bgpd: fix lost passwords of grouped neighbors

This patch resolves the significance of order of group and password
statements.

It prevents passwords from being lost in cases where all
three conditions apply:
  1. the peer is member of a group with or without group password
  2. the peer has an individual password set
  3. the peer is added to a group within an address-family ipv6
     section

In addition this patch prevents the same issue in cases, where an IPv4
peer's password is set first and the peer is added to a group
afterwards.

Adding a peer to a group cancels his individual password. Without ipv6
this is not a problem, because choosing the right order of config
statements will do (set password only after adding peer to group).

When adding the peer to a group within the address-family
section, his password is definitely lost. The same workaround (ie.
setting the password after the address-family section) can not be used,
because "show run" will print the configuration statements in the wrong
order.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
index 0b3f0a8e9338a2030fa84c9d9e2708101c4d6062..c9a04fff9b4aa80b3635b1aeadd0ac1589ebcd39 100644 (file)
--- a/bgpd/bgpd.c
+++ b/bgpd/bgpd.c
@@ -1457,13 +1457,8 @@ peer_group2peer_config_copy (struct peer_group *group, struct peer *peer,
     peer->v_routeadv = BGP_DEFAULT_EBGP_ROUTEADV;
 
   /* password apply */
-  if (peer->password)
-    XFREE (MTYPE_PEER_PASSWORD, peer->password);
-
-  if (conf->password)
+  if (conf->password && !peer->password)
     peer->password =  XSTRDUP (MTYPE_PEER_PASSWORD, conf->password);
-  else
-    peer->password = NULL;
 
   bgp_md5_set (peer);