return 0;
}
-int ah6_output(struct sk_buff **pskb)
+static int ah6_output(struct sk_buff *skb)
{
int err;
int extlen;
- struct dst_entry *dst = (*pskb)->dst;
+ struct dst_entry *dst = skb->dst;
struct xfrm_state *x = dst->xfrm;
struct ipv6hdr *top_iph;
struct ip_auth_hdr *ah;
char hdrs[0];
} *tmp_ext;
- top_iph = (struct ipv6hdr *)(*pskb)->data;
- top_iph->payload_len = htons((*pskb)->len - sizeof(*top_iph));
+ top_iph = (struct ipv6hdr *)skb->data;
+ top_iph->payload_len = htons(skb->len - sizeof(*top_iph));
- nexthdr = *(*pskb)->nh.raw;
- *(*pskb)->nh.raw = IPPROTO_AH;
+ nexthdr = *skb->nh.raw;
+ *skb->nh.raw = IPPROTO_AH;
/* When there are no extension headers, we only need to save the first
* 8 bytes of the base IP header.
memcpy(tmp_base, top_iph, sizeof(tmp_base));
tmp_ext = NULL;
- extlen = (*pskb)->h.raw - (unsigned char *)(top_iph + 1);
+ extlen = skb->h.raw - (unsigned char *)(top_iph + 1);
if (extlen) {
extlen += sizeof(*tmp_ext);
tmp_ext = kmalloc(extlen, GFP_ATOMIC);
goto error_free_iph;
}
- ah = (struct ip_auth_hdr *)(*pskb)->h.raw;
+ ah = (struct ip_auth_hdr *)skb->h.raw;
ah->nexthdr = nexthdr;
top_iph->priority = 0;
ah->reserved = 0;
ah->spi = x->id.spi;
ah->seq_no = htonl(++x->replay.oseq);
- ahp->icv(ahp, *pskb, ah->auth_data);
+ ahp->icv(ahp, skb, ah->auth_data);
err = 0;
return err;
}
-int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
+static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
{
/*
* Before process AH
return -EINVAL;
}
-void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
- int type, int code, int offset, __u32 info)
+static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+ int type, int code, int offset, __u32 info)
{
struct ipv6hdr *iph = (struct ipv6hdr*)skb->data;
struct ip_auth_hdr *ah = (struct ip_auth_hdr*)(skb->data+offset);
if (x->aalg->alg_key_len > 512)
goto error;
+ if (x->encap)
+ goto error;
+
ahp = kmalloc(sizeof(*ahp), GFP_KERNEL);
if (ahp == NULL)
return -ENOMEM;
.flags = INET6_PROTO_NOPOLICY,
};
-int __init ah6_init(void)
+static int __init ah6_init(void)
{
if (xfrm_register_type(&ah6_type, AF_INET6) < 0) {
printk(KERN_INFO "ipv6 ah init: can't add xfrm type\n");