aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6/ah6.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6/ah6.c')
-rw-r--r--net/ipv6/ah6.c45
1 files changed, 6 insertions, 39 deletions
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index 0f2b4e330aa9..b0d83e8e4252 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -128,9 +128,7 @@ static void ipv6_rearrange_destopt(struct ipv6hdr *iph, struct ipv6_opt_hdr *des
128 off += optlen; 128 off += optlen;
129 len -= optlen; 129 len -= optlen;
130 } 130 }
131 if (len == 0) 131 /* Note: ok if len == 0 */
132 return;
133
134bad: 132bad:
135 return; 133 return;
136} 134}
@@ -175,11 +173,7 @@ static void ipv6_rearrange_rthdr(struct ipv6hdr *iph, struct ipv6_rt_hdr *rthdr)
175 ipv6_addr_copy(&iph->daddr, &final_addr); 173 ipv6_addr_copy(&iph->daddr, &final_addr);
176} 174}
177 175
178#ifdef CONFIG_IPV6_MIP6
179static int ipv6_clear_mutable_options(struct ipv6hdr *iph, int len, int dir) 176static int ipv6_clear_mutable_options(struct ipv6hdr *iph, int len, int dir)
180#else
181static int ipv6_clear_mutable_options(struct ipv6hdr *iph, int len)
182#endif
183{ 177{
184 union { 178 union {
185 struct ipv6hdr *iph; 179 struct ipv6hdr *iph;
@@ -194,30 +188,12 @@ static int ipv6_clear_mutable_options(struct ipv6hdr *iph, int len)
194 188
195 while (exthdr.raw < end) { 189 while (exthdr.raw < end) {
196 switch (nexthdr) { 190 switch (nexthdr) {
197#ifdef CONFIG_IPV6_MIP6
198 case NEXTHDR_HOP:
199 if (!zero_out_mutable_opts(exthdr.opth)) {
200 LIMIT_NETDEBUG(
201 KERN_WARNING "overrun %sopts\n",
202 nexthdr == NEXTHDR_HOP ?
203 "hop" : "dest");
204 return -EINVAL;
205 }
206 break;
207 case NEXTHDR_DEST: 191 case NEXTHDR_DEST:
192#ifdef CONFIG_IPV6_MIP6
208 if (dir == XFRM_POLICY_OUT) 193 if (dir == XFRM_POLICY_OUT)
209 ipv6_rearrange_destopt(iph, exthdr.opth); 194 ipv6_rearrange_destopt(iph, exthdr.opth);
210 if (!zero_out_mutable_opts(exthdr.opth)) { 195#endif
211 LIMIT_NETDEBUG(
212 KERN_WARNING "overrun %sopts\n",
213 nexthdr == NEXTHDR_HOP ?
214 "hop" : "dest");
215 return -EINVAL;
216 }
217 break;
218#else
219 case NEXTHDR_HOP: 196 case NEXTHDR_HOP:
220 case NEXTHDR_DEST:
221 if (!zero_out_mutable_opts(exthdr.opth)) { 197 if (!zero_out_mutable_opts(exthdr.opth)) {
222 LIMIT_NETDEBUG( 198 LIMIT_NETDEBUG(
223 KERN_WARNING "overrun %sopts\n", 199 KERN_WARNING "overrun %sopts\n",
@@ -226,7 +202,6 @@ static int ipv6_clear_mutable_options(struct ipv6hdr *iph, int len)
226 return -EINVAL; 202 return -EINVAL;
227 } 203 }
228 break; 204 break;
229#endif
230 205
231 case NEXTHDR_ROUTING: 206 case NEXTHDR_ROUTING:
232 ipv6_rearrange_rthdr(iph, exthdr.rth); 207 ipv6_rearrange_rthdr(iph, exthdr.rth);
@@ -282,16 +257,13 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb)
282 } 257 }
283#ifdef CONFIG_IPV6_MIP6 258#ifdef CONFIG_IPV6_MIP6
284 memcpy(tmp_ext, &top_iph->saddr, extlen); 259 memcpy(tmp_ext, &top_iph->saddr, extlen);
285 err = ipv6_clear_mutable_options(top_iph,
286 extlen - sizeof(*tmp_ext) +
287 sizeof(*top_iph),
288 XFRM_POLICY_OUT);
289#else 260#else
290 memcpy(tmp_ext, &top_iph->daddr, extlen); 261 memcpy(tmp_ext, &top_iph->daddr, extlen);
262#endif
291 err = ipv6_clear_mutable_options(top_iph, 263 err = ipv6_clear_mutable_options(top_iph,
292 extlen - sizeof(*tmp_ext) + 264 extlen - sizeof(*tmp_ext) +
293 sizeof(*top_iph)); 265 sizeof(*top_iph),
294#endif 266 XFRM_POLICY_OUT);
295 if (err) 267 if (err)
296 goto error_free_iph; 268 goto error_free_iph;
297 } 269 }
@@ -386,13 +358,8 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb)
386 if (!tmp_hdr) 358 if (!tmp_hdr)
387 goto out; 359 goto out;
388 memcpy(tmp_hdr, skb->nh.raw, hdr_len); 360 memcpy(tmp_hdr, skb->nh.raw, hdr_len);
389#ifdef CONFIG_IPV6_MIP6
390 if (ipv6_clear_mutable_options(skb->nh.ipv6h, hdr_len, XFRM_POLICY_IN)) 361 if (ipv6_clear_mutable_options(skb->nh.ipv6h, hdr_len, XFRM_POLICY_IN))
391 goto free_out; 362 goto free_out;
392#else
393 if (ipv6_clear_mutable_options(skb->nh.ipv6h, hdr_len))
394 goto free_out;
395#endif
396 skb->nh.ipv6h->priority = 0; 363 skb->nh.ipv6h->priority = 0;
397 skb->nh.ipv6h->flow_lbl[0] = 0; 364 skb->nh.ipv6h->flow_lbl[0] = 0;
398 skb->nh.ipv6h->flow_lbl[1] = 0; 365 skb->nh.ipv6h->flow_lbl[1] = 0;