From c761e94b5619c605d280bf613f6c5b35fc008dd9 Mon Sep 17 00:00:00 2001
From: Jason McAllister <16666676+jdmac87@users.noreply.github.com>
Date: Mon, 21 Oct 2019 15:58:51 +0100
Subject: T1755: fixes issue with 'show vpn ipsec sa' command where lack of
 hash (integ-alg) will result in KeyError - such as with GCM based options

---
 src/op_mode/show_ipsec_sa.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py
index 0828743e8..70e892aa6 100755
--- a/src/op_mode/show_ipsec_sa.py
+++ b/src/op_mode/show_ipsec_sa.py
@@ -83,12 +83,17 @@ for sa in sas:
 
                 enc = isa["encr-alg"].decode()
                 key_size = isa["encr-keysize"].decode()
-                hash = isa["integ-alg"].decode()
+                if "integ-alg" in isa:
+                    hash = isa["integ-alg"].decode()
+                else:
+                    hash = ""
                 if "dh-group" in isa:
                     dh_group = isa["dh-group"].decode()
                 else:
                     dh_group = ""
-                proposal = "{0}_{1}/{2}".format(enc, key_size, hash)
+                proposal = "{0}_{1}".format(enc, key_size)
+                if hash:
+                    proposal = "{0}/{1}".format(proposal, hash)
                 if dh_group:
                     proposal = "{0}/{1}".format(proposal, dh_group)
 
-- 
cgit v1.2.3