From c761e94b5619c605d280bf613f6c5b35fc008dd9 Mon Sep 17 00:00:00 2001 From: Jason McAllister <16666676+jdmac87@users.noreply.github.com> Date: Mon, 21 Oct 2019 15:58:51 +0100 Subject: T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options --- src/op_mode/show_ipsec_sa.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/op_mode/show_ipsec_sa.py') diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py index 0828743e8..70e892aa6 100755 --- a/src/op_mode/show_ipsec_sa.py +++ b/src/op_mode/show_ipsec_sa.py @@ -83,12 +83,17 @@ for sa in sas: enc = isa["encr-alg"].decode() key_size = isa["encr-keysize"].decode() - hash = isa["integ-alg"].decode() + if "integ-alg" in isa: + hash = isa["integ-alg"].decode() + else: + hash = "" if "dh-group" in isa: dh_group = isa["dh-group"].decode() else: dh_group = "" - proposal = "{0}_{1}/{2}".format(enc, key_size, hash) + proposal = "{0}_{1}".format(enc, key_size) + if hash: + proposal = "{0}/{1}".format(proposal, hash) if dh_group: proposal = "{0}/{1}".format(proposal, dh_group) -- cgit v1.2.3 From 915116e69a532e427c0ddd2037138c5299f9e485 Mon Sep 17 00:00:00 2001 From: Jason McAllister <16666676+jdmac87@users.noreply.github.com> Date: Mon, 21 Oct 2019 15:59:01 +0100 Subject: T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize (encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305 --- src/op_mode/show_ipsec_sa.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'src/op_mode/show_ipsec_sa.py') diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py index 70e892aa6..e319cc38d 100755 --- a/src/op_mode/show_ipsec_sa.py +++ b/src/op_mode/show_ipsec_sa.py @@ -82,7 +82,10 @@ for sa in sas: pkts_str = re.sub(r'B', r'', pkts_str) enc = isa["encr-alg"].decode() - key_size = isa["encr-keysize"].decode() + if "encr-keysize" in isa: + key_size = isa["encr-keysize"].decode() + else: + key_size = "" if "integ-alg" in isa: hash = isa["integ-alg"].decode() else: @@ -91,7 +94,10 @@ for sa in sas: dh_group = isa["dh-group"].decode() else: dh_group = "" - proposal = "{0}_{1}".format(enc, key_size) + + proposal = enc + if key_size: + proposal = "{0}_{1}".format(proposal, key_size) if hash: proposal = "{0}/{1}".format(proposal, hash) if dh_group: -- cgit v1.2.3