From c1ccfa977aa26895b7c8203ca8a751e321997a00 Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Fri, 7 Jul 2023 15:03:07 +0300
Subject: bgpd: Check if originator-id attribute is not received via eBGP
 session

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 bgpd/bgp_attr.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'bgpd/bgp_attr.c')

diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 34422bf514..b5cdcfd2df 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -2138,6 +2138,15 @@ bgp_attr_originator_id(struct bgp_attr_parser_args *args)
 	struct attr *const attr = args->attr;
 	const bgp_size_t length = args->length;
 
+	/* if the ORIGINATOR_ID attribute is received from an external
+	 * neighbor, it SHALL be discarded using the approach of "attribute
+	 * discard".
+	 */
+	if (peer->sort == BGP_PEER_EBGP) {
+		stream_forward_getp(peer->curr, length);
+		return BGP_ATTR_PARSE_PROCEED;
+	}
+
 	/* if received from an internal neighbor, it SHALL be considered
 	 * malformed if its length is not equal to 4. If malformed, the
 	 * UPDATE message SHALL be handled using the approach of "treat-as-
-- 
cgit v1.2.3