n", ipstr, macstr);
 		}
 	}
 	else
 	{
 		// Examine whether the specified IP address is within the range of static assignment
 		if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
 			Endian32(request_ip) > Endian32(v->DhcpIpEnd))
 		{
 			// Accept if within the range of static assignment
 			ret = request_ip;
 		}
 		else
 		{
 			// The specified IP address is not available for use
 		}
 	}
-	return ret;
+	// For static IP, the requested IP address must NOT be within the range of the DHCP pool
 	if (Endian32(request_ip) < Endian32(v->DhcpIpStart) || Endian32(request_ip) > Endian32(v->DhcpIpEnd))
 	{
 		return request_ip;
 	}
 	return 0;
 }
 // Take an appropriate IP addresses that can be assigned newly
@@ -9568,11 +9540,6 @@ void VirtualDhcpServer(VH *v, PKT *p)
 			{
 				ip = ServeDhcpRequestEx(v, p->MacAddressSrc, opt->RequestedIp, ip_static);
 			}
 			// If the IP address in user's note is changed, then reply to DHCP_REQUEST with DHCP_NAK
 			if (p->L3.IPv4Header->SrcIP && ip != p->L3.IPv4Header->SrcIP)
 			{
 				ip = 0;
 			}
 		}
 		if (ip != 0 || opt->Opcode == DHCP_INFORM)
@@ -9585,14 +9552,6 @@ void VirtualDhcpServer(VH *v, PKT *p)
 				char client_mac[MAX_SIZE];
 				char client_ip[MAX_SIZE];
 				// If there is any entry with the same MAC address, then remove it
 				d = SearchDhcpLeaseByMac(v, p->MacAddressSrc);
 				if (d != NULL)
 				{
 					FreeDhcpLease(d);
 					Delete(v->DhcpLeaseList, d);
 				}
 				// Remove old records with the same IP address
 				d = SearchDhcpLeaseByIp(v, ip);
 				if (d != NULL)
@@ -9751,40 +9710,36 @@ void VirtualDhcpServer(VH *v, PKT *p)
 		}
 		else
 		{
-			// Reply of DHCP_REQUEST must be either DHCP_ACK or DHCP_NAK
+			// There is no IP address that can be provided
-			if (opt->Opcode == DHCP_REQUEST)
+			DHCP_OPTION_LIST ret;
 			LIST *o;
 			Zero(&ret, sizeof(ret));
 			ret.Opcode = DHCP_NACK;
 			ret.ServerAddress = v->HostIP;
 			StrCpy(ret.DomainName, sizeof(ret.DomainName), v->DhcpDomain);
 			ret.SubnetMask = v->DhcpMask;
 			// Build the DHCP option
 			o = BuildDhcpOption(&ret);
 			if (o != NULL)
 			{
-				// There is no IP address that can be provided
+				BUF *b = BuildDhcpOptionsBuf(o);
-				DHCP_OPTION_LIST ret;
+				if (b != NULL)
 				LIST *o;
 				Zero(&ret, sizeof(ret));
 				ret.Opcode = DHCP_NACK;
 				ret.ServerAddress = v->HostIP;
 				StrCpy(ret.DomainName, sizeof(ret.DomainName), v->DhcpDomain);
 				ret.SubnetMask = v->DhcpMask;
 				// Build the DHCP option
 				o = BuildDhcpOption(&ret);
 				if (o != NULL)
 				{
-					BUF *b = BuildDhcpOptionsBuf(o);
+					UINT dest_ip = p->L3.IPv4Header->SrcIP;
-					if (b != NULL)
+					if (dest_ip == 0)
 					{
-						UINT dest_ip = p->L3.IPv4Header->SrcIP;
+						dest_ip = 0xffffffff;
 						if (dest_ip == 0)
 						{
 							dest_ip = 0xffffffff;
 						}
 						// Transmission
 						VirtualDhcpSend(v, tran_id, dest_ip, Endian16(p->L4.UDPHeader->SrcPort),
 							ip, dhcp->ClientMacAddress, b, dhcp->HardwareType, dhcp->HardwareAddressSize);
 						// Release the memory
 						FreeBuf(b);
 					}
-					FreeDhcpOptions(o);
+					// Transmission
 					VirtualDhcpSend(v, tran_id, dest_ip, Endian16(p->L4.UDPHeader->SrcPort),
 					                ip, dhcp->ClientMacAddress, b, dhcp->HardwareType, dhcp->HardwareAddressSize);
 					// Release the memory
 					FreeBuf(b);
 				}
 				FreeDhcpOptions(o);
 			}
 		}
 	}
@@ -88,7 +88,6 @@ int ssl_clientcert_index = 0;
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 static OSSL_PROVIDER *ossl_provider_legacy = NULL;
 static OSSL_PROVIDER *ossl_provider_default = NULL;
 static OSSL_PROVIDER *ossl_provider_oqsprovider = NULL;
 #endif
 LOCK **ssl_lock_obj = NULL;
@@ -3975,12 +3974,6 @@ void FreeCryptLibrary()
 		OSSL_PROVIDER_unload(ossl_provider_legacy);
 		ossl_provider_legacy = NULL;
 	}
 	if (ossl_provider_oqsprovider != NULL)
 	{
 		OSSL_PROVIDER_unload(ossl_provider_oqsprovider);
 		ossl_provider_oqsprovider = NULL;
 	}
 #endif
 }
@@ -4003,7 +3996,6 @@ void InitCryptLibrary()
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 	ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");
 	ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");
 	ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, "oqsprovider");
 #endif
 	ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);
@@ -2124,24 +2124,6 @@ IO *FileOpenEx(char *name, bool write_mode, bool read_lock)
 	return ret;
 }
 // Replace the specified character in the string with a new character
 wchar_t *UniReplaceCharW(wchar_t *src, UINT size, wchar_t c, wchar_t  newc) {
 	if (src == NULL)
 	{
 		return NULL;
 	}
 	for (; *src; src++, size -= sizeof(wchar_t)) {
 		if (size < sizeof(wchar_t)) {
 			break;
 		}
 		if (*src == c) {
 			*src = newc;
 		}
 	}
 	return (wchar_t *)src;
 }
 IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 {
 	wchar_t tmp[MAX_SIZE];
@@ -2158,12 +2140,9 @@ IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 		IO *o = ZeroMalloc(sizeof(IO));
 		name++;
 		UniStrCpy(o->NameW, sizeof(o->NameW), name);
 #ifdef	OS_WIN32
 		UniReplaceCharW(o->NameW, sizeof(o->NameW), L'\\', L'/');		// Path separator "/" is used.
 #endif	// OS_WIN32
 		UniToStr(o->Name, sizeof(o->Name), o->NameW);
 		o->HamMode = true;
-		o->HamBuf = ReadHamcoreW(o->NameW);
+		o->HamBuf = ReadHamcoreW(name);
 		if (o->HamBuf == NULL)
 		{
 			Free(o);
@@ -2568,7 +2568,6 @@ MS_ADAPTER_LIST *MsCreateAdapterListInnerExVista(bool no_info)
 				UniStrCpy(a->TitleW, sizeof(a->TitleW), title);
 				UniToStr(a->Title, sizeof(a->Title), title);
 				a->Index = r->InterfaceIndex;
 				a->MediaConnectState = r->MediaConnectState;
 				a->Type = r->Type;
 				a->Status = ConvertMidStatusVistaToXp(r->OperStatus);
 				a->Mtu = r->Mtu;
@@ -281,7 +281,6 @@ typedef struct MS_ADAPTER
 	char Title[MAX_PATH];			// Display name
 	wchar_t TitleW[MAX_PATH];		// Display Name (Unicode)
 	UINT Index;						// Index
 	UINT MediaConnectState;			// Media Connect State
 	UINT Type;						// Type
 	UINT Status;					// Status
 	UINT Mtu;						// MTU
@@ -540,13 +540,6 @@ LIST *Win32GetNicList()
 		if (a->Type == 6 && a->AddressSize == 6)
 		{
 			// If the connection state of the interface is unknown, then exclude it.
 			// Unknown means that the device is not plugged into the local host.
 			if (a->MediaConnectState == MediaConnectStateUnknown)
 			{
 				continue;
 			}
 			NIC_ENTRY *e = ZeroMalloc(sizeof(NIC_ENTRY));
 			StrCpy(e->IfName, sizeof(e->IfName), a->Title);
@@ -11905,10 +11898,6 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
 		Unlock(openssl_lock);
 	}
 	#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 		SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST);
 	#endif
 	if (sock->ServerMode)
 	{
 //		Lock(ssl_connect_lock);
@@ -12289,15 +12278,9 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 				Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 				return 0;
 			}
 			ERR_clear_error();
 			ret = SSL_peek(ssl, &c, sizeof(c));
 		}
 		Unlock(sock->ssl_lock);
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
 		// 2021/09/10: After OpenSSL 3.x.x, both 0 and negative values might mean retryable.
 		// See: https://github.com/openssl/openssl/blob/435981cbadad2c58c35bacd30ca5d8b4c9bea72f/doc/man3/SSL_read.pod
 		// > Old documentation indicated a difference between 0 and -1, and that -1 was retryable.
 		// > You should instead call SSL_get_error() to find out if it's retryable.
 		if (ret == 0)
 		{
 			// The communication have been disconnected
@@ -12305,8 +12288,7 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 			Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 			return 0;
 		}
-#endif
+		if (ret < 0)
 		if (ret <= 0)
 		{
 			// An error has occurred
 			e = SSL_get_error(ssl, ret);
@@ -12314,18 +12296,14 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 			{
 				if (e == SSL_ERROR_SSL
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
-					&&
+				        &&
-					sock->ssl->s3->send_alert[0] == SSL3_AL_FATAL &&
+				        sock->ssl->s3->send_alert[0] == SSL3_AL_FATAL &&
-					sock->ssl->s3->send_alert[0] != sock->Ssl_Init_Async_SendAlert[0] &&
+				        sock->ssl->s3->send_alert[0] != sock->Ssl_Init_Async_SendAlert[0] &&
-					sock->ssl->s3->send_alert[1] != sock->Ssl_Init_Async_SendAlert[1]
+				        sock->ssl->s3->send_alert[1] != sock->Ssl_Init_Async_SendAlert[1]
 #endif
-					)
+				   )
 				{
-					UINT ssl_err_no;
+					Debug("%s %u SSL Fatal Error on ASYNC socket !!!\n", __FILE__, __LINE__);
 					while (ssl_err_no = ERR_get_error()){
 						Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
 					};
 					Disconnect(sock);
 					return 0;
 				}
@@ -12352,15 +12330,14 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		}
 #endif	// OS_UNIX
-		// Run the time-out thread for SOLARIS
+// Run the time-out thread for SOLARIS
 #ifdef UNIX_SOLARIS
 		ttparam = NewSocketTimeout(sock);
 #endif // UNIX_SOLARIS
 		ERR_clear_error();
 		ret = SSL_read(ssl, data, size);
-		// Stop the timeout thread
+// Stop the timeout thread
 #ifdef UNIX_SOLARIS
 		FreeSocketTimeout(ttparam);
 #endif // UNIX_SOLARIS
@@ -12373,11 +12350,7 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		}
 #endif	// OS_UNIX
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
+		if (ret < 0)
 		if (ret < 0) // OpenSSL version < 3.0.0
 #else
 		if (ret <= 0) // OpenSSL version >= 3.0.0
 #endif
 		{
 			e = SSL_get_error(ssl, ret);
 		}
@@ -12400,12 +12373,6 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		return (UINT)ret;
 	}
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
 	// 2021/09/10: After OpenSSL 3.x.x, both 0 and negative values might mean retryable.
 	// See: https://github.com/openssl/openssl/blob/435981cbadad2c58c35bacd30ca5d8b4c9bea72f/doc/man3/SSL_read.pod
 	// > Old documentation indicated a difference between 0 and -1, and that -1 was retryable.
 	// > You should instead call SSL_get_error() to find out if it's retryable.
 	if (ret == 0)
 	{
 		// Disconnect the communication
@@ -12413,26 +12380,20 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		//Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 		return 0;
 	}
 #endif
 	if (sock->AsyncMode)
 	{
 		if (e == SSL_ERROR_WANT_READ || e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_SSL)
 		{
 			if (e == SSL_ERROR_SSL
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
-				&&
+			        &&
-				sock->ssl->s3->send_alert[0] == SSL3_AL_FATAL &&
+			        sock->ssl->s3->send_alert[0] == SSL3_AL_FATAL &&
-				sock->ssl->s3->send_alert[0] != sock->Ssl_Init_Async_SendAlert[0] &&
+			        sock->ssl->s3->send_alert[0] != sock->Ssl_Init_Async_SendAlert[0] &&
-				sock->ssl->s3->send_alert[1] != sock->Ssl_Init_Async_SendAlert[1]
+			        sock->ssl->s3->send_alert[1] != sock->Ssl_Init_Async_SendAlert[1]
 #endif
-				)
+			   )
 			{
-				UINT ssl_err_no;
+				Debug("%s %u SSL Fatal Error on ASYNC socket !!!\n", __FILE__, __LINE__);
 				while (ssl_err_no = ERR_get_error()) {
 					Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
 				};
 				Disconnect(sock);
 				return 0;
 			}
@@ -12441,8 +12402,8 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 			return SOCK_LATER;
 		}
 	}
 	Debug("%s %u e=%u SecureRecv() Disconnect\n", __FILE__, __LINE__, e);
 	Disconnect(sock);
 	Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 	return 0;
 }
@@ -12469,13 +12430,8 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 			return 0;
 		}
 		ERR_clear_error();
 		ret = SSL_write(ssl, data, size);
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
+		if (ret < 0)
 		if (ret < 0) // OpenSSL version < 3.0.0
 #else
 		if (ret <= 0) // OpenSSL version >= 3.0.0
 #endif
 		{
 			e = SSL_get_error(ssl, ret);
 		}
@@ -12497,8 +12453,6 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 		sock->WriteBlocked = false;
 		return (UINT)ret;
 	}
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
 	if (ret == 0)
 	{
 		// Disconnect
@@ -12506,29 +12460,18 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 		Disconnect(sock);
 		return 0;
 	}
 #endif
 	if (sock->AsyncMode)
 	{
 		// Confirmation of the error value
 		if (e == SSL_ERROR_WANT_READ || e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_SSL)
 		{
 			if (e == SSL_ERROR_SSL)
 			{
 				UINT ssl_err_no;
 				while (ssl_err_no = ERR_get_error()) {
 					Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
 				};
 				Disconnect(sock);
 				return 0;
 			}
 			sock->WriteBlocked = true;
 			return SOCK_LATER;
 		}
 		Debug("%s %u e=%u\n", __FILE__, __LINE__, e);
 	}
-	Debug("%s %u e=%u SecureSend() Disconnect\n", __FILE__, __LINE__, e);
+	//Debug("%s %u SecureSend() Disconnect\n", __FILE__, __LINE__);
 	Disconnect(sock);
 	return 0;
 }
@@ -59,10 +59,6 @@ struct DYN_VALUE
 #define	DEFAULT_CIPHER_LIST			"ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES"
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 #define PQ_GROUP_LIST				"p521_kyber1024:x25519_kyber768:P-521:X25519:P-256"
 #endif
 // SSL logging function
 //#define	ENABLE_SSL_LOGGING
 #define	SSL_LOGGING_DIRNAME			"@ssl_log"
@@ -4168,7 +4168,6 @@ BUF *DhcpModify(DHCP_MODIFY_OPTION *m, void *data, UINT size)
 	LIST *opt_list2 = NULL;
 	UINT src_size = size;
 	UINT i;
 	UINT dhcp_min_size;
 	// Validate arguments
 	if (m == NULL || data == NULL || size == 0)
 	{
@@ -4271,13 +4270,11 @@ BUF *DhcpModify(DHCP_MODIFY_OPTION *m, void *data, UINT size)
 		// Rewrite if anything changes. Do not rewrite if there is no change
 		ret_ok = true;
-		// If src_size is greater than DHCP_MIN_SIZE, then use the src_size as minimum size of DHCP.
+		if (ret->Size < DHCP_MIN_SIZE)
 		dhcp_min_size = MAX(src_size, DHCP_MIN_SIZE);
 		if (ret->Size < dhcp_min_size)
 		{
 			// Padding
 			UCHAR *pad_buf;
-			UINT pad_size = dhcp_min_size - ret->Size;
+			UINT pad_size = DHCP_MIN_SIZE - ret->Size;
 			pad_buf = ZeroMalloc(pad_size);
@@ -115,7 +115,7 @@ ERR_48					Не удалось подключиться к контроллер
 ERR_49					Контроллеру кластера не удалось установить новую сессию в кластере.
 ERR_50					Не удается управлять Virtual Hub-ом сервера-члена кластера.
 ERR_51					Удаленное подключение запрещено, т.к. использован пустой пароль пользователя. Пустой пароль может быть разрешен только для соединений с локального хоста VPN-сервера (127.0.0.1).
-ERR_52					Недостаточно прав.
+ERR_52					Не достаточно прав.
 ERR_53					Указанный порт прослушивания не найден.
 ERR_54					Указанный порт прослушивания уже существует.
 ERR_55					Этот сервер не член кластера.
@@ -2421,8 +2421,8 @@ STATIC17				Другие конфигурации:
 R_NO_ROUTING			Не вносить изменения в таблицу маршрутизации
 STATIC18				Если у вас нет опыта работы с сетью и безопасностью, то оставьте настройки в этом окне по умолчанию.
 STATIC19				Функции VoIP/QoS обрабатывают пакеты (например VoIP) с высоким приоритетом для более быстрой передачи.
-STATIC20				IP адрес источника:
+STATIC20				Source IP Address:
-STATIC21				Номер порта:
+STATIC21				Source Port Number:
 R_DISABLE_QOS			Отключить функции VoIP / QoS
 IDOK					&OK
 IDCANCEL				Отмена
@@ -2524,7 +2524,7 @@ STATIC2					Имя Virtual &Hub:
 STATIC3					&Пользователь:
 STATIC4					&Старый пароль:
 STATIC5					&Новый пароль:
-STATIC6					&Подтвердить пароль:
+STATIC6					&Подтвердить новый пароль:
 IDOK					&OK
 IDCANCEL				Отмена
 S_STATIC				Примечание: Вы не сможете изменить пароль пользователя, если выбран тип авторизации "RADIUS или авторизация в домене".
@@ -2533,7 +2533,7 @@ S_STATIC				Примечание: Вы не сможете изменить па
 PREFIX					D_SM_MAIN
 CAPTION					SoftEther VPN-сервер менеджер Developer Edition
 STATIC1					Настройки подключения для VPN-сервера:
-STATIC2					Настройки подключения для VPN-сервера или VPN-моста. Чтобы подключиться к серверу дважды щелкните по его названию.\r\nЧтобы добавить новое подключение, нажмите "Новое подключение".
+STATIC2					Настройки подключения для VPN-сервера или VPN-моста. Чтобы подключиться к серверу дважды щелкните по его названию.\r\n Чтобы добавить новое подключение, нажмите "Новое подключение".
 B_NEW_SETTING			&Создать
 B_EDIT_SETTING			&Изменить
 B_DELETE				&Удалить
@@ -2558,9 +2558,9 @@ STATIC8					Прокси-сервер:
 STATIC9					Вы можете подключиться к VPN-серверу через прокси-сервер.
 STATIC10				Тип прокси:
 R_DIRECT_TCP			&Прямое TCP/IP соединение (без прокси)
-R_HTTPS					Через HTTP прокси-сервер
+R_HTTPS					Подключиться через HTTP прокси-сервер
-R_SOCKS					Через SOCKS прокси-сервер
+R_SOCKS					Подключиться через SOCKS прокси-сервер
-R_SOCKS5				Через SOCKS5 прокси-сервер
+R_SOCKS5				Подключиться через SOCKS5 прокси-сервер
 B_PROXY_CONFIG			Настройки прокси-сервера
 STATIC11				Выберите режим администрирования и введите пароль
 STATIC12				Вы можете подключиться к VPN-серверу, используя либо режим администратора сервера, либо режим Virtual Hub администратора. \r\n\r\nРежим администратора сервера позволяет вам управлять VPN-сервером и всеми Virtual Hub. \r\n\r\nРежим Virtual Hub администратора позволяет вам управлять только одним Virtual Hub, на который у вас есть права.
@@ -4111,7 +4111,7 @@ S_LATEST_STR			Версия %S%s
 PREFIX					D_UPDATE_CONFIG
 CAPTION					Настройка уведомлений об обновлении
-S_INFO					Периодически проверяет новые версии %s и показывает уведомление, когда будет выпущена новая версия.\r\n\r\nДля проверки обновлений будут использоваться HTTPS пакеты между этим компьютером и сервером обновлений SoftEther, расположенным в городе Цукуба, префектура Ибараки, Япония. Никакая личная информация отправляться не будет.
+S_INFO					Периодически проверяет новые версии %s и показывает уведомление, когда будет выпущена новая версия.\r\n\r\nДля проверки обновлений будут использоваться HTTPS пакеты  между этим компьютером и сервером обновлений SoftEther, расположенным в городе Цукуба, префектура Ибараки, Япония. Никакая личная информация отправляться не будет.
 S_TITLE					%s настройки уведомлений об обновлении
 S_ENABLE				&Включить проверку обновлений
 S_DISABLE				&Отключить проверку обновлений
@@ -373,23 +373,12 @@
      }
    },
    "braces": {
-      "version": "3.0.3",
+      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
+      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
      "dev": true,
      "requires": {
-        "fill-range": "^7.1.1"
+        "fill-range": "^7.0.1"
      },
      "dependencies": {
        "fill-range": {
          "version": "7.1.1",
          "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
          "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
          "dev": true,
          "requires": {
            "to-regex-range": "^5.0.1"
          }
        }
      }
    },
    "browserslist": {
@@ -614,6 +603,15 @@
      "integrity": "sha512-eRnCtTTtGZFpQCwhJiUOuxPQWRXVKYDn0b2PeHfXL6/Zi53SLAzAHfVhVWK2AryC/WH05kGfxhFIPvTF0SXQzg==",
      "dev": true
    },
    "fill-range": {
      "version": "7.0.1",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
      "dev": true,
      "requires": {
        "to-regex-range": "^5.0.1"
      }
    },
    "find-up": {
      "version": "4.1.0",
      "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz",