Maniphest T1159

Incorrect handling of tunnels without PFS by the "run show vpn ipsec sa" script
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	dmbaturin
	Jan 5 2019, 9:43 PM

Tags

Referenced Files

None

Subscribers

Global Notifications

Description

Due to fragile SA spec regex the command fails with an exception if there are tunnels without PFS, because it expects the DH group field to be there.

vyos@vyos:~$ show vpn ipsec sa
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/show_ipsec_sa.py", line 51, in <module>
raise e
File "/usr/libexec/vyos/op_mode/show_ipsec_sa.py", line 45, in <module>
bytes_in = hurry.filesize.size(int(bytes_in))
TypeError: int() argument must be a string or a number, not 'NoneType'

Details

Version: 1.2.0-epa2

Related Objects

Mentioned In: rVYOSONEX89884d572bdf: Merge branch 'current' into crux
rVYOSONEXa174b2c76b53: T1159: correct handling of SAs without PFS in "show vpn ipsec sa".
rVYOSONEXe8cb7260689c: T1159: correct handling of SAs without PFS in "show vpn ipsec sa".

Event Timeline

dmbaturin created this task.Jan 5 2019, 9:43 PM

dmbaturin claimed this task.

dmbaturin edited a custom field.

dmbaturin added a subscriber: edong23.

dmbaturin mentioned this in rVYOSONEXa174b2c76b53: T1159: correct handling of SAs without PFS in "show vpn ipsec sa"..Jan 6 2019, 4:06 AM

dmbaturin mentioned this in rVYOSONEXe8cb7260689c: T1159: correct handling of SAs without PFS in "show vpn ipsec sa"..

c-po mentioned this in rVYOSONEX89884d572bdf: Merge branch 'current' into crux.Jan 6 2019, 9:58 AM

pasik subscribed.Jan 8 2019, 4:47 PM

syncer closed this task as Resolved.Jan 20 2019, 12:29 PM

syncer triaged this task as Normal priority.

syncer added a project: VyOS-1.2.0-GA.

syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-EPA3) board.