bgpd: Delete AS_CONFED_SEQUENCE when prepending an AS_SEQUENCE type segment
AS_CONFED_SEQUENCE segment should always be deleted when prepending
(e.g. with a route-map) an AS_SEQUENCE segment to an AS path. Otherwise,
AS_CONFED_SEQUENCE will not be deleted later when updating EBGP peers (since
it is not the leftmost segment) and will leak outside the confederation.
diff --git a/bgpd/bgp_aspath.c b/bgpd/bgp_aspath.c
index e65541f..440815b 100644
--- a/bgpd/bgp_aspath.c
+++ b/bgpd/bgp_aspath.c
@@ -1208,6 +1208,10 @@
while (seg1 && seg1->next)
seg1 = seg1->next;
+ /* Delete any AS_CONFED_SEQUENCE segment from as2. */
+ if (seg1->type == AS_SEQUENCE && seg2->type == AS_CONFED_SEQUENCE)
+ as2 = aspath_delete_confed_seq (as2);
+
/* Compare last segment type of as1 and first segment type of as2. */
if (seg1->type != seg2->type)
return aspath_merge (as1, as2);