diff options
| author | Avneesh Sachdev <avneesh@opensourcerouting.org> | 2012-02-19 10:19:52 -0800 |
|---|---|---|
| committer | Avneesh Sachdev <avneesh@opensourcerouting.org> | 2012-04-08 13:46:29 -0700 |
| commit | 3b381c32fc2c325cc4ffb9f9f30a7e96e9bd87c6 (patch) | |
| tree | b4eb46f5fe28b4734723c9ff4227a94a5bd32b4e /bgpd/bgp_packet.c | |
| parent | e96b312150d8e376c1ef463793d1929eca3618d5 (diff) | |
bgpd: fix issue in capability negotiation (BZ#700)
Address problem where bgpd would reject a session if a peer sent some
capabilities in its Open message, but did not include a Multiprotocol
extensions capability. Note that the session would come up if there
were no capabilities at all in the Open message.
* Add the 'mp_capability' out parameter to
bgp_capability_parse(). Set it to '1' if a Multiprotocol
extensions capability is encountered.
* Switch on 'mp_capability' instead of 'capability' in the calling
functions to determine if the peer indicated the set of AFI/SAFIs
it supports.
The net result is that when a peer does not send an MP capability,
it is assumed to support the AFI/SAFIs configured for it locally.
Diffstat (limited to 'bgpd/bgp_packet.c')
| -rw-r--r-- | bgpd/bgp_packet.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c index 5d8087a8..390b5563 100644 --- a/bgpd/bgp_packet.c +++ b/bgpd/bgp_packet.c @@ -1152,7 +1152,7 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) as_t as4 = 0; struct peer *realpeer; struct in_addr remote_id; - int capability; + int mp_capability; u_int8_t notify_data_remote_as[2]; u_int8_t notify_data_remote_id[4]; @@ -1174,7 +1174,7 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) inet_ntoa (remote_id)); /* BEGIN to read the capability here, but dont do it yet */ - capability = 0; + mp_capability = 0; optlen = stream_getc (peer->ibuf); if (optlen != 0) @@ -1459,7 +1459,7 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) /* Open option part parse. */ if (optlen != 0) { - if ((ret = bgp_open_option_parse (peer, optlen, &capability)) < 0) + if ((ret = bgp_open_option_parse (peer, optlen, &mp_capability)) < 0) { bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, @@ -1474,8 +1474,13 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) peer->host); } - /* Override capability. */ - if (! capability || CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) + /* + * Assume that the peer supports the locally configured set of + * AFI/SAFIs if the peer did not send us any Mulitiprotocol + * capabilities, or if 'override-capability' is configured. + */ + if (! mp_capability || + CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) { peer->afc_nego[AFI_IP][SAFI_UNICAST] = peer->afc[AFI_IP][SAFI_UNICAST]; peer->afc_nego[AFI_IP][SAFI_MULTICAST] = peer->afc[AFI_IP][SAFI_MULTICAST]; |