From 6af683039f8d7dca0d09bb4c613c9b44e7c30b60 Mon Sep 17 00:00:00 2001 From: Donatas Abraitis Date: Wed, 8 Nov 2023 15:26:40 +0200 Subject: [PATCH 1/2] bgpd: Set the software version capability received flag only after a validation We shouldn't set it blindly once the packet is received, but first we have to do some sanity checks. Signed-off-by: Donatas Abraitis --- bgpd/bgp_open.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c index 545da7c559..b9ab401850 100644 --- a/bgpd/bgp_open.c +++ b/bgpd/bgp_open.c @@ -896,8 +896,6 @@ static int bgp_capability_software_version(struct peer *peer, size_t end = stream_get_getp(s) + hdr->length; uint8_t len; - SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV); - len = stream_getc(s); if (stream_get_getp(s) + len > end) { flog_warn( @@ -907,6 +905,8 @@ static int bgp_capability_software_version(struct peer *peer, return -1; } + SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV); + if (len > BGP_MAX_SOFT_VERSION) { flog_warn(EC_BGP_CAPABILITY_INVALID_LENGTH, "%s: Received Software Version, but the length is too big, truncating, from peer %s", From 89e6b4f390c96083c9404de94ba9fb96f4bc61b1 Mon Sep 17 00:00:00 2001 From: Donatas Abraitis Date: Wed, 8 Nov 2023 15:29:32 +0200 Subject: [PATCH 2/2] bgpd: Send software version capability for OAD EBGP peers We send this capability for iBGP peers by default. Recently OAD support was merged, and we should adopt sending the capability according to OAD as well. Signed-off-by: Donatas Abraitis --- bgpd/bgp_open.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c index b9ab401850..44cf8343c6 100644 --- a/bgpd/bgp_open.c +++ b/bgpd/bgp_open.c @@ -1938,7 +1938,7 @@ uint16_t bgp_open_capability(struct stream *s, struct peer *peer, */ if (peergroup_flag_check(peer, PEER_FLAG_CAPABILITY_SOFT_VERSION) || CHECK_FLAG(peer->bgp->flags, BGP_FLAG_SOFT_VERSION_CAPABILITY) || - peer->sort == BGP_PEER_IBGP) { + peer->sort == BGP_PEER_IBGP || peer->sub_sort == BGP_PEER_EBGP_OAD) { SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_ADV); stream_putc(s, BGP_OPEN_OPT_CAP); rcapp = stream_get_endp(s);