bgpd: add AFI/SAFI check for RFC 9234

RFC 9234 mandates that role rules apply only to IPv4/IPv6 unicast bgp
sessions. If the OTC attribute appears in other sessions, it will remain
untouched.

Signed-off-by: Eugene Bogomazov <eb@qrator.net>

bgpd/bgp_route.c

@@ -1598,6 +1598,11 @@ static bool bgp_otc_egress(struct peer *peer, struct attr *attr)
 	return false;
 }
 
+static bool bgp_check_role_applicability(afi_t afi, safi_t safi)
+{
+	return ((afi == AFI_IP || afi == AFI_IP6) && safi == SAFI_UNICAST);
+}
+
 static int bgp_input_modifier(struct peer *peer, const struct prefix *p,
 			      struct attr *attr, afi_t afi, safi_t safi,
 			      const char *rmap_name, mpls_label_t *label,
@@ -2202,7 +2207,8 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
 			memset(&attr->mp_nexthop_local, 0, IPV6_MAX_BYTELEN);
 	}
 
-	if (bgp_otc_egress(peer, attr))
+	if (bgp_check_role_applicability(afi, safi) &&
+	    bgp_otc_egress(peer, attr))
 		return false;
 
 	bgp_peer_remove_private_as(bgp, afi, safi, peer, attr);
@@ -4001,12 +4007,12 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id,
 		goto filtered;
 	}
 
-	if (bgp_otc_filter(peer, &new_attr)) {
+	if (bgp_check_role_applicability(afi, safi) &&
+	    bgp_otc_filter(peer, &new_attr)) {
 		reason = "failing otc validation";
 		bgp_attr_flush(&new_attr);
 		goto filtered;
 	}
-
 	/* The flag BGP_NODE_FIB_INSTALL_PENDING is for the following
 	 * condition :
 	 * Suppress fib is enabled