When negotiating multiprotocol capabilities only fall ack to AID_INET when

no capability was sent to the peer (this happens if the multiprotocol
capability got disabled). It is possible that local and remote systems end
up with no shared AFI/SAFI pair. In this case the connection will not send
or should not receive any UPDATE messages.
The previous behaviour of falling back to AID_INET in that case can result
in problematic behaviour when sessions are missconfigured.
OK benno@, deraadt@

1 files changed, 5 insertions, 4 deletions

diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c
index fc110506b2a..e2649432b9b 100644
--- a/usr.sbin/bgpd/session.c
+++ b/usr.sbin/bgpd/session.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: session.c,v 1.412 2021/04/27 09:12:23 claudio Exp $ */
+/*	$OpenBSD: session.c,v 1.413 2021/05/03 14:08:09 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org>
@@ -2557,11 +2557,12 @@ capa_neg_calc(struct peer *p)
 
 	/* MP: both side must announce capability */
 	for (i = 0; i < AID_MAX; i++) {
-		if (p->capa.ann.mp[i] && p->capa.peer.mp[i]) {
+		if (p->capa.ann.mp[i] && p->capa.peer.mp[i])
 			p->capa.neg.mp[i] = 1;
-			hasmp = 1;
-		} else
+		else
 			p->capa.neg.mp[i] = 0;
+		if (p->capa.ann.mp[i])
+			hasmp = 1;
 	}
 	/* if no MP capability present default to IPv4 unicast mode */
 	if (!hasmp)