diff options
Diffstat (limited to 'net/ipv6/ah6.c')
| -rw-r--r-- | net/ipv6/ah6.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index 4eaf55072b1b..fb0d07a15e93 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c | |||
| @@ -370,6 +370,7 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb) | |||
| 370 | ip6h->flow_lbl[2] = 0; | 370 | ip6h->flow_lbl[2] = 0; |
| 371 | ip6h->hop_limit = 0; | 371 | ip6h->hop_limit = 0; |
| 372 | 372 | ||
| 373 | spin_lock(&x->lock); | ||
| 373 | { | 374 | { |
| 374 | u8 auth_data[MAX_AH_AUTH_LEN]; | 375 | u8 auth_data[MAX_AH_AUTH_LEN]; |
| 375 | 376 | ||
| @@ -378,14 +379,15 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb) | |||
| 378 | skb_push(skb, hdr_len); | 379 | skb_push(skb, hdr_len); |
| 379 | err = ah_mac_digest(ahp, skb, ah->auth_data); | 380 | err = ah_mac_digest(ahp, skb, ah->auth_data); |
| 380 | if (err) | 381 | if (err) |
| 381 | goto free_out; | 382 | goto unlock; |
| 382 | err = -EINVAL; | 383 | if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) |
| 383 | if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) { | 384 | err = -EBADMSG; |
| 384 | LIMIT_NETDEBUG(KERN_WARNING "ipsec ah authentication error\n"); | ||
| 385 | x->stats.integrity_failed++; | ||
| 386 | goto free_out; | ||
| 387 | } | ||
| 388 | } | 385 | } |
| 386 | unlock: | ||
| 387 | spin_unlock(&x->lock); | ||
| 388 | |||
| 389 | if (err) | ||
| 390 | goto free_out; | ||
| 389 | 391 | ||
| 390 | skb->network_header += ah_hlen; | 392 | skb->network_header += ah_hlen; |
| 391 | memcpy(skb_network_header(skb), tmp_hdr, hdr_len); | 393 | memcpy(skb_network_header(skb), tmp_hdr, hdr_len); |