From e303bfaa76afca75c6c6e4444cbf2ffb034e6bee Mon Sep 17 00:00:00 2001
From: tobyxdd <tobyxdd@gmail.com>
Date: Tue, 6 Aug 2019 00:16:23 +0800
Subject: [PATCH 1/3] Change tls-auth to tls-crypt

---
 Dockerfile         | 2 +-
 Dockerfile.aarch64 | 2 +-
 bin/ovpn_genconfig | 2 +-
 bin/ovpn_getclient | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a85cb24b..2a016a81 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,7 +3,7 @@
 # Smallest base image
 FROM alpine:latest
 
-LABEL maintainer="Kyle Manna <kyle@kylemanna.com>"
+LABEL maintainer="Toby <tobyxdd@gmail.com>"
 
 # Testing: pamtester
 RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 7207a09e..8e3611cf 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -3,7 +3,7 @@
 # Smallest base image
 FROM aarch64/alpine:3.5
 
-LABEL maintainer="Kyle Manna <kyle@kylemanna.com>"
+LABEL maintainer="Toby <tobyxdd@gmail.com>"
 
 RUN echo "http://dl-4.alpinelinux.org/alpine/edge/community/" >> /etc/apk/repositories && \
     echo "http://dl-4.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
diff --git a/bin/ovpn_genconfig b/bin/ovpn_genconfig
index c2ebca6c..2d4694ec 100755
--- a/bin/ovpn_genconfig
+++ b/bin/ovpn_genconfig
@@ -324,7 +324,7 @@ key $EASYRSA_PKI/private/${OVPN_CN}.key
 ca $EASYRSA_PKI/ca.crt
 cert $EASYRSA_PKI/issued/${OVPN_CN}.crt
 dh $EASYRSA_PKI/dh.pem
-tls-auth $EASYRSA_PKI/ta.key
+tls-crypt $EASYRSA_PKI/ta.key
 key-direction 0
 keepalive $OVPN_KEEPALIVE
 persist-key
diff --git a/bin/ovpn_getclient b/bin/ovpn_getclient
index 092aeea9..24d9959a 100755
--- a/bin/ovpn_getclient
+++ b/bin/ovpn_getclient
@@ -59,16 +59,16 @@ $(openssl x509 -in $EASYRSA_PKI/issued/${cn}.crt)
 $(cat $EASYRSA_PKI/ca.crt)
 </ca>
 key-direction 1
-<tls-auth>
+<tls-crypt>
 $(cat $EASYRSA_PKI/ta.key)
-</tls-auth>
+</tls-crypt>
 "
     elif [ "$mode" == "separated" ]; then
         echo "
 key ${cn}.key
 ca ca.crt
 cert ${cn}.crt
-tls-auth ta.key 1
+tls-crypt ta.key 1
 "
     fi
 

From b5c7383973c628a254b2f3b570d53dd3b6ee19f7 Mon Sep 17 00:00:00 2001
From: tobyxdd <tobyxdd@gmail.com>
Date: Tue, 6 Aug 2019 00:29:50 +0800
Subject: [PATCH 2/3] Update README

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cd110301..da9e1a9b 100644
--- a/README.md
+++ b/README.md
@@ -193,7 +193,7 @@ of a guarantee in the future.
 * Proper PKI support integrated into image
 * OpenVPN config files, PKI keys and certs are stored on a storage
   volume for re-use across containers
-* Addition of tls-auth for HMAC security
+* Addition of tls-crypt for security & censorship circumvention in some regions
 
 ## Originally Tested On
 

From 0f58c02f7f6e024465ef191efa05653744425857 Mon Sep 17 00:00:00 2001
From: tobyxdd <tobyxdd@gmail.com>
Date: Tue, 6 Aug 2019 00:32:22 +0800
Subject: [PATCH 3/3] Restore maintainer

---
 Dockerfile         | 2 +-
 Dockerfile.aarch64 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 2a016a81..a85cb24b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,7 +3,7 @@
 # Smallest base image
 FROM alpine:latest
 
-LABEL maintainer="Toby <tobyxdd@gmail.com>"
+LABEL maintainer="Kyle Manna <kyle@kylemanna.com>"
 
 # Testing: pamtester
 RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 8e3611cf..7207a09e 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -3,7 +3,7 @@
 # Smallest base image
 FROM aarch64/alpine:3.5
 
-LABEL maintainer="Toby <tobyxdd@gmail.com>"
+LABEL maintainer="Kyle Manna <kyle@kylemanna.com>"
 
 RUN echo "http://dl-4.alpinelinux.org/alpine/edge/community/" >> /etc/apk/repositories && \
     echo "http://dl-4.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \