From c5bf01d089278cbc07b24a35a183d63ab0684362 Mon Sep 17 00:00:00 2001
From: 7u83 <7u83@mail.ru>
Date: Wed, 28 Feb 2018 19:49:56 +0100
Subject: [PATCH] multiple encryption and hash algos for p2

---
 templates/racoon/racoon.conf.erb           | 5 +++--
 templates/strongswan/ipsec.conf.tunnel.erb | 5 ++++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/templates/racoon/racoon.conf.erb b/templates/racoon/racoon.conf.erb
index 0630e49..8806206 100644
--- a/templates/racoon/racoon.conf.erb
+++ b/templates/racoon/racoon.conf.erb
@@ -25,8 +25,9 @@ remote <%= @remote_ip %> {
 sainfo address <%= net['local'] %> <%= @netproto %> address <%= net['remote'] %> <%= @netproto %>
 {
 	pfs_group <%= @pfs_group %>;
-	encryption_algorithm <%= @saencryption %>;
-	authentication_algorithm hmac_<%= @p2hash %>;
+	encryption_algorithm <%= @saencryption.join(",") %>;
+	<%- @komma="" -%>
+	authentication_algorithm <%- @p2hash.each do |hmalgo| -%><%=@komma -%>hmac_<%= hmalgo -%> <%- @komma=',' -%> <%- end -%>; 
 	compression_algorithm deflate;
 	lifetime time <%= @salifetime %>;
 }
diff --git a/templates/strongswan/ipsec.conf.tunnel.erb b/templates/strongswan/ipsec.conf.tunnel.erb
index 81a984c..c162cf7 100644
--- a/templates/strongswan/ipsec.conf.tunnel.erb
+++ b/templates/strongswan/ipsec.conf.tunnel.erb
@@ -10,7 +10,10 @@ conn "<%= @title %>"
 	right=<%= @remote_ip %>
         rightsubnet=<%= net['remote'] %>
 	ike=<%= @encryption %>-<%= @hash %>-<%= @dh_group %>
-	esp=<%= @saencryption %>-<%= @p2hash %>-<%= @pfs_group %>
+	<%- @komma='' -%>	
+	esp= <%- @saencryption.each do |saenc| -%> <%- @p2hash.each do |p2h| -%><%= @komma -%><%= saenc %>-<%= p2h %>-<%= @pfs_group -%> <%- @komma=',' %><%- end -%> <%- end -%>
+
+
 	auto=start
 	authby=secret
         keyexchange=ikev1