From c0f0d47a64c0659f331a24ca23e792f865ef3a61 Mon Sep 17 00:00:00 2001
From: Nyr <me@nyr.be>
Date: Sun, 4 Jun 2017 13:16:57 +0200
Subject: [PATCH] Upgrade HMAC digest algorithm to SHA-512

This was long overdue for compatibility reasons. My decision to force
the upgrade now, has been made following recomendations published in
the OpenVPN 2.4 audit performed by Cryptography Engineering LLC.
---
 openvpn-install.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 88f8152..bc593c0 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -264,6 +264,7 @@ ca ca.crt
 cert server.crt
 key server.key
 dh dh.pem
+auth SHA512
 tls-auth ta.key 0
 topology subnet
 server 10.8.0.0 255.255.255.0
@@ -402,6 +403,7 @@ nobind
 persist-key
 persist-tun
 remote-cert-tls server
+auth SHA512
 cipher AES-256-CBC
 comp-lzo
 setenv opt block-outside-dns