From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Tue, 16 Aug 2022 20:33:51 +0000 (+0300)
Subject: bgpd: Drop `internet` community check from community_list_match()
X-Git-Tag: base_8.4~104^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=refs%2Fpull%2F11820%2Fhead;p=mirror%2Ffrr.git

bgpd: Drop `internet` community check from community_list_match()

Before this, if the community-list has an entry with permit internet (0:0),
then it's treated as permit everything and returned as MATCH.

So if we have something like:

```
bgp community-list standard OUT_AS_PERMIT seq 5 permit internet
bgp community-list standard OUT_AS_PERMIT seq 10 deny 4:1
bgp community-list standard OUT_AS_PERMIT seq 20 permit 3:1
```

It's not gonna work because it will return MATCH and stops parsing.
Routes with 4:1 community will be advertised.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---

diff --git a/bgpd/bgp_clist.c b/bgpd/bgp_clist.c
index 34d4be8c93..bc6d4e144e 100644
--- a/bgpd/bgp_clist.c
+++ b/bgpd/bgp_clist.c
@@ -674,9 +674,6 @@ bool community_list_match(struct community *com, struct community_list *list)
 			return entry->direct == COMMUNITY_PERMIT;
 
 		if (entry->style == COMMUNITY_LIST_STANDARD) {
-			if (community_include(entry->u.com, COMMUNITY_INTERNET))
-				return entry->direct == COMMUNITY_PERMIT;
-
 			if (community_match(com, entry->u.com))
 				return entry->direct == COMMUNITY_PERMIT;
 		} else if (entry->style == COMMUNITY_LIST_EXPANDED) {