From f2f6524201b32157ebe745a4cdcb308351986189 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Tue, 8 May 2018 00:39:52 -0500
Subject: [PATCH] Re-add Android workaround

- VPN on Android 6.0, 7.0 and 7.1.1 requires sha2-truncbug=yes to work
- Android 5.1, 8.0 and 8.1 also connect OK with this setting
- Ref: https://libreswan.org/wiki/FAQ#Configuration_Matters
---
 vpnsetup.sh        | 2 +-
 vpnsetup_centos.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vpnsetup.sh b/vpnsetup.sh
index bfe9fcf..2b5df53 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -247,7 +247,7 @@ conn shared
   dpdaction=clear
   ike=3des-sha1,3des-sha2,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024
   phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2
-  sha2-truncbug=no
+  sha2-truncbug=yes
 
 conn l2tp-psk
   auto=add
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index f70157b..c96ef5a 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -235,7 +235,7 @@ conn shared
   dpdaction=clear
   ike=3des-sha1,3des-sha2,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024
   phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2
-  sha2-truncbug=no
+  sha2-truncbug=yes
 
 conn l2tp-psk
   auto=add