Remove CodeQL build artifacts and update .gitignore

Co-authored-by: chipitsine <2217296+chipitsine@users.noreply.github.com>

.github/workflows/macos.yml

@@ -7,7 +7,7 @@ jobs:
   build_and_test:
     strategy:
       matrix:
-        os: [macos-15, macos-14, macos-13]
+        os: [macos-26, macos-15, macos-14]
     name: ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     steps:

.gitignore

@@ -210,3 +210,5 @@ developer_tools/stbchecker/**/*.binlog
 developer_tools/stbchecker/**/*.nvuser
 developer_tools/stbchecker/**/.mfractor/
 /vcpkg_installed
+_codeql_build_dir/
+_codeql_detected_source_root

CMakeSettings.json

@@ -136,6 +136,78 @@
           "type": "STRING"
         }
       ]
+    },
+    {
+      "name": "arm64-on-x64",
+      "description": "Cross compile Windows ARM64 on x64",
+      "generator": "Ninja",
+      "configurationType": "RelWithDebInfo",
+      "inheritEnvironments": ["msvc_arm64_x64"],
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "variables": [
+        {
+          "name": "BUILD_NUMBER",
+          "value": "${env.BuildNumber}",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_NAME",
+          "value": "Windows",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SYSTEM_PROCESSOR",
+          "value": "arm64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_C_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER",
+          "value": "${env.VCINSTALLDIR}Tools/Llvm/bin/clang-cl.exe",
+          "type": "FILEPATH"
+        },
+        {
+          "name": "CMAKE_C_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_CXX_COMPILER_TARGET",
+          "value": "arm64-windows-msvc",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_EXE_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "VCPKG_TARGET_TRIPLET",
+          "value": "arm64-windows-static",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_STATIC_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "CMAKE_SHARED_LINKER_FLAGS",
+          "value": "/machine:ARM64",
+          "type": "STRING"
+        },
+        {
+          "name": "IS_CROSS_COMPILATION",
+          "value": "arm64-on-x64",
+          "type": "STRING"
+
+        }
+      ]
     }
   ]
 }

README.md

@@ -293,6 +293,8 @@ We hope that you can reach one of the above URLs at least!
 Your contribution to SoftEther VPN Project is much appreciated.
 Please send patches to us through GitHub.
 
+Here you find how to submit new translation: [TRANSLATION_GUIDE.md](TRANSLATION_GUIDE.md)
+
 
 # DEAR SECURITY EXPERTS
 

src/CMakeLists.txt

@@ -1,4 +1,4 @@
-if(UNIX)
+if(UNIX)
   # Creates wrapper scripts and installs them in the user's binaries directory, which is usually "/usr/local/bin".
   # This is required because symlinks use the folder they are in as working directory.
   #
@@ -59,6 +59,12 @@ add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_S
 include_directories(.)
 
 if(WIN32)
+  if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    set(CMAKE_SYSTEM_PROCESSOR "arm64")
+  else()
+    message("Setting QSPECTRE")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
+  endif()
   add_definitions(-DWIN32 -D_WINDOWS -DOS_WIN32 -D_CRT_SECURE_NO_WARNINGS)
 
   #
@@ -69,9 +75,6 @@ if(WIN32)
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /guard:cf")
   set(CMAKE_EXE_LINKER_FLAGS  "${CMAKE_EXE_LINKER_FLAGS} /guard:cf /DYNAMICBASE")
 
-  message("Setting QSPECTRE")
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre")
-
   message("Setting CETCOMPAT")
   set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} /CETCOMPAT")
 
@@ -164,15 +167,45 @@ add_custom_target(hamcore-archive-build
   ALL
   DEPENDS "${BUILD_DIRECTORY}/hamcore.se2"
 )
+if(IS_CROSS_COMPILATION MATCHES "arm64-on-x64")
+    file(TO_CMAKE_PATH "${TOP_DIRECTORY}" TOP_DIRECTORY_NORM)
+    set(X64_HAMCORE_BUILDER
+      "${TOP_DIRECTORY_NORM}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"
+    )
+    if(EXISTS "${X64_HAMCORE_BUILDER}")
+      message(STATUS "file exist (from TOP_DIRECTORY)")
+    endif()
 
-add_custom_command(
-  COMMENT "Building hamcore.se2 archive file..."
-  COMMAND hamcorebuilder "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
-  DEPENDS hamcorebuilder "${TOP_DIRECTORY}/src/bin/hamcore/"
-  OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
-  WORKING_DIRECTORY "${BUILD_DIRECTORY}"
-  VERBATIM
-)
+  # support cross compile, when you compile ARM64 version on X64 Platform
+  if(EXISTS "${X64_HAMCORE_BUILDER}")
+    message("X64_HAMCORE_BUILDER found: ${X64_HAMCORE_BUILDER}")
+  elseif(EXISTS("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe"))
+    set(X64_HAMCORE_BUILDER "${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+  else()
+	message("${TOP_DIRECTORY}/out/build/x64-native/src/hamcorebuilder/hamcorebuilder.exe")
+    message(FATAL_ERROR "X64_HAMCORE_BUILDER not found: ${X64_HAMCORE_BUILDER}, pls build x64-native version first")
+  endif()
+  message(STATUS "X64_HAMCORE_BUILDER = ${X64_HAMCORE_BUILDER}")
+
+  add_custom_command(
+    COMMENT "Building hamcore.se2 archive file..."
+    COMMAND ${X64_HAMCORE_BUILDER} "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
+    DEPENDS ${X64_HAMCORE_BUILDER} "${TOP_DIRECTORY}/src/bin/hamcore/"
+    OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
+    WORKING_DIRECTORY "${BUILD_DIRECTORY}"
+    VERBATIM
+  )
+
+else()
+  add_custom_command(
+      COMMENT "Building hamcore.se2 archive file..."
+      COMMAND hamcorebuilder "hamcore.se2" "${TOP_DIRECTORY}/src/bin/hamcore"
+      DEPENDS hamcorebuilder "${TOP_DIRECTORY}/src/bin/hamcore/"
+      OUTPUT "${BUILD_DIRECTORY}/hamcore.se2"
+      WORKING_DIRECTORY "${BUILD_DIRECTORY}"
+      VERBATIM
+  )
+endif()
 
 if(WIN32)
   # PenCore

src/Cedar/CMakeLists.txt

@@ -12,6 +12,15 @@ else()
   add_library(cedar SHARED ${SOURCES_CEDAR} ${SOURCES_CEDAR_CPP} ${HEADERS_CEDAR})
 endif()
 
+if(MSVC)
+  target_compile_options(cedar PRIVATE /EHsc)
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+  if(CMAKE_CXX_COMPILER_FRONTEND_VARIANT STREQUAL "MSVC")
+    target_compile_options(cedar PRIVATE /EHsc)
+  else()
+    target_compile_options(cedar PRIVATE -fexceptions)
+  endif()
+endif()
 set_target_properties(cedar
   PROPERTIES
   ARCHIVE_OUTPUT_DIRECTORY "${BUILD_DIRECTORY}"
@@ -22,19 +31,22 @@ set_target_properties(cedar
 target_link_libraries(cedar PUBLIC mayaqua)
 
 cmake_host_system_information(RESULT HAS_SSE2 QUERY HAS_SSE2)
-
-set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
-set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
-
+if(CMAKE_SYSTEM_PROCESSOR MATCHES "arm64|aarch64|arm64v8|ARM64")
+  message(STATUS "Target architecture is ARM64")
+  set(BLAKE2_SRC_PATH "${TOP_DIRECTORY}/3rdparty/BLAKE2/neon")
+  set(BLAKE2_SRC "${BLAKE2_SRC_PATH}/blake2s-neon.c")
+else()
+  set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
+  set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
+  if(HAS_SSE2)
+    # If SSE2 is enabled, a build failure occurs with MSVC because it doesn't define "__SSE2__".
+    # The fix consists in defining "HAVE_SSE2" manually, effectively overriding the check.
+    set_property(SOURCE ${BLAKE2_SRC} PROPERTY COMPILE_DEFINITIONS "HAVE_SSE2")
+  endif()
+endif()
 target_include_directories(cedar PUBLIC ${BLAKE2_SRC_PATH})
 target_sources(cedar PRIVATE ${BLAKE2_SRC})
 
-if(HAS_SSE2)
-  # If SSE2 is enabled, a build failure occurs with MSVC because it doesn't define "__SSE2__".
-  # The fix consists in defining "HAVE_SSE2" manually, effectively overriding the check.
-  set_property(SOURCE ${BLAKE2_SRC} PROPERTY COMPILE_DEFINITIONS "HAVE_SSE2")
-endif()
-
 if(VCPKG_TARGET_TRIPLET)
   find_package(unofficial-sodium CONFIG REQUIRED)
   target_link_libraries(cedar PUBLIC unofficial-sodium::sodium)

src/Cedar/Command.c

@@ -99,6 +99,8 @@ void CheckNetworkAcceptThread(THREAD *thread, void *param)
 
 	Disconnect(s);
 	ReleaseSock(s);
+
+	Free(c);
 }
 
 
@@ -155,15 +157,15 @@ void CheckNetworkListenThread(THREAD *thread, void *param)
 		}
 		else
 		{
-			CHECK_NETWORK_2 c;
+			CHECK_NETWORK_2 *c;
 			THREAD *t;
 
-			Zero(&c, sizeof(c));
-			c.s = new_sock;
-			c.k = pri;
-			c.x = x;
+			c = ZeroMalloc(sizeof(CHECK_NETWORK_2));
+			c->s = new_sock;
+			c->k = pri;
+			c->x = x;
 
-			t = NewThread(CheckNetworkAcceptThread, &c);
+			t = NewThread(CheckNetworkAcceptThread, c);
 			Insert(o, t);
 		}
 	}

src/Cedar/Console.c

@@ -1938,6 +1938,7 @@ bool PasswordPrompt(char *password, UINT size)
 		c = _getch();
 #else	// OS_WIN32
 		c = getc(stdin);
+PROCESS_CH:
 #endif	// OS_WIN32
 
 		if (c >= 0x20 && c <= 0x7E)
@@ -1952,6 +1953,7 @@ bool PasswordPrompt(char *password, UINT size)
 		else if (c == 0x03)
 		{
 			// Break
+			RestoreConsole(console);
 			exit(0);
 		}
 		else if (c == 0x04 || c == 0x1a || c == 0x0D || c==0x0A)
@@ -1977,7 +1979,47 @@ bool PasswordPrompt(char *password, UINT size)
 				goto BACKSPACE;
 			}
 		}
-		else if (c == 0x08)
+#ifdef OS_UNIX	// OS_UNIX
+		else if (c == 0x1B)
+		{
+			c = getc(stdin);
+			if (c != 0x5B && c != 0x4F)
+			{
+				// ESC key
+				goto PROCESS_CH;
+			}
+
+			c = getc(stdin);
+			if (c == 0x44)
+			{
+				// Left arrow key
+				goto BACKSPACE;
+			}
+			else if (c == 0x33)
+			{
+				c = getc(stdin);
+				if (c == 0x7E)
+				{
+					// Delete key
+					goto BACKSPACE;
+				}
+			}
+
+			// Drain remaining sequence bytes (most are <= 6)
+			for (int i = 0; i < 6; i++)
+			{
+				if (c >= 0x40 && c <= 0x7E)
+				{
+					// End of sequence
+					break;
+				}
+				c = getc(stdin);
+			}
+
+			continue;
+		}
+#endif	// OS_UNIX
+		else if (c == 0x08 || c == 0x7F)
 		{
 BACKSPACE:
 			// Backspace

src/Cedar/IPC.c

@@ -567,6 +567,9 @@ IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address)
 	ipc->Sock = s;
 	AddRef(s->ref);
 
+	// Initialize to pass the validity check on the source IP address performed by IPCSendIPv4()
+	ZeroIP4(&ipc->ClientIPAddress);
+
 	Copy(ipc->MacAddress, mac_address, 6);
 
 	ipc->Interrupt = NewInterruptManager();

src/Cedar/Virtual.c

@@ -1190,6 +1190,67 @@ void NnIpSendForInternet(NATIVE_NAT *t, UCHAR ip_protocol, UCHAR ttl, UINT src_i
 	}
 }
 
+// Host IP address cache TTL in milliseconds (60 seconds)
+#define HOST_IP_CACHE_TTL_MS		60000
+
+// Check if destination IP is one of the host's own IP addresses
+// Uses caching to avoid frequent system calls
+// Returns true if dest_ip matches any of the host's IPs
+bool IsDestinationHostOwnIP(VH *v, UINT dest_ip)
+{
+	bool is_host_ip = false;
+	UINT64 now;
+	LIST *new_list = NULL;
+	// Validate arguments
+	if (v == NULL)
+	{
+		return false;
+	}
+
+	now = Tick64();
+
+	Lock(v->HostIPCacheLock);
+	{
+		// Check if cache needs refresh (every 60 seconds or if not initialized)
+		if (v->HostIPAddressCache == NULL || now >= v->HostIPCacheExpires)
+		{
+			// Get new list while holding the lock to prevent multiple threads from refreshing
+			new_list = GetHostIPAddressList();
+			
+			// Free old cache
+			if (v->HostIPAddressCache != NULL)
+			{
+				FreeHostIPAddressList(v->HostIPAddressCache);
+			}
+			
+			// Set new cache with TTL
+			v->HostIPAddressCache = new_list;
+			v->HostIPCacheExpires = now + HOST_IP_CACHE_TTL_MS;
+		}
+
+		// Check if dest_ip matches any cached host IP
+		if (v->HostIPAddressCache != NULL)
+		{
+			UINT i;
+			IP dest_ip_obj;
+			UINTToIP(&dest_ip_obj, dest_ip);
+			
+			for (i = 0; i < LIST_NUM(v->HostIPAddressCache); i++)
+			{
+				IP *host_ip = LIST_DATA(v->HostIPAddressCache, i);
+				if (IsIP4(host_ip) && CmpIpAddr(&dest_ip_obj, host_ip) == 0)
+				{
+					is_host_ip = true;
+					break;
+				}
+			}
+		}
+	}
+	Unlock(v->HostIPCacheLock);
+
+	return is_host_ip;
+}
+
 // Communication of ICMP towards the Internet
 void NnIcmpEchoRecvForInternet(VH *v, UINT src_ip, UINT dest_ip, void *data, UINT size, UCHAR ttl, void *icmp_data, UINT icmp_size, UCHAR *ip_header, UINT ip_header_size, UINT max_l3_size)
 {
@@ -1209,6 +1270,15 @@ void NnIcmpEchoRecvForInternet(VH *v, UINT src_ip, UINT dest_ip, void *data, UIN
 		return;
 	}
 
+	// Check if destination is the host's own IP address
+	// When Native NAT tries to send packets to the host's own IP, the OS routing
+	// may fail or behave unexpectedly. Drop such packets to avoid issues.
+	if (IsDestinationHostOwnIP(v, dest_ip))
+	{
+		// Destination is the host's own IP - drop the packet
+		return;
+	}
+
 	t = v->NativeNat;
 
 	old_icmp_header = (ICMP_HEADER *)icmp_data;
@@ -1351,6 +1421,15 @@ void NnUdpRecvForInternet(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT
 		return;
 	}
 
+	// Check if destination is the host's own IP address
+	// When Native NAT tries to send packets to the host's own IP, the OS routing
+	// may fail or behave unexpectedly. Drop such packets to avoid issues.
+	if (IsDestinationHostOwnIP(v, dest_ip))
+	{
+		// Destination is the host's own IP - drop the packet
+		return;
+	}
+
 	t = v->NativeNat;
 
 	// Search whether there is an existing session
@@ -1449,6 +1528,15 @@ void NnTcpRecvForInternet(VH *v, UINT src_ip, UINT src_port, UINT dest_ip, UINT
 		return;
 	}
 
+	// Check if destination is the host's own IP address
+	// When Native NAT tries to send packets to the host's own IP, the OS routing
+	// may fail or behave unexpectedly. Drop such packets to avoid issues.
+	if (IsDestinationHostOwnIP(v, dest_ip))
+	{
+		// Destination is the host's own IP - drop the packet
+		return;
+	}
+
 	t = v->NativeNat;
 
 	// Search whether there is an existing session
@@ -2815,6 +2903,7 @@ void NativeNatThread(THREAD *thread, void *param)
 		if (a != NULL)
 		{
 			char macstr[64];
+			IP dhcp_ip;
 			// Acquisition success
 			Debug("NnGetNextInterface Ok: %s\n", a->DeviceName);
 
@@ -2842,9 +2931,10 @@ void NativeNatThread(THREAD *thread, void *param)
 
 			Debug("NnMainLoop Start.\n");
 			MacToStr(macstr, sizeof(macstr), a->Ipc->MacAddress);
+			UINTToIP(&dhcp_ip, a->CurrentDhcpOptionList.ServerAddress);
 			NLog(t->v, "LH_KERNEL_MODE_START", a->DeviceName,
 			     &a->Ipc->ClientIPAddress, &a->Ipc->SubnetMask, &a->Ipc->DefaultGateway, &a->Ipc->BroadcastAddress,
-			     macstr, &a->CurrentDhcpOptionList.ServerAddress, &a->DnsServerIP);
+				macstr, &dhcp_ip, &a->DnsServerIP);
 			NnMainLoop(t, a);
 			Debug("NnMainLoop End.\n");
 
@@ -10191,6 +10281,13 @@ void Virtual_Free(VH *v)
 
 	LockVirtual(v);
 	{
+		// Free host IP cache
+		if (v->HostIPAddressCache != NULL)
+		{
+			FreeHostIPAddressList(v->HostIPAddressCache);
+			v->HostIPAddressCache = NULL;
+		}
+
 		// Release the IP combining list
 		FreeIpCombineList(v);
 
@@ -10225,6 +10322,9 @@ void Virtual_Free(VH *v)
 	}
 	UnlockVirtual(v);
 
+	// Release the host IP cache lock
+	DeleteLock(v->HostIPCacheLock);
+
 	// Release the logger
 	FreeLog(v->Logger);
 }
@@ -10355,6 +10455,11 @@ VH *NewVirtualHostEx(CEDAR *cedar, CLIENT_OPTION *option, CLIENT_AUTH *auth, VH_
 
 	v->nat = nat;
 
+	// Initialize host IP cache for Native NAT
+	v->HostIPAddressCache = NULL;
+	v->HostIPCacheExpires = 0;
+	v->HostIPCacheLock = NewLock();
+
 	// Examine whether ICMP Raw Socket can be created
 	s = NewUDP4(MAKE_SPECIAL_PORT(IP_PROTO_ICMPV4), NULL);
 	if (s != NULL)

src/Cedar/Virtual.h

@@ -313,6 +313,11 @@ struct VH
 	HUB_OPTION *HubOption;			// Pointer to the Virtual HUB options
 
 	NATIVE_NAT *NativeNat;			// Native NAT
+
+	// Host IP cache for Native NAT packet filtering
+	LIST *HostIPAddressCache;		// Cached list of host IP addresses
+	UINT64 HostIPCacheExpires;		// When the cache expires (tick64)
+	LOCK *HostIPCacheLock;			// Lock for cache access
 };
 
 // Virtual host option

src/Mayaqua/Encrypt.c

@@ -4462,9 +4462,13 @@ bool IsAesNiSupported()
 
 	// Unfortunately OpenSSL doesn't provide a function to do it
 #ifdef _MSC_VER
-	int regs[4]; // EAX, EBX, ECX, EDX
-	__cpuid(regs, 1);
-	supported = (regs[2] >> 25) & 1;
+  #if defined(_M_X64) || defined(_M_IX86)
+    int regs[4]; // EAX, EBX, ECX, EDX
+    __cpuid(regs, 1);
+    supported = (regs[2] >> 25) & 1;
+  #elif defined(_M_ARM64)
+	return IsProcessorFeaturePresent(PF_ARM_V8_CRYPTO_INSTRUCTIONS_AVAILABLE);
+  #endif
 #else // _MSC_VER
 	#if defined(CPU_FEATURES_ARCH_X86)
 		const X86Features features = GetX86Info().features;

src/Neo6/NDIS6.c

@@ -5,7 +5,8 @@
 // NDIS6.c
 // Windows NDIS 6.2 Routine
 
-#include <GlobalConst.h>
+//#include <GlobalConst.h>
+#include "GlobalConst.h"
 
 #define	NEO_DEVICE_DRIVER
 

src/Neo6/NDIS6.h

@@ -9,25 +9,37 @@
 #define	NDIS5_H
 
 // Win32 DDK related
-#ifndef	CPU_64
-#define	_X86_
-#else	// CPU_64
-#ifndef	NEO_IA64
-#define	_AMD64_
-#define	AMD64
-#else	// NEO_IA64
-#define	_IA64_
-#define	IA64
-#endif	// NEO_IA64
-#endif	// CPU_64
+#ifndef CPU_64
+#define _X86_
+#else // CPU_64
+#ifdef CPU_ARM64
+//#define _ARM64_
+//#define ARM64
+#elif defined(NEO_IA64)
+#define _IA64_
+#define IA64
+#else
+#define _AMD64_
+#define AMD64
+#endif
+#endif // CPU_64
 #define	NDIS_MINIPORT_DRIVER
-// NDIS 6.2
-#define	NDIS620_MINIPORT
-#define	NDIS_SUPPORT_NDIS61			1
-#define	NDIS_SUPPORT_NDIS620		1
-#define NEO_NDIS_MAJOR_VERSION		6
-#define NEO_NDIS_MINOR_VERSION		20
-#define	NDIS_WDM					1
+#ifdef CPU_ARM64
+	#define NDIS640_MINIPORT 
+	#define NDIS_MINIPORT_MINIMUM_MAJOR_VERSION 6
+	#define NDIS_MINIPORT_MINIMUM_MINOR_VERSION 40
+	#define NEO_NDIS_MAJOR_VERSION 6
+	#define NEO_NDIS_MINOR_VERSION 40
+#else
+	// NDIS 6.2
+	#define	NDIS620_MINIPORT
+	#define	NDIS_SUPPORT_NDIS61			1
+	#define	NDIS_SUPPORT_NDIS620		1
+	#define NEO_NDIS_MAJOR_VERSION		6
+	#define NEO_NDIS_MINOR_VERSION		20
+	#define	NDIS_WDM					1
+#endif
+
 
 #include <wdm.h>
 #include <ndis.h>

src/Neo6/Neo6.vcxproj

@@ -0,0 +1,107 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Release|ARM64">
+      <Configuration>Release</Configuration>
+      <Platform>ARM64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>17.0</VCProjectVersion>
+    <ProjectGuid>{F7679B65-2FEC-469A-8BAC-B07BF4439422}</ProjectGuid>
+    <RootNamespace>Neo6</RootNamespace>
+    <Keyword>Win32Proj</Keyword>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
+      <TargetVersion>Windows10</TargetVersion>
+      <UseDebugLibraries>false</UseDebugLibraries>
+      <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+      <ConfigurationType>Driver</ConfigurationType>
+      <DriverType>KMDF</DriverType>
+      <DriverTargetPlatform>Universal</DriverTargetPlatform>
+      <TargetName>Neo6_arm64_unsigned</TargetName>
+      <TargetExt>.sys</TargetExt>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup>
+    <_ProjectFileVersion>17.0.36310.24</_ProjectFileVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
+    <IntDir>$(Platform)_$(Configuration)\</IntDir>
+    <IgnoreImportLibrary>true</IgnoreImportLibrary>
+    <LinkIncremental>false</LinkIncremental>
+    <GenerateManifest>false</GenerateManifest>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
+    <Midl />
+    <ClCompile>
+      <Optimization>MaxSpeed</Optimization>
+      <InlineFunctionExpansion>Default</InlineFunctionExpansion>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <FavorSizeOrSpeed>Neither</FavorSizeOrSpeed>
+      <TreatWarningAsError>false</TreatWarningAsError>
+      <AdditionalIncludeDirectories>$(ProjectDir)\..\;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>ARM64;_ARM64_;CPU_64;WIN32;CPU_ARM64;NDEBUG;_WINDOWS;_USRDLL;NEO_EXPORTS;VPN_SPEED;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <StringPooling>false</StringPooling>
+      <ExceptionHandling>
+      </ExceptionHandling>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <StructMemberAlignment>8Bytes</StructMemberAlignment>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <FunctionLevelLinking>false</FunctionLevelLinking>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+
+      <CompileAs>CompileAsC</CompileAs>
+      <DisableSpecificWarnings>4996;%(DisableSpecificWarnings)</DisableSpecificWarnings>
+    </ClCompile>
+    <!-- <PreLinkEvent>
+      <Command>$(SolutionDir)bin\BuildUtil.exe /CMD:GenerateVersionResource "$(TargetPath)" /OUT:"$(SolutionDir)tmp\VersionResources\$(ProjectName)_$(Platform).res" /PRODUCT:"SoftEther VPN"</Command>
+    </PreLinkEvent> -->
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+    <Link>
+      <OutputFile>$(OutDir)Neo6_arm64_unsigned.sys</OutputFile>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <AdditionalDependencies>ntoskrnl.lib;wdm.lib;hal.lib;;ucrt.lib;ndis.lib;wdmsec.lib;ntdll.lib;Kernel32.lib;fwpkclnt.lib;libcntpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <!-- <ImportLibrary>$(SolutionDir)tmp\lib\$(Platform)_$(Configuration)\$(ProjectName).lib</ImportLibrary> -->
+      <TargetMachine>MachineARM64</TargetMachine>
+    </Link>
+    <!-- <PostBuildEvent>
+      <Command>$(SolutionDir)bin\BuildUtil.exe /CMD:SignCode "$(TargetPath)" /DEST:"$(TargetDir)Neo6_ARM64.sys" /COMMENT:"VPN Software" /KERNEL:yes /CERTID:0 /SHAMODE:0
+      $(SolutionDir)bin\BuildUtil.exe /CMD:SignCode "$(TargetPath)" /DEST:"$(TargetDir)Neo6_ARM64_win10.sys" /COMMENT:"VPN Software" /KERNEL:yes /CERTID:0 /SHAMODE:2
+      </Command>
+    </PostBuildEvent> -->
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="NDIS6.c" />
+    <ClCompile Include="Neo6.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="NDIS6.h" />
+    <ClInclude Include="Neo6.h" />
+    <ClInclude Include="resource.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="Neo6.rc" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

src/bin/hamcore/DriverPackages/Neo6_Win10/arm64/Neo6_arm64_VPN.inf

@@ -0,0 +1,114 @@
+; VPN Client Device Driver for Windows 2000 and Greater
+; 
+; Copyright (c) SoftEther Corporation. All Rights Reserved.
+; http://www.softether.co.jp/
+; 
+; BUILD 9658
+
+[Version]
+Signature					= "$Windows NT$"
+Class						= Net
+ClassGUID					= {4D36E972-E325-11CE-BFC1-08002BE10318}
+Provider					= %CompanyName%
+DriverVer					= 02/04/2018, 4.25.0.9658
+CatalogFile.NT				= Neo6_arm64_VPN.cat
+
+[Manufacturer]
+%CompanyName% 				= SoftEther, NTarm64
+
+[SourceDisksNames]
+1=%DiskDescription%, "", , 
+
+[SourceDisksFiles]
+Neo6_arm64_VPN.sys	= 1
+
+[DestinationDirs]
+DefaultDestDir				= 12
+Neo.CopyFiles.Sys			= 12
+
+[Neo.CopyFiles.Sys]
+Neo6_arm64_VPN.sys, , , 2
+
+[SoftEther.NTarm64]
+%NeoAdapter.DeviceDesc%	= NeoAdapter.Install, NeoAdapter_VPN
+
+[NeoAdapter.Install]
+Characteristics				= 0x1
+AddReg						= Neo.Reg, NeoAdapter.Ndi
+CopyFiles					= Neo.CopyFiles.Sys
+*IfType						= 53
+*MediaType					= 0
+*PhysicalMediaType			= 0
+
+[NeoAdapter.Install.Services]
+AddService					= %Neo.Service.Name%, 2, Neo.Service, Neo.EventLog, , %Neo, EventLog.Name%
+
+[NeoAdapter.Ndi]
+HKR, , NetworkAddress, 0, %DefaultAddress%
+HKR, Ndi, DeviceID, , "NeoAdapter_VPN"
+HKR, , DevLoader, , ndis
+HKR, , DeviceVxDs, , Neo6_arm64_VPN.sys
+HKR, NDIS, LogDriverName, , "Neo_VPN"
+HKR, NDIS, MajorNdisVersion, 1, 5
+HKR, NDIS, MinorNdisVersion, 1, 0
+HKR, Ndi\Interfaces, DefUpper, , "ndis5"
+HKR, Ndi\Interfaces, UpperRange, , "ndis5"
+HKR, Ndi\Interfaces, LowerRange, , "ethernet"
+HKR, Ndi\Interfaces, DefLower, , "ethernet"
+HKR, Ndi\Install, ndis5, , "Neo.CopyFiles.Sys"
+HKR, Ndi\Params\NetworkAddress, ParamDesc, 0, %NetworkAddress%
+HKR, Ndi\Params\NetworkAddress, type, 0, "edit"
+HKR, Ndi\Params\NetworkAddress, LimitText, 0, "12"
+HKR, Ndi\Params\NetworkAddress, UpperCase, 0, "1"
+HKR, Ndi\Params\NetworkAddress, default, 0, %DefaultAddress%
+HKR, Ndi\Params\NetworkAddress, optional, 0, "0"
+HKR, Ndi\Params\MaxSpeed, ParamDesc, 0, %MaxSpeed%
+HKR, Ndi\Params\MaxSpeed, type, 0, "int"
+HKR, Ndi\Params\MaxSpeed, default, 0, "100"
+HKR, Ndi\Params\MaxSpeed, min, 0, "0"
+HKR, Ndi\Params\MaxSpeed, max, 0, "2000"
+HKR, Ndi\Params\MaxSpeed, step, 0, "1"
+HKR, Ndi\Params\MaxSpeed, Base, 0, "10"
+HKR, Ndi\Params\KeepLink, ParamDesc, 0, %KeepLink%
+HKR, Ndi\Params\KeepLink, type, 0, "enum"
+HKR, Ndi\Params\KeepLink\enum, "1", 0, %On%
+HKR, Ndi\Params\KeepLink\enum, "0", 0, %Off%
+HKR, Ndi\Params\KeepLink, default, 0, "0"
+
+
+[Neo.Service]
+DisplayName					= %Neo.Service.DispName%
+Description					= %Neo.Service.Desc%
+ServiceType					= 1
+StartType					= 3
+ErrorControl				= 1
+ServiceBinary				= %12%\Neo6_arm64_VPN.sys
+LoadOrderGroup				= NDIS
+
+[Neo.Reg]
+HKR, Ndi, Service, 0, Neo.Service.Name
+HKR, Ndi\Interfaces, LowerRange, 0, "ethernet"
+HKR, Ndi\Interfaces, UpperRange, 0, "ndis5"
+
+[Neo.EventLog]
+HKR, , EventMessageFile, 0x00020000, "%11%\IoLogMsg.dll;%12%\Neo6_arm64_VPN.sys"
+HKR, , TypesSupported, 0x00010001, 7
+
+[Strings]
+CompanyName					= "SoftEther Corporation"
+DiskDescription				= "VPN Client Device Driver Install Disk"
+Neo.Service.Name			= "Neo_VPN"
+Neo.Service.DispName		= "VPN Client Device Driver - VPN"
+Neo.Service.Desc			= "VPN Client Adapter - VPN"
+NeoAdapter.DeviceDesc		= "VPN Client Adapter - VPN"
+Neo.EventLog.Name			= "Neo"
+NetworkAddress				= "MAC Address"
+DefaultAddress				= "000001000001"
+MaxSpeed					= "Indicate Speed (Mbps)"
+KeepLink					= "Keep Link"
+On							= "On"
+Off							= "Off"
+
+
+; Auto Generated 20180205_163621.454
+

src/bin/hamcore/languages.txt

@@ -10,3 +10,4 @@
 5 ru Russian Русский 1049 ru
 6 pt_br Portuguese-Brazil Português-Brasil 1046 pt_br
 7 id Indonesian Bahasa 1057 id
+8 tr Turkish Türkçe 1055 tr

src/bin/hamcore/languages_wine.txt

@@ -3,4 +3,4 @@
 
 # 番号 識別子 英語表記 ローカル表記 Windowsロケール番号 UNIXロケール文字一覧
 1 en English English 1033 en,us,c
-
+8 tr Turkish Türkçe 1055 tr

src/bin/hamcore/strtable_en.stb

@@ -200,7 +200,7 @@ ERR_133					The specified Dynamic DNS hostname is already used. Please change th
 ERR_134					The specified Dynamic DNS hostname has an invalid characters. Please change the hostname.
 ERR_135					The length of the specified Dynamic DNS hostname is too long. A hostname must be equal or shorter than 31 letters.
 ERR_136					The Dynamic DNS hostname is not specified.
-ERR_137					The length of the specified Dynamic DNS hostname is too long. A hostname must be equal of longer than 3 letters.
+ERR_137					The length of the specified Dynamic DNS hostname is too short. A hostname must be equal or longer than 3 letters.
 ERR_138					The password of the specified user in the Virtual Hub must be reset before using MS-CHAP v2 authentication. Please ask the administrator of the VPN Server to reset the password by the VPN Server Manager or vpncmd which internal version is 4.0 or greater. Or you can change the password with VPN Client by yourself.
 ERR_139					The connection to the Dynamic DNS server has been disconnected.
 ERR_140					Failed to initialize the ICMP (Ping) protocol. The process of the VPN Server might be running in a normal-user privileges. In such case, run the VPN Server as a system service. (in Linux / UNIX, run it in root privileges.)
@@ -7422,3 +7422,4 @@ SW_LINK_NAME_LANGUAGE_COMMENT				Change the display language setting of %s.
 
 SW_LINK_NAME_DEBUG							Debugging Information Collecting Tool
 SW_LINK_NAME_DEBUG_COMMENT					Collects debugging information of SoftEther VPN. Use this tool only if your support staff asks you to do so.
+