X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=net%2Fipv6%2Fah6.c;fp=net%2Fipv6%2Fah6.c;h=84963749ab77abdba516b879470b829e96f3bd7a;hb=64ba3f394c830ec48a1c31b53dcae312c56f1604;hp=9d4831bd43355fd6d8ca1ff343fde85092b4de8d;hpb=be1e6109ac94a859551f8e1774eb9a8469fe055c;p=linux-2.6.git

diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index 9d4831bd4..84963749a 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -24,6 +24,7 @@
  * 	This file is derived from net/ipv4/ah.c.
  */
 
+#include <linux/config.h>
 #include <linux/module.h>
 #include <net/ip.h>
 #include <net/ah.h>
@@ -212,7 +213,6 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb)
 	ah->reserved = 0;
 	ah->spi = x->id.spi;
 	ah->seq_no = htonl(++x->replay.oseq);
-	xfrm_aevent_doreplay(x);
 	ahp->icv(ahp, skb, ah->auth_data);
 
 	err = 0;
@@ -228,7 +228,7 @@ error:
 	return err;
 }
 
-static int ah6_input(struct xfrm_state *x, struct sk_buff *skb)
+static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
 {
 	/*
 	 * Before process AH
@@ -291,7 +291,7 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb)
 
 		memcpy(auth_data, ah->auth_data, ahp->icv_trunc_len);
 		memset(ah->auth_data, 0, ahp->icv_trunc_len);
-		skb_push(skb, hdr_len);
+		skb_push(skb, skb->data - skb->nh.raw);
 		ahp->icv(ahp, skb, ah->auth_data);
 		if (memcmp(ah->auth_data, auth_data, ahp->icv_trunc_len)) {
 			LIMIT_NETDEBUG(KERN_WARNING "ipsec ah authentication error\n");
@@ -300,8 +300,12 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb)
 		}
 	}
 
-	skb->h.raw = memcpy(skb->nh.raw += ah_hlen, tmp_hdr, hdr_len);
-	__skb_pull(skb, ah_hlen + hdr_len);
+	skb->nh.raw = skb_pull(skb, ah_hlen);
+	memcpy(skb->nh.raw, tmp_hdr, hdr_len);
+	skb->nh.ipv6h->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
+	skb_pull(skb, hdr_len);
+	skb->h.raw = skb->data;
+
 
 	kfree(tmp_hdr);
 
@@ -349,10 +353,12 @@ static int ah6_init_state(struct xfrm_state *x)
 	if (x->encap)
 		goto error;
 
-	ahp = kzalloc(sizeof(*ahp), GFP_KERNEL);
+	ahp = kmalloc(sizeof(*ahp), GFP_KERNEL);
 	if (ahp == NULL)
 		return -ENOMEM;
 
+	memset(ahp, 0, sizeof(*ahp));
+
 	ahp->key = x->aalg->alg_key;
 	ahp->key_len = (x->aalg->alg_key_len+7)/8;
 	ahp->tfm = crypto_alloc_tfm(x->aalg->alg_name, 0);