From 5ad080d37a26d72b56ecd0b796593bb7fc3aa6ad Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Tue, 29 Aug 2023 10:10:04 +0300
Subject: [PATCH] bgpd: Handle Role capability via dynamic capabilities for
 SET/UNSET properly

It was missed to handle UNSET Role capability using dynamic capabilities.

Also move length check before actually handling Role capability.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 bgpd/bgp_packet.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
index a9e772e243..01d73e9b07 100644
--- a/bgpd/bgp_packet.c
+++ b/bgpd/bgp_packet.c
@@ -2899,7 +2899,6 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
 		case CAPABILITY_CODE_EXT_MESSAGE:
 			break;
 		case CAPABILITY_CODE_ROLE:
-			SET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
 			if (hdr->length != CAPABILITY_CODE_ROLE_LEN) {
 				flog_warn(EC_BGP_CAPABILITY_INVALID_LENGTH,
 					  "Role: Received invalid length %d",
@@ -2908,11 +2907,17 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
 						BGP_NOTIFY_SUBCODE_UNSPECIFIC);
 				return BGP_Stop;
 			}
+
 			uint8_t role;
 
-			memcpy(&role, pnt + 3, sizeof(role));
+			if (action == CAPABILITY_ACTION_SET) {
+				SET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
+				memcpy(&role, pnt + 3, sizeof(role));
 
-			peer->remote_role = role;
+				peer->remote_role = role;
+			} else {
+				UNSET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
+			}
 			break;
 		default:
 			flog_warn(
-- 
2.39.5