From: claudio Date: Tue, 27 Apr 2021 09:12:23 +0000 (+0000) Subject: Check for possible bgpid collision on open. RFC 6286 defines that this X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=70e022cd075a45ccc9a3e1d199ce0bf576daee91;p=openbsd Check for possible bgpid collision on open. RFC 6286 defines that this check needs to be done for iBGP sessions but not for eBGP sessions. On conflict log an error and send a notification with ERR_OPEN_BGPID suberror. Reported by cjt (melissa_cjt at 163.com) OK benno@ --- diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index 6539101ede7..fc110506b2a 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.411 2021/02/16 08:29:16 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.412 2021/04/27 09:12:23 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer @@ -2179,6 +2179,16 @@ parse_open(struct peer *peer) return (-1); } + /* on iBGP sessions check for bgpid collision */ + if (!peer->conf.ebgp && peer->remote_bgpid == conf->bgpid) { + log_peer_warnx(&peer->conf, "peer BGPID %u conflicts with ours", + ntohl(bgpid)); + session_notification(peer, ERR_OPEN, ERR_OPEN_BGPID, + NULL, 0); + change_state(peer, STATE_IDLE, EVNT_RCVD_OPEN); + return (-1); + } + if (capa_neg_calc(peer) == -1) { log_peer_warnx(&peer->conf, "capability negotiation calculation failed");