From 70e022cd075a45ccc9a3e1d199ce0bf576daee91 Mon Sep 17 00:00:00 2001 From: claudio Date: Tue, 27 Apr 2021 09:12:23 +0000 Subject: [PATCH] Check for possible bgpid collision on open. RFC 6286 defines that this check needs to be done for iBGP sessions but not for eBGP sessions. On conflict log an error and send a notification with ERR_OPEN_BGPID suberror. Reported by cjt (melissa_cjt at 163.com) OK benno@ --- usr.sbin/bgpd/session.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index 6539101ede7..fc110506b2a 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.411 2021/02/16 08:29:16 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.412 2021/04/27 09:12:23 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer @@ -2179,6 +2179,16 @@ parse_open(struct peer *peer) return (-1); } + /* on iBGP sessions check for bgpid collision */ + if (!peer->conf.ebgp && peer->remote_bgpid == conf->bgpid) { + log_peer_warnx(&peer->conf, "peer BGPID %u conflicts with ours", + ntohl(bgpid)); + session_notification(peer, ERR_OPEN, ERR_OPEN_BGPID, + NULL, 0); + change_state(peer, STATE_IDLE, EVNT_RCVD_OPEN); + return (-1); + } + if (capa_neg_calc(peer) == -1) { log_peer_warnx(&peer->conf, "capability negotiation calculation failed"); -- 2.20.1