Merge commit from fork

Fix PPP bugs
2026-04-23 23:39:27 +03:00 · 2026-04-05 16:12:25 +02:00 · 2026-04-05 00:52:10 +03:00 · 2026-03-29 14:05:48 +02:00 · 2026-03-29 12:00:59 +00:00 · 2026-03-27 12:52:18 +01:00
125 changed files with 21028 additions and 1769 deletions
@@ -1,33 +0,0 @@
-version: '{build}'
-
-image: Ubuntu2004
-
-configuration: Release
-
-skip_branch_with_pr: true
-clone_depth: 1
-
-skip_commits:
-  files:
-    - .travis.yml
-    - .gitlab-ci.yml
-    - .azure-pipelines.yml
-    - .cirrus.yml
-
-init:
-  - ps: Update-AppveyorBuild -Version "build-$env:APPVEYOR_BUILD_NUMBER-$($env:APPVEYOR_REPO_COMMIT.substring(0,7))"
-
-install:
-  - sudo apt-get -y install libsodium-dev libcap-ng-dev
-before_build:
-  - git submodule update --init --recursive
-  - ./configure
-build_script:
-  - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
-  - .ci/memory-leak-test.sh
-test_script:
-  - .ci/appveyor-deb-install-test.sh
-  - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev libnl-genl-3-dev # openvpn build deps
-  - sudo .ci/start-se-openvpn.sh
-  - sudo .ci/run-openvpn-tests.sh
-
@@ -1,4 +0,0 @@
-jobs:
-  - template: .ci/azure-pipelines/linux.yml
-  - template: .ci/azure-pipelines/windows.yml
-  - template: .ci/azure-pipelines/macos.yml
@@ -1,20 +0,0 @@
-jobs:
- job: Ubuntu_x64
-  pool:
-    vmImage: ubuntu-22.04
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev
-    displayName: 'Prepare environment'
-  - script: "$(Build.SourcesDirectory)/.ci/azure-pipelines/linux_build.sh"
-    env:
-      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-    displayName: 'Build'
-  - script: |
-      .ci/appveyor-deb-install-test.sh
-      sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
-      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/start-se-openvpn.sh
-      sudo BUILD_BINARIESDIRECTORY=$BUILD_BINARIESDIRECTORY .ci/run-openvpn-tests.sh
-    displayName: 'Test'
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-if [[ "${#SE_BUILD_NUMBER_TOKEN}" -eq 64 ]]; then
-	VERSION=$(python3 "version.py")
-	BUILD_NUMBER=$(curl "https://softether.network/get-build-number?commit=${BUILD_SOURCEVERSION}&version=${VERSION}&token=${SE_BUILD_NUMBER_TOKEN}")
-else
-	BUILD_NUMBER=0
-fi
-
-cd ${BUILD_BINARIESDIRECTORY}
-
-cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_NUMBER=${BUILD_NUMBER} ${BUILD_SOURCESDIRECTORY}
-cmake --build .
-
-cpack -C Release -G DEB 
@@ -1,14 +0,0 @@
-jobs:
- job: macOS
-  pool:
-    vmImage: macOS-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - script: brew install pkg-config cmake ninja ncurses readline libsodium openssl zlib
-    displayName: 'Prepare environment'
-  - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/macos_build.sh'
-    env:
-      SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-    displayName: 'Build'
@@ -1,13 +0,0 @@
-#!/bin/bash
-
-if [[ "${#SE_BUILD_NUMBER_TOKEN}" -eq 64 ]]; then
-	VERSION=$(python3 "version.py")
-	BUILD_NUMBER=$(curl "https://softether.network/get-build-number?commit=${BUILD_SOURCEVERSION}&version=${VERSION}&token=${SE_BUILD_NUMBER_TOKEN}")
-else
-	BUILD_NUMBER=0
-fi
-
-cd ${BUILD_BINARIESDIRECTORY}
-
-cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_NUMBER=${BUILD_NUMBER} -DOPENSSL_ROOT_DIR="/usr/local/opt/openssl" ${BUILD_SOURCESDIRECTORY}
-cmake --build .
@@ -1,41 +0,0 @@
-parameters:
- name: architecture
-  type: string
- name: compilerPath
-  type: string
- name: vcpkgTriplet
-  type: string
- name: vcvarsPath
-  type: string
-
-steps:
- task: Cache@2
-  inputs:
-    key: '"vcpkg-manifest" | "$(Agent.OS)" | "${{parameters.vcpkgTriplet}}" | C:/vcpkg/.git/refs/heads/master'
-    path: '$(Build.BinariesDirectory)/vcpkg_installed'
-  displayName: 'Environment storage'
- script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/windows_build.bat'
-  env:
-    ARCHITECTURE: ${{parameters.architecture}}
-    COMPILER_PATH: ${{parameters.compilerPath}}
-    VCPKG_TRIPLET: ${{parameters.vcpkgTriplet}}
-    VCVARS_PATH: ${{parameters.vcvarsPath}}
-    SE_BUILD_NUMBER_TOKEN: $(BUILD_NUMBER_TOKEN)
-  displayName: 'Build'
- powershell: |
-    . .ci/appveyor-vpntest.ps1
-  displayName: 'Test'
- task: CopyFiles@2
-  inputs:
-    sourceFolder: '$(Build.BinariesDirectory)'
-    contents: '?(*.exe|*.se2|*.pdb)'
-    TargetFolder: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
-    flattenFolders: true
- task: PublishBuildArtifacts@1
-  inputs:
-    pathtoPublish: '$(Build.StagingDirectory)/binaries/${{parameters.architecture}}'
-    artifactName: 'Binaries_${{parameters.architecture}}'
- task: PublishBuildArtifacts@1
-  inputs:
-    pathtoPublish: '$(Build.StagingDirectory)/installers'
-    artifactName: 'Installers'
@@ -1,27 +0,0 @@
-jobs:
- job: Windows_x64
-  pool:
-    vmImage: windows-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - template: "windows-steps.yml"
-    parameters:
-      architecture: "x64"
-      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe"
-      vcpkgTriplet: "x64-windows-static"
-      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"
- job: Windows_x86
-  pool:
-    vmImage: windows-latest
-  steps:
-  - checkout: self
-    submodules: true
-    persistCredentials: true
-  - template: "windows-steps.yml"
-    parameters:
-      architecture: "x86"
-      compilerPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe"
-      vcpkgTriplet: "x86-windows-static"
-      vcvarsPath: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"
@@ -1,26 +0,0 @@
-@echo on
-
-:: The method we use to store a command's output into a variable:
-:: https://stackoverflow.com/a/6362922
-for /f "tokens=* USEBACKQ" %%g in (`python "version.py"`) do (set "VERSION=%%g")
-
-:: https://stackoverflow.com/a/8566001
-echo %SE_BUILD_NUMBER_TOKEN%> "%tmp%\length.txt"
-for %%? in ("%tmp%\length.txt") do ( set /A SE_BUILD_NUMBER_TOKEN_LENGTH=%%~z? - 2 )
-
-if %SE_BUILD_NUMBER_TOKEN_LENGTH% equ 64 (
-	for /f "tokens=* USEBACKQ" %%g in (`curl "https://softether.network/get-build-number?commit=%BUILD_SOURCEVERSION%&version=%VERSION%&token=%SE_BUILD_NUMBER_TOKEN%"`) do (set "BUILD_NUMBER=%%g")
-) else (
-	set BUILD_NUMBER=0
-)
-
-cd %BUILD_BINARIESDIRECTORY%
-
-call "%VCVARS_PATH%"
-
-cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% "%BUILD_SOURCESDIRECTORY%"
-cmake --build .
-
-mkdir "%BUILD_STAGINGDIRECTORY%\installers"
-vpnsetup /SFXMODE:vpnclient /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
-vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"%BUILD_STAGINGDIRECTORY%\installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
@@ -4,19 +4,19 @@ FreeBSD_task:
      SSL: openssl
      OPENSSL_ROOT_DIR: /usr/local
    env:
-      SSL: openssl32
+      SSL: openssl36
      OPENSSL_ROOT_DIR: /usr/local
    env:
      # base openssl
      SSL:
  matrix:
    freebsd_instance:
-      image_family: freebsd-13-2
+      image_family: freebsd-14-3
  prepare_script:
-    - pkg install -y pkgconf cmake git libsodium $SSL
+    - pkg install -y pkgconf cmake git libsodium cpu_features $SSL
    - git submodule update --init --recursive
  configure_script:
-    - ./configure
+    - CMAKE_FLAGS="-DUSE_SYSTEM_CPU_FEATURES=1" CFLAGS="-I/usr/local/include/cpu_features" ./configure
  build_script:
    - make -j $(sysctl -n hw.ncpu || echo 4) -C build
  test_script:
@@ -8,6 +8,8 @@ body:
        Thanks for taking the time to fill out this bug report!         
        We provide a template which is specifically made for bug reports, to be sure that the report includes enough details to be helpful.
        
+        **⚠️ Antivirus False Positive?** If you're reporting an antivirus detection issue, please see [ANTIVIRUS.md](https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/ANTIVIRUS.md) first. Antivirus false positives should be reported to the antivirus vendor, not as bugs in SoftEther VPN.
+  
  - type: checkboxes
    attributes:
      label: Are you using SoftEther VPN 5.x?
@@ -1,4 +1,8 @@
 contact_links:
+  - name: Antivirus False Positive Detection
+    about: If antivirus software is flagging SoftEther VPN as malicious, this is a false positive. See our documentation for solutions and how to report to antivirus vendors.
+    url: https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/ANTIVIRUS.md
+
  - name: Are you using SoftEther VPN 4.x?
    about: This repository is for SoftEther VPN 5.x Developer Edition, developed independently from SoftEther VPN 4.x. Visit vpnusers.com if you would like to report issues or ask questions about version 4.x!
    url: https://www.vpnusers.com/
@@ -4,6 +4,7 @@ name: Coverity
 on:
  schedule:
  - cron: "0 0 * * *"
+  workflow_dispatch:

 permissions:
  contents: read
@@ -11,7 +12,7 @@ permissions:
 jobs:
  scan:
    runs-on: ubuntu-latest
-    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    if: ${{ github.repository_owner == 'SoftEtherVPN' || github.event_name == 'workflow_dispatch' }}
    steps:
    - uses: actions/checkout@v2
      with:
@@ -0,0 +1,98 @@
+name: docker-aio
+
+on:
+  push:
+    branches: 
+      - 'master'
+    tags:
+      - '*'
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  docker:
+    name: docker-aio
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    steps:
+      -
+        name: Docker meta vpnserver
+        id: metavpnserver
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ github.repository_owner }}/vpnserver
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      - 
+        name: Docker meta vpnclient
+        id: metavpnclient
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ github.repository_owner }}/vpnclient
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      - 
+        name: Docker meta vpnbridge
+        id: metavpnbridge
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ github.repository_owner }}/vpnbridge
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          image: tonistiigi/binfmt:qemu-v9.2.0
+#
+# TODO: unpin qemu version after default is updated
+#
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to DockerHub
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push vpnserver
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnserver
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.metavpnserver.outputs.tags }}
+          labels: ${{ steps.metavpnserver.outputs.labels }}
+      -
+        name: Build and push vpnclient
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnclient
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.metavpnclient.outputs.tags }}
+          labels: ${{ steps.metavpnclient.outputs.labels }}
+      -
+        name: Build and push vpnbridge
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnbridge
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.metavpnbridge.outputs.tags }}
+          labels: ${{ steps.metavpnbridge.outputs.labels }}
@@ -4,6 +4,7 @@ on:
  schedule:
    - cron: "0 0 25 * *"
  push:
+  pull_request:
  workflow_dispatch:

 permissions:
@@ -24,10 +25,10 @@ jobs:
        submodules: true
    - name: Install dependencies
      run: |
-        dnf -y install git cmake ncurses-devel openssl-devel libsodium-devel readline-devel zlib-devel gcc-c++ clang
+        dnf -y install git cmake ncurses-devel openssl-devel-engine libsodium-devel readline-devel zlib-devel gcc-c++ clang google-cpu_features-devel
    - name: Compile with ${{ matrix.cc }}
      run: |
        export CC=${{ matrix.cc }}
-        ./configure
+        CMAKE_FLAGS="-DUSE_SYSTEM_CPU_FEATURES=1" CFLAGS="-I/usr/include/cpu_features" ./configure
        make -C build

@@ -0,0 +1,41 @@
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+
+    - name: Install dependencies
+      run: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev 
+
+    - name: Build
+      run: |
+        mkdir build
+        cd build
+        cmake -G "Ninja" -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
+        cmake --build .
+
+    - name: Build deb packages
+      run: |
+        cd build
+        cpack -C Release -G DEB 
+
+    - name: Upload DEB packages as artifacts
+      if: github.ref == 'refs/heads/master'
+      uses: actions/upload-artifact@v4
+      with:
+        name: deb-packages
+        path: build/*.deb
+
+    - name: Test
+      run: |
+       .ci/appveyor-deb-install-test.sh
+       sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip libcap-ng-dev # To build OpenVPN
+       sudo .ci/start-se-openvpn.sh
+       sudo .ci/run-openvpn-tests.sh
@@ -7,7 +7,7 @@ jobs:
  build_and_test:
    strategy:
      matrix:
-        os: [macos-13, macos-12, macos-11]
+        os: [macos-26, macos-15, macos-14]
    name: ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    steps:
@@ -0,0 +1,80 @@
+name: Sanitizer
+
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  run_sanitizer:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        sanitizer:
+          - "address,leak,undefined"
+          - "thread,undefined"
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Install dependencies
+        run: |
+          sudo apt update
+          sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev 
+
+      - name: Build
+        run: |
+          mkdir build
+          cd build
+          cmake -G "Ninja" -DCMAKE_BUILD_TYPE=Debug -DCMAKE_C_FLAGS="-O1 -fsanitize=${{ matrix.sanitizer }} -fno-omit-frame-pointer" ..
+          cmake --build .
+
+      - name: Test
+        env:
+          ASAN_OPTIONS: halt_on_error=0:exitcode=0
+          TSAN_OPTIONS: halt_on_error=0:exitcode=0:suppressions=./tsan_suppressions.txt
+          UBSAN_OPTIONS: halt_on_error=0:exitcode=0
+          LSAN_OPTIONS: exitcode=0
+        run: |
+          .ci/vpntools-check.sh 2> sanitizer.log
+
+      - name: Make job summary
+        run: |
+          echo "### Sanitizer Report (${{ matrix.sanitizer }})" >> $GITHUB_STEP_SUMMARY
+
+          REPORTS=$(grep -E "SUMMARY:|runtime error:" sanitizer.log | sort | uniq)
+          REPORT_COUNT=$(echo "$REPORTS" | grep -c . || true)
+          echo "Found $REPORT_COUNT issues" >> $GITHUB_STEP_SUMMARY
+
+          echo "<details><summary>View Summary</summary>" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "$REPORTS" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "</details>" >> $GITHUB_STEP_SUMMARY
+
+          if [ "$REPORT_COUNT" -ne 0 ]; then
+            echo "HAS_ISSUES=true" >> $GITHUB_ENV
+            echo "REPORT_COUNT=$REPORT_COUNT" >> $GITHUB_ENV
+          fi
+
+      - name: Upload full sanitizer log
+        if: env.HAS_ISSUES == 'true'
+        uses: actions/upload-artifact@v4
+        with:
+          name: sanitizer-logs-${{ matrix.sanitizer }}
+          path: |
+            sanitizer.log
+          retention-days: 30
+
+      - name: Fail on sanitizer issues
+        if: env.HAS_ISSUES == 'true'
+        run: |
+          echo "Found ${{ env.REPORT_COUNT }} issues."
+          echo "Please check the Job Summary page for a quick overview."
+          echo "Full logs are available in the GitHub Artifacts."
+          exit 1
@@ -0,0 +1,65 @@
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build_and_test:
+    strategy:
+      matrix:
+        platform: [
+          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: arm64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/ARM64/bin/clang-cl.exe", VCPKG_TRIPLET: "arm64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvarsarm64.bat", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
+        ]
+    runs-on: ${{ matrix.platform.RUNNER }}
+    name: ${{ matrix.platform.ARCHITECTURE }}
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+    - name: Cache vcpkg
+      uses: actions/cache@v4
+      with:
+        path: 'build/vcpkg_installed/'
+        key: vcpkg-${{ matrix.platform.VCPKG_TRIPLET }}
+    - name: Set version variables
+      run: |
+        $v = python version.py
+        echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+      shell: pwsh
+    - name: Build
+      env:
+        ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
+        COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
+        VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
+        VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
+        CMAKE_EXTRA_FLAGS: ${{ matrix.platform.CMAKE_EXTRA_FLAGS }}
+      run: |
+        set BUILD_NUMBER=0
+        mkdir build
+        cd build
+        call "%VCVARS_PATH%"
+        cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% %CMAKE_EXTRA_FLAGS% ..
+        cmake --build .
+        mkdir installers
+        vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
+        vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
+      shell: cmd
+    - name: Test
+      shell: powershell
+      run: |
+        . .ci/appveyor-vpntest.ps1
+    - uses: actions/upload-artifact@v4
+      with:
+        if-no-files-found: error
+        name: Binaries-${{ matrix.platform.ARCHITECTURE }}
+        path: |
+          build/*.exe
+          build/*.pdb
+          build/*.se2
+    - uses: actions/upload-artifact@v4
+      with:
+        if-no-files-found: error
+        name: Installers-${{ matrix.platform.ARCHITECTURE }}
+        path: build/installers
@@ -0,0 +1,96 @@
+name: "Release"
+
+on:
+  push:
+    tags:
+      - '*'
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: windows-latest
+    outputs:
+      upload_url: "${{ steps.create_release.outputs.upload_url }}"
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@v4
+
+      - name: "Create GitHub release"
+        id: create_release
+        uses: softprops/action-gh-release@v1
+  build-windows:
+    name: ${{ matrix.platform.ARCHITECTURE }}
+    runs-on: ${{ matrix.platform.RUNNER }}
+    needs: ["release"]
+    strategy:
+      matrix:
+        platform: [
+          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: arm64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/ARM64/bin/clang-cl.exe", VCPKG_TRIPLET: "arm64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvarsarm64.bat", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
+        ]
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Cache vcpkg
+        uses: actions/cache@v4
+        with:
+          path: 'build/vcpkg_installed/'
+          key: vcpkg-release-${{ matrix.platform.VCPKG_TRIPLET }}
+      - name: Set version variables
+        run: |
+          $b=(Get-Content CMakeSettings.json | Out-String | ConvertFrom-Json).environments.BuildNumber		
+          echo "BUILD_NUMBER=$b" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          $v = python version.py
+          echo "VERSION=$v" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+        shell: pwsh
+      - name: Build
+        env:
+          ARCHITECTURE: ${{ matrix.platform.ARCHITECTURE }}
+          COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
+          VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
+          VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
+          CMAKE_EXTRA_FLAGS: ${{ matrix.platform.CMAKE_EXTRA_FLAGS }}
+        run: |
+          mkdir build
+          cd build
+          call "%VCVARS_PATH%"
+          cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% %CMAKE_EXTRA_FLAGS% ..
+          cmake --build .
+          mkdir installers
+          vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
+          vpnsetup /SFXMODE:vpnserver_vpnbridge /SFXOUT:"installers\softether-vpnserver_vpnbridge-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
+        shell: cmd
+
+      - name: dir
+        run: |
+          Get-ChildItem -Recurse build/installers
+        shell: pwsh
+
+      - name: "Upload softether-vpnclient"
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: "${{ github.token }}"
+        with:
+          upload_url: "${{ needs.release.outputs.upload_url }}"
+          asset_path: "build/installers/softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
+          asset_name: "softether-vpnclient-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
+          asset_content_type: "application/octet-stream"
+      - name: "Upload softether-vpnserver_vpnbridge"
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: "${{ github.token }}"
+        with:
+          upload_url: "${{ needs.release.outputs.upload_url }}"
+          asset_path: "build/installers/softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
+          asset_name: "softether-vpnserver_vpnbridge-${{ env.VERSION }}.${{ env.BUILD_NUMBER }}.${{ matrix.platform.ARCHITECTURE }}.exe"
+          asset_content_type: "application/octet-stream"
+
@@ -10,3 +10,9 @@
 [submodule "src/libhamcore"]
 	path = src/libhamcore
 	url = https://github.com/SoftEtherVPN/libhamcore.git
+[submodule "src/Mayaqua/3rdparty/oqs-provider"]
+	path = src/Mayaqua/3rdparty/oqs-provider
+	url = https://github.com/open-quantum-safe/oqs-provider.git
+[submodule "src/Mayaqua/3rdparty/liboqs"]
+	path = src/Mayaqua/3rdparty/liboqs
+	url = https://github.com/open-quantum-safe/liboqs.git
@@ -0,0 +1,3 @@
+{
+    "cmake.configureOnOpen": false
+}
@@ -0,0 +1,338 @@
+# Antivirus False Positive Detection
+
+## Overview
+
+Some antivirus software, including Microsoft Defender, may incorrectly flag SoftEther VPN executables as malicious software. This is a **false positive** detection. SoftEther VPN is legitimate, open-source software that has been developed and maintained since 2013 by researchers at the University of Tsukuba, Japan.
+
+## Why Does This Happen?
+
+Antivirus software uses heuristic analysis to detect potentially malicious behavior. VPN software like SoftEther VPN performs operations that can appear suspicious to antivirus programs, including:
+
+- **Network tunneling and traffic interception**: VPN software creates virtual network adapters and intercepts network traffic to secure it
+- **Low-level network operations**: Packet filtering, protocol handling, and kernel-mode operations
+- **Service installation**: VPN clients install system services that run with elevated privileges
+- **Registry modifications**: Required for Windows integration and auto-start functionality
+- **Dynamic code execution**: Network protocol implementations may use techniques that appear similar to malicious software
+
+These are **normal and necessary operations** for any VPN software, but they can trigger heuristic-based detection algorithms.
+
+## Microsoft Defender Specific Issue
+
+### Affected Components
+
+Microsoft Defender may flag the following SoftEther VPN 5.x components as `Trojan:Win32/KepavII!rfn`:
+
+- `vpnclient.exe` - VPN Client executable
+- `vpnserver.exe` - VPN Server executable  
+- `vpnbridge.exe` - VPN Bridge executable
+- `vpncmd.exe` - VPN Command-line utility
+- Start menu shortcuts
+- Registry entries
+- Windows services (`SEVPNCLIENTDEV`, `SEVPNSERVERDEV`, etc.)
+
+### Detection Details
+
+```
+Detected: Trojan:Win32/KepavII!rfn
+Status: Quarantined
+Description: "This program is dangerous and executes commands from an attacker."
+```
+
+**This is a false positive.** The detection is based on behavioral heuristics, not actual malicious code.
+
+## Solutions and Workarounds
+
+### Option 1: Add Exclusions (Recommended for Users)
+
+The recommended approach is to add SoftEther VPN directories to Microsoft Defender's exclusion list:
+
+#### Step-by-Step Instructions:
+
+1. **Open Windows Security**
+   - Press `Windows Key + I` to open Settings
+   - Navigate to **Privacy & Security** → **Windows Security**
+   - Click **Virus & threat protection**
+
+2. **Access Exclusion Settings**
+   - Scroll down to **Virus & threat protection settings**
+   - Click **Manage settings**
+   - Scroll down to **Exclusions**
+   - Click **Add or remove exclusions**
+
+3. **Add SoftEther VPN Directories**
+   
+   Click **Add an exclusion** → **Folder** and add these paths:
+   
+   - `C:\Program Files\SoftEther VPN Client`
+   - `C:\Program Files\SoftEther VPN Client Developer Edition`
+   - `C:\Program Files\SoftEther VPN Server`
+   - `C:\Program Files\SoftEther VPN Server Manager`
+   - `C:\Program Files\SoftEther VPN Server Manager Developer Edition`
+   - `C:\Program Files\SoftEther VPN Server Developer Edition`
+   - `C:\ProgramData\SoftEther VPN Client`
+   - `C:\ProgramData\SoftEther VPN Server`
+   
+   **Note**: Add only the directories that correspond to the SoftEther VPN components you have installed.
+
+4. **Restore Quarantined Files** (if needed)
+   - Go back to **Virus & threat protection**
+   - Click **Protection history**
+   - Find the quarantined SoftEther VPN files
+   - Click **Actions** → **Restore**
+
+5. **Reinstall if Necessary**
+   - If files were deleted, you may need to reinstall SoftEther VPN
+   - The exclusions will prevent future detections
+
+### Option 2: Report False Positive to Microsoft
+
+Help improve Microsoft Defender by reporting the false positive:
+
+1. **Submit to Microsoft Defender Security Intelligence**
+   - Visit: https://www.microsoft.com/en-us/wdsi/filesubmission
+   - Select **File** submission type
+   - Choose **Software developer** as your role
+   - Submit the falsely detected SoftEther VPN executable files
+   - Provide details: "False positive detection of SoftEther VPN, open-source VPN software"
+
+2. **Include Information**
+   - Product Name: SoftEther VPN
+   - Vendor: SoftEther Project at University of Tsukuba
+   - Official Website: https://www.softether.org/
+   - GitHub Repository: https://github.com/SoftEtherVPN/SoftEtherVPN
+   - License: Apache License 2.0
+
+Microsoft typically reviews submissions within a few days and updates their definitions if confirmed as a false positive.
+
+### Option 3: Use Alternative Antivirus Software
+
+If Microsoft Defender continues to cause issues:
+
+1. Consider using alternative antivirus software that doesn't flag SoftEther VPN
+2. Some users report fewer false positives with third-party antivirus solutions
+3. Ensure any alternative antivirus is from a reputable vendor
+
+## For IT Administrators
+
+### Group Policy Configuration
+
+To deploy exclusions across an organization using Group Policy:
+
+1. **Open Group Policy Management Console**
+   ```
+   gpmc.msc
+   ```
+
+2. **Navigate to Windows Defender Antivirus Settings**
+   ```
+   Computer Configuration → Policies → Administrative Templates 
+   → Windows Components → Microsoft Defender Antivirus → Exclusions
+   ```
+
+3. **Configure Path Exclusions**
+   - Enable **Path Exclusions**
+   - Add the SoftEther VPN installation directories
+
+4. **Update Group Policy**
+   ```powershell
+   gpupdate /force
+   ```
+
+### PowerShell Exclusion Script
+
+For automated deployment, use this PowerShell script (requires Administrator privileges):
+
+```powershell
+# Add Windows Defender exclusions for SoftEther VPN
+# Requires Administrator privileges
+
+$exclusionPaths = @(
+    "C:\Program Files\SoftEther VPN Client",
+    "C:\Program Files\SoftEther VPN Client Developer Edition",
+    "C:\Program Files\SoftEther VPN Server",
+    "C:\Program Files\SoftEther VPN Server Manager",
+    "C:\Program Files\SoftEther VPN Server Manager Developer Edition",
+    "C:\Program Files\SoftEther VPN Server Developer Edition",
+    "C:\ProgramData\SoftEther VPN Client",
+    "C:\ProgramData\SoftEther VPN Server"
+)
+
+# Check if running as Administrator
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+
+if (-not $isAdmin) {
+    Write-Error "This script requires Administrator privileges. Please run PowerShell as Administrator."
+    exit 1
+}
+
+# Check if Windows Defender module is available
+if (-not (Get-Module -ListAvailable -Name Defender)) {
+    Write-Error "Windows Defender PowerShell module is not available on this system."
+    exit 1
+}
+
+$successCount = 0
+$errorCount = 0
+
+foreach ($path in $exclusionPaths) {
+    if (Test-Path $path) {
+        try {
+            Add-MpPreference -ExclusionPath $path -ErrorAction Stop
+            Write-Host "✓ Added exclusion: $path" -ForegroundColor Green
+            $successCount++
+        }
+        catch {
+            Write-Warning "✗ Failed to add exclusion for: $path"
+            Write-Warning "  Error: $($_.Exception.Message)"
+            $errorCount++
+        }
+    }
+    else {
+        Write-Host "- Skipped (not found): $path" -ForegroundColor Gray
+    }
+}
+
+Write-Host "`nSummary:" -ForegroundColor Cyan
+Write-Host "  Successfully added: $successCount exclusion(s)" -ForegroundColor Green
+if ($errorCount -gt 0) {
+    Write-Host "  Failed: $errorCount exclusion(s)" -ForegroundColor Red
+}
+Write-Host "`nSoftEther VPN exclusions configured." -ForegroundColor Cyan
+```
+
+Save as `Add-SoftEtherVPN-Exclusions.ps1` and run as Administrator.
+
+## Verification of Software Authenticity
+
+### Open Source Verification
+
+SoftEther VPN is **fully open source** and can be verified:
+
+1. **Source Code Review**
+   - Complete source code: https://github.com/SoftEtherVPN/SoftEtherVPN
+   - All commits are publicly visible
+   - Community peer-reviewed code
+
+2. **Build from Source**
+   - You can compile SoftEther VPN yourself from source
+   - See: [BUILD_WINDOWS.md](src/BUILD_WINDOWS.md) and [BUILD_UNIX.md](src/BUILD_UNIX.md)
+   - Self-compiled builds may have fewer false positive issues
+
+3. **Community Trust**
+   - Active development since 2013
+   - Over 11,000+ GitHub stars
+   - Used by organizations and individuals worldwide
+   - Peer-reviewed academic research project
+
+### Official Distributions
+
+Always download SoftEther VPN from official sources:
+
+- **Official Website**: https://www.softether.org/
+- **GitHub Releases**: https://github.com/SoftEtherVPN/SoftEtherVPN/releases
+- **Official Download Site**: https://www.softether-download.com/
+
+**Warning**: Do not download SoftEther VPN from third-party websites or unofficial sources.
+
+## Technical Background
+
+### Why VPN Software Triggers Detection
+
+VPN software implements functionality that overlaps with techniques used by some malware:
+
+1. **Kernel-mode drivers**: Required for creating virtual network adapters
+2. **Network traffic interception**: Core VPN functionality to encrypt traffic
+3. **Process injection**: Some VPN implementations inject into other processes
+4. **Privilege escalation**: VPN services need administrative rights
+5. **Persistent system changes**: Auto-start configuration, service installation
+
+These are **legitimate techniques** when used by trusted VPN software.
+
+### False Positive Rate
+
+False positives are common in the VPN and security software industry. Other legitimate VPN and security tools have faced similar issues:
+
+- OpenVPN has been flagged by various antivirus vendors
+- WireGuard implementations have triggered false positives
+- Many security research tools face similar challenges
+
+## Code Signing Status
+
+**Note**: The official SoftEther VPN releases may not include code signing certificates. Code signing certificates require:
+
+- Annual fees (typically $300-500+ per year)
+- Corporate entity for Extended Validation (EV) certificates
+- Hardware security modules (HSM) for EV certificate storage
+
+As an open-source project with limited funding, SoftEther VPN prioritizes development over expensive code signing infrastructure. However, this doesn't make the software any less safe - all source code is publicly auditable.
+
+Users who require signed binaries can:
+1. Build from source and sign with their own certificates
+2. Work with their organization to sign the binaries
+3. Use alternative verification methods (source code review, checksums, etc.)
+
+## Best Practices
+
+1. **Keep Antivirus Updated**: Ensure Microsoft Defender definitions are current
+2. **Monitor Protection History**: Regularly check if SoftEther VPN is being flagged
+3. **Subscribe to Updates**: Follow SoftEther VPN releases for security updates
+4. **Report False Positives**: Help the community by reporting detections to Microsoft
+5. **Use Official Builds**: Only download from official sources
+
+## Additional Resources
+
+- **SoftEther VPN Official Website**: https://www.softether.org/
+- **GitHub Repository**: https://github.com/SoftEtherVPN/SoftEtherVPN
+- **Security Policy**: [SECURITY.md](SECURITY.md)
+- **Microsoft Defender Submission Portal**: https://www.microsoft.com/en-us/wdsi/filesubmission
+- **Build Instructions**: [BUILD_WINDOWS.md](src/BUILD_WINDOWS.md)
+
+## Frequently Asked Questions
+
+### Q: Is SoftEther VPN safe to use?
+
+**A**: Yes. SoftEther VPN is legitimate, open-source software developed by researchers at the University of Tsukuba, Japan. The detection is a false positive. All source code is publicly available for review at https://github.com/SoftEtherVPN/SoftEtherVPN
+
+### Q: Why don't you just fix the code to not trigger antivirus?
+
+**A**: The detection is based on legitimate VPN operations, not malicious code. Changing how VPN functionality works to avoid heuristic detection would compromise the software's core purpose. The correct solution is to report false positives to antivirus vendors and add exclusions.
+
+### Q: Will adding exclusions make my computer less secure?
+
+**A**: Exclusions for trusted software from official sources don't significantly reduce security. Only add exclusions for software you trust and have downloaded from official sources. SoftEther VPN is open-source and can be verified.
+
+### Q: Can I use SoftEther VPN without adding exclusions?
+
+**A**: Not reliably with Microsoft Defender. The antivirus will quarantine executables and prevent the VPN from functioning. Exclusions are necessary unless Microsoft updates their detection definitions.
+
+### Q: How do I know my downloaded file is authentic?
+
+**A**: 
+1. Only download from https://github.com/SoftEtherVPN/SoftEtherVPN/releases or https://www.softether.org/
+2. Verify the file hash/checksum if provided
+3. Review the source code on GitHub
+4. Build from source yourself for maximum assurance
+
+### Q: Is this issue specific to SoftEther VPN?
+
+**A**: No. Many VPN applications and security tools face false positive detections. OpenVPN, WireGuard implementations, and other network security tools have similar issues with various antivirus vendors.
+
+### Q: Will this be fixed in a future version?
+
+**A**: The SoftEther VPN project continues to work on this issue. However, heuristic-based detection is challenging to avoid without compromising functionality. The best approach is to:
+1. Report false positives to Microsoft
+2. Use exclusions as needed
+3. Build from source if your organization requires it
+
+## Contributing
+
+If you have additional solutions or workarounds that have worked for you, please contribute to this documentation:
+
+1. Fork the repository: https://github.com/SoftEtherVPN/SoftEtherVPN
+2. Edit this file: `ANTIVIRUS.md`
+3. Submit a pull request with your improvements
+
+---
+
+**Applies to**: SoftEther VPN 5.x (Developer Edition)  
+**Related Issue**: False positive detection by Microsoft Defender as Trojan:Win32/KepavII!rfn
@@ -1,9 +1,9 @@
-cmake_minimum_required(VERSION 3.10)
+cmake_minimum_required(VERSION 3.15)

 set(BUILD_NUMBER CACHE STRING "The number of the current build.")

 if ("${BUILD_NUMBER}" STREQUAL "")
-	set(BUILD_NUMBER "5182")
+	set(BUILD_NUMBER "5187")
 endif()

 if (BUILD_NUMBER LESS 5180)
@@ -53,7 +53,7 @@ if(UNIX)
  #
  # use rpath for locating installed libraries
  #
-  set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
+  set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}")
  set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)

  include(CheckIncludeFile)
@@ -1,5 +1,5 @@
 {
-  "environments": [ { "BuildNumber": "5182" } ],
+  "environments": [ { "BuildNumber": "5187" } ],
  "configurations": [
    {
      "name": "x64-native",
@@ -136,6 +136,78 @@
          "type": "STRING"
        }
      ]
+    },
+    {
+      "name": "arm64-on-x64",
+      "description": "Cross compile Windows ARM64 on x64",
+      "generator": "Ninja",
+      "configurationType": "RelWithDebInfo",
+      "inheritEnvironments": ["msvc_arm64_x64"],
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "variables": [
+        {
+          "name": "BUILD_NUMBER",
+          "value": "${env.BuildNumber}",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_NAME",
+          "value": "Windows",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_PROCESSOR",
+          "value": "arm64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_C_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_C_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_EXE_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "VCPKG_TARGET_TRIPLET",
+          "value": "arm64-windows-static",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_STATIC_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SHARED_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "IS_CROSS_COMPILATION",
+          "value": "arm64-on-x64",
+          "type": "STRING"
+
+        }
+      ]
    }
  ]
 }
@@ -0,0 +1,104 @@
+# SoftetherVPN Container images
+
+This container is designed to be as small as possible and host a SoftEther VPN Server, Bridge or Client.
+It´s based on Alpine so resulting Image is kept as small as 15MB!
+
+## Not working 
+
+* bridging to a physical Ethernet adapter 
+
+## working
+
+* OpenVPN
+* L2tp
+* SSL 
+* SecureNAT
+* Wireguard (not with the "stable" tag)
+
+
+
+## Available Tags
+
+
+|Image|Description|
+|---|---|
+|softethervpn/vpnserver:stable|Latest stable release from https://github.com/SoftEtherVPN/SoftEtherVPN_Stable|
+|softethervpn/vpnserver:v4.39-9772-beta|Tagged build|
+|softethervpn/vpnserver:latest|Latest commits from https://github.com/SoftEtherVPN/SoftEtherVPN|
+
+
+You should always specify your wanted version like `softethervpn/vpnserver:5.02.5180`
+
+## Usage docker run
+
+This will keep your config and Logfiles in the docker volume `softetherdata`
+
+`docker run -d --rm --name softether-vpn-server -v softetherdata:/var/lib/softether -v softetherlogs:/var/log/softether -p 443:443/tcp -p 992:992/tcp -p 1194:1194/udp -p 5555:5555/tcp -p 500:500/udp -p 4500:4500/udp -p 1701:1701/udp --cap-add NET_ADMIN softethervpn/vpnserver:stable`
+
+## Port requirements
+
+As there are different operating modes for SoftetherVPN there is a variety of ports that might or might not be needed.
+For operation with Softether Clients at least 443, 992 or 5555 is needed.
+See https://www.softether.org/4-docs/1-manual/1/1.6 for reference on the Softether ports.
+Others are commented out in the docker-compose example.
+
+## Usage docker-compose
+
+The same command can be achieved by docker-compose, the docker compose file is in the repository.
+You can specify the respective docker-compose.yaml like so: 
+
+`docker-compose -f docker-compose.vpnclient.yaml up -d`
+
+By default the docker-compose.yaml is used: 
+
+```
+version: '3'
+
+services:
+  softether:
+    image: softethervpn/vpnserver:latest
+    cap_add:
+      - NET_ADMIN
+    restart: always
+    ports:
+      #- 53:53         #DNS tunneling
+      - 443:443         #Management and HTTPS tunneling
+      #- 992:992         #HTTPS tunneling
+      #- 1194:1194/udp #OpenVPN 
+      #- 5555:5555       #HTTPS tunneling
+      #- 500:500/udp   #IPsec/L2TP
+      #- 4500:4500/udp #IPsec/L2TP
+      #- 1701:1701/udp #IPsec/L2TP
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "./softether_data:/var/lib/softether"
+      - "./softether_log:/var/log/softether"
+      # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"
+```
+
+### Use vpncmd
+
+With newer releases vpncmd is directly in the container so you can use it to configure vpn. You can can run it once the container is running :
+
+`docker exec -it softether-vpn-server vpncmd localhost`
+example to configure a vpnclient
+
+```
+docker exec -it softether-vpn-server vpncmd localhost /client
+
+VPN Client> AccountSet homevpn /SERVER:192.168.1.1:443 /HUB:VPN
+VPN Client> AccountPasswordSet homevpn /PASSWORD:verysecurepassword /TYPE:standard
+VPN Client> AccountConnect homevpn
+
+#Automatically connect once container starts
+VPN Client> AccountStartupSet homevpn
+
+#Checking State
+VPN Client> AccountStatusGet homevpn
+
+```
+
+## Building 
+
+` docker build --target vpnclient -t softethevpn:latest .`
@@ -0,0 +1,54 @@
+FROM alpine AS builder
+RUN mkdir /usr/local/src && apk add binutils --no-cache\
+        linux-headers \
+	build-base \
+        readline-dev \
+        openssl-dev \
+        ncurses-dev \
+        git \
+        cmake \
+        zlib-dev \
+        libsodium-dev \
+        gnu-libiconv 
+
+ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so
+ADD ./ /usr/local/src/SoftEtherVPN/
+WORKDIR /usr/local/src
+ENV USE_MUSL=YES
+ENV CMAKE_FLAGS="-DSE_PIDDIR=/run/softether -DSE_LOGDIR=/var/log/softether -DSE_DBDIR=/var/lib/softether"
+RUN cd SoftEtherVPN &&\
+        ./configure &&\
+	make -j $(getconf _NPROCESSORS_ONLN) -C build
+
+FROM alpine AS base
+RUN apk add --no-cache readline \
+        openssl \
+        libsodium \
+        gnu-libiconv \
+        iptables
+ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so
+WORKDIR /usr/local/bin
+VOLUME /var/log/softether
+VOLUME /var/lib/softether
+VOLUME /run/softether
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpncmd /usr/local/src/SoftEtherVPN/build/hamcore.se2 ./
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/libcedar.so /usr/local/src/SoftEtherVPN/build/libmayaqua.so /usr/local/lib/
+
+
+FROM base AS vpnserver
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnserver ./
+RUN ./vpnserver --help
+EXPOSE 443/tcp 992/tcp 1194/tcp 1194/udp 5555/tcp 500/udp 4500/udp
+CMD ["/usr/local/bin/vpnserver", "execsvc"]
+
+
+FROM base AS vpnclient
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnclient ./
+RUN ./vpnclient --help
+CMD ["/usr/local/bin/vpnclient", "execsvc"]
+
+
+FROM base AS vpnbridge
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnbridge ./
+RUN ./vpnbridge --help
+CMD ["/usr/local/bin/vpnbridge", "execsvc"]
@@ -2,10 +2,8 @@

 ||Badges|
 |---|---|
-|AppVeyor|[![AppVeyor build status](https://ci.appveyor.com/api/projects/status/github/softethervpn/softethervpn?branch=master&svg=true)](https://ci.appveyor.com/project/softethervpn/softethervpn) |
 |GitLab CI|[![GitLab CI build status](https://gitlab.com/SoftEther/SoftEtherVPN/badges/master/pipeline.svg)](https://gitlab.com/SoftEther/SoftEtherVPN/pipelines)|
 |Coverity Scan|[![Coverity Scan build status](https://scan.coverity.com/projects/16304/badge.svg)](https://scan.coverity.com/projects/softethervpn-softethervpn)|
-|Azure Pipelines|[![Azure Pipelines build status for Nightly](https://dev.azure.com/SoftEther-VPN/SoftEther%20VPN/_apis/build/status/6?api-version=6.0-preview.1)](https://dev.azure.com/SoftEther-VPN/SoftEther%20VPN/_build?definitionId=6)|
 |Cirrus CI|[![Cirrus CI build status](https://api.cirrus-ci.com/github/SoftEtherVPN/SoftEtherVPN.svg)](https://cirrus-ci.com/github/SoftEtherVPN/SoftEtherVPN)|

 - [SoftEther VPN](#softether-vpn)
@@ -16,6 +14,7 @@
  * [For Windows](#for-windows)
  * [From binary installers (stable channel)](#from-binary-installers-stable-channel)
  * [Build from Source code](#build-from-source-code)
+- [Antivirus False Positive Detection](ANTIVIRUS.md)
 - [About HTML5-based Modern Admin Console and JSON-RPC API Suite](#about-html5-based-modern-admin-console-and-json-rpc-api-suite)
  * [Built-in SoftEther VPN Server HTML5 Ajax-based Web Administration Console](#built-in-softether-vpn-server-html5-ajax-based-web-administration-console)
  * [Built-in SoftEther Server VPN JSON-RPC API Suite](#built-in-softether-server-vpn-json-rpc-api-suite)
@@ -203,14 +202,22 @@ Also SoftEther VPN [Stable Edition](https://www.freshports.org/security/softethe

 ## For Windows

-[Nightly builds](https://dev.azure.com/SoftEther-VPN/SoftEther%20VPN/_build?definitionId=6)
+[Releases](https://github.com/SoftEtherVPN/SoftEtherVPN/releases)
+
+[Nightly builds](https://github.com/SoftEtherVPN/SoftEtherVPN/actions/workflows/windows.yml)
 (choose appropriate platform, then find binaries or installers as artifacts)

+**⚠️ Important for Windows Users**: Some antivirus software (including Microsoft Defender) may incorrectly flag SoftEther VPN as malicious. This is a **false positive**. See [ANTIVIRUS.md](ANTIVIRUS.md) for detailed information and solutions.
+
 ## From binary installers (stable channel)

 Those can be found under https://www.softether-download.com/
 There you can also find SoftEtherVPN source code in zip and tar formats.

+## Docker Container Image
+
+Please look at the [ContainerREADME.md](ContainerREADME.md)
+
 ## Build from Source code

 see [BUILD_UNIX](src/BUILD_UNIX.md) or [BUILD_WINDOWS](src/BUILD_WINDOWS.md)
@@ -286,6 +293,8 @@ We hope that you can reach one of the above URLs at least!
 Your contribution to SoftEther VPN Project is much appreciated.
 Please send patches to us through GitHub.

+Here you find how to submit new translation: [TRANSLATION_GUIDE.md](TRANSLATION_GUIDE.md)
+

 # DEAR SECURITY EXPERTS

@@ -13,3 +13,14 @@ currently being supported with security updates.
 ## Reporting a Vulnerability

 Please use [github security reporting](https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/new)
+
+## Antivirus False Positive Detection
+
+Some antivirus software may incorrectly flag SoftEther VPN executables as malicious. This is a **false positive** and not a security vulnerability.
+
+**If you encounter antivirus warnings:**
+- See [ANTIVIRUS.md](ANTIVIRUS.md) for detailed information and solutions
+- Report false positives to your antivirus vendor
+- Verify downloads are from official sources only
+
+**SoftEther VPN is safe**: All source code is publicly available and can be reviewed at https://github.com/SoftEtherVPN/SoftEtherVPN
@@ -0,0 +1,118 @@
+import Foundation
+import Network
+import Security
+
+/// SecureConnection handles the TLS connection with the SoftEther VPN server
+class SecureConnection {
+    
+    // MARK: - Properties
+    
+    private var connection: NWConnection?
+    private let host: String
+    private let port: UInt16
+    private let queue = DispatchQueue(label: "com.softether.connection", qos: .userInitiated)
+    
+    // MARK: - Initialization
+    
+    /// Initialize a secure connection
+    /// - Parameters:
+    ///   - host: Server hostname or IP address
+    ///   - port: Server port number
+    init(host: String, port: UInt16) {
+        self.host = host
+        self.port = port
+    }
+    
+    // MARK: - Public Methods
+    
+    /// Connect to the server using TLS
+    /// - Parameter completion: Callback with connection result
+    func connect(completion: @escaping (Bool, Error?) -> Void) {
+        let hostEndpoint = NWEndpoint.Host(host)
+        let portEndpoint = NWEndpoint.Port(rawValue: port)!
+        
+        // Create TLS parameters
+        let tlsOptions = NWProtocolTLS.Options()
+        
+        // Configure TLS for maximum compatibility with SoftEther
+        let securityOptions = tlsOptions.securityProtocolOptions
+        sec_protocol_options_set_tls_min_version(securityOptions, .TLSv12)
+        sec_protocol_options_set_tls_max_version(securityOptions, .TLSv13)
+        
+        // Allow all cipher suites for compatibility
+        sec_protocol_options_set_cipher_suites(securityOptions, nil, 0)
+        
+        // Disable certificate validation for initial development (ENABLE IN PRODUCTION)
+        sec_protocol_options_set_verify_block(securityOptions, { (_, _, trustResult, _) in
+            return true // Accept all certificates for testing
+        }, queue)
+        
+        // Create TCP options with TLS
+        let tcpOptions = NWProtocolTCP.Options()
+        tcpOptions.enableKeepalive = true
+        tcpOptions.keepaliveIdle = 30
+        
+        // Create connection parameters
+        let parameters = NWParameters(tls: tlsOptions, tcp: tcpOptions)
+        
+        // Create the connection
+        connection = NWConnection(host: hostEndpoint, port: portEndpoint, using: parameters)
+        
+        // Set up state handling
+        connection?.stateUpdateHandler = { [weak self] state in
+            switch state {
+            case .ready:
+                completion(true, nil)
+            case .failed(let error):
+                self?.disconnect()
+                completion(false, error)
+            case .cancelled:
+                completion(false, NSError(domain: "SoftEtherError", code: 1000, userInfo: [NSLocalizedDescriptionKey: "Connection cancelled"]))
+            default:
+                break
+            }
+        }
+        
+        // Start the connection
+        connection?.start(queue: queue)
+    }
+    
+    /// Disconnect from the server
+    func disconnect() {
+        connection?.cancel()
+        connection = nil
+    }
+    
+    /// Send data to the server
+    /// - Parameters:
+    ///   - data: Data to send
+    ///   - completion: Callback with error if any
+    func send(data: Data, completion: @escaping (Error?) -> Void) {
+        guard let connection = connection, connection.state == .ready else {
+            completion(NSError(domain: "SoftEtherError", code: 1001, userInfo: [NSLocalizedDescriptionKey: "Connection not ready"]))
+            return
+        }
+        
+        connection.send(content: data, completion: .contentProcessed { error in
+            completion(error)
+        })
+    }
+    
+    /// Receive data from the server
+    /// - Parameter completion: Callback with received data and error if any
+    func receive(completion: @escaping (Data?, Error?) -> Void) {
+        guard let connection = connection, connection.state == .ready else {
+            completion(nil, NSError(domain: "SoftEtherError", code: 1001, userInfo: [NSLocalizedDescriptionKey: "Connection not ready"]))
+            return
+        }
+        
+        connection.receive(minimumIncompleteLength: 1, maximumLength: 65536) { data, _, isComplete, error in
+            completion(data, error)
+            
+            if isComplete {
+                // Connection was closed by the peer
+                self.disconnect()
+            }
+        }
+    }
+}
@@ -0,0 +1,90 @@
+import Foundation
+
+/// Handles the specific client signature format that SoftEther expects
+class SoftEtherClientSignature {
+    
+    // MARK: - Constants
+    
+    private enum Constants {
+        static let clientBuildNumber: UInt32 = 5187
+        static let clientVersion: UInt32 = 5_02_0000 + clientBuildNumber
+        static let clientString = "SoftEther VPN Client"
+        static let softEtherMagic: [UInt8] = [0x5E, 0x68] // 'Se' in hex
+        
+        // Protocol identification constants from SoftEther source
+        static let cedar = "CEDAR"
+        static let sessionKey = "sessionkey"
+        static let protocol1 = "PROTOCOL"
+        static let protocol2 = "PROTOCOL2"
+    }
+    
+    // MARK: - Public Methods
+    
+    /// Generate the client signature packet that identifies this client as a legitimate SoftEther VPN client
+    /// - Returns: Data containing the formatted client signature
+    static func generateSignature() -> Data {
+        var data = Data()
+        
+        // 1. Add SoftEther magic bytes
+        data.append(contentsOf: Constants.softEtherMagic)
+        
+        // 2. Add client version in network byte order (big endian)
+        data.appendUInt32(Constants.clientVersion)
+        
+        // 3. Add client build number in network byte order
+        data.appendUInt32(Constants.clientBuildNumber)
+        
+        // 4. Add cedar protocol identifier
+        if let cedarData = Constants.cedar.data(using: .ascii) {
+            data.append(cedarData)
+            data.append(0) // null terminator
+        }
+        
+        // 5. Add client string with null terminator
+        if let clientString = (Constants.clientString + "\0").data(using: .ascii) {
+            data.append(clientString)
+        }
+        
+        // 6. Add protocol identifiers
+        if let protocolData = (Constants.protocol1 + "\0").data(using: .ascii) {
+            data.append(protocolData)
+        }
+        
+        if let protocol2Data = (Constants.protocol2 + "\0").data(using: .ascii) {
+            data.append(protocol2Data)
+        }
+        
+        // 7. Add session key marker
+        if let sessionKeyData = (Constants.sessionKey + "\0").data(using: .ascii) {
+            data.append(sessionKeyData)
+        }
+        
+        // 8. Add random data for session key (typically 20 bytes)
+        let randomSessionKey = SoftEtherCrypto.randomBytes(count: 20)
+        data.append(randomSessionKey)
+        
+        // 9. Calculate and append SHA-1 hash of the entire data for integrity verification
+        let hash = SoftEtherCrypto.sha1(data)
+        data.append(hash)
+        
+        return data
+    }
+    
+    /// Verify a server response to the client signature
+    /// - Parameter data: Response data from server
+    /// - Returns: True if valid response, false otherwise
+    static func verifyServerResponse(_ data: Data) -> Bool {
+        // Basic validation - a real implementation would parse and validate the server response format
+        // This is a minimal check to see if we have enough data and it starts with the magic bytes
+        guard data.count >= 8 else {
+            return false
+        }
+        
+        // Check if response starts with SoftEther magic bytes
+        if data[0] == Constants.softEtherMagic[0] && data[1] == Constants.softEtherMagic[1] {
+            return true
+        }
+        
+        return false
+    }
+}
@@ -0,0 +1,97 @@
+import Foundation
+import CryptoKit
+
+/// Handles encryption operations for SoftEther protocol
+class SoftEtherCrypto {
+    
+    // MARK: - Constants
+    
+    private enum Constants {
+        static let sha1Size = 20
+        static let md5Size = 16
+    }
+    
+    // MARK: - Public Methods
+    
+    /// Generate secure random bytes
+    /// - Parameter count: Number of random bytes to generate
+    /// - Returns: Data containing random bytes
+    static func randomBytes(count: Int) -> Data {
+        var data = Data(count: count)
+        _ = data.withUnsafeMutableBytes { 
+            SecRandomCopyBytes(kSecRandomDefault, count, $0.baseAddress!)
+        }
+        return data
+    }
+    
+    /// Calculate SHA-1 hash
+    /// - Parameter data: Input data
+    /// - Returns: SHA-1 hash of the input data
+    static func sha1(_ data: Data) -> Data {
+        let digest = SHA1.hash(data: data)
+        return Data(digest)
+    }
+    
+    /// Calculate MD5 hash
+    /// - Parameter data: Input data
+    /// - Returns: MD5 hash of the input data
+    static func md5(_ data: Data) -> Data {
+        let digest = Insecure.MD5.hash(data: data)
+        return Data(digest)
+    }
+    
+    /// Encrypt data using RC4 algorithm (for SoftEther compatibility)
+    /// - Parameters:
+    ///   - data: Data to encrypt
+    ///   - key: Encryption key
+    /// - Returns: Encrypted data
+    static func rc4Encrypt(data: Data, key: Data) -> Data {
+        let rc4 = RC4(key: key)
+        return rc4.process(data)
+    }
+    
+    /// Decrypt data using RC4 algorithm (for SoftEther compatibility)
+    /// - Parameters:
+    ///   - data: Data to decrypt
+    ///   - key: Decryption key
+    /// - Returns: Decrypted data
+    static func rc4Decrypt(data: Data, key: Data) -> Data {
+        // RC4 is symmetric, so encryption and decryption are the same operation
+        return rc4Encrypt(data: data, key: key)
+    }
+}
+
+/// Simple RC4 implementation for SoftEther compatibility
+/// Note: RC4 is considered insecure, but SoftEther uses it in parts of its protocol
+private class RC4 {
+    private var state: [UInt8]
+    
+    init(key: Data) {
+        state = Array(0...255)
+        var j: Int = 0
+        
+        // Key scheduling algorithm
+        for i in 0..<256 {
+            let keyByte = key[i % key.count]
+            j = (j + Int(state[i]) + Int(keyByte)) & 0xFF
+            state.swapAt(i, j)
+        }
+    }
+    
+    func process(_ data: Data) -> Data {
+        var result = Data(count: data.count)
+        var i: Int = 0
+        var j: Int = 0
+        
+        // Generate keystream and XOR with plaintext
+        for k in 0..<data.count {
+            i = (i + 1) & 0xFF
+            j = (j + Int(state[i])) & 0xFF
+            state.swapAt(i, j)
+            let keyStreamByte = state[(Int(state[i]) + Int(state[j])) & 0xFF]
+            result[k] = data[k] ^ keyStreamByte
+        }
+        
+        return result
+    }
+}
@@ -0,0 +1,123 @@
+import Foundation
+
+/// Handles the SoftEther packet structure for communication
+class SoftEtherPacket {
+    
+    // MARK: - Constants
+    
+    private enum PacketType: UInt32 {
+        case clientSignature = 0x01
+        case serverResponse = 0x02
+        case sessionRequest = 0x03
+        case sessionResponse = 0x04
+        case data = 0x05
+        case keepAlive = 0x06
+    }
+    
+    private enum Constants {
+        static let headerSize: UInt32 = 16
+        static let maxPacketSize: UInt32 = 1024 * 1024 // 1MB
+    }
+    
+    // MARK: - Properties
+    
+    private var packetType: PacketType
+    private var packetId: UInt32
+    private var packetData: Data
+    
+    // MARK: - Initialization
+    
+    /// Initialize a packet with type, ID and data
+    /// - Parameters:
+    ///   - type: Packet type
+    ///   - id: Packet ID
+    ///   - data: Packet payload
+    init(type: UInt32, id: UInt32, data: Data) {
+        self.packetType = PacketType(rawValue: type) ?? .data
+        self.packetId = id
+        self.packetData = data
+    }
+    
+    /// Initialize a packet from raw data
+    /// - Parameter data: Raw packet data
+    init?(fromData data: Data) {
+        guard data.count >= Int(Constants.headerSize) else {
+            return nil
+        }
+        
+        // Parse header
+        let typeValue = data.readUInt32(at: 0)
+        self.packetId = data.readUInt32(at: 4)
+        let dataSize = data.readUInt32(at: 8)
+        
+        // Validate packet
+        guard let type = PacketType(rawValue: typeValue),
+              dataSize <= Constants.maxPacketSize,
+              data.count >= Int(Constants.headerSize + dataSize) else {
+            return nil
+        }
+        
+        self.packetType = type
+        
+        // Extract payload
+        let startIndex = Int(Constants.headerSize)
+        let endIndex = startIndex + Int(dataSize)
+        self.packetData = data.subdata(in: startIndex..<endIndex)
+    }
+    
+    // MARK: - Public Methods
+    
+    /// Serialize the packet to binary data format
+    /// - Returns: Serialized packet data
+    func serialize() -> Data {
+        var result = Data(capacity: Int(Constants.headerSize) + packetData.count)
+        
+        // Write header
+        result.appendUInt32(packetType.rawValue)
+        result.appendUInt32(packetId)
+        result.appendUInt32(UInt32(packetData.count))
+        result.appendUInt32(0) // Reserved
+        
+        // Write payload
+        result.append(packetData)
+        
+        return result
+    }
+    
+    /// Get the packet type
+    /// - Returns: Packet type
+    func getType() -> UInt32 {
+        return packetType.rawValue
+    }
+    
+    /// Get the packet ID
+    /// - Returns: Packet ID
+    func getId() -> UInt32 {
+        return packetId
+    }
+    
+    /// Get the packet payload
+    /// - Returns: Packet payload data
+    func getData() -> Data {
+        return packetData
+    }
+}
+
+// MARK: - Extensions
+
+extension Data {
+    /// Read a UInt32 value from the data at specified offset
+    /// - Parameter offset: Offset to read from
+    /// - Returns: UInt32 value in big-endian order
+    func readUInt32(at offset: Int) -> UInt32 {
+        let slice = self.subdata(in: offset..<(offset + 4))
+        return slice.withUnsafeBytes { $0.load(as: UInt32.self).bigEndian }
+    }
+    
+    /// Append a UInt32 value to the data in big-endian order
+    /// - Parameter value: UInt32 value to append
+    mutating func appendUInt32(_ value: UInt32) {
+        var bigEndian = value.bigEndian
+        append(UnsafeBufferPointer(start: &bigEndian, count: 1))
+    }
+}
@@ -0,0 +1,184 @@
+import Foundation
+import Network
+import Security
+import CryptoKit
+
+/// SoftEtherProtocol manages the communication between iOS client and SoftEther VPN server
+class SoftEtherProtocol {
+    
+    // MARK: - Properties
+    
+    private var secureConnection: SecureConnection?
+    private var isConnected = false
+    private var host: String = ""
+    private var port: UInt16 = 443
+    private var nextPacketId: UInt32 = 1
+    
+    // MARK: - Public Methods
+    
+    /// Connect to a SoftEther VPN server
+    /// - Parameters:
+    ///   - host: The server hostname or IP address
+    ///   - port: The server port (default: 443)
+    ///   - completion: Callback with connection result
+    public func connect(to host: String, port: UInt16 = 443, completion: @escaping (Bool, Error?) -> Void) {
+        self.host = host
+        self.port = port
+        
+        // Create a secure connection
+        secureConnection = SecureConnection(host: host, port: port)
+        
+        // Connect using TLS
+        secureConnection?.connect { [weak self] success, error in
+            guard let self = self, success else {
+                completion(false, error ?? NSError(domain: "SoftEtherError", code: 1, userInfo: [NSLocalizedDescriptionKey: "TLS connection failed"]))
+                return
+            }
+            
+            // After successful TLS connection, send the client signature
+            self.sendClientSignature { success, error in
+                if success {
+                    self.isConnected = true
+                }
+                completion(success, error)
+            }
+        }
+    }
+    
+    /// Disconnect from the server
+    public func disconnect() {
+        secureConnection?.disconnect()
+        isConnected = false
+    }
+    
+    // MARK: - Private Methods
+    
+    /// Send the SoftEther client signature to identify as a legitimate client
+    /// - Parameter completion: Callback with result
+    private func sendClientSignature(completion: @escaping (Bool, Error?) -> Void) {
+        // Generate client signature using our specialized class
+        let signatureData = SoftEtherClientSignature.generateSignature()
+        
+        // Create a packet with the signature data
+        let packetId = self.nextPacketId
+        self.nextPacketId += 1
+        
+        let packet = SoftEtherPacket(type: 0x01, id: packetId, data: signatureData)
+        let packetData = packet.serialize()
+        
+        print("Sending client signature packet: \(packetData.count) bytes")
+        
+        // Send the packet
+        secureConnection?.send(data: packetData) { [weak self] error in
+            guard let self = self else { return }
+            
+            if let error = error {
+                print("Error sending client signature: \(error)")
+                completion(false, error)
+                return
+            }
+            
+            // After sending signature, wait for server response
+            self.receiveServerResponse { success, error in
+                completion(success, error)
+            }
+        }
+    }
+    
+    /// Receive and process server response after sending signature
+    /// - Parameter completion: Callback with result
+    private func receiveServerResponse(completion: @escaping (Bool, Error?) -> Void) {
+        secureConnection?.receive { data, error in
+            if let error = error {
+                print("Error receiving server response: \(error)")
+                completion(false, error)
+                return
+            }
+            
+            guard let data = data, data.count > 4 else {
+                let error = NSError(domain: "SoftEtherError", code: 2, userInfo: [NSLocalizedDescriptionKey: "Invalid server response"])
+                print("Invalid server response: insufficient data")
+                completion(false, error)
+                return
+            }
+            
+            print("Received server response: \(data.count) bytes")
+            
+            // Parse the response packet
+            guard let packet = SoftEtherPacket(fromData: data) else {
+                let error = NSError(domain: "SoftEtherError", code: 3, userInfo: [NSLocalizedDescriptionKey: "Invalid packet format"])
+                print("Could not parse server response packet")
+                completion(false, error)
+                return
+            }
+            
+            // Verify the response
+            let packetData = packet.getData()
+            let isValid = SoftEtherClientSignature.verifyServerResponse(packetData)
+            
+            if isValid {
+                print("Server accepted our client signature")
+                completion(true, nil)
+            } else {
+                print("Server rejected our client signature")
+                let error = NSError(domain: "SoftEtherError", code: 4, userInfo: [NSLocalizedDescriptionKey: "Server rejected client signature"])
+                completion(false, error)
+            }
+        }
+    }
+    
+    /// Send a data packet to the server
+    /// - Parameters:
+    ///   - data: Data to send
+    ///   - completion: Callback with result
+    func sendData(data: Data, completion: @escaping (Bool, Error?) -> Void) {
+        guard isConnected else {
+            completion(false, NSError(domain: "SoftEtherError", code: 5, userInfo: [NSLocalizedDescriptionKey: "Not connected to server"]))
+            return
+        }
+        
+        let packetId = self.nextPacketId
+        self.nextPacketId += 1
+        
+        let packet = SoftEtherPacket(type: 0x05, id: packetId, data: data)
+        let packetData = packet.serialize()
+        
+        secureConnection?.send(data: packetData) { error in
+            if let error = error {
+                completion(false, error)
+                return
+            }
+            
+            completion(true, nil)
+        }
+    }
+    
+    /// Receive data from the server
+    /// - Parameter completion: Callback with received data and result
+    func receiveData(completion: @escaping (Data?, Bool, Error?) -> Void) {
+        guard isConnected else {
+            completion(nil, false, NSError(domain: "SoftEtherError", code: 5, userInfo: [NSLocalizedDescriptionKey: "Not connected to server"]))
+            return
+        }
+        
+        secureConnection?.receive { data, error in
+            if let error = error {
+                completion(nil, false, error)
+                return
+            }
+            
+            guard let data = data, data.count > 4 else {
+                completion(nil, false, NSError(domain: "SoftEtherError", code: 2, userInfo: [NSLocalizedDescriptionKey: "Invalid server response"]))
+                return
+            }
+            
+            // Parse the packet
+            guard let packet = SoftEtherPacket(fromData: data) else {
+                completion(nil, false, NSError(domain: "SoftEtherError", code: 3, userInfo: [NSLocalizedDescriptionKey: "Invalid packet format"]))
+                return
+            }
+            
+            completion(packet.getData(), true, nil)
+        }
+    }
+}
@@ -0,0 +1,149 @@
+import Foundation
+import UIKit
+
+/// SoftEtherVPNClient provides a simple interface for connecting to SoftEther VPN servers
+public class SoftEtherVPNClient {
+    
+    // MARK: - Properties
+    
+    private let protocol: SoftEtherProtocol
+    private var connectionState: ConnectionState = .disconnected
+    
+    // MARK: - Public Types
+    
+    /// Connection states for the VPN client
+    public enum ConnectionState {
+        case disconnected
+        case connecting
+        case connected
+        case disconnecting
+        case error(Error)
+    }
+    
+    /// Connection delegate to receive state updates
+    public protocol ConnectionDelegate: AnyObject {
+        func connectionStateDidChange(_ state: ConnectionState)
+    }
+    
+    /// Weak reference to the delegate
+    public weak var delegate: ConnectionDelegate?
+    
+    // MARK: - Initialization
+    
+    public init() {
+        self.protocol = SoftEtherProtocol()
+    }
+    
+    // MARK: - Public Methods
+    
+    /// Connect to a SoftEther VPN server
+    /// - Parameters:
+    ///   - host: Server hostname or IP address
+    ///   - port: Server port (default: 443)
+    ///   - completion: Optional completion handler
+    public func connect(to host: String, port: UInt16 = 443, completion: ((Bool, Error?) -> Void)? = nil) {
+        // Update state
+        connectionState = .connecting
+        delegate?.connectionStateDidChange(connectionState)
+        
+        // Connect using the protocol implementation
+        protocol.connect(to: host, port: port) { [weak self] success, error in
+            guard let self = self else { return }
+            
+            if success {
+                self.connectionState = .connected
+            } else if let error = error {
+                self.connectionState = .error(error)
+            } else {
+                self.connectionState = .disconnected
+            }
+            
+            self.delegate?.connectionStateDidChange(self.connectionState)
+            completion?(success, error)
+        }
+    }
+    
+    /// Disconnect from the server
+    /// - Parameter completion: Optional completion handler
+    public func disconnect(completion: (() -> Void)? = nil) {
+        // Update state
+        connectionState = .disconnecting
+        delegate?.connectionStateDidChange(connectionState)
+        
+        // Disconnect
+        protocol.disconnect()
+        
+        // Update state again
+        connectionState = .disconnected
+        delegate?.connectionStateDidChange(connectionState)
+        
+        completion?()
+    }
+    
+    /// Get the current connection state
+    /// - Returns: Current ConnectionState
+    public func getConnectionState() -> ConnectionState {
+        return connectionState
+    }
+    
+    /// Check if currently connected
+    /// - Returns: True if connected, false otherwise
+    public func isConnected() -> Bool {
+        if case .connected = connectionState {
+            return true
+        }
+        return false
+    }
+    
+    // MARK: - Example Usage
+    
+    /// Example showing how to use this class in a view controller
+    public static func exampleUsage() -> String {
+        return """
+        // In your view controller:
+        
+        private let vpnClient = SoftEtherVPNClient()
+        
+        override func viewDidLoad() {
+            super.viewDidLoad()
+            
+            // Set delegate
+            vpnClient.delegate = self
+        }
+        
+        @IBAction func connectButtonTapped(_ sender: UIButton) {
+            if vpnClient.isConnected() {
+                vpnClient.disconnect()
+            } else {
+                vpnClient.connect(to: "vpn.example.com") { success, error in
+                    if !success {
+                        print("Failed to connect: \\(error?.localizedDescription ?? "Unknown error")")
+                    }
+                }
+            }
+        }
+        
+        // MARK: - ConnectionDelegate
+        
+        extension YourViewController: SoftEtherVPNClient.ConnectionDelegate {
+            func connectionStateDidChange(_ state: SoftEtherVPNClient.ConnectionState) {
+                switch state {
+                case .connected:
+                    connectButton.setTitle("Disconnect", for: .normal)
+                    statusLabel.text = "Connected"
+                case .connecting:
+                    statusLabel.text = "Connecting..."
+                case .disconnecting:
+                    statusLabel.text = "Disconnecting..."
+                case .disconnected:
+                    connectButton.setTitle("Connect", for: .normal)
+                    statusLabel.text = "Disconnected"
+                case .error(let error):
+                    statusLabel.text = "Error: \\(error.localizedDescription)"
+                    connectButton.setTitle("Connect", for: .normal)
+                }
+            }
+        }
+        """
+    }
+}
@@ -0,0 +1,116 @@
+================================================================================
+SoftEther VPN - Windows Installation Notes
+================================================================================
+
+Thank you for installing SoftEther VPN!
+
+SoftEther VPN is legitimate, open-source VPN software developed by researchers
+at the University of Tsukuba, Japan. It has been in active development since
+2013 and is used by organizations and individuals worldwide.
+
+================================================================================
+IMPORTANT: Antivirus False Positive Warning
+================================================================================
+
+Some antivirus software (including Microsoft Defender) may incorrectly flag
+SoftEther VPN executables as malicious. This is a FALSE POSITIVE detection.
+
+WHY THIS HAPPENS:
+-----------------
+VPN software performs operations that can appear suspicious to antivirus
+programs:
+  - Network tunneling and traffic interception
+  - Low-level network operations
+  - Service installation with elevated privileges
+  - Registry modifications for Windows integration
+
+These are NORMAL and NECESSARY operations for any VPN software.
+
+IF MICROSOFT DEFENDER QUARANTINES SOFTETHER VPN:
+------------------------------------------------
+
+1. Add Exclusions to Microsoft Defender:
+   
+   a) Open Windows Security (Windows Key + I -> Privacy & Security -> 
+      Windows Security -> Virus & threat protection)
+   
+   b) Click "Manage settings" under Virus & threat protection settings
+   
+   c) Scroll down to "Exclusions" and click "Add or remove exclusions"
+   
+   d) Click "Add an exclusion" -> "Folder" and add:
+      
+      C:\Program Files\SoftEther VPN Client
+      C:\Program Files\SoftEther VPN Client Developer Edition
+      C:\Program Files\SoftEther VPN Server
+      C:\Program Files\SoftEther VPN Server Developer Edition
+      
+      (Add only the folders that exist for your installation)
+
+2. Restore Quarantined Files:
+   
+   a) Go to "Virus & threat protection" -> "Protection history"
+   b) Find quarantined SoftEther VPN files
+   c) Click "Actions" -> "Restore"
+
+3. Reinstall if Necessary:
+   
+   If files were deleted, reinstall SoftEther VPN. The exclusions will
+   prevent future detections.
+
+REPORT FALSE POSITIVE TO MICROSOFT:
+------------------------------------
+
+Help improve Microsoft Defender by reporting the false positive:
+
+  Visit: https://www.microsoft.com/en-us/wdsi/filesubmission
+  
+  Submit the flagged file and indicate it's a false positive detection
+  of SoftEther VPN, open-source software from the University of Tsukuba.
+
+MORE INFORMATION:
+-----------------
+
+For detailed documentation about this issue and additional solutions, see:
+
+  https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/ANTIVIRUS.md
+
+VERIFY AUTHENTICITY:
+--------------------
+
+SoftEther VPN is open source. You can verify the software by:
+
+  - Reviewing source code: https://github.com/SoftEtherVPN/SoftEtherVPN
+  - Official website: https://www.softether.org/
+  - Only download from official sources
+
+WARNING: Do not download SoftEther VPN from third-party websites.
+
+================================================================================
+Getting Started
+================================================================================
+
+After adding antivirus exclusions (if needed):
+
+1. Launch "SoftEther VPN Client Manager" from the Start Menu
+2. Configure your VPN connection settings
+3. Connect to your VPN server
+
+For detailed documentation, visit: https://www.softether.org/
+
+================================================================================
+Support
+================================================================================
+
+Official Website: https://www.softether.org/
+GitHub Repository: https://github.com/SoftEtherVPN/SoftEtherVPN
+Security Issues: https://github.com/SoftEtherVPN/SoftEtherVPN/security
+
+================================================================================
+
+SoftEther VPN is licensed under the Apache License 2.0
+Copyright (c) SoftEther VPN Project at University of Tsukuba, Japan
+
+Thank you for using SoftEther VPN!
+
+================================================================================
@@ -2,4 +2,4 @@ SoftEther VPN ("SoftEther" means "Software Ethernet") is an open-source cross-pl
 Its protocol is very fast and it can be used in very restricted environments, as it's able to transfer packets over DNS and ICMP.
 The server includes a free Dynamic DNS service, which can be used to access the server even if the public IP address changes.
 A NAT-Traversal function is also available, very useful in case the required ports cannot be opened on the firewall.
-The supported third party protocols are OpenVPN, L2TP/IPSec and SSTP.
+The supported third party protocols are OpenVPN, L2TP/IPSec, SSTP and WireGuard.
@@ -2,7 +2,7 @@

  <PropertyGroup>
    <OutputType>Exe</OutputType>
-    <TargetFramework>net7.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
  </PropertyGroup>

  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
@@ -216,8 +216,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
 <li><a href="#getspeciallistener">GetSpecialListener - Get Current Setting of the VPN over ICMP / VPN over DNS Function</a></li>
 <li><a href="#getazurestatus">GetAzureStatus - Show the current status of VPN Azure function</a></li>
 <li><a href="#setazurestatus">SetAzureStatus - Enable / Disable VPN Azure Function</a></li>
-<li><a href="#getddnsinternetsettng">GetDDnsInternetSettng - Get the Proxy Settings for Connecting to the DDNS server</a></li>
-<li><a href="#setddnsinternetsettng">SetDDnsInternetSettng - Set the Proxy Settings for Connecting to the DDNS server</a></li>
+<li><a href="#getddnsinternetsetting">GetDDnsInternetSetting - Get the Proxy Settings for Connecting to the DDNS server</a></li>
+<li><a href="#setddnsinternetsetting">SetDDnsInternetSetting - Set the Proxy Settings for Connecting to the DDNS server</a></li>
 <li><a href="#setvgsconfig">SetVgsConfig - Set the VPN Gate Server Configuration</a></li>
 <li><a href="#getvgsconfig">GetVgsConfig - Get the VPN Gate Server Configuration</a></li>
 </ul>
@@ -305,7 +305,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;ServerBuildInt_u32&quot;: 0,
    &quot;ServerHostName_str&quot;: &quot;serverhostname&quot;,
    &quot;ServerType_u32&quot;: 0,
-    &quot;ServerBuildDate_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;ServerBuildDate_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;ServerFamilyName_str&quot;: &quot;serverfamilyname&quot;,
    &quot;OsType_u32&quot;: 0,
    &quot;OsServicePack_u32&quot;: 0,
@@ -460,9 +460,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;Send.BroadcastCount_u64&quot;: 0,
    &quot;Send.UnicastBytes_u64&quot;: 0,
    &quot;Send.UnicastCount_u64&quot;: 0,
-    &quot;CurrentTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;CurrentTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;CurrentTick_u64&quot;: 0,
-    &quot;StartTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;StartTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;TotalMemory_u64&quot;: 0,
    &quot;UsedMemory_u64&quot;: 0,
    &quot;FreeMemory_u64&quot;: 0,
@@ -1136,7 +1136,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
  &quot;result&quot;: {
    &quot;Id_u32&quot;: 0,
    &quot;Controller_bool&quot;: false,
-    &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
    &quot;Hostname_str&quot;: &quot;hostname&quot;,
    &quot;Point_u32&quot;: 0,
@@ -1283,7 +1283,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
      {
        &quot;Id_u32&quot;: 0,
        &quot;Controller_bool&quot;: false,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Point_u32&quot;: 0,
@@ -1296,7 +1296,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
      {
        &quot;Id_u32&quot;: 0,
        &quot;Controller_bool&quot;: false,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Point_u32&quot;: 0,
@@ -1309,7 +1309,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
      {
        &quot;Id_u32&quot;: 0,
        &quot;Controller_bool&quot;: false,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Point_u32&quot;: 0,
@@ -1422,9 +1422,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;Port_u32&quot;: 0,
    &quot;Online_bool&quot;: false,
    &quot;LastError_u32&quot;: 0,
-    &quot;StartedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;FirstConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;CurrentConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;StartedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;FirstConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;CurrentConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;NumTry_u32&quot;: 0,
    &quot;NumConnected_u32&quot;: 0,
    &quot;NumFailed_u32&quot;: 0
@@ -1918,9 +1918,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;NumSessions_u32&quot;: 0,
        &quot;NumMacTables_u32&quot;: 0,
        &quot;NumIpTables_u32&quot;: 0,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;NumLogin_u32&quot;: 0,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
@@ -1941,9 +1941,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;NumSessions_u32&quot;: 0,
        &quot;NumMacTables_u32&quot;: 0,
        &quot;NumIpTables_u32&quot;: 0,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;NumLogin_u32&quot;: 0,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
@@ -1964,9 +1964,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;NumSessions_u32&quot;: 0,
        &quot;NumMacTables_u32&quot;: 0,
        &quot;NumIpTables_u32&quot;: 0,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;NumLogin_u32&quot;: 0,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
@@ -2309,7 +2309,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Port_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Type_u32&quot;: 0
      },
      {
@@ -2317,7 +2317,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Port_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Type_u32&quot;: 0
      },
      {
@@ -2325,7 +2325,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Port_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Type_u32&quot;: 0
      }
    ]
@@ -2450,7 +2450,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;Hostname_str&quot;: &quot;hostname&quot;,
    &quot;Ip_ip&quot;: &quot;192.168.0.1&quot;,
    &quot;Port_u32&quot;: 0,
-    &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;ServerStr_str&quot;: &quot;serverstr&quot;,
    &quot;ServerVer_u32&quot;: 0,
    &quot;ServerBuild_u32&quot;: 0,
@@ -2620,9 +2620,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;Send.UnicastBytes_u64&quot;: 0,
    &quot;Send.UnicastCount_u64&quot;: 0,
    &quot;SecureNATEnabled_bool&quot;: false,
-    &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;NumLogin_u32&quot;: 0
  }
 }
@@ -2992,19 +2992,19 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Key_u32&quot;: 0,
        &quot;SubjectName_utf&quot;: &quot;subjectname&quot;,
        &quot;IssuerName_utf&quot;: &quot;issuername&quot;,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;Key_u32&quot;: 0,
        &quot;SubjectName_utf&quot;: &quot;subjectname&quot;,
        &quot;IssuerName_utf&quot;: &quot;issuername&quot;,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;Key_u32&quot;: 0,
        &quot;SubjectName_utf&quot;: &quot;subjectname&quot;,
        &quot;IssuerName_utf&quot;: &quot;issuername&quot;,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      }
    ]
  }
@@ -4348,7 +4348,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Online_bool&quot;: false,
        &quot;Connected_bool&quot;: false,
        &quot;LastError_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;TargetHubName_str&quot;: &quot;targethubname&quot;
      },
@@ -4357,7 +4357,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Online_bool&quot;: false,
        &quot;Connected_bool&quot;: false,
        &quot;LastError_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;TargetHubName_str&quot;: &quot;targethubname&quot;
      },
@@ -4366,7 +4366,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Online_bool&quot;: false,
        &quot;Connected_bool&quot;: false,
        &quot;LastError_u32&quot;: 0,
-        &quot;ConnectedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;ConnectedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Hostname_str&quot;: &quot;hostname&quot;,
        &quot;TargetHubName_str&quot;: &quot;targethubname&quot;
      }
@@ -4668,9 +4668,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;ServerProductBuild_u32&quot;: 0,
    &quot;ServerX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
    &quot;ClientX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-    &quot;StartTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;FirstConnectionEstablisiedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;CurrentConnectionEstablishTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;StartTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;FirstConnectionEstablisiedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;CurrentConnectionEstablishTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;NumConnectionsEatablished_u32&quot;: 0,
    &quot;HalfConnection_bool&quot;: false,
    &quot;QoS_bool&quot;: false,
@@ -5996,7 +5996,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;Name_str&quot;: &quot;name&quot;,
    &quot;Realname_utf&quot;: &quot;realname&quot;,
    &quot;Note_utf&quot;: &quot;note&quot;,
-    &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;AuthType_u32&quot;: 0,
    &quot;Auth_Password_str&quot;: &quot;auth_password&quot;,
    &quot;UserX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
@@ -6057,9 +6057,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;GroupName_str&quot;: &quot;groupname&quot;,
    &quot;Realname_utf&quot;: &quot;realname&quot;,
    &quot;Note_utf&quot;: &quot;note&quot;,
-    &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;AuthType_u32&quot;: 0,
    &quot;Auth_Password_str&quot;: &quot;auth_password&quot;,
    &quot;UserX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
@@ -6247,7 +6247,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
 <tr>
 <td><code>Send.UnicastCount_u64</code></td>
 <td><code>number</code> (uint64)</td>
-<td>Unicast count (Send)</td>
+<td>Unicast bytes (Send)</td>
 </tr>
 <tr>
 <td><code>UsePolicy_bool</code></td>
@@ -6467,7 +6467,7 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;GroupName_str&quot;: &quot;groupname&quot;,
    &quot;Realname_utf&quot;: &quot;realname&quot;,
    &quot;Note_utf&quot;: &quot;note&quot;,
-    &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;AuthType_u32&quot;: 0,
    &quot;Auth_Password_str&quot;: &quot;auth_password&quot;,
    &quot;UserX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
@@ -6528,9 +6528,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;GroupName_str&quot;: &quot;groupname&quot;,
    &quot;Realname_utf&quot;: &quot;realname&quot;,
    &quot;Note_utf&quot;: &quot;note&quot;,
-    &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;AuthType_u32&quot;: 0,
    &quot;Auth_Password_str&quot;: &quot;auth_password&quot;,
    &quot;UserX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
@@ -6948,9 +6948,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;GroupName_str&quot;: &quot;groupname&quot;,
    &quot;Realname_utf&quot;: &quot;realname&quot;,
    &quot;Note_utf&quot;: &quot;note&quot;,
-    &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;AuthType_u32&quot;: 0,
    &quot;Auth_Password_str&quot;: &quot;auth_password&quot;,
    &quot;UserX_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
@@ -7419,11 +7419,11 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Note_utf&quot;: &quot;note&quot;,
        &quot;AuthType_u32&quot;: 0,
        &quot;NumLogin_u32&quot;: 0,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;DenyAccess_bool&quot;: false,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;IsExpiresFilled_bool&quot;: false,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
        &quot;Ex.Recv.BroadcastCount_u64&quot;: 0,
        &quot;Ex.Recv.UnicastBytes_u64&quot;: 0,
@@ -7440,11 +7440,11 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Note_utf&quot;: &quot;note&quot;,
        &quot;AuthType_u32&quot;: 0,
        &quot;NumLogin_u32&quot;: 0,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;DenyAccess_bool&quot;: false,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;IsExpiresFilled_bool&quot;: false,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
        &quot;Ex.Recv.BroadcastCount_u64&quot;: 0,
        &quot;Ex.Recv.UnicastBytes_u64&quot;: 0,
@@ -7461,11 +7461,11 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Note_utf&quot;: &quot;note&quot;,
        &quot;AuthType_u32&quot;: 0,
        &quot;NumLogin_u32&quot;: 0,
-        &quot;LastLoginTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LastLoginTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;DenyAccess_bool&quot;: false,
        &quot;IsTrafficFilled_bool&quot;: false,
        &quot;IsExpiresFilled_bool&quot;: false,
-        &quot;Expires_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;Expires_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;Ex.Recv.BroadcastBytes_u64&quot;: 0,
        &quot;Ex.Recv.BroadcastCount_u64&quot;: 0,
        &quot;Ex.Recv.UnicastBytes_u64&quot;: 0,
@@ -8907,8 +8907,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Client_MonitorMode_bool&quot;: false,
        &quot;VLanId_u32&quot;: 0,
        &quot;UniqueId_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;Name_str&quot;: &quot;name&quot;,
@@ -8929,8 +8929,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Client_MonitorMode_bool&quot;: false,
        &quot;VLanId_u32&quot;: 0,
        &quot;UniqueId_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;Name_str&quot;: &quot;name&quot;,
@@ -8951,8 +8951,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Client_MonitorMode_bool&quot;: false,
        &quot;VLanId_u32&quot;: 0,
        &quot;UniqueId_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      }
    ]
  }
@@ -9117,9 +9117,9 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;ServerProductName_str&quot;: &quot;serverproductname&quot;,
    &quot;ServerProductVer_u32&quot;: 0,
    &quot;ServerProductBuild_u32&quot;: 0,
-    &quot;StartTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;FirstConnectionEstablisiedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-    &quot;CurrentConnectionEstablishTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+    &quot;StartTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;FirstConnectionEstablisiedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+    &quot;CurrentConnectionEstablishTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
    &quot;NumConnectionsEatablished_u32&quot;: 0,
    &quot;HalfConnection_bool&quot;: false,
    &quot;QoS_bool&quot;: false,
@@ -9496,8 +9496,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Key_u32&quot;: 0,
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;,
        &quot;VlanId_u32&quot;: 0
@@ -9506,8 +9506,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Key_u32&quot;: 0,
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;,
        &quot;VlanId_u32&quot;: 0
@@ -9516,8 +9516,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;Key_u32&quot;: 0,
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;,
        &quot;VlanId_u32&quot;: 0
@@ -9663,8 +9663,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DhcpAllocated_bool&quot;: false,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;
      },
@@ -9673,8 +9673,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DhcpAllocated_bool&quot;: false,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;
      },
@@ -9683,8 +9683,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;SessionName_str&quot;: &quot;sessionname&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DhcpAllocated_bool&quot;: false,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;RemoteItem_bool&quot;: false,
        &quot;RemoteHostname_str&quot;: &quot;remotehostname&quot;
      }
@@ -10376,8 +10376,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;DestIp_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DestHost_str&quot;: &quot;desthost&quot;,
        &quot;DestPort_u32&quot;: 0,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;SendSize_u64&quot;: 0,
        &quot;RecvSize_u64&quot;: 0,
        &quot;TcpStatus_u32&quot;: 0
@@ -10391,8 +10391,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;DestIp_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DestHost_str&quot;: &quot;desthost&quot;,
        &quot;DestPort_u32&quot;: 0,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;SendSize_u64&quot;: 0,
        &quot;RecvSize_u64&quot;: 0,
        &quot;TcpStatus_u32&quot;: 0
@@ -10406,8 +10406,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;DestIp_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;DestHost_str&quot;: &quot;desthost&quot;,
        &quot;DestPort_u32&quot;: 0,
-        &quot;CreatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;LastCommTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;CreatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;LastCommTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;SendSize_u64&quot;: 0,
        &quot;RecvSize_u64&quot;: 0,
        &quot;TcpStatus_u32&quot;: 0
@@ -10527,8 +10527,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
    &quot;DhcpTable&quot;: [
      {
        &quot;Id_u32&quot;: 0,
-        &quot;LeasedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LeasedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Mask_u32&quot;: 0,
@@ -10536,8 +10536,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
      },
      {
        &quot;Id_u32&quot;: 0,
-        &quot;LeasedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LeasedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Mask_u32&quot;: 0,
@@ -10545,8 +10545,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
      },
      {
        &quot;Id_u32&quot;: 0,
-        &quot;LeasedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
-        &quot;ExpireTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;,
+        &quot;LeasedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
+        &quot;ExpireTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;,
        &quot;MacAddress_bin&quot;: &quot;SGVsbG8gV29ybGQ=&quot;,
        &quot;IpAddress_ip&quot;: &quot;192.168.0.1&quot;,
        &quot;Mask_u32&quot;: 0,
@@ -13090,19 +13090,19 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
        &quot;ServerName_str&quot;: &quot;servername&quot;,
        &quot;FilePath_str&quot;: &quot;filepath&quot;,
        &quot;FileSize_u32&quot;: 0,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;ServerName_str&quot;: &quot;servername&quot;,
        &quot;FilePath_str&quot;: &quot;filepath&quot;,
        &quot;FileSize_u32&quot;: 0,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      },
      {
        &quot;ServerName_str&quot;: &quot;servername&quot;,
        &quot;FilePath_str&quot;: &quot;filepath&quot;,
        &quot;FileSize_u32&quot;: 0,
-        &quot;UpdatedTime_dt&quot;: &quot;2020-08-01T12:24:36.123&quot;
+        &quot;UpdatedTime_dt&quot;: &quot;2024-08-01T12:24:36.123&quot;
      }
    ]
  }
@@ -14508,15 +14508,15 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
 </tbody>
 </table>
 <hr />
-<p><a id="getddnsinternetsettng"></a></p>
-<h2 id="getddnsinternetsettng-rpc-api-get-the-proxy-settings-for-connecting-to-the-ddns-server">&quot;GetDDnsInternetSettng&quot; RPC API - Get the Proxy Settings for Connecting to the DDNS server</h2>
+<p><a id="getddnsinternetsetting"></a></p>
+<h2 id="getddnsinternetsetting-rpc-api-get-the-proxy-settings-for-connecting-to-the-ddns-server">&quot;GetDDnsInternetSetting&quot; RPC API - Get the Proxy Settings for Connecting to the DDNS server</h2>
 <h3 id="description-131">Description</h3>
 <p>Get the Proxy Settings for Connecting to the DDNS server.</p>
 <h3 id="input-json-rpc-format-131">Input JSON-RPC Format</h3>
 <pre><code class="language-json">{
  &quot;jsonrpc&quot;: &quot;2.0&quot;,
  &quot;id&quot;: &quot;rpc_call_id&quot;,
-  &quot;method&quot;: &quot;GetDDnsInternetSettng&quot;,
+  &quot;method&quot;: &quot;GetDDnsInternetSetting&quot;,
  &quot;params&quot;: {}
 }
 </code></pre>
@@ -14571,15 +14571,15 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
 </tbody>
 </table>
 <hr />
-<p><a id="setddnsinternetsettng"></a></p>
-<h2 id="setddnsinternetsettng-rpc-api-set-the-proxy-settings-for-connecting-to-the-ddns-server">&quot;SetDDnsInternetSettng&quot; RPC API - Set the Proxy Settings for Connecting to the DDNS server</h2>
+<p><a id="setddnsinternetsetting"></a></p>
+<h2 id="setddnsinternetsetting-rpc-api-set-the-proxy-settings-for-connecting-to-the-ddns-server">&quot;SetDDnsInternetSetting&quot; RPC API - Set the Proxy Settings for Connecting to the DDNS server</h2>
 <h3 id="description-132">Description</h3>
 <p>Set the Proxy Settings for Connecting to the DDNS server.</p>
 <h3 id="input-json-rpc-format-132">Input JSON-RPC Format</h3>
 <pre><code class="language-json">{
  &quot;jsonrpc&quot;: &quot;2.0&quot;,
  &quot;id&quot;: &quot;rpc_call_id&quot;,
-  &quot;method&quot;: &quot;SetDDnsInternetSettng&quot;,
+  &quot;method&quot;: &quot;SetDDnsInternetSetting&quot;,
  &quot;params&quot;: {
    &quot;ProxyType_u32&quot;: 0,
    &quot;ProxyHostName_str&quot;: &quot;proxyhostname&quot;,
@@ -14640,8 +14640,8 @@ All APIs are based on the <a href="https://www.jsonrpc.org/specification">JSON-R
 </tbody>
 </table>
 <hr />
-<p>Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen.<br />
-Copyright (c) 2014-2019 <a href="https://www.softether.org/">SoftEther VPN Project</a> under the Apache License 2.0.</p>
+<p>Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen.<br />
+Copyright (c) 2014-2023 <a href="https://www.softether.org/">SoftEther VPN Project</a> under the Apache License 2.0.</p>

 	</article>
 </body>
@@ -208,8 +208,8 @@ Value | Description
 - [GetSpecialListener - Get Current Setting of the VPN over ICMP / VPN over DNS Function](#getspeciallistener)
 - [GetAzureStatus - Show the current status of VPN Azure function](#getazurestatus)
 - [SetAzureStatus - Enable / Disable VPN Azure Function](#setazurestatus)
- [GetDDnsInternetSettng - Get the Proxy Settings for Connecting to the DDNS server](#getddnsinternetsettng)
- [SetDDnsInternetSettng - Set the Proxy Settings for Connecting to the DDNS server](#setddnsinternetsettng)
+- [GetDDnsInternetSetting - Get the Proxy Settings for Connecting to the DDNS server](#getddnsinternetsetting)
+- [SetDDnsInternetSetting - Set the Proxy Settings for Connecting to the DDNS server](#setddnsinternetsetting)
 - [SetVgsConfig - Set the VPN Gate Server Configuration](#setvgsconfig)
 - [GetVgsConfig - Get the VPN Gate Server Configuration](#getvgsconfig)

@@ -283,7 +283,7 @@ Get server information. This allows you to obtain the server information of the
    "ServerBuildInt_u32": 0,
    "ServerHostName_str": "serverhostname",
    "ServerType_u32": 0,
-    "ServerBuildDate_dt": "2020-08-01T12:24:36.123",
+    "ServerBuildDate_dt": "2024-08-01T12:24:36.123",
    "ServerFamilyName_str": "serverfamilyname",
    "OsType_u32": 0,
    "OsServicePack_u32": 0,
@@ -368,9 +368,9 @@ Get Current Server Status. This allows you to obtain in real-time the current st
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
-    "CurrentTime_dt": "2020-08-01T12:24:36.123",
+    "CurrentTime_dt": "2024-08-01T12:24:36.123",
    "CurrentTick_u64": 0,
-    "StartTime_dt": "2020-08-01T12:24:36.123",
+    "StartTime_dt": "2024-08-01T12:24:36.123",
    "TotalMemory_u64": 0,
    "UsedMemory_u64": 0,
    "FreeMemory_u64": 0,
@@ -768,7 +768,7 @@ Get Cluster Member Information. When the VPN Server is operating as a cluster co
  "result": {
    "Id_u32": 0,
    "Controller_bool": false,
-    "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+    "ConnectedTime_dt": "2024-08-01T12:24:36.123",
    "Ip_ip": "192.168.0.1",
    "Hostname_str": "hostname",
    "Point_u32": 0,
@@ -849,7 +849,7 @@ Get List of Cluster Members. Use this API when the VPN Server is operating as a
      {
        "Id_u32": 0,
        "Controller_bool": false,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
@@ -862,7 +862,7 @@ Get List of Cluster Members. Use this API when the VPN Server is operating as a
      {
        "Id_u32": 0,
        "Controller_bool": false,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
@@ -875,7 +875,7 @@ Get List of Cluster Members. Use this API when the VPN Server is operating as a
      {
        "Id_u32": 0,
        "Controller_bool": false,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
@@ -934,9 +934,9 @@ Get Connection Status to Cluster Controller. Use this API when the VPN Server is
    "Port_u32": 0,
    "Online_bool": false,
    "LastError_u32": 0,
-    "StartedTime_dt": "2020-08-01T12:24:36.123",
-    "FirstConnectedTime_dt": "2020-08-01T12:24:36.123",
-    "CurrentConnectedTime_dt": "2020-08-01T12:24:36.123",
+    "StartedTime_dt": "2024-08-01T12:24:36.123",
+    "FirstConnectedTime_dt": "2024-08-01T12:24:36.123",
+    "CurrentConnectedTime_dt": "2024-08-01T12:24:36.123",
    "NumTry_u32": 0,
    "NumConnected_u32": 0,
    "NumFailed_u32": 0
@@ -1278,9 +1278,9 @@ Get List of Virtual Hubs. Use this to get a list of existing Virtual Hubs on the
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
@@ -1301,9 +1301,9 @@ Get List of Virtual Hubs. Use this to get a list of existing Virtual Hubs on the
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
@@ -1324,9 +1324,9 @@ Get List of Virtual Hubs. Use this to get a list of existing Virtual Hubs on the
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
@@ -1525,7 +1525,7 @@ Get List of TCP Connections Connecting to the VPN Server. Use this to get a list
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Type_u32": 0
      },
      {
@@ -1533,7 +1533,7 @@ Get List of TCP Connections Connecting to the VPN Server. Use this to get a list
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Type_u32": 0
      },
      {
@@ -1541,7 +1541,7 @@ Get List of TCP Connections Connecting to the VPN Server. Use this to get a list
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Type_u32": 0
      }
    ]
@@ -1626,7 +1626,7 @@ Get Information of TCP Connections Connecting to the VPN Server. Use this to get
    "Hostname_str": "hostname",
    "Ip_ip": "192.168.0.1",
    "Port_u32": 0,
-    "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+    "ConnectedTime_dt": "2024-08-01T12:24:36.123",
    "ServerStr_str": "serverstr",
    "ServerVer_u32": 0,
    "ServerBuild_u32": 0,
@@ -1736,9 +1736,9 @@ Get Current Status of Virtual Hub. Use this to get the current status of the Vir
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "SecureNATEnabled_bool": false,
-    "LastCommTime_dt": "2020-08-01T12:24:36.123",
-    "LastLoginTime_dt": "2020-08-01T12:24:36.123",
-    "CreatedTime_dt": "2020-08-01T12:24:36.123",
+    "LastCommTime_dt": "2024-08-01T12:24:36.123",
+    "LastLoginTime_dt": "2024-08-01T12:24:36.123",
+    "CreatedTime_dt": "2024-08-01T12:24:36.123",
    "NumLogin_u32": 0
  }
 }
@@ -1948,19 +1948,19 @@ Get List of Trusted CA Certificates. Here you can manage the certificate authori
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
-        "Expires_dt": "2020-08-01T12:24:36.123"
+        "Expires_dt": "2024-08-01T12:24:36.123"
      },
      {
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
-        "Expires_dt": "2020-08-01T12:24:36.123"
+        "Expires_dt": "2024-08-01T12:24:36.123"
      },
      {
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
-        "Expires_dt": "2020-08-01T12:24:36.123"
+        "Expires_dt": "2024-08-01T12:24:36.123"
      }
    ]
  }
@@ -2210,7 +2210,7 @@ Name | Type | Description
 `NoUdpAcceleration_bool` | `boolean` | Client Option Parameters: Do not use UDP acceleration mode if the value is true
 `AuthType_u32` | `number` (enum) | Authentication type<BR>Values:<BR>`0`: Anonymous authentication<BR>`1`: SHA-0 hashed password authentication<BR>`2`: Plain password authentication<BR>`3`: Certificate authentication
 `Username_str` | `string` (ASCII) | User name
-`HashedPassword_bin` | `string` (Base64 binary) | SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(password_ascii_string + UpperCase(username_ascii_string)).
+`HashedPassword_bin` | `string` (Base64 binary) | SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(UpperCase(username_ascii_string) + password_ascii_string).
 `PlainPassword_str` | `string` (ASCII) | Plaintext Password. Valid only if ClientAuth_AuthType_u32 == PlainPassword (2).
 `ClientX_bin` | `string` (Base64 binary) | Client certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
 `ClientK_bin` | `string` (Base64 binary) | Client private key of the certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
@@ -2537,7 +2537,7 @@ Name | Type | Description
 `NoUdpAcceleration_bool` | `boolean` | Client Option Parameters: Do not use UDP acceleration mode if the value is true
 `AuthType_u32` | `number` (enum) | Authentication type<BR>Values:<BR>`0`: Anonymous authentication<BR>`1`: SHA-0 hashed password authentication<BR>`2`: Plain password authentication<BR>`3`: Certificate authentication
 `Username_str` | `string` (ASCII) | User name
-`HashedPassword_bin` | `string` (Base64 binary) | SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(password_ascii_string + UpperCase(username_ascii_string)).
+`HashedPassword_bin` | `string` (Base64 binary) | SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(UpperCase(username_ascii_string) + password_ascii_string).
 `PlainPassword_str` | `string` (ASCII) | Plaintext Password. Valid only if ClientAuth_AuthType_u32 == PlainPassword (2).
 `ClientX_bin` | `string` (Base64 binary) | Client certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
 `ClientK_bin` | `string` (Base64 binary) | Client private key of the certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
@@ -2600,7 +2600,7 @@ Get List of Cascade Connections. Use this to get a list of Cascade Connections t
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      },
@@ -2609,7 +2609,7 @@ Get List of Cascade Connections. Use this to get a list of Cascade Connections t
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      },
@@ -2618,7 +2618,7 @@ Get List of Cascade Connections. Use this to get a list of Cascade Connections t
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
-        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
+        "ConnectedTime_dt": "2024-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      }
@@ -2834,9 +2834,9 @@ Get Current Cascade Connection Status. When a Cascade Connection registered on t
    "ServerProductBuild_u32": 0,
    "ServerX_bin": "SGVsbG8gV29ybGQ=",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
-    "StartTime_dt": "2020-08-01T12:24:36.123",
-    "FirstConnectionEstablisiedTime_dt": "2020-08-01T12:24:36.123",
-    "CurrentConnectionEstablishTime_dt": "2020-08-01T12:24:36.123",
+    "StartTime_dt": "2024-08-01T12:24:36.123",
+    "FirstConnectionEstablisiedTime_dt": "2024-08-01T12:24:36.123",
+    "CurrentConnectionEstablishTime_dt": "2024-08-01T12:24:36.123",
    "NumConnectionsEatablished_u32": 0,
    "HalfConnection_bool": false,
    "QoS_bool": false,
@@ -3566,7 +3566,7 @@ Create a user. Use this to create a new user in the security account database of
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
-    "ExpireTime_dt": "2020-08-01T12:24:36.123",
+    "ExpireTime_dt": "2024-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
@@ -3629,9 +3629,9 @@ Create a user. Use this to create a new user in the security account database of
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
-    "CreatedTime_dt": "2020-08-01T12:24:36.123",
-    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
-    "ExpireTime_dt": "2020-08-01T12:24:36.123",
+    "CreatedTime_dt": "2024-08-01T12:24:36.123",
+    "UpdatedTime_dt": "2024-08-01T12:24:36.123",
+    "ExpireTime_dt": "2024-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
@@ -3779,7 +3779,7 @@ Change User Settings. Use this to change user settings that is registered on the
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
-    "ExpireTime_dt": "2020-08-01T12:24:36.123",
+    "ExpireTime_dt": "2024-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
@@ -3842,9 +3842,9 @@ Change User Settings. Use this to change user settings that is registered on the
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
-    "CreatedTime_dt": "2020-08-01T12:24:36.123",
-    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
-    "ExpireTime_dt": "2020-08-01T12:24:36.123",
+    "CreatedTime_dt": "2024-08-01T12:24:36.123",
+    "UpdatedTime_dt": "2024-08-01T12:24:36.123",
+    "ExpireTime_dt": "2024-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
@@ -4004,9 +4004,9 @@ Get User Settings. Use this to get user settings information that is registered
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
-    "CreatedTime_dt": "2020-08-01T12:24:36.123",
-    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
-    "ExpireTime_dt": "2020-08-01T12:24:36.123",
+    "CreatedTime_dt": "2024-08-01T12:24:36.123",
+    "UpdatedTime_dt": "2024-08-01T12:24:36.123",
+    "ExpireTime_dt": "2024-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
@@ -4207,11 +4207,11 @@ Get List of Users. Use this to get a list of users that are registered on the se
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
-        "Expires_dt": "2020-08-01T12:24:36.123",
+        "Expires_dt": "2024-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
@@ -4228,11 +4228,11 @@ Get List of Users. Use this to get a list of users that are registered on the se
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
-        "Expires_dt": "2020-08-01T12:24:36.123",
+        "Expires_dt": "2024-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
@@ -4249,11 +4249,11 @@ Get List of Users. Use this to get a list of users that are registered on the se
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
-        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
+        "LastLoginTime_dt": "2024-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
-        "Expires_dt": "2020-08-01T12:24:36.123",
+        "Expires_dt": "2024-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
@@ -4605,14 +4605,14 @@ Name | Type | Description
 `Name_str` | `string` (ASCII) | The group name
 `Realname_utf` | `string` (UTF8) | Optional real name (full name) of the group, allow using any Unicode characters
 `Note_utf` | `string` (UTF8) | Optional, specify a description of the group
-`Recv.BroadcastBytes_u64` | `number` (uint64) | Broadcast bytes (Recv)
-`Recv.BroadcastCount_u64` | `number` (uint64) | Number of broadcast packets (Recv)
-`Recv.UnicastBytes_u64` | `number` (uint64) | Unicast bytes (Recv)
-`Recv.UnicastCount_u64` | `number` (uint64) | Unicast count (Recv)
-`Send.BroadcastBytes_u64` | `number` (uint64) | Broadcast bytes (Send)
-`Send.BroadcastCount_u64` | `number` (uint64) | Number of broadcast packets (Send)
+`Recv.BroadcastBytes_u64` | `number` (uint64) | Number of broadcast packets (Recv)
+`Recv.BroadcastCount_u64` | `number` (uint64) | Broadcast bytes (Recv)
+`Recv.UnicastBytes_u64` | `number` (uint64) | Unicast count (Recv)
+`Recv.UnicastCount_u64` | `number` (uint64) | Unicast bytes (Recv)
+`Send.BroadcastBytes_u64` | `number` (uint64) | Number of broadcast packets (Send)
+`Send.BroadcastCount_u64` | `number` (uint64) | Broadcast bytes (Send)
 `Send.UnicastBytes_u64` | `number` (uint64) | Unicast bytes (Send)
-`Send.UnicastCount_u64` | `number` (uint64) | Unicast count (Send)
+`Send.UnicastCount_u64` | `number` (uint64) | Unicast bytes (Send)
 `UsePolicy_bool` | `boolean` | The flag whether to use security policy
 `policy:Access_bool` | `boolean` | Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
 `policy:DHCPFilter_bool` | `boolean` | Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
@@ -4939,8 +4939,8 @@ Get List of Connected VPN Sessions. Use this to get a list of the sessions conne
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123"
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123"
      },
      {
        "Name_str": "name",
@@ -4961,8 +4961,8 @@ Get List of Connected VPN Sessions. Use this to get a list of the sessions conne
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123"
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123"
      },
      {
        "Name_str": "name",
@@ -4983,8 +4983,8 @@ Get List of Connected VPN Sessions. Use this to get a list of the sessions conne
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123"
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123"
      }
    ]
  }
@@ -5059,9 +5059,9 @@ Get Session Status. Use this to specify a session currently connected to the cur
    "ServerProductName_str": "serverproductname",
    "ServerProductVer_u32": 0,
    "ServerProductBuild_u32": 0,
-    "StartTime_dt": "2020-08-01T12:24:36.123",
-    "FirstConnectionEstablisiedTime_dt": "2020-08-01T12:24:36.123",
-    "CurrentConnectionEstablishTime_dt": "2020-08-01T12:24:36.123",
+    "StartTime_dt": "2024-08-01T12:24:36.123",
+    "FirstConnectionEstablisiedTime_dt": "2024-08-01T12:24:36.123",
+    "CurrentConnectionEstablishTime_dt": "2024-08-01T12:24:36.123",
    "NumConnectionsEatablished_u32": 0,
    "HalfConnection_bool": false,
    "QoS_bool": false,
@@ -5222,8 +5222,8 @@ Get the MAC Address Table Database. Use this to get the MAC address table databa
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
@@ -5232,8 +5232,8 @@ Get the MAC Address Table Database. Use this to get the MAC address table databa
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
@@ -5242,8 +5242,8 @@ Get the MAC Address Table Database. Use this to get the MAC address table databa
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
@@ -5337,8 +5337,8 @@ Get the IP Address Table Database. Use this to get the IP address table database
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      },
@@ -5347,8 +5347,8 @@ Get the IP Address Table Database. Use this to get the IP address table database
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      },
@@ -5357,8 +5357,8 @@ Get the IP Address Table Database. Use this to get the IP address table database
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      }
@@ -5778,8 +5778,8 @@ Get Virtual NAT Function Session Table of SecureNAT Function. Use this to get th
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
@@ -5793,8 +5793,8 @@ Get Virtual NAT Function Session Table of SecureNAT Function. Use this to get th
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
@@ -5808,8 +5808,8 @@ Get Virtual NAT Function Session Table of SecureNAT Function. Use this to get th
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
-        "CreatedTime_dt": "2020-08-01T12:24:36.123",
-        "LastCommTime_dt": "2020-08-01T12:24:36.123",
+        "CreatedTime_dt": "2024-08-01T12:24:36.123",
+        "LastCommTime_dt": "2024-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
@@ -5867,8 +5867,8 @@ Get Virtual DHCP Server Function Lease Table of SecureNAT Function. Use this to
    "DhcpTable": [
      {
        "Id_u32": 0,
-        "LeasedTime_dt": "2020-08-01T12:24:36.123",
-        "ExpireTime_dt": "2020-08-01T12:24:36.123",
+        "LeasedTime_dt": "2024-08-01T12:24:36.123",
+        "ExpireTime_dt": "2024-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
@@ -5876,8 +5876,8 @@ Get Virtual DHCP Server Function Lease Table of SecureNAT Function. Use this to
      },
      {
        "Id_u32": 0,
-        "LeasedTime_dt": "2020-08-01T12:24:36.123",
-        "ExpireTime_dt": "2020-08-01T12:24:36.123",
+        "LeasedTime_dt": "2024-08-01T12:24:36.123",
+        "ExpireTime_dt": "2024-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
@@ -5885,8 +5885,8 @@ Get Virtual DHCP Server Function Lease Table of SecureNAT Function. Use this to
      },
      {
        "Id_u32": 0,
-        "LeasedTime_dt": "2020-08-01T12:24:36.123",
-        "ExpireTime_dt": "2020-08-01T12:24:36.123",
+        "LeasedTime_dt": "2024-08-01T12:24:36.123",
+        "ExpireTime_dt": "2024-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
@@ -7642,19 +7642,19 @@ Get List of Log Files. Use this to display a list of log files outputted by the
        "ServerName_str": "servername",
        "FilePath_str": "filepath",
        "FileSize_u32": 0,
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123"
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123"
      },
      {
        "ServerName_str": "servername",
        "FilePath_str": "filepath",
        "FileSize_u32": 0,
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123"
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123"
      },
      {
        "ServerName_str": "servername",
        "FilePath_str": "filepath",
        "FileSize_u32": 0,
-        "UpdatedTime_dt": "2020-08-01T12:24:36.123"
+        "UpdatedTime_dt": "2024-08-01T12:24:36.123"
      }
    ]
  }
@@ -8642,8 +8642,8 @@ Name | Type | Description
 `IsConnected_bool` | `boolean` | Whether connection to VPN Azure Cloud Server is established

 ***
-<a id="getddnsinternetsettng"></a>
-## "GetDDnsInternetSettng" RPC API - Get the Proxy Settings for Connecting to the DDNS server
+<a id="getddnsinternetsetting"></a>
+## "GetDDnsInternetSetting" RPC API - Get the Proxy Settings for Connecting to the DDNS server
 ### Description
 Get the Proxy Settings for Connecting to the DDNS server.

@@ -8652,7 +8652,7 @@ Get the Proxy Settings for Connecting to the DDNS server.
 {
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
-  "method": "GetDDnsInternetSettng",
+  "method": "GetDDnsInternetSetting",
  "params": {}
 }
 ```
@@ -8683,8 +8683,8 @@ Name | Type | Description
 `ProxyPassword_str` | `string` (ASCII) | Proxy server password

 ***
-<a id="setddnsinternetsettng"></a>
-## "SetDDnsInternetSettng" RPC API - Set the Proxy Settings for Connecting to the DDNS server
+<a id="setddnsinternetsetting"></a>
+## "SetDDnsInternetSetting" RPC API - Set the Proxy Settings for Connecting to the DDNS server
 ### Description
 Set the Proxy Settings for Connecting to the DDNS server.

@@ -8693,7 +8693,7 @@ Set the Proxy Settings for Connecting to the DDNS server.
 {
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
-  "method": "SetDDnsInternetSettng",
+  "method": "SetDDnsInternetSetting",
  "params": {
    "ProxyType_u32": 0,
    "ProxyHostName_str": "proxyhostname",
@@ -8730,6 +8730,6 @@ Name | Type | Description
 `ProxyPassword_str` | `string` (ASCII) | Proxy server password

 ***
-Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen.  
-Copyright (c) 2014-2019 [SoftEther VPN Project](https://www.softether.org/) under the Apache License 2.0.  
+Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen.  
+Copyright (c) 2014-2023 [SoftEther VPN Project](https://www.softether.org/) under the Apache License 2.0.  

@@ -2,10 +2,10 @@
 // 
 // JsonRpc.cs - JSON-RPC Client Utility Functions
 //
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 using System;
 using System.IO;
@@ -2,10 +2,10 @@
 // 
 // VPNServerRpc.cs - SoftEther VPN Server's JSON-RPC Stubs
 //
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 using System.Threading.Tasks;
 using SoftEther.JsonRpc;
@@ -1357,22 +1357,22 @@ namespace SoftEther.VPNServerRpc
        /// <summary>
        /// Get the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public async Task<VpnInternetSetting> GetDDnsInternetSettngAsync() => await CallAsync<VpnInternetSetting>("GetDDnsInternetSettng", new VpnInternetSetting());
+        public async Task<VpnInternetSetting> GetDDnsInternetSettingAsync() => await CallAsync<VpnInternetSetting>("GetDDnsInternetSetting", new VpnInternetSetting());

        /// <summary>
        /// Get the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public VpnInternetSetting GetDDnsInternetSettng() => GetDDnsInternetSettngAsync().Result;
+        public VpnInternetSetting GetDDnsInternetSetting() => GetDDnsInternetSettingAsync().Result;

        /// <summary>
        /// Set the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public async Task<VpnInternetSetting> SetDDnsInternetSettngAsync(VpnInternetSetting input_param) => await CallAsync<VpnInternetSetting>("SetDDnsInternetSettng", input_param);
+        public async Task<VpnInternetSetting> SetDDnsInternetSettingAsync(VpnInternetSetting input_param) => await CallAsync<VpnInternetSetting>("SetDDnsInternetSetting", input_param);

        /// <summary>
        /// Set the Proxy Settings for Connecting to the DDNS server (Sync mode).
        /// </summary>
-        public VpnInternetSetting SetDDnsInternetSettng(VpnInternetSetting input_param) => SetDDnsInternetSettngAsync(input_param).Result;
+        public VpnInternetSetting SetDDnsInternetSetting(VpnInternetSetting input_param) => SetDDnsInternetSettingAsync(input_param).Result;

        /// <summary>
        /// Set the VPN Gate Server Configuration (Async mode). This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server.
@@ -2,10 +2,10 @@
 // 
 // VPNServerRpcTypes.cs - Data Type Definition for SoftEther VPN Server JSON-RPC Stubs
 //
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 using System;
 using Newtonsoft.Json;
@@ -2,10 +2,10 @@
 // 
 // Program.cs - The Main() entry point
 //
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 class Program
 {
@@ -5,10 +5,10 @@
 // This sample code shows how to call all available RPC functions.
 // You can copy and paste test code to write your own C# codes.
 //
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 using System;
 using SoftEther.VPNServerRpc;
@@ -255,8 +255,8 @@ class VPNRPCTest
        Test_GetOpenVpnSstpConfig();

        Test_GetDDnsClientStatus();
-        Test_SetDDnsInternetSettng();
-        Test_GetDDnsInternetSettng();
+        Test_SetDDnsInternetSetting();
+        Test_GetDDnsInternetSetting();

        Test_ChangeDDnsClientHostname();
        Test_RegenerateServerCert();
@@ -3641,27 +3641,27 @@ class VPNRPCTest
    }

    /// <summary>
-    /// API test for 'GetDDnsInternetSettng', Get DDNS proxy configuration
+    /// API test for 'GetDDnsInternetSetting', Get DDNS proxy configuration
    /// </summary>
-    public void Test_GetDDnsInternetSettng()
+    public void Test_GetDDnsInternetSetting()
    {
-        Console.WriteLine("Begin: Test_GetDDnsInternetSettng");
+        Console.WriteLine("Begin: Test_GetDDnsInternetSetting");

-        VpnInternetSetting out_internet_setting = api.GetDDnsInternetSettng();
+        VpnInternetSetting out_internet_setting = api.GetDDnsInternetSetting();

        print_object(out_internet_setting);

-        Console.WriteLine("End: Test_GetDDnsInternetSettng");
+        Console.WriteLine("End: Test_GetDDnsInternetSetting");
        Console.WriteLine("-----");
        Console.WriteLine();
    }

    /// <summary>
-    /// API test for 'SetDDnsInternetSettng', Set DDNS proxy configuration
+    /// API test for 'SetDDnsInternetSetting', Set DDNS proxy configuration
    /// </summary>
-    public void Test_SetDDnsInternetSettng()
+    public void Test_SetDDnsInternetSetting()
    {
-        Console.WriteLine("Begin: Test_SetDDnsInternetSettng");
+        Console.WriteLine("Begin: Test_SetDDnsInternetSetting");

        VpnInternetSetting in_internet_setting = new VpnInternetSetting()
        {
@@ -3671,11 +3671,11 @@ class VPNRPCTest
            ProxyUsername_str = "neko",
            ProxyPassword_str = "dog",
        };
-        VpnInternetSetting out_internet_setting = api.SetDDnsInternetSettng(in_internet_setting);
+        VpnInternetSetting out_internet_setting = api.SetDDnsInternetSetting(in_internet_setting);

        print_object(out_internet_setting);

-        Console.WriteLine("End: Test_SetDDnsInternetSettng");
+        Console.WriteLine("End: Test_SetDDnsInternetSetting");
        Console.WriteLine("-----");
        Console.WriteLine();
    }
@@ -560,10 +560,10 @@ function Test_All() {
                    return [4 /*yield*/, Test_GetDDnsClientStatus()];
                case 157:
                    _x.sent();
-                    return [4 /*yield*/, Test_SetDDnsInternetSettng()];
+                    return [4 /*yield*/, Test_SetDDnsInternetSetting()];
                case 158:
                    _x.sent();
-                    return [4 /*yield*/, Test_GetDDnsInternetSettng()];
+                    return [4 /*yield*/, Test_GetDDnsInternetSetting()];
                case 159:
                    _x.sent();
                    return [4 /*yield*/, Test_ChangeDDnsClientHostname()];
@@ -4047,19 +4047,19 @@ function Test_SetAzureStatus() {
        });
    });
 }
-/** API test for 'GetDDnsInternetSettng', Get DDNS proxy configuration */
-function Test_GetDDnsInternetSettng() {
+/** API test for 'GetDDnsInternetSetting', Get DDNS proxy configuration */
+function Test_GetDDnsInternetSetting() {
    return __awaiter(this, void 0, void 0, function () {
        var out_internet_setting;
        return __generator(this, function (_a) {
            switch (_a.label) {
                case 0:
-                    console.log("Begin: Test_GetDDnsInternetSettng");
-                    return [4 /*yield*/, api.GetDDnsInternetSettng()];
+                    console.log("Begin: Test_GetDDnsInternetSetting");
+                    return [4 /*yield*/, api.GetDDnsInternetSetting()];
                case 1:
                    out_internet_setting = _a.sent();
                    console.log(out_internet_setting);
-                    console.log("End: Test_GetDDnsInternetSettng");
+                    console.log("End: Test_GetDDnsInternetSetting");
                    console.log("-----");
                    console.log();
                    return [2 /*return*/];
@@ -4067,14 +4067,14 @@ function Test_GetDDnsInternetSettng() {
        });
    });
 }
-/** API test for 'SetDDnsInternetSettng', Set DDNS proxy configuration */
-function Test_SetDDnsInternetSettng() {
+/** API test for 'SetDDnsInternetSetting', Set DDNS proxy configuration */
+function Test_SetDDnsInternetSetting() {
    return __awaiter(this, void 0, void 0, function () {
        var in_internet_setting, out_internet_setting;
        return __generator(this, function (_a) {
            switch (_a.label) {
                case 0:
-                    console.log("Begin: Test_SetDDnsInternetSettng");
+                    console.log("Begin: Test_SetDDnsInternetSetting");
                    in_internet_setting = new VPN.VpnInternetSetting({
                        ProxyType_u32: VPN.VpnRpcProxyType.Direct,
                        ProxyHostName_str: "1.2.3.4",
@@ -4082,11 +4082,11 @@ function Test_SetDDnsInternetSettng() {
                        ProxyUsername_str: "neko",
                        ProxyPassword_str: "dog"
                    });
-                    return [4 /*yield*/, api.SetDDnsInternetSettng(in_internet_setting)];
+                    return [4 /*yield*/, api.SetDDnsInternetSetting(in_internet_setting)];
                case 1:
                    out_internet_setting = _a.sent();
                    console.log(out_internet_setting);
-                    console.log("End: Test_SetDDnsInternetSettng");
+                    console.log("End: Test_SetDDnsInternetSetting");
                    console.log("-----");
                    console.log();
                    return [2 /*return*/];
@@ -278,9 +278,9 @@ export declare class VpnServerRpc {
    /** Enable / Disable VPN Azure Function. Enable or disable the VPN Azure function. VPN Azure makes it easier to establish a VPN Session from your home PC to your office PC. While a VPN connection is established, you can access to any other servers on the private network of your company. You don't need a global IP address on the office PC (VPN Server). It can work behind firewalls or NATs. No network administrator's configuration required. You can use the built-in SSTP-VPN Client of Windows in your home PC. VPN Azure is a cloud VPN service operated by SoftEther Corporation. VPN Azure is free of charge and available to anyone. Visit http://www.vpnazure.net/ to see details and how-to-use instructions. The VPN Azure hostname is same to the hostname of the Dynamic DNS setting, but altering the domain suffix to "vpnazure.net". To change the hostname use the ChangeDDnsClientHostname API. To call this API, you must have VPN Server administrator privileges. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster. */
    SetAzureStatus: (in_param: VpnRpcAzureStatus) => Promise<VpnRpcAzureStatus>;
    /** Get the Proxy Settings for Connecting to the DDNS server. */
-    GetDDnsInternetSettng: () => Promise<VpnInternetSetting>;
+    GetDDnsInternetSetting: () => Promise<VpnInternetSetting>;
    /** Set the Proxy Settings for Connecting to the DDNS server. */
-    SetDDnsInternetSettng: (in_param: VpnInternetSetting) => Promise<VpnInternetSetting>;
+    SetDDnsInternetSetting: (in_param: VpnInternetSetting) => Promise<VpnInternetSetting>;
    /** Set the VPN Gate Server Configuration. This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server. */
    SetVgsConfig: (in_param: VpnVgsConfig) => Promise<VpnVgsConfig>;
    /** Get the VPN Gate Server Configuration. This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server. */
@@ -599,12 +599,12 @@ var VpnServerRpc = /** @class */ (function () {
            return _this.CallAsync("SetAzureStatus", in_param);
        };
        /** Get the Proxy Settings for Connecting to the DDNS server. */
-        this.GetDDnsInternetSettng = function () {
-            return _this.CallAsync("GetDDnsInternetSettng", new VpnInternetSetting());
+        this.GetDDnsInternetSetting = function () {
+            return _this.CallAsync("GetDDnsInternetSetting", new VpnInternetSetting());
        };
        /** Set the Proxy Settings for Connecting to the DDNS server. */
-        this.SetDDnsInternetSettng = function (in_param) {
-            return _this.CallAsync("SetDDnsInternetSettng", in_param);
+        this.SetDDnsInternetSetting = function (in_param) {
+            return _this.CallAsync("SetDDnsInternetSetting", in_param);
        };
        /** Set the VPN Gate Server Configuration. This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server. */
        this.SetVgsConfig = function (in_param) {
@@ -2,13 +2,13 @@
 // Runs on both web browsers and Node.js
 // 
 // sample.ts
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 // 
 // This sample code shows how to call all available RPC functions.
 // You can copy and paste test code to write your own web browser TypeScript / JavaScript codes.
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 // On the web browser uncomment below imports as necessary to support old browsers.
 // import "core-js/es6/promise";
@@ -216,8 +216,8 @@ async function Test_All(): Promise<void>
    await Test_SetOpenVpnSstpConfig();
    await Test_GetOpenVpnSstpConfig();
    await Test_GetDDnsClientStatus();
-    await Test_SetDDnsInternetSettng();
-    await Test_GetDDnsInternetSettng();
+    await Test_SetDDnsInternetSetting();
+    await Test_GetDDnsInternetSetting();
    await Test_ChangeDDnsClientHostname();
    await Test_RegenerateServerCert();
    await Test_MakeOpenVpnConfigFile();
@@ -2624,21 +2624,21 @@ async function Test_SetAzureStatus(): Promise<void>
    console.log();
 }

-/** API test for 'GetDDnsInternetSettng', Get DDNS proxy configuration */
-async function Test_GetDDnsInternetSettng(): Promise<void>
+/** API test for 'GetDDnsInternetSetting', Get DDNS proxy configuration */
+async function Test_GetDDnsInternetSetting(): Promise<void>
 {
-    console.log("Begin: Test_GetDDnsInternetSettng");
-    let out_internet_setting: VPN.VpnInternetSetting = await api.GetDDnsInternetSettng();
+    console.log("Begin: Test_GetDDnsInternetSetting");
+    let out_internet_setting: VPN.VpnInternetSetting = await api.GetDDnsInternetSetting();
    console.log(out_internet_setting);
-    console.log("End: Test_GetDDnsInternetSettng");
+    console.log("End: Test_GetDDnsInternetSetting");
    console.log("-----");
    console.log();
 }

-/** API test for 'SetDDnsInternetSettng', Set DDNS proxy configuration */
-async function Test_SetDDnsInternetSettng(): Promise<void>
+/** API test for 'SetDDnsInternetSetting', Set DDNS proxy configuration */
+async function Test_SetDDnsInternetSetting(): Promise<void>
 {
-    console.log("Begin: Test_SetDDnsInternetSettng");
+    console.log("Begin: Test_SetDDnsInternetSetting");
    let in_internet_setting: VPN.VpnInternetSetting = new VPN.VpnInternetSetting(
    {
        ProxyType_u32: VPN.VpnRpcProxyType.Direct,
@@ -2647,9 +2647,9 @@ async function Test_SetDDnsInternetSettng(): Promise<void>
        ProxyUsername_str: "neko",
        ProxyPassword_str: "dog",
    });
-    let out_internet_setting: VPN.VpnInternetSetting = await api.SetDDnsInternetSettng(in_internet_setting);
+    let out_internet_setting: VPN.VpnInternetSetting = await api.SetDDnsInternetSetting(in_internet_setting);
    console.log(out_internet_setting);
-    console.log("End: Test_SetDDnsInternetSettng");
+    console.log("End: Test_SetDDnsInternetSetting");
    console.log("-----");
    console.log();
 }
@@ -1,10 +1,10 @@
 // SoftEther VPN Server JSON-RPC Stub code for TypeScript
 // 
 // vpnrpc.ts
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project


 // Trivial utility codes
@@ -856,15 +856,15 @@ export class VpnServerRpc
    }
    
    /** Get the Proxy Settings for Connecting to the DDNS server. */
-    public GetDDnsInternetSettng = (): Promise<VpnInternetSetting> =>
+    public GetDDnsInternetSetting = (): Promise<VpnInternetSetting> =>
    {
-        return this.CallAsync<VpnInternetSetting>("GetDDnsInternetSettng", new VpnInternetSetting());
+        return this.CallAsync<VpnInternetSetting>("GetDDnsInternetSetting", new VpnInternetSetting());
    }
    
    /** Set the Proxy Settings for Connecting to the DDNS server. */
-    public SetDDnsInternetSettng = (in_param: VpnInternetSetting): Promise<VpnInternetSetting> =>
+    public SetDDnsInternetSetting = (in_param: VpnInternetSetting): Promise<VpnInternetSetting> =>
    {
-        return this.CallAsync<VpnInternetSetting>("SetDDnsInternetSettng", in_param);
+        return this.CallAsync<VpnInternetSetting>("SetDDnsInternetSetting", in_param);
    }
    
    /** Set the VPN Gate Server Configuration. This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server. */
@@ -2,13 +2,13 @@
 // Runs on both web browsers and Node.js
 // 
 // sample.ts
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 // 
 // This sample code shows how to call all available RPC functions.
 // You can copy and paste test code to write your own web browser TypeScript / JavaScript codes.
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project

 // On the web browser uncomment below imports as necessary to support old browsers.
 // import "core-js/es6/promise";
@@ -216,8 +216,8 @@ async function Test_All(): Promise<void>
    await Test_SetOpenVpnSstpConfig();
    await Test_GetOpenVpnSstpConfig();
    await Test_GetDDnsClientStatus();
-    await Test_SetDDnsInternetSettng();
-    await Test_GetDDnsInternetSettng();
+    await Test_SetDDnsInternetSetting();
+    await Test_GetDDnsInternetSetting();
    await Test_ChangeDDnsClientHostname();
    await Test_RegenerateServerCert();
    await Test_MakeOpenVpnConfigFile();
@@ -2624,21 +2624,21 @@ async function Test_SetAzureStatus(): Promise<void>
    console.log();
 }

-/** API test for 'GetDDnsInternetSettng', Get DDNS proxy configuration */
-async function Test_GetDDnsInternetSettng(): Promise<void>
+/** API test for 'GetDDnsInternetSetting', Get DDNS proxy configuration */
+async function Test_GetDDnsInternetSetting(): Promise<void>
 {
-    console.log("Begin: Test_GetDDnsInternetSettng");
-    let out_internet_setting: VPN.VpnInternetSetting = await api.GetDDnsInternetSettng();
+    console.log("Begin: Test_GetDDnsInternetSetting");
+    let out_internet_setting: VPN.VpnInternetSetting = await api.GetDDnsInternetSetting();
    console.log(out_internet_setting);
-    console.log("End: Test_GetDDnsInternetSettng");
+    console.log("End: Test_GetDDnsInternetSetting");
    console.log("-----");
    console.log();
 }

-/** API test for 'SetDDnsInternetSettng', Set DDNS proxy configuration */
-async function Test_SetDDnsInternetSettng(): Promise<void>
+/** API test for 'SetDDnsInternetSetting', Set DDNS proxy configuration */
+async function Test_SetDDnsInternetSetting(): Promise<void>
 {
-    console.log("Begin: Test_SetDDnsInternetSettng");
+    console.log("Begin: Test_SetDDnsInternetSetting");
    let in_internet_setting: VPN.VpnInternetSetting = new VPN.VpnInternetSetting(
    {
        ProxyType_u32: VPN.VpnRpcProxyType.Direct,
@@ -2647,9 +2647,9 @@ async function Test_SetDDnsInternetSettng(): Promise<void>
        ProxyUsername_str: "neko",
        ProxyPassword_str: "dog",
    });
-    let out_internet_setting: VPN.VpnInternetSetting = await api.SetDDnsInternetSettng(in_internet_setting);
+    let out_internet_setting: VPN.VpnInternetSetting = await api.SetDDnsInternetSetting(in_internet_setting);
    console.log(out_internet_setting);
-    console.log("End: Test_SetDDnsInternetSettng");
+    console.log("End: Test_SetDDnsInternetSetting");
    console.log("-----");
    console.log();
 }
@@ -1,10 +1,10 @@
 // SoftEther VPN Server JSON-RPC Stub code for TypeScript
 // 
 // vpnrpc.ts
-// Automatically generated at 2019-07-10 14:36:11 by vpnserver-jsonrpc-codegen
+// Automatically generated at 2023-05-10 14:43:37 by vpnserver-jsonrpc-codegen
 //
 // Licensed under the Apache License 2.0
-// Copyright (c) 2014-2019 SoftEther VPN Project
+// Copyright (c) 2014-2023 SoftEther VPN Project


 // Trivial utility codes
@@ -856,15 +856,15 @@ export class VpnServerRpc
    }
    
    /** Get the Proxy Settings for Connecting to the DDNS server. */
-    public GetDDnsInternetSettng = (): Promise<VpnInternetSetting> =>
+    public GetDDnsInternetSetting = (): Promise<VpnInternetSetting> =>
    {
-        return this.CallAsync<VpnInternetSetting>("GetDDnsInternetSettng", new VpnInternetSetting());
+        return this.CallAsync<VpnInternetSetting>("GetDDnsInternetSetting", new VpnInternetSetting());
    }
    
    /** Set the Proxy Settings for Connecting to the DDNS server. */
-    public SetDDnsInternetSettng = (in_param: VpnInternetSetting): Promise<VpnInternetSetting> =>
+    public SetDDnsInternetSetting = (in_param: VpnInternetSetting): Promise<VpnInternetSetting> =>
    {
-        return this.CallAsync<VpnInternetSetting>("SetDDnsInternetSettng", in_param);
+        return this.CallAsync<VpnInternetSetting>("SetDDnsInternetSetting", in_param);
    }
    
    /** Set the VPN Gate Server Configuration. This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server. */
@@ -1357,22 +1357,22 @@ namespace SoftEther.VPNServerRpc
        /// <summary>
        /// Get the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public async Task<VpnInternetSetting> GetDDnsInternetSettngAsync() => await CallAsync<VpnInternetSetting>("GetDDnsInternetSettng", new VpnInternetSetting());
+        public async Task<VpnInternetSetting> GetDDnsInternetSettingAsync() => await CallAsync<VpnInternetSetting>("GetDDnsInternetSetting", new VpnInternetSetting());

        /// <summary>
        /// Get the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public VpnInternetSetting GetDDnsInternetSettng() => GetDDnsInternetSettngAsync().Result;
+        public VpnInternetSetting GetDDnsInternetSetting() => GetDDnsInternetSettingAsync().Result;

        /// <summary>
        /// Set the Proxy Settings for Connecting to the DDNS server (Async mode).
        /// </summary>
-        public async Task<VpnInternetSetting> SetDDnsInternetSettngAsync(VpnInternetSetting input_param) => await CallAsync<VpnInternetSetting>("SetDDnsInternetSettng", input_param);
+        public async Task<VpnInternetSetting> SetDDnsInternetSettingAsync(VpnInternetSetting input_param) => await CallAsync<VpnInternetSetting>("SetDDnsInternetSetting", input_param);

        /// <summary>
        /// Set the Proxy Settings for Connecting to the DDNS server (Sync mode).
        /// </summary>
-        public VpnInternetSetting SetDDnsInternetSettng(VpnInternetSetting input_param) => SetDDnsInternetSettngAsync(input_param).Result;
+        public VpnInternetSetting SetDDnsInternetSetting(VpnInternetSetting input_param) => SetDDnsInternetSettingAsync(input_param).Result;

        /// <summary>
        /// Set the VPN Gate Server Configuration (Async mode). This API is valid for Win32 binary distribution of the Stable Edition of SoftEther VPN Server.
@@ -255,8 +255,8 @@ class VPNRPCTest
        Test_GetOpenVpnSstpConfig();

        Test_GetDDnsClientStatus();
-        Test_SetDDnsInternetSettng();
-        Test_GetDDnsInternetSettng();
+        Test_SetDDnsInternetSetting();
+        Test_GetDDnsInternetSetting();

        Test_ChangeDDnsClientHostname();
        Test_RegenerateServerCert();
@@ -3641,27 +3641,27 @@ class VPNRPCTest
    }

    /// <summary>
-    /// API test for 'GetDDnsInternetSettng', Get DDNS proxy configuration
+    /// API test for 'GetDDnsInternetSetting', Get DDNS proxy configuration
    /// </summary>
-    public void Test_GetDDnsInternetSettng()
+    public void Test_GetDDnsInternetSetting()
    {
-        Console.WriteLine("Begin: Test_GetDDnsInternetSettng");
+        Console.WriteLine("Begin: Test_GetDDnsInternetSetting");

-        VpnInternetSetting out_internet_setting = api.GetDDnsInternetSettng();
+        VpnInternetSetting out_internet_setting = api.GetDDnsInternetSetting();

        print_object(out_internet_setting);

-        Console.WriteLine("End: Test_GetDDnsInternetSettng");
+        Console.WriteLine("End: Test_GetDDnsInternetSetting");
        Console.WriteLine("-----");
        Console.WriteLine();
    }

    /// <summary>
-    /// API test for 'SetDDnsInternetSettng', Set DDNS proxy configuration
+    /// API test for 'SetDDnsInternetSetting', Set DDNS proxy configuration
    /// </summary>
-    public void Test_SetDDnsInternetSettng()
+    public void Test_SetDDnsInternetSetting()
    {
-        Console.WriteLine("Begin: Test_SetDDnsInternetSettng");
+        Console.WriteLine("Begin: Test_SetDDnsInternetSetting");

        VpnInternetSetting in_internet_setting = new VpnInternetSetting()
        {
@@ -3671,11 +3671,11 @@ class VPNRPCTest
            ProxyUsername_str = "neko",
            ProxyPassword_str = "dog",
        };
-        VpnInternetSetting out_internet_setting = api.SetDDnsInternetSettng(in_internet_setting);
+        VpnInternetSetting out_internet_setting = api.SetDDnsInternetSetting(in_internet_setting);

        print_object(out_internet_setting);

-        Console.WriteLine("End: Test_SetDDnsInternetSettng");
+        Console.WriteLine("End: Test_SetDDnsInternetSetting");
        Console.WriteLine("-----");
        Console.WriteLine();
    }
@@ -0,0 +1,16 @@
+version: '3'
+
+services:
+  softether:
+    image: softethervpn/vpnclient:latest
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    restart: always
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "./softether_data:/var/lib/softether"
+      - "./softether_log:/var/log/softether"
+      # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"
@@ -0,0 +1,22 @@
+services:
+  softether:
+    image: softethervpn/vpnserver:latest
+    hostname: softethervpnserver
+    cap_add:
+      - NET_ADMIN
+    restart: always
+    ports:
+      #- 53:53         #DNS tunneling
+      - 443:443         #Management and HTTPS tunneling
+      - 992:992         #HTTPS tunneling
+      #- 1194:1194/udp #OpenVPN 
+      #- 5555:5555       #HTTPS tunneling
+      #- 500:500/udp   #IPsec/L2TP
+      #- 4500:4500/udp #IPsec/L2TP
+      #- 1701:1701/udp #IPsec/L2TP
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "./softether_data:/var/lib/softether"
+      - "./softether_log:/var/log/softether"
+      # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"
@@ -88,6 +88,10 @@ into it. So that is what will be described below.

     Cross compile x86 executables with 64-bit compiler
    
+    - arm64-on-x64
+
+     Cross compile arm64 executables with x64t compiler
+
   On 64-bit Windows, all four configurations can be used. 32-bit platforms can only use 32-bit compiler.

 1. Visual Studio will try generating CMake cache. If not, click **Project -> Configure Cache** or **Generate Cache**.
@@ -0,0 +1,52 @@
+# How to build and install SoftEther VPN on Windows ARM64
+
+This document describes how to build SoftEther VPN for Windows ARM64 and how to install the VPN Client and Neo6 virtual network adapter on Windows on ARM devices.
+
+
+## Requirements
+
+
+- Build host: Windows x64
+
+- Target device: Windows 10 / Windows 11 ARM64
+
+
+## Building 
+ 
+    **Notes before building**: ARM64 builds are cross-compiled from an x64 Windows host. An existing x64-native build is required to generate hamcore.se2.
+1. Follow [BUILD_WINDOWS.md](BUILD_WINDOWS.md##Building)
+
+1. Build x64 (Native): From the build menu, select x64-on-x64. Complete the build successfully. This build is required to generate shared resources
+
+1. Build ARM64 (Cross-Compiled): From the same build menu, select arm64-on-x64. 
+Build the ARM64 version of SoftEther VPN.
+
+1. Building the Neo6 Virtual Network Adapter (ARM64)
+
+    Open the following project in Visual Studio:
+    ```
+    .\src\Neo6\Neo6.vcxproj 
+    ```
+   
+    SoftEther VPN Client uses the Neo6 virtual network adapter.
+
+
+    Driver Output Files
+    The ARM64 driver package includes:
+    ```
+    Neo6_arm64_VPN.sys
+    Neo6_arm64_VPN.inf
+    ```
+    Driver Signing and Installation (Windows ARM64)
+    ```
+    Enable test-signing mode: bcdedit /set testsigning on
+    Reboot the system.
+    Testing signing:
+    Install the Neo6 ARM64 driver.
+    ```
+# Summary
+
+SoftEther VPN can be cross-compiled for Windows ARM64 on an x64 host
+VPN Client works natively on Windows on ARM
+Neo6 ARM64 driver requires Microsoft signing for production use
+Test-signing is suitable for local development only
@@ -1,4 +1,4 @@
-if(UNIX)
+if(UNIX)
  # Creates wrapper scripts and installs them in the user's binaries directory, which is usually "/usr/local/bin".
  # This is required because symlinks use the folder they are in as working directory.
  #
@@ -59,6 +59,12 @@ add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_S
 include_directories(.)

 if(WIN32)
+  if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    set(CMAKE_SYSTEM_PROCESSOR "arm64")
+  else()
+    message("Setting QSPECTRE")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
+  endif()
  add_definitions(-DWIN32 -D_WINDOWS -DOS_WIN32 -D_CRT_SECURE_NO_WARNINGS)

  #
@@ -69,9 +75,6 @@ if(WIN32)
  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /guard:cf")
  set(CMAKE_EXE_LINKER_FLAGS  "${CMAKE_EXE_LINKER_FLAGS} /guard:cf /DYNAMICBASE")

-  message("Setting QSPECTRE")
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
-
  message("Setting CETCOMPAT")
  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} /CETCOMPAT")

@@ -127,6 +130,9 @@ if(UNIX)
  if(SE_PIDDIR)
    add_definitions(-DSE_PIDDIR="${SE_PIDDIR}")
  endif()
+
+  # Use system libraries instead of bundled
+  set(USE_SYSTEM_CPU_FEATURES false CACHE BOOL "Use system cpu_features")
 endif()

 # Cedar communication module
@@ -161,15 +167,45 @@ add_custom_target(hamcore-archive-build
  ALL
  DEPENDS "${BUILD_DIRECTORY}/hamcore.se2"
 )
+if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    file(TO_CMAKE_PATH "${TOP_DIRECTORY}" TOP_DIRECTORY_NORM)
+    set(X64_HAMCORE_BUILDER
+      "${TOP_DIRECTORY_NORM}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"
+    )
+    if(EXISTS "${X64_HAMCORE_BUILDER}")
+      message(STATUS "file exist (from TOP_DIRECTORY)")
+    endif()

-add_custom_command(
+  # support cross compile, when you compile ARM64 version on X64 Platform
+  if(EXISTS "${X64_HAMCORE_BUILDER}")
+    message("X64_HAMCORE_BUILDER found: ${X64_HAMCORE_BUILDER}")
+  elseif(EXISTS("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"))
+    set(X64_HAMCORE_BUILDER "${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+  else()
+	message("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+    message(FATAL_ERROR "X64_HAMCORE_BUILDER not found: ${X64_HAMCORE_BUILDER}, pls build x64-native version first")
+  endif()
+  message(STATUS "X64_HAMCORE_BUILDER = ${X64_HAMCORE_BUILDER}")
+
+  add_custom_command(
+    COMMENT "Building hamcore.se2 archive file..."
+    COMMAND ${X64_HAMCORE_BUILDER} "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
+    DEPENDS ${X64_HAMCORE_BUILDER} "${TOP_DIRECTORY}/src/bin/hamcore/"
+    OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
+    WORKING_DIRECTORY "${BUILD_DIRECTORY}"
+    VERBATIM
+  )
+
+else()
+  add_custom_command(
      COMMENT "Building hamcore.se2 archive file..."
      COMMAND hamcorebuilder "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
      DEPENDS hamcorebuilder "${TOP_DIRECTORY}/src/bin/hamcore/"
      OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
      WORKING_DIRECTORY "${BUILD_DIRECTORY}"
      VERBATIM
-)
+  )
+endif()

 if(WIN32)
  # PenCore
@@ -1636,8 +1636,8 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p)
 	DECLARE_RPC("GetSpecialListener", RPC_SPECIAL_LISTENER, StGetSpecialListener, InRpcSpecialListener, OutRpcSpecialListener)
 	DECLARE_RPC("GetAzureStatus", RPC_AZURE_STATUS, StGetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
 	DECLARE_RPC("SetAzureStatus", RPC_AZURE_STATUS, StSetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
-	DECLARE_RPC("GetDDnsInternetSettng", INTERNET_SETTING, StGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
-	DECLARE_RPC("SetDDnsInternetSettng", INTERNET_SETTING, StSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
+	DECLARE_RPC("GetDDnsInternetSetting", INTERNET_SETTING, StGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
+	DECLARE_RPC("SetDDnsInternetSetting", INTERNET_SETTING, StSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
 	// RPC function declaration: till here


@@ -1823,8 +1823,8 @@ DECLARE_SC("SetSpecialListener", RPC_SPECIAL_LISTENER, ScSetSpecialListener, InR
 DECLARE_SC("GetSpecialListener", RPC_SPECIAL_LISTENER, ScGetSpecialListener, InRpcSpecialListener, OutRpcSpecialListener)
 DECLARE_SC("GetAzureStatus", RPC_AZURE_STATUS, ScGetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
 DECLARE_SC("SetAzureStatus", RPC_AZURE_STATUS, ScSetAzureStatus, InRpcAzureStatus, OutRpcAzureStatus)
-DECLARE_SC("GetDDnsInternetSettng", INTERNET_SETTING, ScGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
-DECLARE_SC("SetDDnsInternetSettng", INTERNET_SETTING, ScSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
+DECLARE_SC("GetDDnsInternetSetting", INTERNET_SETTING, ScGetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
+DECLARE_SC("SetDDnsInternetSetting", INTERNET_SETTING, ScSetDDnsInternetSetting, InRpcInternetSetting, OutRpcInternetSetting)
 // RPC call function declaration: till here

 // Setting VPN Gate Server Configuration
@@ -8739,7 +8739,7 @@ UINT StSetHubRadius(ADMIN *a, RPC_RADIUS *t)
 	}

 	//SetRadiusServer(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret);
-	SetRadiusServerEx(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret, t->RadiusRetryInterval);
+	SetRadiusServerEx2(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret, t->RadiusRetryInterval, t->RadiusRetryTimeout);

 	ALog(a, h, "LA_SET_HUB_RADIUS");

@@ -8778,8 +8778,8 @@ UINT StGetHubRadius(ADMIN *a, RPC_RADIUS *t)
 	Zero(t, sizeof(RPC_RADIUS));
 	//GetRadiusServer(h, t->RadiusServerName, sizeof(t->RadiusServerName),
 	//	&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret));
-	GetRadiusServerEx(h, t->RadiusServerName, sizeof(t->RadiusServerName),
-		&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret), &t->RadiusRetryInterval);
+	GetRadiusServerEx2(h, t->RadiusServerName, sizeof(t->RadiusServerName),
+		&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret), &t->RadiusRetryInterval, &t->RadiusRetryTimeout);

 	ReleaseHub(h);

@@ -13031,6 +13031,7 @@ void InRpcRadius(RPC_RADIUS *t, PACK *p)
 	PackGetStr(p, "HubName", t->HubName, sizeof(t->HubName));
 	PackGetStr(p, "RadiusSecret", t->RadiusSecret, sizeof(t->RadiusSecret));
 	t->RadiusRetryInterval = PackGetInt(p, "RadiusRetryInterval");
+	t->RadiusRetryTimeout = PackGetInt(p, "RadiusRetryTimeout");
 }
 void OutRpcRadius(PACK *p, RPC_RADIUS *t)
 {
@@ -13045,6 +13046,7 @@ void OutRpcRadius(PACK *p, RPC_RADIUS *t)
 	PackAddStr(p, "HubName", t->HubName);
 	PackAddStr(p, "RadiusSecret", t->RadiusSecret);
 	PackAddInt(p, "RadiusRetryInterval", t->RadiusRetryInterval);
+	PackAddInt(p, "RadiusRetryTimeout", t->RadiusRetryTimeout);
 }

 // RPC_HUB
@@ -259,6 +259,7 @@ struct RPC_RADIUS
 	UINT RadiusPort;					// Radius port number
 	char RadiusSecret[MAX_PASSWORD_LEN + 1];	// Secret key
 	UINT RadiusRetryInterval;			// Radius retry interval
+	UINT RadiusRetryTimeout;			// Radius retry timeout
 };

 // Specify the HUB
@@ -805,7 +805,12 @@ bool EthIsChangeMtuSupported(ETH *e)
 		return false;
 	}

+// FreeBSD seriously dislikes MTU changes; disable if compiled on that platform
+#ifndef	__FreeBSD__
 	return true;
+#else
+	return false;
+#endif
 #else	// defined(UNIX_LINUX) || defined(UNIX_BSD) || defined(UNIX_SOLARIS)
 	return false;
 #endif	// defined(UNIX_LINUX) || defined(UNIX_BSD) || defined(UNIX_SOLARIS)
@@ -12,6 +12,15 @@ else()
  add_library(cedar SHARED ${SOURCES_CEDAR} ${SOURCES_CEDAR_CPP} ${HEADERS_CEDAR})
 endif()

+if(MSVC)
+  target_compile_options(cedar PRIVATE /EHsc)
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+  if(CMAKE_CXX_COMPILER_FRONTEND_VARIANT STREQUAL "MSVC")
+    target_compile_options(cedar PRIVATE /EHsc)
+  else()
+    target_compile_options(cedar PRIVATE -fexceptions)
+  endif()
+endif()
 set_target_properties(cedar
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${BUILD_DIRECTORY}"
@@ -22,18 +31,21 @@ set_target_properties(cedar
 target_link_libraries(cedar PUBLIC mayaqua)

 cmake_host_system_information(RESULT HAS_SSE2 QUERY HAS_SSE2)
-
-set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
-set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
-
-target_include_directories(cedar PUBLIC ${BLAKE2_SRC_PATH})
-target_sources(cedar PRIVATE ${BLAKE2_SRC})
-
-if(HAS_SSE2)
+if(CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64|arm64v8|ARM64")
+  message(STATUS "Target architecture is ARM64")
+  set(BLAKE2_SRC_PATH "${TOP_DIRECTORY}/3rdparty/BLAKE2/neon")
+  set(BLAKE2_SRC "${BLAKE2_SRC_PATH}/blake2s-neon.c")
+else()
+  set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
+  set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
+  if(HAS_SSE2)
    # If SSE2 is enabled, a build failure occurs with MSVC because it doesn't define "__SSE2__".
    # The fix consists in defining "HAVE_SSE2" manually, effectively overriding the check.
    set_property(SOURCE ${BLAKE2_SRC} PROPERTY COMPILE_DEFINITIONS "HAVE_SSE2")
+  endif()
 endif()
+target_include_directories(cedar PUBLIC ${BLAKE2_SRC_PATH})
+target_sources(cedar PRIVATE ${BLAKE2_SRC})

 if(VCPKG_TARGET_TRIPLET)
  find_package(unofficial-sodium CONFIG REQUIRED)
@@ -99,6 +99,8 @@ void CheckNetworkAcceptThread(THREAD *thread, void *param)

 	Disconnect(s);
 	ReleaseSock(s);
+
+	Free(c);
 }


@@ -155,15 +157,15 @@ void CheckNetworkListenThread(THREAD *thread, void *param)
 		}
 		else
 		{
-			CHECK_NETWORK_2 c;
+			CHECK_NETWORK_2 *c;
 			THREAD *t;

-			Zero(&c, sizeof(c));
-			c.s = new_sock;
-			c.k = pri;
-			c.x = x;
+			c = ZeroMalloc(sizeof(CHECK_NETWORK_2));
+			c->s = new_sock;
+			c->k = pri;
+			c->x = x;

-			t = NewThread(CheckNetworkAcceptThread, &c);
+			t = NewThread(CheckNetworkAcceptThread, c);
 			Insert(o, t);
 		}
 	}
@@ -11789,6 +11791,9 @@ UINT PsRadiusServerSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		{"[server_name:port]", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_Host"), CmdEvalNotEmpty, NULL},
 		{"SECRET", CmdPromptChoosePassword, _UU("CMD_RadiusServerSet_Prompt_Secret"), NULL, NULL},
 		{"RETRY_INTERVAL", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_RetryInterval"), CmdEvalMinMax, &minmax},
+		
+		// Support for setting timeout through commandline not added
+		// {"RETRY_TIMEOUT", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_RetryTimeout"), CmdEvalMinMax, &minmax},
 	};

 	// If virtual HUB is not selected, it's an error
@@ -11813,6 +11818,7 @@ UINT PsRadiusServerSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		StrCpy(t.RadiusServerName, sizeof(t.RadiusServerName), host);
 		StrCpy(t.RadiusSecret, sizeof(t.RadiusSecret), GetParamStr(o, "SECRET"));
 		t.RadiusRetryInterval = GetParamInt(o, "RETRY_INTERVAL");
+		// t.RadiusRetryTimeout = GetParamInt(o, "RETRY_TIMEOUT");

 		Free(host);

@@ -11936,6 +11942,9 @@ UINT PsRadiusServerGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)

 			UniToStri(tmp, t.RadiusRetryInterval);
 			CtInsert(ct, _UU("CMD_RadiusServerGet_RetryInterval"), tmp);
+
+			UniToStri(tmp, t.RadiusRetryTimeout);
+			CtInsert(ct, _UU("CMD_RadiusServerGet_RetryTimeout"), tmp);
 		}

 		CtFree(ct, c);
@@ -1938,6 +1938,7 @@ bool PasswordPrompt(char *password, UINT size)
 		c = _getch();
 #else	// OS_WIN32
 		c = getc(stdin);
+PROCESS_CH:
 #endif	// OS_WIN32

 		if (c >= 0x20 && c <= 0x7E)
@@ -1952,6 +1953,7 @@ bool PasswordPrompt(char *password, UINT size)
 		else if (c == 0x03)
 		{
 			// Break
+			RestoreConsole(console);
 			exit(0);
 		}
 		else if (c == 0x04 || c == 0x1a || c == 0x0D || c==0x0A)
@@ -1977,7 +1979,47 @@ bool PasswordPrompt(char *password, UINT size)
 				goto BACKSPACE;
 			}
 		}
-		else if (c == 0x08)
+#ifdef OS_UNIX	// OS_UNIX
+		else if (c == 0x1B)
+		{
+			c = getc(stdin);
+			if (c != 0x5B && c != 0x4F)
+			{
+				// ESC key
+				goto PROCESS_CH;
+			}
+
+			c = getc(stdin);
+			if (c == 0x44)
+			{
+				// Left arrow key
+				goto BACKSPACE;
+			}
+			else if (c == 0x33)
+			{
+				c = getc(stdin);
+				if (c == 0x7E)
+				{
+					// Delete key
+					goto BACKSPACE;
+				}
+			}
+
+			// Drain remaining sequence bytes (most are <= 6)
+			for (int i = 0; i < 6; i++)
+			{
+				if (c >= 0x40 && c <= 0x7E)
+				{
+					// End of sequence
+					break;
+				}
+				c = getc(stdin);
+			}
+
+			continue;
+		}
+#endif	// OS_UNIX
+		else if (c == 0x08 || c == 0x7F)
 		{
 BACKSPACE:
 			// Backspace
@@ -99,6 +99,7 @@ EAP_CLIENT *HubNewEapClient(CEDAR *cedar, char *hubname, char *client_ip_str, ch
 	char radius_servers[MAX_PATH] = {0};
 	UINT radius_port = 0;
 	UINT radius_retry_interval = 0;
+	UINT radius_retry_timeout = 0;
 	char radius_secret[MAX_PATH] = {0};
 	char radius_suffix_filter[MAX_PATH] = {0};
 	if (cedar == NULL || hubname == NULL || client_ip_str == NULL || username == NULL)
@@ -115,8 +116,8 @@ EAP_CLIENT *HubNewEapClient(CEDAR *cedar, char *hubname, char *client_ip_str, ch

 	if (hub != NULL)
 	{
-		if (GetRadiusServerEx2(hub, radius_servers, sizeof(radius_servers), &radius_port, radius_secret,
-			sizeof(radius_secret), &radius_retry_interval, radius_suffix_filter, sizeof(radius_suffix_filter)))
+		if (GetRadiusServerEx3(hub, radius_servers, sizeof(radius_servers), &radius_port, radius_secret,
+			sizeof(radius_secret), &radius_retry_interval, &radius_retry_timeout, radius_suffix_filter, sizeof(radius_suffix_filter)))
 		{
 			bool use_peap = hub->RadiusUsePeapInsteadOfEap;

@@ -630,6 +631,7 @@ void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
 	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption);
 	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId);
 	GetHubAdminOptionDataAndSet(ao, "AllowEapMatchUserByCert", o->AllowEapMatchUserByCert);
+	GetHubAdminOptionDataAndSet(ao, "DhcpDiscoverTimeoutMs", o->DhcpDiscoverTimeoutMs);
 }

 // Convert the contents of the HUB_OPTION to data
@@ -705,6 +707,7 @@ void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name)
 	Add(aol, NewAdminOption("UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption));
 	Add(aol, NewAdminOption("UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId));
 	Add(aol, NewAdminOption("AllowEapMatchUserByCert", o->AllowEapMatchUserByCert));
+	Add(aol, NewAdminOption("DhcpDiscoverTimeoutMs", o->DhcpDiscoverTimeoutMs));

 	Zero(ao, sizeof(RPC_ADMIN_OPTION));

@@ -6413,17 +6416,23 @@ void ReleaseHub(HUB *h)
 bool GetRadiusServer(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size)
 {
 	UINT interval;
+	
 	return GetRadiusServerEx(hub, name, size, port, secret, secret_size, &interval);
 }
-bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval)
-{
-	return GetRadiusServerEx2(hub, name, size, port, secret, secret_size, interval, NULL, 0);
+bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval) {
+	UINT timeout;
+
+	return GetRadiusServerEx2(hub, name, size, port, secret, secret_size, interval, &timeout);
 }
-bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, char *suffix_filter, UINT suffix_filter_size)
+bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout)
+{
+	return GetRadiusServerEx3(hub, name, size, port, secret, secret_size, interval, timeout, NULL, 0);
+}
+bool GetRadiusServerEx3(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout, char *suffix_filter, UINT suffix_filter_size)
 {
 	bool ret = false;
 	// Validate arguments
-	if (hub == NULL || name == NULL || port == NULL || secret == NULL || interval == NULL)
+	if (hub == NULL || name == NULL || port == NULL || secret == NULL || interval == NULL || timeout == NULL)
 	{
 		return false;
 	}
@@ -6437,6 +6446,7 @@ bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secre
 			StrCpy(name, size, hub->RadiusServerName);
 			*port = hub->RadiusServerPort;
 			*interval = hub->RadiusRetryInterval;
+			*timeout = hub->RadiusRetryTimeout;

 			tmp_size = hub->RadiusSecret->Size + 1;
 			tmp = ZeroMalloc(tmp_size);
@@ -6463,6 +6473,10 @@ void SetRadiusServer(HUB *hub, char *name, UINT port, char *secret)
 	SetRadiusServerEx(hub, name, port, secret, RADIUS_RETRY_INTERVAL);
 }
 void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT interval)
+{
+	SetRadiusServerEx2(hub, name, port, secret, interval, RADIUS_RETRY_TIMEOUT);
+}
+void SetRadiusServerEx2(HUB *hub, char *name, UINT port, char *secret, UINT interval, UINT timeout)
 {
 	// Validate arguments
 	if (hub == NULL)
@@ -6482,19 +6496,28 @@ void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT inter
 			hub->RadiusServerName = NULL;
 			hub->RadiusServerPort = 0;
 			hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL;
+			hub->RadiusRetryTimeout = RADIUS_RETRY_TIMEOUT;
+
 			FreeBuf(hub->RadiusSecret);
 		}
 		else
 		{
 			hub->RadiusServerName = CopyStr(name);
 			hub->RadiusServerPort = port;
+
+			if (timeout == 0) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+			hub->RadiusRetryTimeout = timeout;
+
 			if (interval == 0)
 			{
-				hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL;
+				hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL; ///What happens here is that RADIUS_RETRY_TIMEOUT is not configurable, and RADIUS_RETRY_INTERVAL is set to the timeout if it's larger.
 			}
-			else if (interval > RADIUS_RETRY_TIMEOUT)
+			
+			if (interval > timeout)
 			{
-				hub->RadiusRetryInterval = RADIUS_RETRY_TIMEOUT;
+				hub->RadiusRetryInterval = timeout;
 			}
 			else
 			{
@@ -30,6 +30,9 @@
 // Default flooding queue length
 #define	DEFAULT_FLOODING_QUEUE_LENGTH				(32 * 1024 * 1024)

+// Default DHCP Discover Timeout
+#define	DEFAULT_DHCP_DISCOVER_TIMEOUT				(5 * 1000)
+
 // SoftEther link control packet
 struct SE_LINK
 {
@@ -183,6 +186,7 @@ struct HUB_OPTION
 	bool UseHubNameAsDhcpUserClassOption;	// Add HubName to DHCP request as User-Class option
 	bool UseHubNameAsRadiusNasId;		// Add HubName to Radius request as NAS-Identifier attrioption
 	bool AllowEapMatchUserByCert;		// Allow matching EAP Identity with user certificate CNs
+	UINT DhcpDiscoverTimeoutMs;			// Timeout to wait for DHCP server response on DISCOVER request
 };

 // MAC table entry
@@ -337,6 +341,7 @@ struct HUB
 	char *RadiusServerName;				// Radius server name
 	UINT RadiusServerPort;				// Radius server port number
 	UINT RadiusRetryInterval;			// Radius retry interval
+	UINT RadiusRetryTimeout;			// Radius timeout, it will no longer retry
 	BUF *RadiusSecret;					// Radius shared key
 	char RadiusSuffixFilter[MAX_SIZE];	// Radius suffix filter
 	char RadiusRealm[MAX_SIZE];			// Radius realm (optional)
@@ -478,9 +483,11 @@ void GetAccessListStr(char *str, UINT size, ACCESS *a);
 void DeleteOldIpTableEntry(LIST *o);
 void SetRadiusServer(HUB *hub, char *name, UINT port, char *secret);
 void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT interval);
+void SetRadiusServerEx2(HUB *hub, char *name, UINT port, char *secret, UINT interval, UINT timeout);
 bool GetRadiusServer(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size);
 bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval);
-bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, char *suffix_filter, UINT suffix_filter_size);
+bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout);
+bool GetRadiusServerEx3(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout, char *suffix_filter, UINT suffix_filter_size);
 int CompareCert(void *p1, void *p2);
 void GetHubLogSetting(HUB *h, HUB_LOG *setting);
 void SetHubLogSetting(HUB *h, HUB_LOG *setting);
@@ -493,12 +493,14 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	{
 		UINTToIP(&ipc->DefaultGateway, hub->Option->DefaultGateway);
 		UINTToIP(&ipc->SubnetMask, hub->Option->DefaultSubnet);
+		ipc->DhcpDiscoverTimeoutMs = hub->Option->DhcpDiscoverTimeoutMs;
 		GetBroadcastAddress4(&ipc->BroadcastAddress, &ipc->DefaultGateway, &ipc->SubnetMask);
 	}
 	else
 	{
 		ZeroIP4(&ipc->DefaultGateway);
 		ZeroIP4(&ipc->SubnetMask);
+		ipc->DhcpDiscoverTimeoutMs = DEFAULT_DHCP_DISCOVER_TIMEOUT;
 		ZeroIP4(&ipc->BroadcastAddress);
 	}

@@ -565,6 +567,9 @@ IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address)
 	ipc->Sock = s;
 	AddRef(s->ref);

+	// Initialize to pass the validity check on the source IP address performed by IPCSendIPv4()
+	ZeroIP4(&ipc->ClientIPAddress);
+
 	Copy(ipc->MacAddress, mac_address, 6);

 	ipc->Interrupt = NewInterruptManager();
@@ -793,7 +798,8 @@ bool IPCDhcpAllocateIP(IPC *ipc, DHCP_OPTION_LIST *opt, TUBE *discon_poll_tube)
 	StrCpy(req.Hostname, sizeof(req.Hostname), ipc->ClientHostname);
 	IPCDhcpSetConditionalUserClass(ipc, &req);

-	d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, IPC_DHCP_TIMEOUT, discon_poll_tube);
+	UINT discoverTimeout = ipc->DhcpDiscoverTimeoutMs > 0 ? ipc->DhcpDiscoverTimeoutMs : DEFAULT_DHCP_DISCOVER_TIMEOUT;
+	d = IPCSendDhcpRequest(ipc, NULL, tran_id, &req, DHCP_OFFER, discoverTimeout, discon_poll_tube);
 	if (d == NULL)
 	{
 		return false;
@@ -896,7 +902,7 @@ DHCPV4_DATA *IPCSendDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION
 	}

 	// Retransmission interval
-	resend_interval = MAX(1, (timeout / 3) - 100);
+	resend_interval = MIN(IPC_DHCP_MAX_RESEND_INTERVAL, MAX(1, (timeout / 3) - 100));

 	// Time-out time
 	giveup_time = Tick64() + (UINT64)timeout;
@@ -1517,7 +1523,9 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
 									// We save the router advertisement data for later use
 									IPCIPv6AddRouterPrefixes(ipc, &p->ICMPv6HeaderPacketInfo.OptionList, src_mac, &ip_src);
 									IPCIPv6AssociateOnNDTEx(ipc, &ip_src, src_mac, true);
+									if (p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer != NULL) {
 										IPCIPv6AssociateOnNDTEx(ipc, &ip_src, p->ICMPv6HeaderPacketInfo.OptionList.SourceLinkLayer->Address, true);
+									}
 									ndtProcessed = true;
 									header_size = sizeof(ICMPV6_ROUTER_ADVERTISEMENT_HEADER);
 									break;
@@ -2354,7 +2362,14 @@ void IPCIPv6AddRouterPrefixes(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *m
 				IntToSubnetMask6(&newRA->RoutedMask, recvPrefix->Prefix[i]->SubnetLength);
 				CopyIP(&newRA->RouterAddress, ip);
 				Copy(newRA->RouterMacAddress, macAddress, 6);
+				if (recvPrefix->SourceLinkLayer != NULL)
+				{
 					Copy(newRA->RouterLinkLayerAddress, recvPrefix->SourceLinkLayer->Address, 6);
+				}
+				else
+				{
+					Zero(newRA->RouterLinkLayerAddress, 6);
+				}
 				Add(ipc->IPv6RouterAdvs, newRA);
 			}
 		}
@@ -2657,7 +2672,7 @@ void IPCIPv6SendUnicast(IPC *ipc, void *data, UINT size, IP *next_ip)
 		}

 		destMac = ra.RouterMacAddress;
-		if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterMacAddress))
+		if (!IsMacUnicast(destMac) && !IsMacInvalid(ra.RouterLinkLayerAddress))
 		{
 			destMac = ra.RouterLinkLayerAddress;
 		}
@@ -19,6 +19,7 @@
 #define	IPC_DHCP_TIMEOUT				(5 * 1000)
 #define	IPC_DHCP_MIN_LEASE				5
 #define	IPC_DHCP_DEFAULT_LEASE			3600
+#define	IPC_DHCP_MAX_RESEND_INTERVAL	(3 * 1000)

 #define	IPC_MAX_PACKET_QUEUE_LEN		10000

@@ -149,6 +150,7 @@ struct IPC
 	SHARED_BUFFER *IpcSessionSharedBuffer;	// A shared buffer between IPC and Session
 	IPC_SESSION_SHARED_BUFFER_DATA *IpcSessionShared;	// Shared data between IPC and Session
 	UINT Layer;
+	UINT DhcpDiscoverTimeoutMs;			// Timeut to wait for DHCP server response on DISCOVER request

 	// IPv6 stuff
 	QUEUE *IPv6ReceivedQueue;			// IPv6 reception queue
@@ -457,10 +457,10 @@ void L3KnownArp(L3IF *f, UINT ip, UCHAR *mac)
 	// Delete an ARP query entry to this IP address
 	Zero(&t, sizeof(t));
 	t.IpAddress = ip;
-	w = Search(f->IpWaitList, &t);
+	w = Search(f->ArpWaitTable, &t);
 	if (w != NULL)
 	{
-		Delete(f->IpWaitList, w);
+		Delete(f->ArpWaitTable, w);
 		Free(w);
 	}

@@ -463,39 +463,13 @@ void ProcIPsecEspPacketRecv(IKE_SERVER *ike, UDPPACKET *p)
 	seq = READ_UINT(src + sizeof(UINT));

 	// Search and retrieve the IPsec SA from SPI
+
+	// thank to @phillibert report, responding to bad SA might lead to amplification
+	// according to RFC4303 we should drop such packets
+
 	ipsec_sa = SearchClientToServerIPsecSaBySpi(ike, spi);
 	if (ipsec_sa == NULL)
 	{
-		// Invalid SPI
-		UINT64 init_cookie = Rand64();
-		UINT64 resp_cookie = 0;
-		IKE_CLIENT *c = NULL;
-		IKE_CLIENT t;
-
-
-		Copy(&t.ClientIP, &p->SrcIP, sizeof(IP));
-		t.ClientPort = p->SrcPort;
-		Copy(&t.ServerIP, &p->DstIP, sizeof(IP));
-		t.ServerPort = p->DestPort;
-		t.CurrentIkeSa = NULL;
-
-		if (p->DestPort == IPSEC_PORT_IPSEC_ESP_RAW)
-		{
-			t.ClientPort = t.ServerPort = IPSEC_PORT_IPSEC_ISAKMP;
-		}
-
-		c = Search(ike->ClientList, &t);
-
-		if (c != NULL && c->CurrentIkeSa != NULL)
-		{
-			init_cookie = c->CurrentIkeSa->InitiatorCookie;
-			resp_cookie = c->CurrentIkeSa->ResponderCookie;
-		}
-
-		SendInformationalExchangePacketEx(ike, (c == NULL ? &t : c), IkeNewNoticeErrorInvalidSpiPayload(spi), false,
-			init_cookie, resp_cookie);
-
-		SendDeleteIPsecSaPacket(ike, (c == NULL ? &t : c), spi);
 		return;
 	}

@@ -2138,9 +2138,9 @@ void L2TPProcessInterrupts(L2TP_SERVER *l2tp)
 		UINT64 l2tpTimeout = L2TP_TUNNEL_TIMEOUT;

 		// If we got on ANY session a higher timeout than the default L2TP tunnel timeout, increase it
-		for (i = 0; i < LIST_NUM(t->SessionList); i++)
+		for (j = 0; j < LIST_NUM(t->SessionList); j++)
 		{
-			L2TP_SESSION* s = LIST_DATA(t->SessionList, i);
+			L2TP_SESSION* s = LIST_DATA(t->SessionList, j);

 			if (s->TubeRecv != NULL && s->TubeRecv->DataTimeout > l2tpTimeout)
 			{
@@ -2562,9 +2562,16 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 								Debug("OpenVPN Channel %u Failed.\n", j);
 								OvsLog(s, se, c, "LO_CHANNEL_FAILED");

+								if ((se->IpcAsync->ErrorCode == ERR_AUTHTYPE_NOT_SUPPORTED) ||
+									(se->IpcAsync->ErrorCode == ERR_AUTH_FAILED) ||
+									(se->IpcAsync->ErrorCode == ERR_PROXY_AUTH_FAILED) ||
+									(se->IpcAsync->ErrorCode == ERR_USER_AUTHTYPE_NOT_PASSWORD) ||
+									(se->IpcAsync->ErrorCode == ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE))
+								{
 									// Return the AUTH_FAILED
 									str = "AUTH_FAILED";
 									WriteFifo(c->SslPipe->SslInOut->SendFifo, str, StrSize(str));
+								}

 								s->SessionEstablishedCount++;

@@ -3615,6 +3615,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
 		dataBuffer = eap_packet->Tls.TlsDataWithLength.Data;
 		dataSize -= 4;
 		tlsLength = Endian32(eap_packet->Tls.TlsDataWithLength.TlsLength);
+		// Let's just clamp it to a safe size to avoid DoS (GHSA-q5g3-qhc6-pr3h)
+		tlsLength = MIN(tlsLength, PPP_MRU_MAX * 10);
 	}
 	/*Debug("=======RECV EAP-TLS PACKET DUMP=======\n");
 	for (i = 0; i < dataSize; i++)
@@ -3659,10 +3661,13 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
 			sizeLeft = GetMemSize(p->Eap_TlsCtx.CachedBufferRecv);
 			sizeLeft -= (UINT)(p->Eap_TlsCtx.CachedBufferRecvPntr - p->Eap_TlsCtx.CachedBufferRecv);

+			if (sizeLeft > 0)
+			{
 				Copy(p->Eap_TlsCtx.CachedBufferRecvPntr, dataBuffer, MIN(sizeLeft, dataSize));

 				p->Eap_TlsCtx.CachedBufferRecvPntr += MIN(sizeLeft, dataSize);
 			}
+		}

 		// If we got a cached buffer, we should feed the FIFOs via it
 		if (p->Eap_TlsCtx.CachedBufferRecv != NULL)
@@ -3783,6 +3788,8 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
 						}
 						AcUnlock(hub);
 						ReleaseHub(hub);
+						// Making sure the stale pntr is cleared and can't be reused (GHSA-7437-282p-7465)
+						hub = NULL;
 					}

 					if (found == false)
@@ -3790,8 +3797,6 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
 						PPP_PACKET* pack;
 						UINT identificator = p->Eap_PacketId;

-						ReleaseHub(hub);
-
 						PPPSetStatus(p, PPP_STATUS_AUTH_FAIL);

 						pack = ZeroMalloc(sizeof(PPP_PACKET));
@@ -5429,7 +5429,7 @@ void ClientUploadNoop(CONNECTION *c)
 	}

 	p = PackError(0);
-	PackAddInt(p, "noop", 1);
+	PackAddInt(p, "noop", NOOP);
 	(void)HttpClientSend(c->FirstSock, p);
 	FreePack(p);

@@ -5440,6 +5440,24 @@ void ClientUploadNoop(CONNECTION *c)
 	}
 }

+void ServerUploadNoop(CONNECTION *c)
+{
+	PACK *p;
+	// Validate arguments
+	if (c == NULL)
+	{
+		return;
+	}
+
+	p = PackError(0);
+	PackAddInt(p, "noop", NOOP_IGNORE);
+	(void)HttpServerSend(c->FirstSock, p);
+	FreePack(p);
+
+	// Client can't re-respond to an HTTP "response" 
+	// so we don't wait for it on the server side
+}
+
 // Add client version information to the PACK
 void PackAddClientVersion(PACK *p, CONNECTION *c)
 {
@@ -5843,7 +5861,6 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 				// Target is invalid
 				HttpSendNotFound(s, h->Target);
 				Free(data);
-				FreeHttpHeader(h);
 				*error_detail_str = "POST_Target_Wrong";
 			}
 			else
@@ -5861,10 +5878,10 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 				{
 					// WaterMark is incorrect
 					HttpSendForbidden(s, h->Target, NULL);
-					FreeHttpHeader(h);
 					*error_detail_str = "POST_WaterMark_Error";
 				}
 			}
+			FreeHttpHeader(h);
 		}
 		else if (StrCmpi(h->Method, "OPTIONS") == 0)
 		{
@@ -5884,6 +5901,7 @@ bool ServerDownloadSignature(CONNECTION *c, char **error_detail_str)
 					continue;
 				}
 			}
+			FreeHttpHeader(h);
 		}
 		else if (StrCmpi(h->Method, "SSTP_DUPLEX_POST") == 0 && (ProtoEnabled(server->Proto, "SSTP") || s->IsReverseAcceptedSocket) && GetServerCapsBool(server, "b_support_sstp"))
 		{
@@ -6773,7 +6791,6 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)

 	p = NewPack();
 	PackAddStr(p, "method", "login");
-	PackAddStr(p, "hubname", hubname);

 	if (IsEmptyStr(username))
 	{
@@ -6782,12 +6799,26 @@ PACK *PackLoginWithOpenVPNCertificate(char *hubname, char *username, X *x)
 			FreePack(p);
 			return NULL;
 		}
+
 		UniToStr(cn_username, sizeof(cn_username), x->subject_name->CommonName);
+
+		if (strchr(cn_username, '@') != NULL)
+
+		{
+			PackAddStr(p, "username", strtok(cn_username, "@"));
+			PackAddStr(p, "hubname", strtok(NULL, ""));
+		}
+		else
+		{
 			PackAddStr(p, "username", cn_username);
+			PackAddStr(p, "hubname", hubname);
+		}
+
 	}
 	else
 	{
 		PackAddStr(p, "username", username);
+		PackAddStr(p, "hubname", hubname);
 	}

 	PackAddInt(p, "authtype", AUTHTYPE_OPENVPN_CERT);
@@ -169,6 +169,7 @@ bool GetSessionKeyFromPack(PACK *p, UCHAR *session_key, UINT *session_key_32);
 void CreateNodeInfo(NODE_INFO *info, CONNECTION *c);
 UINT SecureSign(SECURE_SIGN *sign, UINT device_id, char *pin);
 void ClientUploadNoop(CONNECTION *c);
+void ServerUploadNoop(CONNECTION *c);
 bool ClientCheckServerCert(CONNECTION *c, bool *expired);
 void ClientCheckServerCertThread(THREAD *thread, void *param);
 bool ClientSecureSign(CONNECTION *c, UCHAR *sign, UCHAR *random, X **x);
@@ -7,6 +7,7 @@

 #include "Radius.h"

+#include "Protocol.h"
 #include "Connection.h"
 #include "IPC.h"
 #include "Server.h"
@@ -1767,7 +1768,7 @@ LABEL_ERROR:
 ////////// Classical implementation

 // Attempts Radius authentication (with specifying retry interval and multiple server)
-bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
+bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UINT timeout, UCHAR *mschap_v2_server_response_20,
 				 RADIUS_LOGIN_OPTION *opt, char *hubname)
 {
 	UCHAR random[MD5_SIZE];
@@ -2072,14 +2073,22 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec

 			// Transmission process start
 			start = Tick64();
+
+			// Limit timeout to be larger than hardcoded timeout
+			// Limit interval to be larger than the hardcoded interval and less than timeout
+			if (timeout < RADIUS_RETRY_TIMEOUT) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+			
 			if(interval < RADIUS_RETRY_INTERVAL)
 			{
 				interval = RADIUS_RETRY_INTERVAL;
 			}
-			else if(interval > RADIUS_RETRY_TIMEOUT)
+			else if(interval > timeout)
 			{
-				interval = RADIUS_RETRY_TIMEOUT;
+				interval = timeout;
 			}
+
 			next_send_time = start + (UINT64)interval;

 			while (true)
@@ -2099,6 +2108,8 @@ SEND_RETRY:
 				next_send_time = Tick64() + (UINT64)interval;

 RECV_RETRY:
+				ServerUploadNoop(c);				
+				
 				now = Tick64();
 				if (next_send_time <= now)
 				{
@@ -2109,7 +2120,7 @@ RECV_RETRY:
 					goto SEND_RETRY;
 				}

-				if ((start + RADIUS_RETRY_TIMEOUT) < now)
+				if ((start + timeout) < now)
 				{
 					// Time-out
 					break;
@@ -283,7 +283,7 @@ struct RADIUS_LOGIN_OPTION
 };

 // Function prototype
-bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
+bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UINT timeout, UCHAR *mschap_v2_server_response_20,
 				 RADIUS_LOGIN_OPTION *opt, char *hubname);
 BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size);
 BUF *RadiusCreateUserName(wchar_t *username);
@@ -516,6 +516,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 			char suffix_filter[MAX_SIZE];
 			wchar_t suffix_filter_w[MAX_SIZE];
 			UINT interval;
+			UINT timeout;
 			EAP_CLIENT *eap = NULL;
 			char password1[MAX_SIZE];
 			UCHAR client_challenge[16];
@@ -586,7 +587,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 			}

 			// Get the Radius server information
-			if (GetRadiusServerEx2(hub, radius_server_addr, sizeof(radius_server_addr), &radius_server_port, radius_secret, sizeof(radius_secret), &interval, suffix_filter, sizeof(suffix_filter)))
+			if (GetRadiusServerEx3(hub, radius_server_addr, sizeof(radius_server_addr), &radius_server_port, radius_secret, sizeof(radius_secret), &interval, &timeout, suffix_filter, sizeof(suffix_filter)))
 			{
 				Unlock(hub->lock);

@@ -597,7 +598,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 					// Attempt to login
 					b = RadiusLogin(c, radius_server_addr, radius_server_port,
 						radius_secret, StrLen(radius_secret),
-						name, password, interval, mschap_v2_server_response_20, opt, hub->Name);
+						name, password, interval, timeout, mschap_v2_server_response_20, opt, hub->Name);

 					if (b)
 					{
@@ -2337,6 +2337,7 @@ void SiSetDefaultHubOption(HUB_OPTION *o)
 	o->AccessListIncludeFileCacheLifetime = ACCESS_LIST_INCLUDE_FILE_CACHE_LIFETIME;
 	o->RemoveDefGwOnDhcpForLocalhost = true;
 	o->FloodingSendQueueBufferQuota = DEFAULT_FLOODING_QUEUE_LENGTH;
+	o->DhcpDiscoverTimeoutMs = DEFAULT_DHCP_DISCOVER_TIMEOUT;
 }

 // Create a default virtual HUB
@@ -3942,6 +3943,11 @@ void SiLoadHubOptionCfg(FOLDER *f, HUB_OPTION *o)
 	o->UseHubNameAsDhcpUserClassOption = CfgGetBool(f, "UseHubNameAsDhcpUserClassOption");
 	o->UseHubNameAsRadiusNasId = CfgGetBool(f, "UseHubNameAsRadiusNasId");
 	o->AllowEapMatchUserByCert = CfgGetBool(f, "AllowEapMatchUserByCert");
+	o->DhcpDiscoverTimeoutMs = CfgGetInt(f, "DhcpDiscoverTimeoutMs");
+	if (o->DhcpDiscoverTimeoutMs == 0)
+	{
+		o->DhcpDiscoverTimeoutMs = DEFAULT_DHCP_DISCOVER_TIMEOUT;
+	}

 	// Enabled by default
 	if (CfgIsItem(f, "ManageOnlyPrivateIP"))
@@ -4048,6 +4054,7 @@ void SiWriteHubOptionCfg(FOLDER *f, HUB_OPTION *o)
 	CfgAddBool(f, "UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption);
 	CfgAddBool(f, "UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId);
 	CfgAddBool(f, "AllowEapMatchUserByCert", o->AllowEapMatchUserByCert);
+	CfgAddInt(f, "DhcpDiscoverTimeoutMs", o->DhcpDiscoverTimeoutMs);
 }

 // Write the user
@@ -4848,6 +4855,7 @@ void SiWriteHubCfg(FOLDER *f, HUB *h)
 		}
 		CfgAddInt(f, "RadiusServerPort", h->RadiusServerPort);
 		CfgAddInt(f, "RadiusRetryInterval", h->RadiusRetryInterval);
+		CfgAddInt(f, "RadiusRetryTimeout", h->RadiusRetryTimeout);
 		CfgAddStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter);
 		CfgAddStr(f, "RadiusRealm", h->RadiusRealm);

@@ -5013,9 +5021,11 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 			BUF *secret;
 			UINT port;
 			UINT interval;
+			UINT timeout;

 			port = CfgGetInt(f, "RadiusServerPort");
 			interval = CfgGetInt(f, "RadiusRetryInterval");
+			timeout = CfgGetInt(f, "RadiusRetryTimeout");

 			CfgGetStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter, sizeof(h->RadiusSuffixFilter));
 			CfgGetStr(f, "RadiusRealm", h->RadiusRealm, sizeof(h->RadiusRealm));
@@ -5028,6 +5038,10 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 				interval = RADIUS_RETRY_INTERVAL;
 			}

+			if (timeout == 0) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+
 			if (port != 0 && CfgGetStr(f, "RadiusServerName", name, sizeof(name)))
 			{
 				secret = CfgGetBuf(f, "RadiusSecret");
@@ -5041,7 +5055,7 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 					}
 					secret_str[sizeof(secret_str) - 1] = 0;
 					//SetRadiusServer(h, name, port, secret_str);
-					SetRadiusServerEx(h, name, port, secret_str, interval);
+					SetRadiusServerEx2(h, name, port, secret_str, interval, timeout);
 					FreeBuf(secret);
 				}
 			}
@@ -7533,6 +7547,11 @@ void SiCalledUpdateHub(SERVER *s, PACK *p)
 	o.UseHubNameAsDhcpUserClassOption = PackGetBool(p, "UseHubNameAsDhcpUserClassOption");
 	o.UseHubNameAsRadiusNasId = PackGetBool(p, "UseHubNameAsRadiusNasId");
 	o.AllowEapMatchUserByCert = PackGetBool(p, "AllowEapMatchUserByCert");
+	o.DhcpDiscoverTimeoutMs = PackGetInt(p, "DhcpDiscoverTimeoutMs");
+	if (o.DhcpDiscoverTimeoutMs == 0)
+	{
+		o.DhcpDiscoverTimeoutMs = DEFAULT_DHCP_DISCOVER_TIMEOUT;
+	}

 	save_packet_log = PackGetInt(p, "SavePacketLog");
 	packet_log_switch_type = PackGetInt(p, "PacketLogSwitchType");
@@ -9368,6 +9387,7 @@ void SiPackAddCreateHub(PACK *p, HUB *h)
 	PackAddBool(p, "UseHubNameAsDhcpUserClassOption", h->Option->UseHubNameAsDhcpUserClassOption);
 	PackAddBool(p, "UseHubNameAsRadiusNasId", h->Option->UseHubNameAsRadiusNasId);
 	PackAddBool(p, "AllowEapMatchUserByCert", h->Option->AllowEapMatchUserByCert);
+	PackAddInt(p, "DhcpDiscoverTimeoutMs", h->Option->DhcpDiscoverTimeoutMs);

 	SiAccessListToPack(p, h->AccessList);

@@ -615,7 +615,7 @@ void SessionMain(SESSION *s)
 					UINT max_conn = s->ClientOption->MaxConnection;

 					if ((s->CurrentConnectionEstablishTime +
-						(UINT64)(s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
+						(UINT64)(num_tcp_conn * s->ClientOption->AdditionalConnectionInterval * 1000 * 2 + CONNECTING_TIMEOUT * 2))
 						<= Tick64())
 					{
 						if (s->ClientOption->BindLocalPort != 0 || num_tcp_conn == 0)
@@ -2815,6 +2815,7 @@ void NativeNatThread(THREAD *thread, void *param)
 		if (a != NULL)
 		{
 			char macstr[64];
+			IP dhcp_ip;
 			// Acquisition success
 			Debug("NnGetNextInterface Ok: %s\n", a->DeviceName);

@@ -2842,9 +2843,10 @@ void NativeNatThread(THREAD *thread, void *param)

 			Debug("NnMainLoop Start.\n");
 			MacToStr(macstr, sizeof(macstr), a->Ipc->MacAddress);
+			UINTToIP(&dhcp_ip, a->CurrentDhcpOptionList.ServerAddress);
 			NLog(t->v, "LH_KERNEL_MODE_START", a->DeviceName,
 			     &a->Ipc->ClientIPAddress, &a->Ipc->SubnetMask, &a->Ipc->DefaultGateway, &a->Ipc->BroadcastAddress,
-			     macstr, &a->CurrentDhcpOptionList.ServerAddress, &a->DnsServerIP);
+				macstr, &dhcp_ip, &a->DnsServerIP);
 			NnMainLoop(t, a);
 			Debug("NnMainLoop End.\n");

@@ -9340,20 +9342,48 @@ UINT ServeDhcpDiscoverEx(VH *v, UCHAR *mac, UINT request_ip, bool is_static_ip)
 		return 0;
 	}

+	UINT ret = 0;
 	DHCP_LEASE *d = SearchDhcpLeaseByIp(v, request_ip);
+
 	if (d != NULL)
 	{
-		// The requested IP address is used already
-		return 0;
-	}
-
-	// For static IP, the requested IP address must NOT be within the range of the DHCP pool
-	if (Endian32(request_ip) < Endian32(v->DhcpIpStart) || Endian32(request_ip) > Endian32(v->DhcpIpEnd))
+		// If an entry for the same IP address already exists,
+		// check whether it is a request from the same MAC address
+		if (Cmp(mac, d->MacAddress, 6) == 0)
 		{
-		return request_ip;
+			// Examine whether the specified IP address is within the range of static assignment
+			if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
+				Endian32(request_ip) > Endian32(v->DhcpIpEnd))
+			{
+				// Accept if within the range of static assignment
+				ret = request_ip;
+			}
+		}
+		else {
+			// Duplicated IPV4 address found. The specified IP address is not available for use
+			char ipstr[MAX_HOST_NAME_LEN + 1] = { 0 };
+			char macstr[128] = { 0 };
+			IPToStr32(ipstr, sizeof(ipstr), request_ip);
+			MacToStr(macstr, sizeof(macstr), d->MacAddress);
+			Debug("Virtual DHC Server: Duplicated IP address detected. Static IP: %s, with the MAC: %s\n", ipstr, macstr);
+		}
+	}
+	else
+	{
+		// Examine whether the specified IP address is within the range of static assignment
+		if (Endian32(v->DhcpIpStart) > Endian32(request_ip) ||
+			Endian32(request_ip) > Endian32(v->DhcpIpEnd))
+		{
+			// Accept if within the range of static assignment
+			ret = request_ip;
+		}
+		else
+		{
+			// The specified IP address is not available for use
+		}
 	}

-	return 0;
+	return ret;
 }

 // Take an appropriate IP addresses that can be assigned newly
@@ -9540,6 +9570,11 @@ void VirtualDhcpServer(VH *v, PKT *p)
 			{
 				ip = ServeDhcpRequestEx(v, p->MacAddressSrc, opt->RequestedIp, ip_static);
 			}
+			// If the IP address in user's note is changed, then reply to DHCP_REQUEST with DHCP_NAK
+			if (p->L3.IPv4Header->SrcIP && ip != p->L3.IPv4Header->SrcIP)
+			{
+				ip = 0;
+			}
 		}

 		if (ip != 0 || opt->Opcode == DHCP_INFORM)
@@ -9552,6 +9587,14 @@ void VirtualDhcpServer(VH *v, PKT *p)
 				char client_mac[MAX_SIZE];
 				char client_ip[MAX_SIZE];

+				// If there is any entry with the same MAC address, then remove it
+				d = SearchDhcpLeaseByMac(v, p->MacAddressSrc);
+				if (d != NULL)
+				{
+					FreeDhcpLease(d);
+					Delete(v->DhcpLeaseList, d);
+				}
+
 				// Remove old records with the same IP address
 				d = SearchDhcpLeaseByIp(v, ip);
 				if (d != NULL)
@@ -9709,6 +9752,9 @@ void VirtualDhcpServer(VH *v, PKT *p)
 			}
 		}
 		else
+		{
+			// Reply of DHCP_REQUEST must be either DHCP_ACK or DHCP_NAK
+			if (opt->Opcode == DHCP_REQUEST)
 			{
 				// There is no IP address that can be provided
 				DHCP_OPTION_LIST ret;
@@ -9743,6 +9789,7 @@ void VirtualDhcpServer(VH *v, PKT *p)
 				}
 			}
 		}
+	}

 	// Release the memory
 	Free(opt);
@@ -0,0 +1,2 @@
+set(oqs_FOUND TRUE)
+add_library(OQS::oqs ALIAS oqs)
@@ -18,6 +18,48 @@ set_target_properties(mayaqua

 find_package(OpenSSL REQUIRED)

+if(OPENSSL_VERSION VERSION_GREATER_EQUAL "3")
+  set(OQS_ENABLE ON CACHE BOOL "By setting this to OFF, Open Quantum Safe algorithms will not be built in")
+else()
+  # Disable oqsprovider when OpenSSL version < 3
+  set(OQS_ENABLE OFF)
+endif()
+
+if(OQS_ENABLE)
+  set(OQS_BUILD_ONLY_LIB ON CACHE BOOL "Set liboqs to build only the library (no tests)")
+  set(BUILD_TESTING OFF CACHE BOOL "By setting this to OFF, no tests or examples will be compiled.")
+  set(OQS_PROVIDER_BUILD_STATIC ON CACHE BOOL "Build a static library instead of a shared library") # Build oqsprovider as a static library (defaults to shared)
+  list(PREPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/src/Mayaqua/3rdparty/")
+
+    # Disable all other KEM families
+  set(OQS_ENABLE_KEM_FRODOKEM OFF)
+  set(OQS_ENABLE_KEM_NTRUPRIME OFF)
+  set(OQS_ENABLE_KEM_NTRU OFF)
+  set(OQS_ENABLE_KEM_CLASSIC_MCELIECE OFF)
+  set(OQS_ENABLE_KEM_HQC OFF)
+  set(OQS_ENABLE_KEM_BIKE OFF)
+
+  # Disable all SIG families
+  set(OQS_ENABLE_SIG_ML_DSA OFF)
+  set(OQS_ENABLE_SIG_FALCON OFF)
+  set(OQS_ENABLE_SIG_DILITHIUM OFF)
+  set(OQS_ENABLE_SIG_SPHINCS OFF)
+  set(OQS_ENABLE_SIG_MAYO OFF)
+  set(OQS_ENABLE_SIG_CROSS OFF)
+  set(OQS_ENABLE_SIG_UOV OFF)
+  set(OQS_ENABLE_SIG_SNOVA OFF)
+  set(OQS_ENABLE_SIG_SLH_DSA OFF)
+
+  add_subdirectory(3rdparty/liboqs)
+  add_subdirectory(3rdparty/oqs-provider)
+
+  target_include_directories(oqsprovider PUBLIC ${CMAKE_CURRENT_BINARY_DIR}/3rdparty/liboqs/include)
+  set_property(TARGET oqsprovider PROPERTY POSITION_INDEPENDENT_CODE ON)
+  target_link_libraries(mayaqua PRIVATE oqsprovider)
+else()
+  add_definitions(-DSKIP_OQS_PROVIDER)
+endif()
+
 include(CheckSymbolExists)

 set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
@@ -93,11 +135,26 @@ if(UNIX)
      $<$<BOOL:${LIB_RT}>:${LIB_RT}>
  )

-  if (CMAKE_SYSTEM_PROCESSOR MATCHES "^(armv7l|aarch64|s390x)$" OR NOT HAVE_SYS_AUXV OR SKIP_CPU_FEATURES)
+  if (NOT HAVE_SYS_AUXV OR SKIP_CPU_FEATURES)
    add_definitions(-DSKIP_CPU_FEATURES)
+  elseif(${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD" AND NOT CMAKE_SYSTEM_PROCESSOR MATCHES "^(amd64|i386)")
+    message("cpu_features is not available on FreeBSD/${CMAKE_SYSTEM_PROCESSOR}")
+    add_definitions(-DSKIP_CPU_FEATURES)
+  elseif(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" AND NOT CMAKE_SYSTEM_NAME MATCHES "^(arm64|x86_64)")
+    # macOS runs only on Intel or ARM architecrues, should not reach here
+    add_definitions(-DSKIP_CPU_FEATURES)
+  elseif(${CMAKE_SYSTEM_NAME} STREQUAL "SunOS" OR ${CMAKE_SYSTEM_NAME} STREQUAL "OpenBSD")
+    message("cpu_features is not available on ${CMAKE_SYSTEM_NAME}")
+    add_definitions(-DSKIP_CPU_FEATURES)
+  elseif(USE_SYSTEM_CPU_FEATURES)
+    CHECK_INCLUDE_FILE(cpu_features_macros.h HAVE_CPU_FEATURES)
+    message("-- Using system's cpu_features")
+    target_link_libraries(mayaqua PRIVATE cpu_features)
  else()
+    message("-- Using bundled cpu_features")
+    set(BUILD_SHARED_LIBS OFF)
+    set(CMAKE_POSITION_INDEPENDENT_CODE ON)
    add_subdirectory(3rdparty/cpu_features)
-    set_property(TARGET cpu_features PROPERTY POSITION_INDEPENDENT_CODE ON)
    target_link_libraries(mayaqua PRIVATE cpu_features)
  endif()

@@ -20,7 +20,9 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
+#endif
 #include <openssl/bio.h>
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
@@ -40,6 +42,10 @@
 #include <openssl/x509v3.h>
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 #include <openssl/provider.h>
+// Static oqsprovider initialization function
+#ifndef SKIP_OQS_PROVIDER
+	extern OSSL_provider_init_fn oqs_provider_init;
+#endif
 #endif

 #ifdef _MSC_VER
@@ -88,6 +94,7 @@ int ssl_clientcert_index = 0;
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 static OSSL_PROVIDER *ossl_provider_legacy = NULL;
 static OSSL_PROVIDER *ossl_provider_default = NULL;
+static OSSL_PROVIDER *ossl_provider_oqsprovider = NULL;
 #endif

 LOCK **ssl_lock_obj = NULL;
@@ -344,6 +351,11 @@ MD *NewMdEx(char *name, bool hmac)
 #else
 		m->Ctx = EVP_MD_CTX_create();
 #endif
+		if (m->Ctx == NULL)
+		{
+			return NULL;
+		}
+
 		if (EVP_DigestInit_ex(m->Ctx, m->Md, NULL) == false)
 		{
 			Debug("NewMdEx(): EVP_DigestInit_ex() failed with error: %s\n", OpenSSL_Error());
@@ -3974,6 +3986,12 @@ void FreeCryptLibrary()
 		OSSL_PROVIDER_unload(ossl_provider_legacy);
 		ossl_provider_legacy = NULL;
 	}
+
+	if (ossl_provider_oqsprovider != NULL)
+	{
+		OSSL_PROVIDER_unload(ossl_provider_oqsprovider);
+		ossl_provider_oqsprovider = NULL;
+	}
 #endif
 }

@@ -3996,6 +4014,13 @@ void InitCryptLibrary()
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 	ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy");
 	ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default");
+
+	char *oqs_provider_name = "oqsprovider";
+	#ifndef SKIP_OQS_PROVIDER
+		// Registers "oqsprovider" as a provider -- necessary because oqsprovider is built in now.
+		OSSL_PROVIDER_add_builtin(NULL, oqs_provider_name, oqs_provider_init); 
+	#endif
+	ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, oqs_provider_name);
 #endif

 	ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);
@@ -4437,9 +4462,13 @@ bool IsAesNiSupported()

 	// Unfortunately OpenSSL doesn't provide a function to do it
 #ifdef _MSC_VER
+  #if defined(_M_X64) || defined(_M_IX86)
    int regs[4]; // EAX, EBX, ECX, EDX
    __cpuid(regs, 1);
    supported = (regs[2] >> 25) & 1;
+  #elif defined(_M_ARM64)
+	return IsProcessorFeaturePresent(PF_ARM_V8_CRYPTO_INSTRUCTIONS_AVAILABLE);
+  #endif
 #else // _MSC_VER
 	#if defined(CPU_FEATURES_ARCH_X86)
 		const X86Features features = GetX86Info().features;
@@ -4584,6 +4613,11 @@ DH_CTX *DhNew(char *prime, UINT g)
 	dh = ZeroMalloc(sizeof(DH_CTX));

 	dh->dh = DH_new();
+	if (dh->dh == NULL)
+	{
+		return NULL;
+	}
+	
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	dhp = BinToBigNum(buf->Buf, buf->Size);
 	dhg = BN_new();
@@ -4727,7 +4761,7 @@ static void MY_SHA0_Transform(MY_SHA0_CTX* ctx) {
 	UCHAR* p = ctx->buf;
 	int t;
 	for(t = 0; t < 16; ++t) {
-		UINT tmp =  *p++ << 24;
+		UINT tmp =  (UINT)*p++ << 24;
 		tmp |= *p++ << 16;
 		tmp |= *p++ << 8;
 		tmp |= *p++;
@@ -2124,6 +2124,24 @@ IO *FileOpenEx(char *name, bool write_mode, bool read_lock)

 	return ret;
 }
+
+// Replace the specified character in the string with a new character
+wchar_t *UniReplaceCharW(wchar_t *src, UINT size, wchar_t c, wchar_t  newc) {
+	if (src == NULL)
+	{
+		return NULL;
+	}
+	for (; *src; src++, size -= sizeof(wchar_t)) {
+		if (size < sizeof(wchar_t)) {
+			break;
+		}
+		if (*src == c) {
+			*src = newc;
+		}
+	}
+	return (wchar_t *)src;
+}
+
 IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 {
 	wchar_t tmp[MAX_SIZE];
@@ -2140,9 +2158,12 @@ IO *FileOpenExW(wchar_t *name, bool write_mode, bool read_lock)
 		IO *o = ZeroMalloc(sizeof(IO));
 		name++;
 		UniStrCpy(o->NameW, sizeof(o->NameW), name);
+#ifdef	OS_WIN32
+		UniReplaceCharW(o->NameW, sizeof(o->NameW), L'\\', L'/');		// Path separator "/" is used.
+#endif	// OS_WIN32
 		UniToStr(o->Name, sizeof(o->Name), o->NameW);
 		o->HamMode = true;
-		o->HamBuf = ReadHamcoreW(name);
+		o->HamBuf = ReadHamcoreW(o->NameW);
 		if (o->HamBuf == NULL)
 		{
 			Free(o);
@@ -1207,12 +1207,14 @@ PACK *HttpClientRecv(SOCK *s)
 	UINT size;
 	UCHAR *tmp;
 	HTTP_VALUE *v;
+	UINT num_noop = 0;
 	// Validate arguments
 	if (s == NULL)
 	{
 		return NULL;
 	}

+START:
 	h = RecvHttpHeader(s);
 	if (h == NULL)
 	{
@@ -1257,6 +1259,22 @@ PACK *HttpClientRecv(SOCK *s)
 	p = BufToPack(b);
 	FreeBuf(b);

+	// Client shouldn't receive a noop other than NOOP_IGNORE
+	// because it can't respond without a full new HTTP request
+	UINT noop = PackGetInt(p, "noop");
+	if (noop == NOOP_IGNORE) {
+		Debug("recv: noop ignore\n");
+		FreePack(p);
+
+		num_noop++;
+
+		if (num_noop > MAX_NOOP_PER_SESSION)
+		{
+			return NULL;
+		}
+
+		goto START;
+	}
 	return p;
 }

@@ -1365,13 +1383,14 @@ START:
 	FreeBuf(b);

 	// Determine whether it's a NOOP
-	if (PackGetInt(p, "noop") != 0)
+	UINT noop = PackGetInt(p, "noop");
+	if (noop == NOOP)
 	{
 		Debug("recv: noop\n");
 		FreePack(p);

 		p = PackError(0);
-		PackAddInt(p, "noop", 1);
+		PackAddInt(p, "noop", NOOP_IGNORE);
 		if (HttpServerSend(s, p) == false)
 		{
 			FreePack(p);
@@ -1387,6 +1406,11 @@ START:
 			return NULL;
 		}

+		goto START;
+	} else if (noop == NOOP_IGNORE) {
+		Debug("recv: noop ignore\n");
+		FreePack(p);
+
 		goto START;
 	}

@@ -63,7 +63,7 @@ static int ydays[] =
 	0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365
 };

-static UINT current_num_thread = 0;
+static COUNTER *current_num_thread = NULL;
 static UINT cached_number_of_cpus = 0;


@@ -776,6 +776,7 @@ void InitThreading()
 {
 	thread_pool = NewSk();
 	thread_count = NewCounter();
+	current_num_thread = NewCounter();
 }

 // Release of thread pool
@@ -821,6 +822,9 @@ void FreeThreading()

 	DeleteCounter(thread_count);
 	thread_count = NULL;
+
+	DeleteCounter(current_num_thread);
+	current_num_thread = NULL;
 }

 // Thread pool procedure
@@ -1028,9 +1032,9 @@ THREAD *NewThreadNamed(THREAD_PROC *thread_proc, void *param, char *name)

 	Wait(pd->InitFinishEvent, INFINITE);

-	current_num_thread++;
+	Inc(current_num_thread);

-//	Debug("current_num_thread = %u\n", current_num_thread);
+//	Debug("current_num_thread = %u\n", Count(current_num_thread));

 	return ret;
 }
@@ -1055,8 +1059,8 @@ void CleanupThread(THREAD *t)

 	Free(t);

-	current_num_thread--;
-	//Debug("current_num_thread = %u\n", current_num_thread);
+	Dec(current_num_thread);
+	//Debug("current_num_thread = %u\n", Count(current_num_thread));
 }

 // Release thread (pool)
@@ -72,11 +72,26 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)

 // Compiler dependent
 #ifndef	OS_WIN32
-// Gcc compiler
+// GCC or Clang compiler
 #define	GCC_PACKED		__attribute__ ((__packed__))
+// Clang compiler
+#if defined(__has_feature)
+#if __has_feature(thread_sanitizer)
+#define ATTRIBUTE_NO_TSAN			__attribute__((no_sanitize("thread")))
+#endif	// __has_feature(thread_sanitizer)
+#endif	// __has_feature
+// GCC compiler
+#if defined(__SANITIZE_THREAD__) && !defined(ATTRIBUTE_NO_TSAN)
+#define ATTRIBUTE_NO_TSAN			__attribute__((no_sanitize("thread")))
+#endif	// __SANITIZE_THREAD__
+// Other or older Clang/GCC compiler
+#ifndef ATTRIBUTE_NO_TSAN
+#define ATTRIBUTE_NO_TSAN
+#endif	// ATTRIBUTE_NO_TSAN
 #else	// OS_WIN32
 // VC++ compiler
 #define	GCC_PACKED
+#define ATTRIBUTE_NO_TSAN
 #endif	// OS_WIN32

 // Macro that displays the current file name and line number
@@ -2568,6 +2568,7 @@ MS_ADAPTER_LIST *MsCreateAdapterListInnerExVista(bool no_info)
 				UniStrCpy(a->TitleW, sizeof(a->TitleW), title);
 				UniToStr(a->Title, sizeof(a->Title), title);
 				a->Index = r->InterfaceIndex;
+				a->MediaConnectState = r->MediaConnectState;
 				a->Type = r->Type;
 				a->Status = ConvertMidStatusVistaToXp(r->OperStatus);
 				a->Mtu = r->Mtu;
@@ -4258,7 +4259,7 @@ UINT MsService(char *name, SERVICE_FUNCTION *start, SERVICE_FUNCTION *stop, UINT

 		if ((mode == SVC_MODE_INSTALL || mode == SVC_MODE_UNINSTALL || mode == SVC_MODE_START ||
 			mode == SVC_MODE_STOP || mode == SVC_MODE_SERVICE) &&
-			(ms->IsNt == false))
+			(IsNt() == false))
 		{
 			// Tried to use the command for the NT in non-WindowsNT system
 			MsgBox(NULL, MB_ICONSTOP, _UU("SVC_NT_ONLY"));
@@ -170,7 +170,6 @@ typedef struct MS
 {
 	HINSTANCE hInst;
 	HINSTANCE hKernel32;
-	bool IsNt;
 	bool IsAdmin;
 	HANDLE hCurrentProcess;
 	UINT CurrentProcessId;
@@ -281,6 +280,7 @@ typedef struct MS_ADAPTER
 	char Title[MAX_PATH];			// Display name
 	wchar_t TitleW[MAX_PATH];		// Display Name (Unicode)
 	UINT Index;						// Index
+	UINT MediaConnectState;			// Media Connect State
 	UINT Type;						// Type
 	UINT Status;					// Status
 	UINT Mtu;						// MTU
@@ -540,6 +540,13 @@ LIST *Win32GetNicList()

 		if (a->Type == 6 && a->AddressSize == 6)
 		{
+			// If the connection state of the interface is unknown, then exclude it.
+			// Unknown means that the device is not plugged into the local host.
+			if (a->MediaConnectState == MediaConnectStateUnknown)
+			{
+				continue;
+			}
+
 			NIC_ENTRY *e = ZeroMalloc(sizeof(NIC_ENTRY));

 			StrCpy(e->IfName, sizeof(e->IfName), a->Title);
@@ -11853,6 +11860,12 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
 #endif

 		sock->ssl = SSL_new(ssl_ctx);
+
+		if (sock->ssl == NULL)
+		{
+			return false;
+		}
+
 		SSL_set_fd(sock->ssl, (int)sock->socket);

 #ifdef	SSL_CTRL_SET_TLSEXT_HOSTNAME
@@ -11898,6 +11911,10 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
 		Unlock(openssl_lock);
 	}

+	#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+		SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST);
+	#endif
+	
 	if (sock->ServerMode)
 	{
 //		Lock(ssl_connect_lock);
@@ -12278,9 +12295,15 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 				Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 				return 0;
 			}
+			ERR_clear_error();
 			ret = SSL_peek(ssl, &c, sizeof(c));
 		}
 		Unlock(sock->ssl_lock);
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+		// 2021/09/10: After OpenSSL 3.x.x, both 0 and negative values might mean retryable.
+		// See: https://github.com/openssl/openssl/blob/435981cbadad2c58c35bacd30ca5d8b4c9bea72f/doc/man3/SSL_read.pod
+		// > Old documentation indicated a difference between 0 and -1, and that -1 was retryable.
+		// > You should instead call SSL_get_error() to find out if it's retryable.
 		if (ret == 0)
 		{
 			// The communication have been disconnected
@@ -12288,7 +12311,8 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 			Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 			return 0;
 		}
-		if (ret < 0)
+#endif
+		if (ret <= 0)
 		{
 			// An error has occurred
 			e = SSL_get_error(ssl, ret);
@@ -12303,7 +12327,11 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 #endif
 					)
 				{
-					Debug("%s %u SSL Fatal Error on ASYNC socket !!!\n", __FILE__, __LINE__);
+					UINT ssl_err_no;
+					while (ssl_err_no = ERR_get_error()){
+						Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
+					};
+
 					Disconnect(sock);
 					return 0;
 				}
@@ -12330,14 +12358,15 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		}
 #endif	// OS_UNIX

-// Run the time-out thread for SOLARIS
+		// Run the time-out thread for SOLARIS
 #ifdef UNIX_SOLARIS
 		ttparam = NewSocketTimeout(sock);
 #endif // UNIX_SOLARIS

+		ERR_clear_error();
 		ret = SSL_read(ssl, data, size);

-// Stop the timeout thread
+		// Stop the timeout thread
 #ifdef UNIX_SOLARIS
 		FreeSocketTimeout(ttparam);
 #endif // UNIX_SOLARIS
@@ -12350,7 +12379,11 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		}
 #endif	// OS_UNIX

-		if (ret < 0)
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+		if (ret < 0) // OpenSSL version < 3.0.0
+#else
+		if (ret <= 0) // OpenSSL version >= 3.0.0
+#endif
 		{
 			e = SSL_get_error(ssl, ret);
 		}
@@ -12373,6 +12406,12 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)

 		return (UINT)ret;
 	}
+
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+	// 2021/09/10: After OpenSSL 3.x.x, both 0 and negative values might mean retryable.
+	// See: https://github.com/openssl/openssl/blob/435981cbadad2c58c35bacd30ca5d8b4c9bea72f/doc/man3/SSL_read.pod
+	// > Old documentation indicated a difference between 0 and -1, and that -1 was retryable.
+	// > You should instead call SSL_get_error() to find out if it's retryable.
 	if (ret == 0)
 	{
 		// Disconnect the communication
@@ -12380,6 +12419,8 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 		//Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 		return 0;
 	}
+#endif
+
 	if (sock->AsyncMode)
 	{
 		if (e == SSL_ERROR_WANT_READ || e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_SSL)
@@ -12393,7 +12434,11 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 #endif
 				)
 			{
-				Debug("%s %u SSL Fatal Error on ASYNC socket !!!\n", __FILE__, __LINE__);
+				UINT ssl_err_no;
+				while (ssl_err_no = ERR_get_error()) {
+					Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
+				};
+
 				Disconnect(sock);
 				return 0;
 			}
@@ -12402,8 +12447,8 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size)
 			return SOCK_LATER;
 		}
 	}
+	Debug("%s %u e=%u SecureRecv() Disconnect\n", __FILE__, __LINE__, e);
 	Disconnect(sock);
-	Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__);
 	return 0;
 }

@@ -12430,8 +12475,13 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 			return 0;
 		}

+		ERR_clear_error();
 		ret = SSL_write(ssl, data, size);
-		if (ret < 0)
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+		if (ret < 0) // OpenSSL version < 3.0.0
+#else
+		if (ret <= 0) // OpenSSL version >= 3.0.0
+#endif
 		{
 			e = SSL_get_error(ssl, ret);
 		}
@@ -12453,6 +12503,8 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 		sock->WriteBlocked = false;
 		return (UINT)ret;
 	}
+
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
 	if (ret == 0)
 	{
 		// Disconnect
@@ -12460,18 +12512,29 @@ UINT SecureSend(SOCK *sock, void *data, UINT size)
 		Disconnect(sock);
 		return 0;
 	}
+#endif

 	if (sock->AsyncMode)
 	{
 		// Confirmation of the error value
 		if (e == SSL_ERROR_WANT_READ || e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_SSL)
 		{
+			if (e == SSL_ERROR_SSL)
+			{
+				UINT ssl_err_no;
+				while (ssl_err_no = ERR_get_error()) {
+					Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL));
+				};
+
+				Disconnect(sock);
+				return 0;
+			}
+
 			sock->WriteBlocked = true;
 			return SOCK_LATER;
 		}
-		Debug("%s %u e=%u\n", __FILE__, __LINE__, e);
 	}
-	//Debug("%s %u SecureSend() Disconnect\n", __FILE__, __LINE__);
+	Debug("%s %u e=%u SecureSend() Disconnect\n", __FILE__, __LINE__, e);
 	Disconnect(sock);
 	return 0;
 }
@@ -16193,6 +16256,12 @@ UINT GetOSSecurityLevel()
 	UINT security_level_new = 0, security_level_set_ssl_version = 0;
 	struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());

+	if (ctx == NULL)
+	{
+		return security_level_new;
+	}
+
+
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	security_level_new = SSL_CTX_get_security_level(ctx);
 #endif
@@ -59,6 +59,10 @@ struct DYN_VALUE

 #define	DEFAULT_CIPHER_LIST			"ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES"

+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#define PQ_GROUP_LIST				"X25519MLKEM768:p521_kyber1024:x25519_kyber768:P-521:X25519:P-256"
+#endif
+
 // SSL logging function
 //#define	ENABLE_SSL_LOGGING
 #define	SSL_LOGGING_DIRNAME			"@ssl_log"
@@ -877,8 +881,6 @@ struct SSL_VERIFY_OPTION
 	X *SavedCert;					// Saved server certificate
 };

-#define	SSL_DEFAULT_CONNECT_TIMEOUT		(15 * 1000)		// SSL default timeout
-
 // Header for TCP Pair
 struct TCP_PAIR_HEADER
 {
@@ -38,6 +38,8 @@

 // The number of allowable NOOP
 #define	MAX_NOOP_PER_SESSION	30
+#define NOOP 1
+#define NOOP_IGNORE 2 // A noop, but don't send a response noop

 // VALUE object
 struct VALUE
@@ -470,6 +470,7 @@ LIST *LoadLangList()
 	b = ReadDump(filename);
 	if (b == NULL)
 	{
+		FreeLangList(o);
 		return NULL;
 	}

--- a/Show More
+++ b/Show More