From 89d75f72430a2bd726c2aa13f48a31d95c057696 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Tue, 3 Jan 2017 22:40:48 -0600
Subject: [PATCH] Bugfix for Android 6 and 7

- Add "sha2-truncbug=yes" to /etc/ipsec.conf to fix VPN connections
  on Android 6 (Marshmallow) and 7 (Nougat)
- Ref: https://libreswan.org/wiki/FAQ#Configuration_Matters
---
 vpnsetup.sh        | 1 +
 vpnsetup_centos.sh | 1 +
 2 files changed, 2 insertions(+)

diff --git a/vpnsetup.sh b/vpnsetup.sh
index 2ea82f9..e72daf5 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -218,6 +218,7 @@ conn shared
   dpdaction=clear
   ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256
   phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256
+  sha2-truncbug=yes
 
 conn l2tp-psk
   auto=add
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 27c77de..1da1918 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -205,6 +205,7 @@ conn shared
   dpdaction=clear
   ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256
   phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256
+  sha2-truncbug=yes
 
 conn l2tp-psk
   auto=add