diff options
author | Jason McAllister <16666676+jdmac87@users.noreply.github.com> | 2019-10-21 15:58:51 +0100 |
---|---|---|
committer | Jason McAllister <16666676+jdmac87@users.noreply.github.com> | 2019-10-21 23:17:29 +0100 |
commit | c761e94b5619c605d280bf613f6c5b35fc008dd9 (patch) | |
tree | 9d1930150f28d0d47324cf8e8a6d0a835ab48942 | |
parent | 6f73338f0a652ca9b68a5778456f63d098f04522 (diff) | |
download | vyos-1x-c761e94b5619c605d280bf613f6c5b35fc008dd9.tar.gz vyos-1x-c761e94b5619c605d280bf613f6c5b35fc008dd9.zip |
T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
-rwxr-xr-x | src/op_mode/show_ipsec_sa.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py index 0828743e8..70e892aa6 100755 --- a/src/op_mode/show_ipsec_sa.py +++ b/src/op_mode/show_ipsec_sa.py @@ -83,12 +83,17 @@ for sa in sas: enc = isa["encr-alg"].decode() key_size = isa["encr-keysize"].decode() - hash = isa["integ-alg"].decode() + if "integ-alg" in isa: + hash = isa["integ-alg"].decode() + else: + hash = "" if "dh-group" in isa: dh_group = isa["dh-group"].decode() else: dh_group = "" - proposal = "{0}_{1}/{2}".format(enc, key_size, hash) + proposal = "{0}_{1}".format(enc, key_size) + if hash: + proposal = "{0}/{1}".format(proposal, hash) if dh_group: proposal = "{0}/{1}".format(proposal, dh_group) |