In rde_update_dispatch() do the AFI check for IPv4 prefixes before
extracting the prefix. This is similar to what the MP code does and
is also more logical.
OK?
--
:wq Claudio
Index: rde.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.528
diff -u -p -r1.528 rde.c
--- rde.c 24 Jun 2021 13:03:31 -0000 1.528
+++ rde.c 24 Jun 2021 15:00:10 -0000
@@ -1280,6 +1280,14 @@ rde_update_dispatch(struct rde_peer *pee
/* withdraw prefix */
while (len > 0) {
+ if (peer->capa.mp[AID_INET] == 0) {
+ log_peer_warnx(&peer->conf,
+ "bad withdraw, %s disabled", aid2str(AID_INET));
+ rde_update_err(peer, ERR_UPDATE, ERR_UPD_OPTATTR,
+ NULL, 0);
+ goto done;
+ }
+
if ((pos = nlri_get_prefix(p, len, &prefix,
&prefixlen)) == -1) {
/*
@@ -1294,14 +1302,6 @@ rde_update_dispatch(struct rde_peer *pee
p += pos;
len -= pos;
- if (peer->capa.mp[AID_INET] == 0) {
- log_peer_warnx(&peer->conf,
- "bad withdraw, %s disabled", aid2str(AID_INET));
- rde_update_err(peer, ERR_UPDATE, ERR_UPD_OPTATTR,
- NULL, 0);
- goto done;
- }
-
rde_update_withdraw(peer, &prefix, prefixlen);
}
@@ -1393,6 +1393,14 @@ rde_update_dispatch(struct rde_peer *pee
/* parse nlri prefix */
while (nlri_len > 0) {
+ if (peer->capa.mp[AID_INET] == 0) {
+ log_peer_warnx(&peer->conf,
+ "bad update, %s disabled", aid2str(AID_INET));
+ rde_update_err(peer, ERR_UPDATE, ERR_UPD_OPTATTR,
+ NULL, 0);
+ goto done;
+ }
+
if ((pos = nlri_get_prefix(p, nlri_len, &prefix,
&prefixlen)) == -1) {
log_peer_warnx(&peer->conf, "bad nlri prefix");
@@ -1402,14 +1410,6 @@ rde_update_dispatch(struct rde_peer *pee
}
p += pos;
nlri_len -= pos;
-
- if (peer->capa.mp[AID_INET] == 0) {
- log_peer_warnx(&peer->conf,
- "bad update, %s disabled", aid2str(AID_INET));
- rde_update_err(peer, ERR_UPDATE, ERR_UPD_OPTATTR,
- NULL, 0);
- goto done;
- }
if (rde_update_update(peer, &state, &prefix, prefixlen) == -1)
goto done;
