summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason McAllister <16666676+jdmac87@users.noreply.github.com>2019-10-21 15:58:51 +0100
committerJason McAllister <16666676+jdmac87@users.noreply.github.com>2019-10-21 23:17:29 +0100
commitc761e94b5619c605d280bf613f6c5b35fc008dd9 (patch)
tree9d1930150f28d0d47324cf8e8a6d0a835ab48942
parent6f73338f0a652ca9b68a5778456f63d098f04522 (diff)
downloadvyos-1x-c761e94b5619c605d280bf613f6c5b35fc008dd9.tar.gz
vyos-1x-c761e94b5619c605d280bf613f6c5b35fc008dd9.zip
T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
-rwxr-xr-xsrc/op_mode/show_ipsec_sa.py9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py
index 0828743e8..70e892aa6 100755
--- a/src/op_mode/show_ipsec_sa.py
+++ b/src/op_mode/show_ipsec_sa.py
@@ -83,12 +83,17 @@ for sa in sas:
enc = isa["encr-alg"].decode()
key_size = isa["encr-keysize"].decode()
- hash = isa["integ-alg"].decode()
+ if "integ-alg" in isa:
+ hash = isa["integ-alg"].decode()
+ else:
+ hash = ""
if "dh-group" in isa:
dh_group = isa["dh-group"].decode()
else:
dh_group = ""
- proposal = "{0}_{1}/{2}".format(enc, key_size, hash)
+ proposal = "{0}_{1}".format(enc, key_size)
+ if hash:
+ proposal = "{0}/{1}".format(proposal, hash)
if dh_group:
proposal = "{0}/{1}".format(proposal, dh_group)