Browse Source

bgpd: fix lost passwords of grouped neighbors

This patch resolves the significance of order of group and password

It prevents passwords from being lost in cases where all
three conditions apply:
  1. the peer is member of a group with or without group password
  2. the peer has an individual password set
  3. the peer is added to a group within an address-family ipv6

In addition this patch prevents the same issue in cases, where an IPv4
peer's password is set first and the peer is added to a group

Adding a peer to a group cancels his individual password. Without ipv6
this is not a problem, because choosing the right order of config
statements will do (set password only after adding peer to group).

When adding the peer to a group within the address-family
section, his password is definitely lost. The same workaround (ie.
setting the password after the address-family section) can not be used,
because "show run" will print the configuration statements in the wrong

Signed-off-by: David Lamparter <>
Roman Hoog Antink 7 years ago
1 changed files with 1 additions and 6 deletions
  1. 1 6

+ 1 - 6

@@ -1457,13 +1457,8 @@ peer_group2peer_config_copy (struct peer_group *group, struct peer *peer,
     peer->v_routeadv = BGP_DEFAULT_EBGP_ROUTEADV;
   /* password apply */
-  if (peer->password)
-    XFREE (MTYPE_PEER_PASSWORD, peer->password);
-  if (conf->password)
+  if (conf->password && !peer->password)
     peer->password =  XSTRDUP (MTYPE_PEER_PASSWORD, conf->password);
-  else
-    peer->password = NULL;
   bgp_md5_set (peer);