From 3353888ee908c5365a36cd7f3d25bbb0651054aa Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sun, 22 Sep 2019 20:37:23 -0700
Subject: [PATCH] Set sha2-truncbug to no

- This fixes VPN connection issues on iOS 13
- Android 6.x and 7.x users may require sha2-truncbug=yes. Will note
  this in the documentation
- Fixes #638
---
 vpnsetup.sh        | 2 +-
 vpnsetup_centos.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vpnsetup.sh b/vpnsetup.sh
index a146f55..d6cf046 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -239,7 +239,7 @@ conn shared
   ikev2=never
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
-  sha2-truncbug=yes
+  sha2-truncbug=no
 
 conn l2tp-psk
   auto=add
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 789132c..a644263 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -226,7 +226,7 @@ conn shared
   ikev2=never
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
-  sha2-truncbug=yes
+  sha2-truncbug=no
 
 conn l2tp-psk
   auto=add