Browse Source

bgpd: fix lost passwords of grouped neighbors

This patch resolves the significance of order of group and password
statements.

It prevents passwords from being lost in cases where all
three conditions apply:
  1. the peer is member of a group with or without group password
  2. the peer has an individual password set
  3. the peer is added to a group within an address-family ipv6
     section

In addition this patch prevents the same issue in cases, where an IPv4
peer's password is set first and the peer is added to a group
afterwards.

Adding a peer to a group cancels his individual password. Without ipv6
this is not a problem, because choosing the right order of config
statements will do (set password only after adding peer to group).

When adding the peer to a group within the address-family
section, his password is definitely lost. The same workaround (ie.
setting the password after the address-family section) can not be used,
because "show run" will print the configuration statements in the wrong
order.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Roman Hoog Antink 7 years ago
parent
commit
0e4303d317
1 changed files with 1 additions and 6 deletions
  1. 1 6
      bgpd/bgpd.c

+ 1 - 6
bgpd/bgpd.c

@@ -1457,13 +1457,8 @@ peer_group2peer_config_copy (struct peer_group *group, struct peer *peer,
     peer->v_routeadv = BGP_DEFAULT_EBGP_ROUTEADV;
 
   /* password apply */
-  if (peer->password)
-    XFREE (MTYPE_PEER_PASSWORD, peer->password);
-
-  if (conf->password)
+  if (conf->password && !peer->password)
     peer->password =  XSTRDUP (MTYPE_PEER_PASSWORD, conf->password);
-  else
-    peer->password = NULL;
 
   bgp_md5_set (peer);