Merge pull request #2255 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/multi-0d13b2d87f

Bump serialize-javascript and terser-webpack-plugin in /src/bin/hamcore/wwwroot/admin/default
Bump serialize-javascript and terser-webpack-plugin
2026-05-02 11:49:33 +03:00 · 2026-03-29 14:05:48 +02:00 · 2026-03-29 12:00:59 +00:00 · 2026-03-27 12:52:18 +01:00 · 2026-03-27 11:43:39 +00:00 · 2026-03-26 09:48:38 +01:00
48 changed files with 10763 additions and 974 deletions
@@ -4,6 +4,7 @@ name: Coverity
 on:
  schedule:
  - cron: "0 0 * * *"
+  workflow_dispatch:

 permissions:
  contents: read
@@ -11,7 +12,7 @@ permissions:
 jobs:
  scan:
    runs-on: ubuntu-latest
-    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    if: ${{ github.repository_owner == 'SoftEtherVPN' || github.event_name == 'workflow_dispatch' }}
    steps:
    - uses: actions/checkout@v2
      with:
@@ -7,7 +7,7 @@ jobs:
  build_and_test:
    strategy:
      matrix:
-        os: [macos-15, macos-14, macos-13]
+        os: [macos-26, macos-15, macos-14]
    name: ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    steps:
@@ -0,0 +1,80 @@
+name: Sanitizer
+
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  run_sanitizer:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        sanitizer:
+          - "address,leak,undefined"
+          - "thread,undefined"
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Install dependencies
+        run: |
+          sudo apt update
+          sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev liblz4-dev libnl-genl-3-dev 
+
+      - name: Build
+        run: |
+          mkdir build
+          cd build
+          cmake -G "Ninja" -DCMAKE_BUILD_TYPE=Debug -DCMAKE_C_FLAGS="-O1 -fsanitize=${{ matrix.sanitizer }} -fno-omit-frame-pointer" ..
+          cmake --build .
+
+      - name: Test
+        env:
+          ASAN_OPTIONS: halt_on_error=0:exitcode=0
+          TSAN_OPTIONS: halt_on_error=0:exitcode=0:suppressions=./tsan_suppressions.txt
+          UBSAN_OPTIONS: halt_on_error=0:exitcode=0
+          LSAN_OPTIONS: exitcode=0
+        run: |
+          .ci/vpntools-check.sh 2> sanitizer.log
+
+      - name: Make job summary
+        run: |
+          echo "### Sanitizer Report (${{ matrix.sanitizer }})" >> $GITHUB_STEP_SUMMARY
+
+          REPORTS=$(grep -E "SUMMARY:|runtime error:" sanitizer.log | sort | uniq)
+          REPORT_COUNT=$(echo "$REPORTS" | grep -c . || true)
+          echo "Found $REPORT_COUNT issues" >> $GITHUB_STEP_SUMMARY
+
+          echo "<details><summary>View Summary</summary>" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "$REPORTS" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "</details>" >> $GITHUB_STEP_SUMMARY
+
+          if [ "$REPORT_COUNT" -ne 0 ]; then
+            echo "HAS_ISSUES=true" >> $GITHUB_ENV
+            echo "REPORT_COUNT=$REPORT_COUNT" >> $GITHUB_ENV
+          fi
+
+      - name: Upload full sanitizer log
+        if: env.HAS_ISSUES == 'true'
+        uses: actions/upload-artifact@v4
+        with:
+          name: sanitizer-logs-${{ matrix.sanitizer }}
+          path: |
+            sanitizer.log
+          retention-days: 30
+
+      - name: Fail on sanitizer issues
+        if: env.HAS_ISSUES == 'true'
+        run: |
+          echo "Found ${{ env.REPORT_COUNT }} issues."
+          echo "Please check the Job Summary page for a quick overview."
+          echo "Full logs are available in the GitHub Artifacts."
+          exit 1
@@ -8,10 +8,11 @@ jobs:
    strategy:
      matrix:
        platform: [
-          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"},
-          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
+          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: arm64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/ARM64/bin/clang-cl.exe", VCPKG_TRIPLET: "arm64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvarsarm64.bat", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
        ]
-    runs-on: windows-latest
+    runs-on: ${{ matrix.platform.RUNNER }}
    name: ${{ matrix.platform.ARCHITECTURE }}
    steps:
    - uses: actions/checkout@v4
@@ -33,12 +34,13 @@ jobs:
        COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
        VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
        VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
+        CMAKE_EXTRA_FLAGS: ${{ matrix.platform.CMAKE_EXTRA_FLAGS }}
      run: |
        set BUILD_NUMBER=0
        mkdir build
        cd build
        call "%VCVARS_PATH%"
-        cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% ..
+        cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% %CMAKE_EXTRA_FLAGS% ..
        cmake --build .
        mkdir installers
        vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
@@ -26,13 +26,14 @@ jobs:
        uses: softprops/action-gh-release@v1
  build-windows:
    name: ${{ matrix.platform.ARCHITECTURE }}
-    runs-on: windows-latest
+    runs-on: ${{ matrix.platform.RUNNER }}
    needs: ["release"]
    strategy:
      matrix:
        platform: [
-          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat"},
-          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat"}
+          { ARCHITECTURE: x86, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/bin/clang-cl.exe",     VCPKG_TRIPLET: "x86-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars32.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: x64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe", VCPKG_TRIPLET: "x64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvars64.bat", RUNNER: "windows-latest", CMAKE_EXTRA_FLAGS: ""},
+          { ARCHITECTURE: arm64, COMPILER_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/Llvm/ARM64/bin/clang-cl.exe", VCPKG_TRIPLET: "arm64-windows-static", VCVARS_PATH: "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/Build/vcvarsarm64.bat", RUNNER: "windows-11-arm", CMAKE_EXTRA_FLAGS: "-DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON"}
        ]
    steps:
      - name: "Checkout repository"
@@ -57,11 +58,12 @@ jobs:
          COMPILER_PATH: ${{ matrix.platform.COMPILER_PATH }}
          VCPKG_TRIPLET: ${{ matrix.platform.VCPKG_TRIPLET }}
          VCVARS_PATH: ${{ matrix.platform.VCVARS_PATH }}
+          CMAKE_EXTRA_FLAGS: ${{ matrix.platform.CMAKE_EXTRA_FLAGS }}
        run: |
          mkdir build
          cd build
          call "%VCVARS_PATH%"
-          cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% ..
+          cmake -G "Ninja" -DCMAKE_TOOLCHAIN_FILE="C:\vcpkg\scripts\buildsystems\vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=%VCPKG_TRIPLET% -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_C_COMPILER="%COMPILER_PATH%" -DCMAKE_CXX_COMPILER="%COMPILER_PATH%" -DBUILD_NUMBER=%BUILD_NUMBER% %CMAKE_EXTRA_FLAGS% ..
          cmake --build .
          mkdir installers
          vpnsetup /SFXMODE:vpnclient /SFXOUT:"installers\softether-vpnclient-%VERSION%.%BUILD_NUMBER%.%ARCHITECTURE%.exe"
@@ -136,6 +136,78 @@
          "type": "STRING"
        }
      ]
+    },
+    {
+      "name": "arm64-on-x64",
+      "description": "Cross compile Windows ARM64 on x64",
+      "generator": "Ninja",
+      "configurationType": "RelWithDebInfo",
+      "inheritEnvironments": ["msvc_arm64_x64"],
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "variables": [
+        {
+          "name": "BUILD_NUMBER",
+          "value": "${env.BuildNumber}",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_NAME",
+          "value": "Windows",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_PROCESSOR",
+          "value": "arm64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_C_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_C_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_EXE_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "VCPKG_TARGET_TRIPLET",
+          "value": "arm64-windows-static",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_STATIC_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SHARED_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "IS_CROSS_COMPILATION",
+          "value": "arm64-on-x64",
+          "type": "STRING"
+
+        }
+      ]
    }
  ]
 }
@@ -293,6 +293,8 @@ We hope that you can reach one of the above URLs at least!
 Your contribution to SoftEther VPN Project is much appreciated.
 Please send patches to us through GitHub.

+Here you find how to submit new translation: [TRANSLATION_GUIDE.md](TRANSLATION_GUIDE.md)
+

 # DEAR SECURITY EXPERTS

@@ -87,6 +87,10 @@ into it. So that is what will be described below.
   - x86-on-x64

     Cross compile x86 executables with 64-bit compiler
+    
+    - arm64-on-x64
+
+     Cross compile arm64 executables with x64t compiler

   On 64-bit Windows, all four configurations can be used. 32-bit platforms can only use 32-bit compiler.

@@ -0,0 +1,52 @@
+# How to build and install SoftEther VPN on Windows ARM64
+
+This document describes how to build SoftEther VPN for Windows ARM64 and how to install the VPN Client and Neo6 virtual network adapter on Windows on ARM devices.
+
+
+## Requirements
+
+
+- Build host: Windows x64
+
+- Target device: Windows 10 / Windows 11 ARM64
+
+
+## Building 
+ 
+    **Notes before building**: ARM64 builds are cross-compiled from an x64 Windows host. An existing x64-native build is required to generate hamcore.se2.
+1. Follow [BUILD_WINDOWS.md](BUILD_WINDOWS.md##Building)
+
+1. Build x64 (Native): From the build menu, select x64-on-x64. Complete the build successfully. This build is required to generate shared resources
+
+1. Build ARM64 (Cross-Compiled): From the same build menu, select arm64-on-x64. 
+Build the ARM64 version of SoftEther VPN.
+
+1. Building the Neo6 Virtual Network Adapter (ARM64)
+
+    Open the following project in Visual Studio:
+    ```
+    .\src\Neo6\Neo6.vcxproj 
+    ```
+   
+    SoftEther VPN Client uses the Neo6 virtual network adapter.
+
+
+    Driver Output Files
+    The ARM64 driver package includes:
+    ```
+    Neo6_arm64_VPN.sys
+    Neo6_arm64_VPN.inf
+    ```
+    Driver Signing and Installation (Windows ARM64)
+    ```
+    Enable test-signing mode: bcdedit /set testsigning on
+    Reboot the system.
+    Testing signing:
+    Install the Neo6 ARM64 driver.
+    ```
+# Summary
+
+SoftEther VPN can be cross-compiled for Windows ARM64 on an x64 host
+VPN Client works natively on Windows on ARM
+Neo6 ARM64 driver requires Microsoft signing for production use
+Test-signing is suitable for local development only
@@ -1,4 +1,4 @@
-if(UNIX)
+if(UNIX)
  # Creates wrapper scripts and installs them in the user's binaries directory, which is usually "/usr/local/bin".
  # This is required because symlinks use the folder they are in as working directory.
  #
@@ -59,6 +59,12 @@ add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_S
 include_directories(.)

 if(WIN32)
+  if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    set(CMAKE_SYSTEM_PROCESSOR "arm64")
+  else()
+    message("Setting QSPECTRE")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
+  endif()
  add_definitions(-DWIN32 -D_WINDOWS -DOS_WIN32 -D_CRT_SECURE_NO_WARNINGS)

  #
@@ -69,9 +75,6 @@ if(WIN32)
  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /guard:cf")
  set(CMAKE_EXE_LINKER_FLAGS  "${CMAKE_EXE_LINKER_FLAGS} /guard:cf /DYNAMICBASE")

-  message("Setting QSPECTRE")
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
-
  message("Setting CETCOMPAT")
  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} /CETCOMPAT")

@@ -164,15 +167,45 @@ add_custom_target(hamcore-archive-build
  ALL
  DEPENDS "${BUILD_DIRECTORY}/hamcore.se2"
 )
+if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    file(TO_CMAKE_PATH "${TOP_DIRECTORY}" TOP_DIRECTORY_NORM)
+    set(X64_HAMCORE_BUILDER
+      "${TOP_DIRECTORY_NORM}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"
+    )
+    if(EXISTS "${X64_HAMCORE_BUILDER}")
+      message(STATUS "file exist (from TOP_DIRECTORY)")
+    endif()

-add_custom_command(
-  COMMENT "Building hamcore.se2 archive file..."
-  COMMAND hamcorebuilder "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
-  DEPENDS hamcorebuilder "${TOP_DIRECTORY}/src/bin/hamcore/"
-  OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
-  WORKING_DIRECTORY "${BUILD_DIRECTORY}"
-  VERBATIM
-)
+  # support cross compile, when you compile ARM64 version on X64 Platform
+  if(EXISTS "${X64_HAMCORE_BUILDER}")
+    message("X64_HAMCORE_BUILDER found: ${X64_HAMCORE_BUILDER}")
+  elseif(EXISTS("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"))
+    set(X64_HAMCORE_BUILDER "${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+  else()
+	message("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+    message(FATAL_ERROR "X64_HAMCORE_BUILDER not found: ${X64_HAMCORE_BUILDER}, pls build x64-native version first")
+  endif()
+  message(STATUS "X64_HAMCORE_BUILDER = ${X64_HAMCORE_BUILDER}")
+
+  add_custom_command(
+    COMMENT "Building hamcore.se2 archive file..."
+    COMMAND ${X64_HAMCORE_BUILDER} "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
+    DEPENDS ${X64_HAMCORE_BUILDER} "${TOP_DIRECTORY}/src/bin/hamcore/"
+    OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
+    WORKING_DIRECTORY "${BUILD_DIRECTORY}"
+    VERBATIM
+  )
+
+else()
+  add_custom_command(
+      COMMENT "Building hamcore.se2 archive file..."
+      COMMAND hamcorebuilder "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
+      DEPENDS hamcorebuilder "${TOP_DIRECTORY}/src/bin/hamcore/"
+      OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
+      WORKING_DIRECTORY "${BUILD_DIRECTORY}"
+      VERBATIM
+  )
+endif()

 if(WIN32)
  # PenCore
@@ -8739,7 +8739,7 @@ UINT StSetHubRadius(ADMIN *a, RPC_RADIUS *t)
 	}

 	//SetRadiusServer(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret);
-	SetRadiusServerEx(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret, t->RadiusRetryInterval);
+	SetRadiusServerEx2(h, t->RadiusServerName, t->RadiusPort, t->RadiusSecret, t->RadiusRetryInterval, t->RadiusRetryTimeout);

 	ALog(a, h, "LA_SET_HUB_RADIUS");

@@ -8778,8 +8778,8 @@ UINT StGetHubRadius(ADMIN *a, RPC_RADIUS *t)
 	Zero(t, sizeof(RPC_RADIUS));
 	//GetRadiusServer(h, t->RadiusServerName, sizeof(t->RadiusServerName),
 	//	&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret));
-	GetRadiusServerEx(h, t->RadiusServerName, sizeof(t->RadiusServerName),
-		&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret), &t->RadiusRetryInterval);
+	GetRadiusServerEx2(h, t->RadiusServerName, sizeof(t->RadiusServerName),
+		&t->RadiusPort, t->RadiusSecret, sizeof(t->RadiusSecret), &t->RadiusRetryInterval, &t->RadiusRetryTimeout);

 	ReleaseHub(h);

@@ -13031,6 +13031,7 @@ void InRpcRadius(RPC_RADIUS *t, PACK *p)
 	PackGetStr(p, "HubName", t->HubName, sizeof(t->HubName));
 	PackGetStr(p, "RadiusSecret", t->RadiusSecret, sizeof(t->RadiusSecret));
 	t->RadiusRetryInterval = PackGetInt(p, "RadiusRetryInterval");
+	t->RadiusRetryTimeout = PackGetInt(p, "RadiusRetryTimeout");
 }
 void OutRpcRadius(PACK *p, RPC_RADIUS *t)
 {
@@ -13045,6 +13046,7 @@ void OutRpcRadius(PACK *p, RPC_RADIUS *t)
 	PackAddStr(p, "HubName", t->HubName);
 	PackAddStr(p, "RadiusSecret", t->RadiusSecret);
 	PackAddInt(p, "RadiusRetryInterval", t->RadiusRetryInterval);
+	PackAddInt(p, "RadiusRetryTimeout", t->RadiusRetryTimeout);
 }

 // RPC_HUB
@@ -259,6 +259,7 @@ struct RPC_RADIUS
 	UINT RadiusPort;					// Radius port number
 	char RadiusSecret[MAX_PASSWORD_LEN + 1];	// Secret key
 	UINT RadiusRetryInterval;			// Radius retry interval
+	UINT RadiusRetryTimeout;			// Radius retry timeout
 };

 // Specify the HUB
@@ -12,6 +12,15 @@ else()
  add_library(cedar SHARED ${SOURCES_CEDAR} ${SOURCES_CEDAR_CPP} ${HEADERS_CEDAR})
 endif()

+if(MSVC)
+  target_compile_options(cedar PRIVATE /EHsc)
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+  if(CMAKE_CXX_COMPILER_FRONTEND_VARIANT STREQUAL "MSVC")
+    target_compile_options(cedar PRIVATE /EHsc)
+  else()
+    target_compile_options(cedar PRIVATE -fexceptions)
+  endif()
+endif()
 set_target_properties(cedar
  PROPERTIES
  ARCHIVE_OUTPUT_DIRECTORY "${BUILD_DIRECTORY}"
@@ -22,19 +31,22 @@ set_target_properties(cedar
 target_link_libraries(cedar PUBLIC mayaqua)

 cmake_host_system_information(RESULT HAS_SSE2 QUERY HAS_SSE2)
-
-set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
-set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
-
+if(CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64|arm64v8|ARM64")
+  message(STATUS "Target architecture is ARM64")
+  set(BLAKE2_SRC_PATH "${TOP_DIRECTORY}/3rdparty/BLAKE2/neon")
+  set(BLAKE2_SRC "${BLAKE2_SRC_PATH}/blake2s-neon.c")
+else()
+  set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
+  set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
+  if(HAS_SSE2)
+    # If SSE2 is enabled, a build failure occurs with MSVC because it doesn't define "__SSE2__".
+    # The fix consists in defining "HAVE_SSE2" manually, effectively overriding the check.
+    set_property(SOURCE ${BLAKE2_SRC} PROPERTY COMPILE_DEFINITIONS "HAVE_SSE2")
+  endif()
+endif()
 target_include_directories(cedar PUBLIC ${BLAKE2_SRC_PATH})
 target_sources(cedar PRIVATE ${BLAKE2_SRC})

-if(HAS_SSE2)
-  # If SSE2 is enabled, a build failure occurs with MSVC because it doesn't define "__SSE2__".
-  # The fix consists in defining "HAVE_SSE2" manually, effectively overriding the check.
-  set_property(SOURCE ${BLAKE2_SRC} PROPERTY COMPILE_DEFINITIONS "HAVE_SSE2")
-endif()
-
 if(VCPKG_TARGET_TRIPLET)
  find_package(unofficial-sodium CONFIG REQUIRED)
  target_link_libraries(cedar PUBLIC unofficial-sodium::sodium)
@@ -99,6 +99,8 @@ void CheckNetworkAcceptThread(THREAD *thread, void *param)

 	Disconnect(s);
 	ReleaseSock(s);
+
+	Free(c);
 }


@@ -155,15 +157,15 @@ void CheckNetworkListenThread(THREAD *thread, void *param)
 		}
 		else
 		{
-			CHECK_NETWORK_2 c;
+			CHECK_NETWORK_2 *c;
 			THREAD *t;

-			Zero(&c, sizeof(c));
-			c.s = new_sock;
-			c.k = pri;
-			c.x = x;
+			c = ZeroMalloc(sizeof(CHECK_NETWORK_2));
+			c->s = new_sock;
+			c->k = pri;
+			c->x = x;

-			t = NewThread(CheckNetworkAcceptThread, &c);
+			t = NewThread(CheckNetworkAcceptThread, c);
 			Insert(o, t);
 		}
 	}
@@ -11789,6 +11791,9 @@ UINT PsRadiusServerSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		{"[server_name:port]", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_Host"), CmdEvalNotEmpty, NULL},
 		{"SECRET", CmdPromptChoosePassword, _UU("CMD_RadiusServerSet_Prompt_Secret"), NULL, NULL},
 		{"RETRY_INTERVAL", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_RetryInterval"), CmdEvalMinMax, &minmax},
+		
+		// Support for setting timeout through commandline not added
+		// {"RETRY_TIMEOUT", CmdPrompt, _UU("CMD_RadiusServerSet_Prompt_RetryTimeout"), CmdEvalMinMax, &minmax},
 	};

 	// If virtual HUB is not selected, it's an error
@@ -11813,6 +11818,7 @@ UINT PsRadiusServerSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		StrCpy(t.RadiusServerName, sizeof(t.RadiusServerName), host);
 		StrCpy(t.RadiusSecret, sizeof(t.RadiusSecret), GetParamStr(o, "SECRET"));
 		t.RadiusRetryInterval = GetParamInt(o, "RETRY_INTERVAL");
+		// t.RadiusRetryTimeout = GetParamInt(o, "RETRY_TIMEOUT");

 		Free(host);

@@ -11936,6 +11942,9 @@ UINT PsRadiusServerGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)

 			UniToStri(tmp, t.RadiusRetryInterval);
 			CtInsert(ct, _UU("CMD_RadiusServerGet_RetryInterval"), tmp);
+
+			UniToStri(tmp, t.RadiusRetryTimeout);
+			CtInsert(ct, _UU("CMD_RadiusServerGet_RetryTimeout"), tmp);
 		}

 		CtFree(ct, c);
@@ -1938,6 +1938,7 @@ bool PasswordPrompt(char *password, UINT size)
 		c = _getch();
 #else	// OS_WIN32
 		c = getc(stdin);
+PROCESS_CH:
 #endif	// OS_WIN32

 		if (c >= 0x20 && c <= 0x7E)
@@ -1952,6 +1953,7 @@ bool PasswordPrompt(char *password, UINT size)
 		else if (c == 0x03)
 		{
 			// Break
+			RestoreConsole(console);
 			exit(0);
 		}
 		else if (c == 0x04 || c == 0x1a || c == 0x0D || c==0x0A)
@@ -1977,7 +1979,47 @@ bool PasswordPrompt(char *password, UINT size)
 				goto BACKSPACE;
 			}
 		}
-		else if (c == 0x08)
+#ifdef OS_UNIX	// OS_UNIX
+		else if (c == 0x1B)
+		{
+			c = getc(stdin);
+			if (c != 0x5B && c != 0x4F)
+			{
+				// ESC key
+				goto PROCESS_CH;
+			}
+
+			c = getc(stdin);
+			if (c == 0x44)
+			{
+				// Left arrow key
+				goto BACKSPACE;
+			}
+			else if (c == 0x33)
+			{
+				c = getc(stdin);
+				if (c == 0x7E)
+				{
+					// Delete key
+					goto BACKSPACE;
+				}
+			}
+
+			// Drain remaining sequence bytes (most are <= 6)
+			for (int i = 0; i < 6; i++)
+			{
+				if (c >= 0x40 && c <= 0x7E)
+				{
+					// End of sequence
+					break;
+				}
+				c = getc(stdin);
+			}
+
+			continue;
+		}
+#endif	// OS_UNIX
+		else if (c == 0x08 || c == 0x7F)
 		{
 BACKSPACE:
 			// Backspace
@@ -99,6 +99,7 @@ EAP_CLIENT *HubNewEapClient(CEDAR *cedar, char *hubname, char *client_ip_str, ch
 	char radius_servers[MAX_PATH] = {0};
 	UINT radius_port = 0;
 	UINT radius_retry_interval = 0;
+	UINT radius_retry_timeout = 0;
 	char radius_secret[MAX_PATH] = {0};
 	char radius_suffix_filter[MAX_PATH] = {0};
 	if (cedar == NULL || hubname == NULL || client_ip_str == NULL || username == NULL)
@@ -115,8 +116,8 @@ EAP_CLIENT *HubNewEapClient(CEDAR *cedar, char *hubname, char *client_ip_str, ch

 	if (hub != NULL)
 	{
-		if (GetRadiusServerEx2(hub, radius_servers, sizeof(radius_servers), &radius_port, radius_secret,
-			sizeof(radius_secret), &radius_retry_interval, radius_suffix_filter, sizeof(radius_suffix_filter)))
+		if (GetRadiusServerEx3(hub, radius_servers, sizeof(radius_servers), &radius_port, radius_secret,
+			sizeof(radius_secret), &radius_retry_interval, &radius_retry_timeout, radius_suffix_filter, sizeof(radius_suffix_filter)))
 		{
 			bool use_peap = hub->RadiusUsePeapInsteadOfEap;

@@ -6415,17 +6416,23 @@ void ReleaseHub(HUB *h)
 bool GetRadiusServer(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size)
 {
 	UINT interval;
+	
 	return GetRadiusServerEx(hub, name, size, port, secret, secret_size, &interval);
 }
-bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval)
-{
-	return GetRadiusServerEx2(hub, name, size, port, secret, secret_size, interval, NULL, 0);
+bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval) {
+	UINT timeout;
+
+	return GetRadiusServerEx2(hub, name, size, port, secret, secret_size, interval, &timeout);
 }
-bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, char *suffix_filter, UINT suffix_filter_size)
+bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout)
+{
+	return GetRadiusServerEx3(hub, name, size, port, secret, secret_size, interval, timeout, NULL, 0);
+}
+bool GetRadiusServerEx3(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout, char *suffix_filter, UINT suffix_filter_size)
 {
 	bool ret = false;
 	// Validate arguments
-	if (hub == NULL || name == NULL || port == NULL || secret == NULL || interval == NULL)
+	if (hub == NULL || name == NULL || port == NULL || secret == NULL || interval == NULL || timeout == NULL)
 	{
 		return false;
 	}
@@ -6439,6 +6446,7 @@ bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secre
 			StrCpy(name, size, hub->RadiusServerName);
 			*port = hub->RadiusServerPort;
 			*interval = hub->RadiusRetryInterval;
+			*timeout = hub->RadiusRetryTimeout;

 			tmp_size = hub->RadiusSecret->Size + 1;
 			tmp = ZeroMalloc(tmp_size);
@@ -6465,6 +6473,10 @@ void SetRadiusServer(HUB *hub, char *name, UINT port, char *secret)
 	SetRadiusServerEx(hub, name, port, secret, RADIUS_RETRY_INTERVAL);
 }
 void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT interval)
+{
+	SetRadiusServerEx2(hub, name, port, secret, interval, RADIUS_RETRY_TIMEOUT);
+}
+void SetRadiusServerEx2(HUB *hub, char *name, UINT port, char *secret, UINT interval, UINT timeout)
 {
 	// Validate arguments
 	if (hub == NULL)
@@ -6484,19 +6496,28 @@ void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT inter
 			hub->RadiusServerName = NULL;
 			hub->RadiusServerPort = 0;
 			hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL;
+			hub->RadiusRetryTimeout = RADIUS_RETRY_TIMEOUT;
+
 			FreeBuf(hub->RadiusSecret);
 		}
 		else
 		{
 			hub->RadiusServerName = CopyStr(name);
 			hub->RadiusServerPort = port;
+
+			if (timeout == 0) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+			hub->RadiusRetryTimeout = timeout;
+
 			if (interval == 0)
 			{
-				hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL;
+				hub->RadiusRetryInterval = RADIUS_RETRY_INTERVAL; ///What happens here is that RADIUS_RETRY_TIMEOUT is not configurable, and RADIUS_RETRY_INTERVAL is set to the timeout if it's larger.
 			}
-			else if (interval > RADIUS_RETRY_TIMEOUT)
+			
+			if (interval > timeout)
 			{
-				hub->RadiusRetryInterval = RADIUS_RETRY_TIMEOUT;
+				hub->RadiusRetryInterval = timeout;
 			}
 			else
 			{
@@ -341,6 +341,7 @@ struct HUB
 	char *RadiusServerName;				// Radius server name
 	UINT RadiusServerPort;				// Radius server port number
 	UINT RadiusRetryInterval;			// Radius retry interval
+	UINT RadiusRetryTimeout;			// Radius timeout, it will no longer retry
 	BUF *RadiusSecret;					// Radius shared key
 	char RadiusSuffixFilter[MAX_SIZE];	// Radius suffix filter
 	char RadiusRealm[MAX_SIZE];			// Radius realm (optional)
@@ -482,9 +483,11 @@ void GetAccessListStr(char *str, UINT size, ACCESS *a);
 void DeleteOldIpTableEntry(LIST *o);
 void SetRadiusServer(HUB *hub, char *name, UINT port, char *secret);
 void SetRadiusServerEx(HUB *hub, char *name, UINT port, char *secret, UINT interval);
+void SetRadiusServerEx2(HUB *hub, char *name, UINT port, char *secret, UINT interval, UINT timeout);
 bool GetRadiusServer(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size);
 bool GetRadiusServerEx(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval);
-bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, char *suffix_filter, UINT suffix_filter_size);
+bool GetRadiusServerEx2(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout);
+bool GetRadiusServerEx3(HUB *hub, char *name, UINT size, UINT *port, char *secret, UINT secret_size, UINT *interval, UINT *timeout, char *suffix_filter, UINT suffix_filter_size);
 int CompareCert(void *p1, void *p2);
 void GetHubLogSetting(HUB *h, HUB_LOG *setting);
 void SetHubLogSetting(HUB *h, HUB_LOG *setting);
@@ -567,6 +567,9 @@ IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address)
 	ipc->Sock = s;
 	AddRef(s->ref);

+	// Initialize to pass the validity check on the source IP address performed by IPCSendIPv4()
+	ZeroIP4(&ipc->ClientIPAddress);
+
 	Copy(ipc->MacAddress, mac_address, 6);

 	ipc->Interrupt = NewInterruptManager();
@@ -2562,9 +2562,16 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
 								Debug("OpenVPN Channel %u Failed.\n", j);
 								OvsLog(s, se, c, "LO_CHANNEL_FAILED");

-								// Return the AUTH_FAILED
-								str = "AUTH_FAILED";
-								WriteFifo(c->SslPipe->SslInOut->SendFifo, str, StrSize(str));
+								if ((se->IpcAsync->ErrorCode == ERR_AUTHTYPE_NOT_SUPPORTED) ||
+									(se->IpcAsync->ErrorCode == ERR_AUTH_FAILED) ||
+									(se->IpcAsync->ErrorCode == ERR_PROXY_AUTH_FAILED) ||
+									(se->IpcAsync->ErrorCode == ERR_USER_AUTHTYPE_NOT_PASSWORD) ||
+									(se->IpcAsync->ErrorCode == ERR_NOT_SUPPORTED_AUTH_ON_OPENSOURCE))
+								{
+									// Return the AUTH_FAILED
+									str = "AUTH_FAILED";
+									WriteFifo(c->SslPipe->SslInOut->SendFifo, str, StrSize(str));
+								}

 								s->SessionEstablishedCount++;

@@ -5429,7 +5429,7 @@ void ClientUploadNoop(CONNECTION *c)
 	}

 	p = PackError(0);
-	PackAddInt(p, "noop", 1);
+	PackAddInt(p, "noop", NOOP);
 	(void)HttpClientSend(c->FirstSock, p);
 	FreePack(p);

@@ -5440,6 +5440,24 @@ void ClientUploadNoop(CONNECTION *c)
 	}
 }

+void ServerUploadNoop(CONNECTION *c)
+{
+	PACK *p;
+	// Validate arguments
+	if (c == NULL)
+	{
+		return;
+	}
+
+	p = PackError(0);
+	PackAddInt(p, "noop", NOOP_IGNORE);
+	(void)HttpServerSend(c->FirstSock, p);
+	FreePack(p);
+
+	// Client can't re-respond to an HTTP "response" 
+	// so we don't wait for it on the server side
+}
+
 // Add client version information to the PACK
 void PackAddClientVersion(PACK *p, CONNECTION *c)
 {
@@ -169,6 +169,7 @@ bool GetSessionKeyFromPack(PACK *p, UCHAR *session_key, UINT *session_key_32);
 void CreateNodeInfo(NODE_INFO *info, CONNECTION *c);
 UINT SecureSign(SECURE_SIGN *sign, UINT device_id, char *pin);
 void ClientUploadNoop(CONNECTION *c);
+void ServerUploadNoop(CONNECTION *c);
 bool ClientCheckServerCert(CONNECTION *c, bool *expired);
 void ClientCheckServerCertThread(THREAD *thread, void *param);
 bool ClientSecureSign(CONNECTION *c, UCHAR *sign, UCHAR *random, X **x);
@@ -7,6 +7,7 @@

 #include "Radius.h"

+#include "Protocol.h"
 #include "Connection.h"
 #include "IPC.h"
 #include "Server.h"
@@ -1767,7 +1768,7 @@ LABEL_ERROR:
 ////////// Classical implementation

 // Attempts Radius authentication (with specifying retry interval and multiple server)
-bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
+bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UINT timeout, UCHAR *mschap_v2_server_response_20,
 				 RADIUS_LOGIN_OPTION *opt, char *hubname)
 {
 	UCHAR random[MD5_SIZE];
@@ -2072,14 +2073,22 @@ bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT sec

 			// Transmission process start
 			start = Tick64();
+
+			// Limit timeout to be larger than hardcoded timeout
+			// Limit interval to be larger than the hardcoded interval and less than timeout
+			if (timeout < RADIUS_RETRY_TIMEOUT) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+			
 			if(interval < RADIUS_RETRY_INTERVAL)
 			{
 				interval = RADIUS_RETRY_INTERVAL;
 			}
-			else if(interval > RADIUS_RETRY_TIMEOUT)
+			else if(interval > timeout)
 			{
-				interval = RADIUS_RETRY_TIMEOUT;
+				interval = timeout;
 			}
+
 			next_send_time = start + (UINT64)interval;

 			while (true)
@@ -2099,6 +2108,8 @@ SEND_RETRY:
 				next_send_time = Tick64() + (UINT64)interval;

 RECV_RETRY:
+				ServerUploadNoop(c);				
+				
 				now = Tick64();
 				if (next_send_time <= now)
 				{
@@ -2109,7 +2120,7 @@ RECV_RETRY:
 					goto SEND_RETRY;
 				}

-				if ((start + RADIUS_RETRY_TIMEOUT) < now)
+				if ((start + timeout) < now)
 				{
 					// Time-out
 					break;
@@ -283,7 +283,7 @@ struct RADIUS_LOGIN_OPTION
 };

 // Function prototype
-bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UCHAR *mschap_v2_server_response_20,
+bool RadiusLogin(CONNECTION *c, char *server, UINT port, UCHAR *secret, UINT secret_size, wchar_t *username, char *password, UINT interval, UINT timeout, UCHAR *mschap_v2_server_response_20,
 				 RADIUS_LOGIN_OPTION *opt, char *hubname);
 BUF *RadiusEncryptPassword(char *password, UCHAR *random, UCHAR *secret, UINT secret_size);
 BUF *RadiusCreateUserName(wchar_t *username);
@@ -516,6 +516,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 			char suffix_filter[MAX_SIZE];
 			wchar_t suffix_filter_w[MAX_SIZE];
 			UINT interval;
+			UINT timeout;
 			EAP_CLIENT *eap = NULL;
 			char password1[MAX_SIZE];
 			UCHAR client_challenge[16];
@@ -586,7 +587,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 			}

 			// Get the Radius server information
-			if (GetRadiusServerEx2(hub, radius_server_addr, sizeof(radius_server_addr), &radius_server_port, radius_secret, sizeof(radius_secret), &interval, suffix_filter, sizeof(suffix_filter)))
+			if (GetRadiusServerEx3(hub, radius_server_addr, sizeof(radius_server_addr), &radius_server_port, radius_secret, sizeof(radius_secret), &interval, &timeout, suffix_filter, sizeof(suffix_filter)))
 			{
 				Unlock(hub->lock);

@@ -597,7 +598,7 @@ bool SamAuthUserByPlainPassword(CONNECTION *c, HUB *hub, char *username, char *p
 					// Attempt to login
 					b = RadiusLogin(c, radius_server_addr, radius_server_port,
 						radius_secret, StrLen(radius_secret),
-						name, password, interval, mschap_v2_server_response_20, opt, hub->Name);
+						name, password, interval, timeout, mschap_v2_server_response_20, opt, hub->Name);

 					if (b)
 					{
@@ -4855,6 +4855,7 @@ void SiWriteHubCfg(FOLDER *f, HUB *h)
 		}
 		CfgAddInt(f, "RadiusServerPort", h->RadiusServerPort);
 		CfgAddInt(f, "RadiusRetryInterval", h->RadiusRetryInterval);
+		CfgAddInt(f, "RadiusRetryTimeout", h->RadiusRetryTimeout);
 		CfgAddStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter);
 		CfgAddStr(f, "RadiusRealm", h->RadiusRealm);

@@ -5020,9 +5021,11 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 			BUF *secret;
 			UINT port;
 			UINT interval;
+			UINT timeout;

 			port = CfgGetInt(f, "RadiusServerPort");
 			interval = CfgGetInt(f, "RadiusRetryInterval");
+			timeout = CfgGetInt(f, "RadiusRetryTimeout");

 			CfgGetStr(f, "RadiusSuffixFilter", h->RadiusSuffixFilter, sizeof(h->RadiusSuffixFilter));
 			CfgGetStr(f, "RadiusRealm", h->RadiusRealm, sizeof(h->RadiusRealm));
@@ -5035,6 +5038,10 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 				interval = RADIUS_RETRY_INTERVAL;
 			}

+			if (timeout == 0) {
+				timeout = RADIUS_RETRY_TIMEOUT;
+			}
+
 			if (port != 0 && CfgGetStr(f, "RadiusServerName", name, sizeof(name)))
 			{
 				secret = CfgGetBuf(f, "RadiusSecret");
@@ -5048,7 +5055,7 @@ void SiLoadHubCfg(SERVER *s, FOLDER *f, char *name)
 					}
 					secret_str[sizeof(secret_str) - 1] = 0;
 					//SetRadiusServer(h, name, port, secret_str);
-					SetRadiusServerEx(h, name, port, secret_str, interval);
+					SetRadiusServerEx2(h, name, port, secret_str, interval, timeout);
 					FreeBuf(secret);
 				}
 			}
@@ -2815,6 +2815,7 @@ void NativeNatThread(THREAD *thread, void *param)
 		if (a != NULL)
 		{
 			char macstr[64];
+			IP dhcp_ip;
 			// Acquisition success
 			Debug("NnGetNextInterface Ok: %s\n", a->DeviceName);

@@ -2842,9 +2843,10 @@ void NativeNatThread(THREAD *thread, void *param)

 			Debug("NnMainLoop Start.\n");
 			MacToStr(macstr, sizeof(macstr), a->Ipc->MacAddress);
+			UINTToIP(&dhcp_ip, a->CurrentDhcpOptionList.ServerAddress);
 			NLog(t->v, "LH_KERNEL_MODE_START", a->DeviceName,
 			     &a->Ipc->ClientIPAddress, &a->Ipc->SubnetMask, &a->Ipc->DefaultGateway, &a->Ipc->BroadcastAddress,
-			     macstr, &a->CurrentDhcpOptionList.ServerAddress, &a->DnsServerIP);
+				macstr, &dhcp_ip, &a->DnsServerIP);
 			NnMainLoop(t, a);
 			Debug("NnMainLoop End.\n");

@@ -4462,9 +4462,13 @@ bool IsAesNiSupported()

 	// Unfortunately OpenSSL doesn't provide a function to do it
 #ifdef _MSC_VER
-	int regs[4]; // EAX, EBX, ECX, EDX
-	__cpuid(regs, 1);
-	supported = (regs[2] >> 25) & 1;
+  #if defined(_M_X64) || defined(_M_IX86)
+    int regs[4]; // EAX, EBX, ECX, EDX
+    __cpuid(regs, 1);
+    supported = (regs[2] >> 25) & 1;
+  #elif defined(_M_ARM64)
+	return IsProcessorFeaturePresent(PF_ARM_V8_CRYPTO_INSTRUCTIONS_AVAILABLE);
+  #endif
 #else // _MSC_VER
 	#if defined(CPU_FEATURES_ARCH_X86)
 		const X86Features features = GetX86Info().features;
@@ -4757,7 +4761,7 @@ static void MY_SHA0_Transform(MY_SHA0_CTX* ctx) {
 	UCHAR* p = ctx->buf;
 	int t;
 	for(t = 0; t < 16; ++t) {
-		UINT tmp =  *p++ << 24;
+		UINT tmp =  (UINT)*p++ << 24;
 		tmp |= *p++ << 16;
 		tmp |= *p++ << 8;
 		tmp |= *p++;
@@ -1207,12 +1207,14 @@ PACK *HttpClientRecv(SOCK *s)
 	UINT size;
 	UCHAR *tmp;
 	HTTP_VALUE *v;
+	UINT num_noop = 0;
 	// Validate arguments
 	if (s == NULL)
 	{
 		return NULL;
 	}

+START:
 	h = RecvHttpHeader(s);
 	if (h == NULL)
 	{
@@ -1257,6 +1259,22 @@ PACK *HttpClientRecv(SOCK *s)
 	p = BufToPack(b);
 	FreeBuf(b);

+	// Client shouldn't receive a noop other than NOOP_IGNORE
+	// because it can't respond without a full new HTTP request
+	UINT noop = PackGetInt(p, "noop");
+	if (noop == NOOP_IGNORE) {
+		Debug("recv: noop ignore\n");
+		FreePack(p);
+
+		num_noop++;
+
+		if (num_noop > MAX_NOOP_PER_SESSION)
+		{
+			return NULL;
+		}
+
+		goto START;
+	}
 	return p;
 }

@@ -1365,13 +1383,14 @@ START:
 	FreeBuf(b);

 	// Determine whether it's a NOOP
-	if (PackGetInt(p, "noop") != 0)
+	UINT noop = PackGetInt(p, "noop");
+	if (noop == NOOP)
 	{
 		Debug("recv: noop\n");
 		FreePack(p);

 		p = PackError(0);
-		PackAddInt(p, "noop", 1);
+		PackAddInt(p, "noop", NOOP_IGNORE);
 		if (HttpServerSend(s, p) == false)
 		{
 			FreePack(p);
@@ -1387,6 +1406,11 @@ START:
 			return NULL;
 		}

+		goto START;
+	} else if (noop == NOOP_IGNORE) {
+		Debug("recv: noop ignore\n");
+		FreePack(p);
+
 		goto START;
 	}

@@ -63,7 +63,7 @@ static int ydays[] =
 	0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365
 };

-static UINT current_num_thread = 0;
+static COUNTER *current_num_thread = NULL;
 static UINT cached_number_of_cpus = 0;


@@ -776,6 +776,7 @@ void InitThreading()
 {
 	thread_pool = NewSk();
 	thread_count = NewCounter();
+	current_num_thread = NewCounter();
 }

 // Release of thread pool
@@ -821,6 +822,9 @@ void FreeThreading()

 	DeleteCounter(thread_count);
 	thread_count = NULL;
+
+	DeleteCounter(current_num_thread);
+	current_num_thread = NULL;
 }

 // Thread pool procedure
@@ -1028,9 +1032,9 @@ THREAD *NewThreadNamed(THREAD_PROC *thread_proc, void *param, char *name)

 	Wait(pd->InitFinishEvent, INFINITE);

-	current_num_thread++;
+	Inc(current_num_thread);

-//	Debug("current_num_thread = %u\n", current_num_thread);
+//	Debug("current_num_thread = %u\n", Count(current_num_thread));

 	return ret;
 }
@@ -1055,8 +1059,8 @@ void CleanupThread(THREAD *t)

 	Free(t);

-	current_num_thread--;
-	//Debug("current_num_thread = %u\n", current_num_thread);
+	Dec(current_num_thread);
+	//Debug("current_num_thread = %u\n", Count(current_num_thread));
 }

 // Release thread (pool)
@@ -72,11 +72,26 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)

 // Compiler dependent
 #ifndef	OS_WIN32
-// Gcc compiler
+// GCC or Clang compiler
 #define	GCC_PACKED		__attribute__ ((__packed__))
+// Clang compiler
+#if defined(__has_feature)
+#if __has_feature(thread_sanitizer)
+#define ATTRIBUTE_NO_TSAN			__attribute__((no_sanitize("thread")))
+#endif	// __has_feature(thread_sanitizer)
+#endif	// __has_feature
+// GCC compiler
+#if defined(__SANITIZE_THREAD__) && !defined(ATTRIBUTE_NO_TSAN)
+#define ATTRIBUTE_NO_TSAN			__attribute__((no_sanitize("thread")))
+#endif	// __SANITIZE_THREAD__
+// Other or older Clang/GCC compiler
+#ifndef ATTRIBUTE_NO_TSAN
+#define ATTRIBUTE_NO_TSAN
+#endif	// ATTRIBUTE_NO_TSAN
 #else	// OS_WIN32
 // VC++ compiler
 #define	GCC_PACKED
+#define ATTRIBUTE_NO_TSAN
 #endif	// OS_WIN32

 // Macro that displays the current file name and line number
@@ -881,8 +881,6 @@ struct SSL_VERIFY_OPTION
 	X *SavedCert;					// Saved server certificate
 };

-#define	SSL_DEFAULT_CONNECT_TIMEOUT		(15 * 1000)		// SSL default timeout
-
 // Header for TCP Pair
 struct TCP_PAIR_HEADER
 {
@@ -38,6 +38,8 @@

 // The number of allowable NOOP
 #define	MAX_NOOP_PER_SESSION	30
+#define NOOP 1
+#define NOOP_IGNORE 2 // A noop, but don't send a response noop

 // VALUE object
 struct VALUE
@@ -470,6 +470,7 @@ LIST *LoadLangList()
 	b = ReadDump(filename);
 	if (b == NULL)
 	{
+		FreeLangList(o);
 		return NULL;
 	}

@@ -1849,6 +1849,8 @@ void UnixUnlockEx(LOCK *lock, bool inner)
 }

 // Lock
+// Recursive locking is implemented manually instead of using PTHREAD_MUTEX_RECURSIVE.
+// See: https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2219
 bool UnixLock(LOCK *lock)
 {
 	pthread_mutex_t *mutex;
@@ -2140,9 +2142,13 @@ void UnixMemoryFree(void *addr)
 // SIGCHLD handler
 void UnixSigChldHandler(int sig)
 {
+	int old_errno = errno;
+
 	// Recall the zombie processes
 	while (waitpid(-1, NULL, WNOHANG) > 0);
 	signal(SIGCHLD, UnixSigChldHandler);
+
+	errno = old_errno;
 }

 // Disable core dump
@@ -5,7 +5,8 @@
 // NDIS6.c
 // Windows NDIS 6.2 Routine

-#include <GlobalConst.h>
+//#include <GlobalConst.h>
+#include "GlobalConst.h"

 #define	NEO_DEVICE_DRIVER

@@ -9,25 +9,37 @@
 #define	NDIS5_H

 // Win32 DDK related
-#ifndef	CPU_64
-#define	_X86_
-#else	// CPU_64
-#ifndef	NEO_IA64
-#define	_AMD64_
-#define	AMD64
-#else	// NEO_IA64
-#define	_IA64_
-#define	IA64
-#endif	// NEO_IA64
-#endif	// CPU_64
+#ifndef CPU_64
+#define _X86_
+#else // CPU_64
+#ifdef CPU_ARM64
+//#define _ARM64_
+//#define ARM64
+#elif defined(NEO_IA64)
+#define _IA64_
+#define IA64
+#else
+#define _AMD64_
+#define AMD64
+#endif
+#endif // CPU_64
 #define	NDIS_MINIPORT_DRIVER
-// NDIS 6.2
-#define	NDIS620_MINIPORT
-#define	NDIS_SUPPORT_NDIS61			1
-#define	NDIS_SUPPORT_NDIS620		1
-#define NEO_NDIS_MAJOR_VERSION		6
-#define NEO_NDIS_MINOR_VERSION		20
-#define	NDIS_WDM					1
+#ifdef CPU_ARM64
+	#define NDIS640_MINIPORT 
+	#define NDIS_MINIPORT_MINIMUM_MAJOR_VERSION 6
+	#define NDIS_MINIPORT_MINIMUM_MINOR_VERSION 40
+	#define NEO_NDIS_MAJOR_VERSION 6
+	#define NEO_NDIS_MINOR_VERSION 40
+#else
+	// NDIS 6.2
+	#define	NDIS620_MINIPORT
+	#define	NDIS_SUPPORT_NDIS61			1
+	#define	NDIS_SUPPORT_NDIS620		1
+	#define NEO_NDIS_MAJOR_VERSION		6
+	#define NEO_NDIS_MINOR_VERSION		20
+	#define	NDIS_WDM					1
+#endif
+

 #include <wdm.h>
 #include <ndis.h>
@@ -0,0 +1,107 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Release|ARM64">
+      <Configuration>Release</Configuration>
+      <Platform>ARM64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>17.0</VCProjectVersion>
+    <ProjectGuid>{F7679B65-2FEC-469A-8BAC-B07BF4439422}</ProjectGuid>
+    <RootNamespace>Neo6</RootNamespace>
+    <Keyword>Win32Proj</Keyword>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
+      <TargetVersion>Windows10</TargetVersion>
+      <UseDebugLibraries>false</UseDebugLibraries>
+      <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+      <ConfigurationType>Driver</ConfigurationType>
+      <DriverType>KMDF</DriverType>
+      <DriverTargetPlatform>Universal</DriverTargetPlatform>
+      <TargetName>Neo6_arm64_unsigned</TargetName>
+      <TargetExt>.sys</TargetExt>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup>
+    <_ProjectFileVersion>17.0.36310.24</_ProjectFileVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
+    <IntDir>$(Platform)_$(Configuration)\</IntDir>
+    <IgnoreImportLibrary>true</IgnoreImportLibrary>
+    <LinkIncremental>false</LinkIncremental>
+    <GenerateManifest>false</GenerateManifest>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
+    <Midl />
+    <ClCompile>
+      <Optimization>MaxSpeed</Optimization>
+      <InlineFunctionExpansion>Default</InlineFunctionExpansion>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <FavorSizeOrSpeed>Neither</FavorSizeOrSpeed>
+      <TreatWarningAsError>false</TreatWarningAsError>
+      <AdditionalIncludeDirectories>$(ProjectDir)\..\;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>ARM64;_ARM64_;CPU_64;WIN32;CPU_ARM64;NDEBUG;_WINDOWS;_USRDLL;NEO_EXPORTS;VPN_SPEED;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <StringPooling>false</StringPooling>
+      <ExceptionHandling>
+      </ExceptionHandling>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <StructMemberAlignment>8Bytes</StructMemberAlignment>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <FunctionLevelLinking>false</FunctionLevelLinking>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+
+      <CompileAs>CompileAsC</CompileAs>
+      <DisableSpecificWarnings>4996;%(DisableSpecificWarnings)</DisableSpecificWarnings>
+    </ClCompile>
+    <!-- <PreLinkEvent>
+      <Command>$(SolutionDir)bin\BuildUtil.exe /CMD:GenerateVersionResource "$(TargetPath)" /OUT:"$(SolutionDir)tmp\VersionResources\$(ProjectName)_$(Platform).res" /PRODUCT:"SoftEther VPN"</Command>
+    </PreLinkEvent> -->
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+    <Link>
+      <OutputFile>$(OutDir)Neo6_arm64_unsigned.sys</OutputFile>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <AdditionalDependencies>ntoskrnl.lib;wdm.lib;hal.lib;;ucrt.lib;ndis.lib;wdmsec.lib;ntdll.lib;Kernel32.lib;fwpkclnt.lib;libcntpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <!-- <ImportLibrary>$(SolutionDir)tmp\lib\$(Platform)_$(Configuration)\$(ProjectName).lib</ImportLibrary> -->
+      <TargetMachine>MachineARM64</TargetMachine>
+    </Link>
+    <!-- <PostBuildEvent>
+      <Command>$(SolutionDir)bin\BuildUtil.exe /CMD:SignCode "$(TargetPath)" /DEST:"$(TargetDir)Neo6_ARM64.sys" /COMMENT:"VPN Software" /KERNEL:yes /CERTID:0 /SHAMODE:0
+      $(SolutionDir)bin\BuildUtil.exe /CMD:SignCode "$(TargetPath)" /DEST:"$(TargetDir)Neo6_ARM64_win10.sys" /COMMENT:"VPN Software" /KERNEL:yes /CERTID:0 /SHAMODE:2
+      </Command>
+    </PostBuildEvent> -->
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="NDIS6.c" />
+    <ClCompile Include="Neo6.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="NDIS6.h" />
+    <ClInclude Include="Neo6.h" />
+    <ClInclude Include="resource.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="Neo6.rc" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
@@ -0,0 +1,114 @@
+; VPN Client Device Driver for Windows 2000 and Greater
+; 
+; Copyright (c) SoftEther Corporation. All Rights Reserved.
+; http://www.softether.co.jp/
+; 
+; BUILD 9658
+
+[Version]
+Signature					= "$Windows NT$"
+Class						= Net
+ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}
+Provider					= %CompanyName%
+DriverVer					= 02/04/2018, 4.25.0.9658
+CatalogFile.NT				= Neo6_arm64_VPN.cat
+
+[Manufacturer]
+%CompanyName% 				= SoftEther, NTarm64
+
+[SourceDisksNames]
+1=%DiskDescription%, "", , 
+
+[SourceDisksFiles]
+Neo6_arm64_VPN.sys	= 1
+
+[DestinationDirs]
+DefaultDestDir				= 12
+Neo.CopyFiles.Sys			= 12
+
+[Neo.CopyFiles.Sys]
+Neo6_arm64_VPN.sys, , , 2
+
+[SoftEther.NTarm64]
+%NeoAdapter.DeviceDesc%	= NeoAdapter.Install, NeoAdapter_VPN
+
+[NeoAdapter.Install]
+Characteristics				= 0x1
+AddReg						= Neo.Reg, NeoAdapter.Ndi
+CopyFiles					= Neo.CopyFiles.Sys
+*IfType						= 53
+*MediaType					= 0
+*PhysicalMediaType			= 0
+
+[NeoAdapter.Install.Services]
+AddService					= %Neo.Service.Name%, 2, Neo.Service, Neo.EventLog, , %Neo, EventLog.Name%
+
+[NeoAdapter.Ndi]
+HKR, , NetworkAddress, 0, %DefaultAddress%
+HKR, Ndi, DeviceID, , "NeoAdapter_VPN"
+HKR, , DevLoader, , ndis
+HKR, , DeviceVxDs, , Neo6_arm64_VPN.sys
+HKR, NDIS, LogDriverName, , "Neo_VPN"
+HKR, NDIS, MajorNdisVersion, 1, 5
+HKR, NDIS, MinorNdisVersion, 1, 0
+HKR, Ndi\Interfaces, DefUpper, , "ndis5"
+HKR, Ndi\Interfaces, UpperRange, , "ndis5"
+HKR, Ndi\Interfaces, LowerRange, , "ethernet"
+HKR, Ndi\Interfaces, DefLower, , "ethernet"
+HKR, Ndi\Install, ndis5, , "Neo.CopyFiles.Sys"
+HKR, Ndi\Params\NetworkAddress, ParamDesc, 0, %NetworkAddress%
+HKR, Ndi\Params\NetworkAddress, type, 0, "edit"
+HKR, Ndi\Params\NetworkAddress, LimitText, 0, "12"
+HKR, Ndi\Params\NetworkAddress, UpperCase, 0, "1"
+HKR, Ndi\Params\NetworkAddress, default, 0, %DefaultAddress%
+HKR, Ndi\Params\NetworkAddress, optional, 0, "0"
+HKR, Ndi\Params\MaxSpeed, ParamDesc, 0, %MaxSpeed%
+HKR, Ndi\Params\MaxSpeed, type, 0, "int"
+HKR, Ndi\Params\MaxSpeed, default, 0, "100"
+HKR, Ndi\Params\MaxSpeed, min, 0, "0"
+HKR, Ndi\Params\MaxSpeed, max, 0, "2000"
+HKR, Ndi\Params\MaxSpeed, step, 0, "1"
+HKR, Ndi\Params\MaxSpeed, Base, 0, "10"
+HKR, Ndi\Params\KeepLink, ParamDesc, 0, %KeepLink%
+HKR, Ndi\Params\KeepLink, type, 0, "enum"
+HKR, Ndi\Params\KeepLink\enum, "1", 0, %On%
+HKR, Ndi\Params\KeepLink\enum, "0", 0, %Off%
+HKR, Ndi\Params\KeepLink, default, 0, "0"
+
+
+[Neo.Service]
+DisplayName					= %Neo.Service.DispName%
+Description					= %Neo.Service.Desc%
+ServiceType					= 1
+StartType					= 3
+ErrorControl				= 1
+ServiceBinary				= %12%\Neo6_arm64_VPN.sys
+LoadOrderGroup				= NDIS
+
+[Neo.Reg]
+HKR, Ndi, Service, 0, Neo.Service.Name
+HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
+HKR, Ndi\Interfaces, UpperRange, 0, "ndis5"
+
+[Neo.EventLog]
+HKR, , EventMessageFile, 0x00020000, "%11%\IoLogMsg.dll;%12%\Neo6_arm64_VPN.sys"
+HKR, , TypesSupported, 0x00010001, 7
+
+[Strings]
+CompanyName					= "SoftEther Corporation"
+DiskDescription				= "VPN Client Device Driver Install Disk"
+Neo.Service.Name			= "Neo_VPN"
+Neo.Service.DispName		= "VPN Client Device Driver - VPN"
+Neo.Service.Desc			= "VPN Client Adapter - VPN"
+NeoAdapter.DeviceDesc		= "VPN Client Adapter - VPN"
+Neo.EventLog.Name			= "Neo"
+NetworkAddress				= "MAC Address"
+DefaultAddress				= "000001000001"
+MaxSpeed					= "Indicate Speed (Mbps)"
+KeepLink					= "Keep Link"
+On							= "On"
+Off							= "Off"
+
+
+; Auto Generated 20180205_163621.454
+
@@ -10,3 +10,4 @@
 5 ru Russian Русский 1049 ru
 6 pt_br Portuguese-Brazil Português-Brasil 1046 pt_br
 7 id Indonesian Bahasa 1057 id
+8 tr Turkish Türkçe 1055 tr
@@ -3,4 +3,4 @@

 # 番号 識別子 英語表記 ローカル表記 Windowsロケール番号 UNIXロケール文字一覧
 1 en English English 1033 en,us,c
-
+8 tr Turkish Türkçe 1055 tr
@@ -200,7 +200,7 @@ ERR_133					The specified Dynamic DNS hostname is already used. Please change th
 ERR_134					The specified Dynamic DNS hostname has an invalid characters. Please change the hostname.
 ERR_135					The length of the specified Dynamic DNS hostname is too long. A hostname must be equal or shorter than 31 letters.
 ERR_136					The Dynamic DNS hostname is not specified.
-ERR_137					The length of the specified Dynamic DNS hostname is too long. A hostname must be equal of longer than 3 letters.
+ERR_137					The length of the specified Dynamic DNS hostname is too short. A hostname must be equal or longer than 3 letters.
 ERR_138					The password of the specified user in the Virtual Hub must be reset before using MS-CHAP v2 authentication. Please ask the administrator of the VPN Server to reset the password by the VPN Server Manager or vpncmd which internal version is 4.0 or greater. Or you can change the password with VPN Client by yourself.
 ERR_139					The connection to the Dynamic DNS server has been disconnected.
 ERR_140					Failed to initialize the ICMP (Ping) protocol. The process of the VPN Server might be running in a normal-user privileges. In such case, run the VPN Server as a system service. (in Linux / UNIX, run it in root privileges.)
@@ -7422,3 +7422,4 @@ SW_LINK_NAME_LANGUAGE_COMMENT				Change the display language setting of %s.

 SW_LINK_NAME_DEBUG							Debugging Information Collecting Tool
 SW_LINK_NAME_DEBUG_COMMENT					Collects debugging information of SoftEther VPN. Use this tool only if your support staff asks you to do so.
+
@@ -0,0 +1,42 @@
+# This file contains suppressions for Thread Sanitizer.
+# For the specification, refer to: https://github.com/google/sanitizers/wiki/threadsanitizersuppressions
+
+
+
+## Set/Wait
+# This provides synchronization equivalent to a lock, but Thread Sanitizer cannot recognize it.
+
+# Thread Sanitizer reports data race on Halt in TK64.
+# https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2221
+race_top:FreeTick64
+
+# Thread Sanitizer reports data races on Finished and NoDelayFlag in CONNECT_SERIAL_PARAM,
+# shared between BindConnectThreadForIPv4, BindConnectThreadForIPv6, and BindConnectEx5.
+# https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2222
+race_top:BindConnectThreadForIPv4
+race_top:BindConnectThreadForIPv6
+race_top:BindConnectEx5
+
+# Thread Sanitizer reports data races on PoolHalting in THREAD, shared between ThreadPoolProc and WaitThread.
+# But if WaitThread reads false, synchronization is ensured by Wait from the PoolWaitList. If it reads true,
+# WaitThread simply returns.
+race_top:ThreadPoolProc
+
+
+## Accept/Disconnect cancellation
+# Thread Sanitizer reports two data races on CancelAccept and CallingThread in SOCK, shared between
+# Accept(Accept6) and Disconnect. These are used when interrupting an Accept operation from a Disconnect.
+# They are race-safe because they work correctly even if both fields have old values.
+race_top:^Accept$
+race_top:^Accept6$
+race_top:^Disconnect$
+
+
+## Manual PTHREAD_MUTEX_RECURSIVE
+# The Lock/Unlock mechanism on Unix is a manual, hand-coded implementation of PTHREAD_MUTEX_RECURSIVE.
+# We avoid using the PTHREAD_MUTEX_RECURSIVE directly because it exhibits critical bugs, such as deadlocks
+# on certain older systems(Linux, Solaris, or macOS). While Thread Sanitizer will report data races,
+# these warnings should be ignored as the logic has been carefully implemented to ensure thread safety.
+# https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2219
+race_top:UnixLock
+race_top:UnixUnlockEx
Author	SHA1	Message	Date
Ilya Shipitsin	193ebdba12	Merge pull request #2255 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/multi-0d13b2d87f Bump serialize-javascript and terser-webpack-plugin in /src/bin/hamcore/wwwroot/admin/default	2026-03-29 14:05:48 +02:00
dependabot[bot]	617d668651	Bump serialize-javascript and terser-webpack-plugin Removes [serialize-javascript](https://github.com/yahoo/serialize-javascript). It's no longer used after updating ancestor dependency [terser-webpack-plugin](https://github.com/webpack/terser-webpack-plugin). These dependencies need to be updated together. Removes `serialize-javascript` Updates `terser-webpack-plugin` from 5.3.16 to 5.4.0 - [Release notes](https://github.com/webpack/terser-webpack-plugin/releases) - [Changelog](https://github.com/webpack/terser-webpack-plugin/blob/main/CHANGELOG.md) - [Commits](https://github.com/webpack/terser-webpack-plugin/compare/v5.3.16...v5.4.0) --- updated-dependencies: - dependency-name: serialize-javascript dependency-version: dependency-type: indirect - dependency-name: terser-webpack-plugin dependency-version: 5.4.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-29 12:00:59 +00:00
Ilya Shipitsin	a0cbe2daf6	Merge pull request #2175 from SoftEtherVPN/dependabot/npm_and_yarn/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/js-yaml-3.14.2 Build(deps-dev): Bump js-yaml from 3.13.1 to 3.14.2 in /developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package	2026-03-27 12:52:18 +01:00
dependabot[bot]	59f19f1a12	Bump js-yaml Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.13.1 to 3.14.2. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-27 11:43:39 +00:00
Ilya Shipitsin	9fbe3d7488	Merge pull request #2252 from SoftEtherVPN/dependabot/npm_and_yarn/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/picomatch-2.3.2 Build(deps-dev): Bump picomatch from 2.3.1 to 2.3.2 in /developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package	2026-03-26 09:48:38 +01:00
dependabot[bot]	325b76e463	Build(deps-dev): Bump picomatch Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) --- updated-dependencies: - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-26 08:33:04 +00:00
Ilya Shipitsin	6bbb2b5e07	Merge pull request #2253 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/picomatch-2.3.2 Build(deps-dev): Bump picomatch from 2.3.1 to 2.3.2 in /src/bin/hamcore/wwwroot/admin/default	2026-03-26 09:31:25 +01:00
dependabot[bot]	98264709fb	Build(deps-dev): Bump picomatch Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) --- updated-dependencies: - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-25 21:56:45 +00:00
Ilya Shipitsin	427ada239f	Merge pull request #2245 from chipitsine/master update src/libhamcore submodule	2026-03-06 20:58:59 +01:00
Ilia Shipitsin	98940d339d	update src/libhamcore submodule we want to update because of the following improvement https://github.com/SoftEtherVPN/libhamcore/pull/3	2026-03-06 20:30:35 +01:00
Ilya Shipitsin	7c79333026	Merge pull request #2244 from SoftEtherVPN/dependabot/npm_and_yarn/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/minimatch-3.1.5 Build(deps-dev): Bump minimatch from 3.1.2 to 3.1.5 in /developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package	2026-03-01 10:57:57 +01:00
dependabot[bot]	3f372db86d	Build(deps-dev): Bump minimatch Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-01 08:53:11 +00:00
Ilya Shipitsin	068330b24b	Merge pull request #2243 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/minimatch-3.1.5 Build(deps-dev): Bump minimatch from 3.1.2 to 3.1.5 in /src/bin/hamcore/wwwroot/admin/default	2026-02-28 08:01:29 +01:00
dependabot[bot]	a0d16dd2e8	Build(deps-dev): Bump minimatch Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-28 03:36:52 +00:00
Ilya Shipitsin	9a42563bbc	Merge pull request #2211 from synqa/add-ci-for-sanitizer Add CI for Sanitizer	2026-02-23 15:11:01 +01:00
synqa	7d86756e72	Add CI for Sanitizer Added Address/Leak/Thread/Undefined Behavior Sanitizer to the CI workflow. Summary reports are displayed in the Job Summary, while full logs are available via GitHub Artifacts. Initial verification is handled by vpntools-check.sh.	2026-02-23 21:51:08 +09:00
Ilya Shipitsin	e247cf0513	Merge pull request #2241 from synqa/suppress-tsan-accept-disconnect Suppress Thread Sanitizer for Accept and Disconnect	2026-02-23 13:46:16 +01:00
synqa	a247e3ecdc	Suppress Thread Sanitizer for Accept and Disconnect Thread Sanitizer reports two data races on CancelAccept and CallingThread in SOCK, shared between Accept(Accept6) and Disconnect. These are used when interrupting an Accept operation from a Disconnect. These races are benign because they work correctly even if both fields have old values.	2026-02-23 21:32:26 +09:00
Ilya Shipitsin	61b920f957	Merge pull request #2239 from synqa/add-comment-unix-lock Add comment for UnixLock	2026-02-21 15:36:51 +01:00
Ilya Shipitsin	290f125abc	Merge pull request #2240 from synqa/suppress-tsan-threadpoolproc Suppress Thread Sanitizer for ThreadPoolProc	2026-02-21 15:35:56 +01:00
synqa	93bf90ba95	Add comment for UnixLock The Lock/Unlock mechanism on Unix is a manual, hand-coded implementation of PTHREAD_MUTEX_RECURSIVE. We avoid using the PTHREAD_MUTEX_RECURSIVE directly because it exhibits critical bugs, such as deadlocks on certain older systems(Linux, Solaris, or macOS). followup #2219	2026-02-21 21:15:56 +09:00
synqa	5b356616a7	Suppress Thread Sanitizer for ThreadPoolProc Thread Sanitizer reports data races on PoolHalting in THREAD, shared between ThreadPoolProc and WaitThread. But if WaitThread reads false, synchronization is ensured by Wait from the PoolWaitList. If it reads true, WaitThread simply returns.	2026-02-21 20:26:39 +09:00
Ilya Shipitsin	e0c86ab4a6	Merge pull request #2236 from chipitsine/master follow up of https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2161	2026-02-18 21:15:20 +01:00
Ilia Shipitsin	5130f1a4da	follow up of https://github.com/SoftEtherVPN/SoftEtherVPN/pull/2161	2026-02-18 16:09:54 +01:00
Ilya Shipitsin	13f15384f2	Merge pull request #2161 from siddharth-narayan/radius-retry-timeout Add RadiusRetryTimeout option	2026-02-18 07:54:10 +01:00
Siddharth Narayan	bbda0c298d	Implement extended-timeout radius login	2026-02-18 00:44:18 -06:00
Ilya Shipitsin	e42aa6bf78	Merge pull request #2235 from talynone/WINARM64BUILDSCRIPTS Add Windows ARM 64 builds to GitHub Windows Actions	2026-02-16 18:12:26 +01:00
Joseph Gershgorin	ef05c4f0c4	The liboqs (post-quantum cryptography) library doesn't officially support ARM64. To allow the build to proceed, we added -DOQS_PERMIT_UNSUPPORTED_ARCHITECTURE=ON via the CMAKE_EXTRA_FLAGS matrix field	2026-02-16 05:27:17 -08:00
Joseph Gershgorin	7f6e527b47	Modify GitHub CI/CD with Windows ARM 64 build support	2026-02-16 05:11:02 -08:00
Ilya Shipitsin	a0afd98744	Merge pull request #2234 from synqa/add-more-tsan-suppression Add Thread Sanitizer suppressions for FreeTick64 and UnixLock	2026-02-16 13:03:54 +01:00
synqa	ae448abdad	Add Thread Sanitizer suppressions for FreeTick64 and UnixLock - Add suppression for FreeTick64 (#2221). - Add suppression for UnixLock (#2219).	2026-02-16 18:59:59 +09:00
Ilya Shipitsin	cfe854b339	Merge pull request #2232 from synqa/add-tsan-suppression Add ThreadSanitizer suppression file	2026-02-14 15:47:43 +01:00
synqa	c075bd85a8	Add ThreadSanitizer suppression file Using no_sanitize("thread") disables instrumentation for the entire stack frame, meaning functions called within that scope are also not checked. By using race_top in a suppression file, we can suppress erros only when they occur at the top of the stack. This provides more granular control over errors suppression. As an example, this suppression addresses #2222.	2026-02-14 22:42:48 +09:00
Ilya Shipitsin	6f749ab71c	Merge pull request #2181 from jgrasboeck/fix_openvpn_auth_failed_reply Openvpn: only send AUTH_FAILED reply on auth errors	2026-02-14 11:06:26 +01:00
Ilya Shipitsin	0e36e095f0	Merge pull request #2229 from chipitsine/master ci: run coverity workflow on demand	2026-02-13 14:20:41 +01:00
Ilia Shipitsin	34e4d4a54b	ci: run coverity workflow on demand	2026-02-13 14:05:23 +01:00
Ilya Shipitsin	df3ea19f0e	Merge pull request #2226 from SaiXu-QC/WinArm64 Add Win Arm64 Doc	2026-02-09 08:42:27 +01:00
SaiXU	9da4aabda5	add win arm64 doc	2026-02-09 10:42:32 +08:00
SaiXU	3cb3dd20fc	Add BUILD_WinArm64.md	2026-02-09 10:38:45 +08:00
Ilya Shipitsin	b551b77e25	Merge pull request #2225 from synqa/tsan-disable-macro Add macro to disable thread sanitizer	2026-02-08 17:26:26 +01:00
Ilya Shipitsin	609b8f4a5e	Merge pull request #2224 from synqa/revert-2221-fix-halt-flag Revert "Fix data race on Tick64"	2026-02-08 17:25:04 +01:00
synqa	0a87ff8fbd	Add macro to disable thread sanitizer Define ATTRIBUTE_NO_TSAN as __attribute__((no_sanitize(\"thread\"))) when building with thread sanitizer enabled. Falls back to empty definition when thread sanitizer is not active or not supported compiler.	2026-02-08 23:41:10 +09:00
synqa	6016f84315	Revert "Fix data race on Tick64"	2026-02-08 23:14:09 +09:00
Ilya Shipitsin	9d27b935b7	Merge pull request #2223 from synqa/fix-memory-leak-loadlanglist Fix memory leak in LoadLangList()	2026-02-06 15:56:18 +01:00
Ilya Shipitsin	1e1104d3ba	Merge pull request #2221 from synqa/fix-halt-flag Fix data race on Tick64	2026-02-06 15:55:01 +01:00
Ilya Shipitsin	074efb5479	Merge pull request #2220 from synqa/fix-thread-counter Fix race condition in thread counter	2026-02-06 15:54:18 +01:00
synqa	fe460de5a6	Fix data race on Tick64 Add lock protection when reading/writing Halt flag to prevent data race.	2026-02-06 21:12:16 +09:00
synqa	6ef941db21	Fix memory leak in LoadLangList()	2026-02-06 21:08:52 +09:00
synqa	d7d3ec8cac	Fix race condition in thread counter To prevent data races caused by concurrent access from multiple threads, replace UINT with COUNTER.	2026-02-06 21:03:08 +09:00
Ilya Shipitsin	68e9f0b593	Merge pull request #2218 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/webpack-5.105.0 Build(deps-dev): Bump webpack from 5.94.0 to 5.105.0 in /src/bin/hamcore/wwwroot/admin/default	2026-02-06 07:35:07 +01:00
dependabot[bot]	f1012da5fb	Build(deps-dev): Bump webpack in /src/bin/hamcore/wwwroot/admin/default Bumps [webpack](https://github.com/webpack/webpack) from 5.94.0 to 5.105.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack/compare/v5.94.0...v5.105.0) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.105.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-05 23:11:11 +00:00
Ilya Shipitsin	1411d4ceb4	Merge pull request #2217 from synqa/fix-preserve-errno Fix preserve errno in SIGCHLD signal handler	2026-02-05 15:46:13 +01:00
Ilya Shipitsin	a3176175f9	Merge pull request #2216 from synqa/fix-ub-leftshift Fix undefined behavior of left shift	2026-02-05 15:13:46 +01:00
synqa	88af7986b4	Fix preserve errno in SIGCHLD signal handler Signal handler may interrupt code that depends on errno, and waitpid() may modify errno, therefore, errno must be saved and restored before returning.	2026-02-05 18:51:58 +09:00
synqa	38f102e2e7	Fix undefined behavior of left shift Left shifting UCHAR promotes it to a signed integer. When the value is >= 128 and shifted by 24, the result sets the sign bit, causing undefined behavior. Fixes it by explicit casting to UINT.	2026-02-05 18:48:01 +09:00
Ilya Shipitsin	e722f78608	Merge pull request #2209 from SaiXu-QC/WinArm64 Add Windows ARM64 support and ARM64 Neo6 driver	2026-02-03 11:46:26 +01:00
SaiXU	969812e0f2	add IS_CROSS_COMPILATION	2026-01-30 13:30:38 +08:00
SaiXU	14526cf3ea	add arm64 DriverPackages/Neo6_Win10/arm64/Neo6_arm64_VPN.sys	2026-01-30 11:40:46 +08:00
SaiXU	875c4fa344	support ARM64 on windows	2026-01-30 11:36:39 +08:00
Ilya Shipitsin	d8be1e4ddc	Merge pull request #2205 from synqa/password-prompt-for-linux Fix password input handling on Linux	2026-01-24 22:44:29 +01:00
synqa	eaef60a582	Fix password input handling on Linux The password input handling on Linux to match the behavior on Windows. It allows deleting characters using the Backspace, Delete, and Left arrow keys, and correctly handles other input sequences are handling correctly.	2026-01-24 12:37:43 +09:00
Ilya Shipitsin	06c93414f2	Merge pull request #2204 from chipitsine/master some translation guide kindly contributed by copilot	2026-01-23 21:42:12 +01:00
Ilia Shipitsin	e065752618	some translation guide kindly contributed by copilot	2026-01-23 16:13:13 +01:00
Ilya Shipitsin	d75aba9866	Merge pull request #2200 from synqa/fix-dangling-pointer Fix dangling pointer	2026-01-18 21:39:56 +01:00
synqa	1b9ac396ba	Fix dangling pointer Previously, The address of a local stack variable was passed to a new thread. Fix dangling pointer by switching to dynamic allocation. This problem is also known as CVE-2025-25568.	2026-01-18 22:51:23 +09:00
Ilya Shipitsin	041581ce30	Merge pull request #2193 from vamhund/turkish-translation Add Turkish translation (strtable_tr.stb)	2026-01-09 14:19:09 +01:00
VamHunD	ca745bd234	Update language list file with Turkish entry	2026-01-09 15:36:54 +03:00
VamHunD	051da3a48f	Add Turkish language entry to languages.txt	2026-01-09 15:34:31 +03:00
Ilya Shipitsin	669f58036e	Merge pull request #2195 from vamhund/fix-err137-logic Fix logical contradiction in ERR_137	2026-01-08 17:14:07 +01:00
VamHunD	ce95ef93a2	Trigger Windows Build	2026-01-08 16:02:34 +03:00
VamHunD	355609b339	Fix logical contradiction in ERR_137 Fixed "too long" -> "too short" and "equal of" -> "equal or". The first sentence says the name is "too long", but the second sentence says it must be "longer than 3 letters" (which implies it is currently too short). The phrase "equal of longer than" should likely be "equal or longer than".	2026-01-08 15:42:58 +03:00
Ilya Shipitsin	85c814a0fb	Merge pull request #2194 from hiura2023/master Fix: Correct the wrong data type passed to the log output function	2026-01-08 09:33:37 +01:00
hiura2023	90a77cfddf	Merge branch 'SoftEtherVPN:master' into master	2026-01-08 16:52:52 +09:00
hiura2023	65e5e28549	Fix: Correct the wrong data type passed to the log output	2026-01-08 16:50:47 +09:00
Ilya Shipitsin	770aef2866	Merge pull request #2192 from hiura2023/master Fix: Kernel-mode NAT not available	2026-01-08 08:10:40 +01:00
hiura2023	b92294fc52	Fix: Kernel-mode NAT not available due to DHCP unfunctional	2026-01-08 13:27:10 +09:00
hiura2023	a4681818c4	Revert "Fix: Kernel-mode NAT not available" This reverts commit `d85fc71a3a`.	2026-01-08 12:15:12 +09:00
VamHunD	0a44e995de	Add Turkish translation (strtable_tr.stb)	2026-01-08 00:55:51 +03:00
hiura2023	d85fc71a3a	Fix: Kernel-mode NAT not available	2026-01-05 23:28:10 +09:00
Ilya Shipitsin	e884c4ef76	Merge pull request #2189 from SoftEtherVPN/dependabot/npm_and_yarn/src/bin/hamcore/wwwroot/admin/default/js-yaml-3.14.2 Bump js-yaml from 3.13.1 to 3.14.2 in /src/bin/hamcore/wwwroot/admin/default	2026-01-04 22:44:25 +01:00
dependabot[bot]	859ff5ca5e	Bump js-yaml in /src/bin/hamcore/wwwroot/admin/default Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.13.1 to 3.14.2. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/compare/3.13.1...3.14.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-12-27 09:39:13 +00:00
Ilya Shipitsin	85561f3584	Merge pull request #2188 from siddharth-narayan/macos-runner-update Update macos runners	2025-12-27 10:37:49 +01:00
Siddharth Narayan	6880886e5a	Update macos runners	2025-12-27 00:52:09 -05:00
Siddharth Narayan	c32184495b	Add server-side NOOP upload for connection keepalive	2025-12-21 21:10:32 -05:00
Siddharth Narayan	304364719c	Add radius retry timeout in configuration	2025-12-21 21:07:55 -05:00
Ilya Shipitsin	d5c2e33175	Merge pull request #2184 from SoftEtherVPN/copilot/fix-false-positive-detection Add comprehensive documentation for Microsoft Defender false positive detections	2025-12-06 19:01:47 +01:00
Julian Grasböck	4a4c1c79de	openvpn: only send AUTH_FAILED reply on auth errors	2025-11-26 13:53:14 +01:00