From fb604cdc7f1281bbd19b413db926518cd0c91c46 Mon Sep 17 00:00:00 2001
From: pfg <pfg@pfgs-MacBook-Pro.local>
Date: Tue, 29 May 2018 14:17:55 -0700
Subject: [PATCH 1/6] Actually do it right

---
 auto_install/install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index 78a838f..f7b1bf8 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -699,6 +699,7 @@ setClientDNS() {
             DNS.WATCH "" off
             Norton "" off
             FamilyShield "" off
+	    CloudFlare "" off
             Custom "" off)
 
     if DNSchoices=$("${DNSChoseCmd[@]}" "${DNSChooseOptions[@]}" 2>&1 >/dev/tty)
@@ -707,7 +708,7 @@ setClientDNS() {
       if [[ ${DNSchoices} != "Custom" ]]; then
 
         echo "::: Using ${DNSchoices} servers."
-        declare -A DNS_MAP=(["Google"]="8.8.8.8 8.8.4.4" ["OpenDNS"]="208.67.222.222 208.67.220.220" ["Level3"]="209.244.0.3 209.244.0.4" ["DNS.WATCH"]="84.200.69.80 84.200.70.40" ["Norton"]="199.85.126.10 199.85.127.10" ["FamilyShield"]="208.67.222.123 208.67.220.123")
+        declare -A DNS_MAP=(["Google"]="8.8.8.8 8.8.4.4" ["OpenDNS"]="208.67.222.222 208.67.220.220" ["Level3"]="209.244.0.3 209.244.0.4" ["DNS.WATCH"]="84.200.69.80 84.200.70.40" ["Norton"]="199.85.126.10 199.85.127.10" ["FamilyShield"]="208.67.222.123 208.67.220.123" ["CloudFlare"]="1.1.1.1 1.0.0.1")
 
         OVPNDNS1=$(awk '{print $1}' <<< "${DNS_MAP["${DNSchoices}"]}")
         OVPNDNS2=$(awk '{print $2}' <<< "${DNS_MAP["${DNSchoices}"]}")

From 79d4245edb508c6799c6de9e8aeff1c4565fdf22 Mon Sep 17 00:00:00 2001
From: pfg <pfg@pfgs-MacBook-Pro.local>
Date: Tue, 29 May 2018 14:19:16 -0700
Subject: [PATCH 2/6] Fix spacing

---
 auto_install/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index f7b1bf8..8c4d07d 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -699,7 +699,7 @@ setClientDNS() {
             DNS.WATCH "" off
             Norton "" off
             FamilyShield "" off
-	    CloudFlare "" off
+            CloudFlare "" off
             Custom "" off)
 
     if DNSchoices=$("${DNSChoseCmd[@]}" "${DNSChooseOptions[@]}" 2>&1 >/dev/tty)

From 58fcaafcf1b7f1b7adcf26b471ac7cb4bf28575c Mon Sep 17 00:00:00 2001
From: Giraffe1966 <35208168+Giraffe1966@users.noreply.github.com>
Date: Mon, 2 Jul 2018 17:34:26 -0400
Subject: [PATCH 3/6] Fix issue #552.

---
 auto_install/install.sh | 80 -----------------------------------------
 1 file changed, 80 deletions(-)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index 8c4d07d..194cd5b 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -502,85 +502,6 @@ stopServices() {
     $SUDO echo " done."
 }
 
-checkForDependencies() {
-    #Running apt-get update/upgrade with minimal output can cause some issues with
-    #requiring user input (e.g password for phpmyadmin see #218)
-    #We'll change the logic up here, to check to see if there are any updates available and
-    # if so, advise the user to run apt-get update/upgrade at their own discretion
-    #Check to see if apt-get update has already been run today
-    # it needs to have been run at least once on new installs!
-
-    timestamp=$(stat -c %Y /var/cache/apt/)
-    timestampAsDate=$(date -d @"$timestamp" "+%b %e")
-    today=$(date "+%b %e")
-
-    case ${PLAT} in
-        Ubuntu|Debian|Devuan)
-            case ${OSCN} in
-                trusty|jessie|wheezy|stretch)
-                    wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg| $SUDO apt-key add -
-                    echo "deb http://swupdate.openvpn.net/apt $OSCN main" | $SUDO tee /etc/apt/sources.list.d/swupdate.openvpn.net.list > /dev/null
-                    echo -n "::: Adding OpenVPN repo for $PLAT $OSCN ..."
-                    $SUDO apt-get -qq update & spinner $!
-                    echo " done!"
-                    ;;
-            esac
-            ;;
-    esac
-    if [[ $PLAT == "Ubuntu" || $PLAT == "Debian" ]]; then
-        if [[ $OSCN == "trusty" || $OSCN == "jessie" || $OSCN == "wheezy" || $OSCN == "stretch" ]]; then
-            wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg| $SUDO apt-key add -
-            echo "deb http://build.openvpn.net/debian/openvpn/stable $OSCN main" | $SUDO tee /etc/apt/sources.list.d/swupdate.openvpn.net.list > /dev/null
-            echo -n "::: Adding OpenVPN repo for $PLAT $OSCN ..."
-            $SUDO apt-get -qq update & spinner $!
-            echo " done!"
-        fi
-    fi
-
-    if [ ! "$today" == "$timestampAsDate" ]; then
-        #update package lists
-        echo ":::"
-        echo -n "::: apt-get update has not been run today. Running now..."
-        $SUDO apt-get -qq update & spinner $!
-        echo " done!"
-    fi
-    echo ":::"
-    echo -n "::: Checking apt-get for upgraded packages...."
-    updatesToInstall=$($SUDO apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst)
-    echo " done!"
-    echo ":::"
-    if [[ $updatesToInstall -eq "0" ]]; then
-        echo "::: Your pi is up to date! Continuing with PiVPN installation..."
-    else
-        echo "::: There are $updatesToInstall updates availible for your pi!"
-        echo "::: We recommend you run 'sudo apt-get upgrade' after installing PiVPN! "
-        echo ":::"
-    fi
-    echo ":::"
-    echo "::: Checking dependencies:"
-
-    dependencies=( openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools)
-    for i in "${dependencies[@]}"; do
-        echo -n ":::    Checking for $i..."
-        if [ "$(dpkg-query -W -f='${Status}' "$i" 2>/dev/null | grep -c "ok installed")" -eq 0 ]; then
-            echo -n " Not found! Installing...."
-            #Supply answers to the questions so we don't prompt user
-            if [[ $i = "iptables-persistent" ]]; then
-                echo iptables-persistent iptables-persistent/autosave_v4 boolean true | $SUDO debconf-set-selections
-                echo iptables-persistent iptables-persistent/autosave_v6 boolean false | $SUDO debconf-set-selections
-            fi
-            if [[ $i == "expect" ]] || [[ $i == "openvpn" ]]; then
-                ($SUDO apt-get --yes --quiet --no-install-recommends install "$i" > /dev/null || echo "Installation Failed!" && fixApt) & spinner $!
-            else
-                ($SUDO apt-get --yes --quiet install "$i" > /dev/null || echo "Installation Failed!" && fixApt) & spinner $!
-            fi
-            echo " done!"
-        else
-            echo " already installed!"
-        fi
-    done
-}
-
 getGitFiles() {
     # Setup git repos for base files
     echo ":::"
@@ -1282,7 +1203,6 @@ main() {
     # Install the packages (we do this first because we need whiptail)
     addSoftwareRepo
 
-    #checkForDependencies
     update_package_cache
 
     # Notify user of package availability

From e4067949d583aad42590ba2cfd8046322ed58f17 Mon Sep 17 00:00:00 2001
From: Marvin Lehmann <marvinlehmann@live.de>
Date: Wed, 18 Jul 2018 23:01:36 +0200
Subject: [PATCH 4/6] Use latest DH parameter service API

More information at https://2ton.com.au/safeprimes/
---
 auto_install/install.sh | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index 78a838f..6023b55 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -850,7 +850,7 @@ EOF
 
     if [[ ${useUpdateVars} == false ]]; then
       if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then
-        if ([ "$ENCRYPT" -ge "4096" ] && whiptail --backtitle "Setup OpenVPN" --title "Download Diffie-Hellman Parameters" --yesno --defaultno "Download Diffie-Hellman parameters from a public DH parameter generation service?\n\nGenerating DH parameters for a $ENCRYPT-bit key can take many hours on a Raspberry Pi. You can instead download DH parameters from \"2 Ton Digital\" that are generated at regular intervals as part of a public service. Downloaded DH parameters will be randomly selected from a pool of the last 128 generated.\nMore information about this service can be found here: https://2ton.com.au/dhtool/\n\nIf you're paranoid, choose 'No' and Diffie-Hellman parameters will be generated on your device." ${r} ${c}); then
+        if ([ "$ENCRYPT" -ge "4096" ] && whiptail --backtitle "Setup OpenVPN" --title "Download Diffie-Hellman Parameters" --yesno --defaultno "Download Diffie-Hellman parameters from a public DH parameter generation service?\n\nGenerating DH parameters for a $ENCRYPT-bit key can take many hours on a Raspberry Pi. You can instead download DH parameters from \"2 Ton Digital\" that are generated at regular intervals as part of a public service. Downloaded DH parameters will be randomly selected from their database.\nMore information about this service can be found here: https://2ton.com.au/safeprimes/\n\nIf you're paranoid, choose 'No' and Diffie-Hellman parameters will be generated on your device." ${r} ${c}); then
           DOWNLOAD_DH_PARAM=true
         else
           DOWNLOAD_DH_PARAM=false
@@ -861,8 +861,7 @@ EOF
     if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then
       if [ "$ENCRYPT" -ge "4096" ] && [[ ${DOWNLOAD_DH_PARAM} == true ]]; then
         # Downloading parameters
-        RANDOM_INDEX=$(( RANDOM % 128 ))
-        ${SUDOE} curl "https://2ton.com.au/dhparam/${ENCRYPT}/${RANDOM_INDEX}" -o "/etc/openvpn/easy-rsa/pki/dh${ENCRYPT}.pem"
+        ${SUDOE} curl "https://2ton.com.au/getprimes/random/dhparam/${ENCRYPT}" -o "/etc/openvpn/easy-rsa/pki/dh${ENCRYPT}.pem"
       else
         # Generate Diffie-Hellman key exchange
         ${SUDOE} ./easyrsa gen-dh

From a8b3428744ab5d620d0772097195664971a45f28 Mon Sep 17 00:00:00 2001
From: Alexis Espinosa Perez <aleespin@cisco.com>
Date: Wed, 15 Aug 2018 11:06:12 -0500
Subject: [PATCH 5/6] Create TWO_POINT_FOUR file when running unattended

---
 auto_install/install.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index 78a838f..34a953b 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -848,6 +848,10 @@ EOF
       fi
     fi
 
+    if [[ ${runUnattended} == true ]] && [[ ${APPLY_TWO_POINT_FOUR} == true ]]; then
+      $SUDO touch /etc/pivpn/TWO_POINT_FOUR
+    fi
+
     if [[ ${useUpdateVars} == false ]]; then
       if [[ ${APPLY_TWO_POINT_FOUR} == false ]]; then
         if ([ "$ENCRYPT" -ge "4096" ] && whiptail --backtitle "Setup OpenVPN" --title "Download Diffie-Hellman Parameters" --yesno --defaultno "Download Diffie-Hellman parameters from a public DH parameter generation service?\n\nGenerating DH parameters for a $ENCRYPT-bit key can take many hours on a Raspberry Pi. You can instead download DH parameters from \"2 Ton Digital\" that are generated at regular intervals as part of a public service. Downloaded DH parameters will be randomly selected from a pool of the last 128 generated.\nMore information about this service can be found here: https://2ton.com.au/dhtool/\n\nIf you're paranoid, choose 'No' and Diffie-Hellman parameters will be generated on your device." ${r} ${c}); then

From 18bfa927dafaab8e33e4be39c8140558e9feae4d Mon Sep 17 00:00:00 2001
From: redfast00 <redfast00@gmail.com>
Date: Wed, 15 Aug 2018 21:15:24 +0200
Subject: [PATCH 6/6] Fix typo, fix #429

---
 auto_install/install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auto_install/install.sh b/auto_install/install.sh
index 7f98a97..67093e9 100755
--- a/auto_install/install.sh
+++ b/auto_install/install.sh
@@ -235,7 +235,7 @@ chooseInterface() {
     # Temporary Whiptail options storage
     local chooseInterfaceOptions
     # Loop sentinel variable
-    local firstLoop=1
+    local firstloop=1
 
     if [[ $(echo "${availableInterfaces}" | wc -l) -eq 1 ]]; then
       pivpnInterface="${availableInterfaces}"