From dbb3c6b436c3e05958baf139dac5d399a7d07aac Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sun, 26 Apr 2020 00:32:54 -0500
Subject: [PATCH] Improve RPi workaround

- Newer Raspbian kernels now support SHA512
---
 extras/vpnupgrade.sh | 4 +++-
 vpnsetup.sh          | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index e592e5e..c34e4aa 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -245,7 +245,9 @@ IKE_NEW="  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1
 PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2"
 
 if uname -m | grep -qi '^arm'; then
-  PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2"
+  if ! modprobe -q sha512; then
+    PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2"
+  fi
 fi
 
 sed -i".old-$(date +%F-%T)" \
diff --git a/vpnsetup.sh b/vpnsetup.sh
index 23a1204..01ce889 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -272,7 +272,9 @@ conn xauth-psk
 EOF
 
 if uname -m | grep -qi '^arm'; then
-  sed -i '/phase2alg/s/,aes256-sha2_512//' /etc/ipsec.conf
+  if ! modprobe -q sha512; then
+    sed -i '/phase2alg/s/,aes256-sha2_512//' /etc/ipsec.conf
+  fi
 fi
 
 # Specify IPsec PSK