diff options
Diffstat (limited to 'net/ipv6/ah6.c')
| -rw-r--r-- | net/ipv6/ah6.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index d4b59ecb0b57..1b51d1eedbde 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c | |||
| @@ -370,6 +370,7 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb) | |||
| 370 | ip6h->flow_lbl[2] = 0; | 370 | ip6h->flow_lbl[2] = 0; |
| 371 | ip6h->hop_limit = 0; | 371 | ip6h->hop_limit = 0; |
| 372 | 372 | ||
| 373 | spin_lock(&x->lock); | ||
| 373 | { | 374 | { |
| 374 | u8 auth_data[MAX_AH_AUTH_LEN]; | 375 | u8 auth_data[MAX_AH_AUTH_LEN]; |
| 375 | 376 | ||
| @@ -378,13 +379,17 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb) | |||
| 378 | skb_push(skb, hdr_len); | 379 | skb_push(skb, hdr_len); |
| 379 | err = ah_mac_digest(ahp, skb, ah->auth_data); | 380 | err = ah_mac_digest(ahp, skb, ah->auth_data); |
| 380 | if (err) | 381 | if (err) |
| 381 | goto free_out; | 382 | goto unlock; |
| 382 | if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) { | 383 | if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) { |
| 383 | LIMIT_NETDEBUG(KERN_WARNING "ipsec ah authentication error\n"); | 384 | LIMIT_NETDEBUG(KERN_WARNING "ipsec ah authentication error\n"); |
| 384 | err = -EBADMSG; | 385 | err = -EBADMSG; |
| 385 | goto free_out; | ||
| 386 | } | 386 | } |
| 387 | } | 387 | } |
| 388 | unlock: | ||
| 389 | spin_unlock(&x->lock); | ||
| 390 | |||
| 391 | if (err) | ||
| 392 | goto free_out; | ||
| 388 | 393 | ||
| 389 | skb->network_header += ah_hlen; | 394 | skb->network_header += ah_hlen; |
| 390 | memcpy(skb_network_header(skb), tmp_hdr, hdr_len); | 395 | memcpy(skb_network_header(skb), tmp_hdr, hdr_len); |