diff options
| author | Paul Mackerras <paulus@samba.org> | 2008-01-31 11:25:51 +1100 |
|---|---|---|
| committer | Paul Mackerras <paulus@samba.org> | 2008-01-31 11:25:51 +1100 |
| commit | bd45ac0c5daae35e7c71138172e63df5cf644cf6 (patch) | |
| tree | 5eb5a599bf6a9d7a8a34e802db932aa9e9555de4 /net/ipv4/ah4.c | |
| parent | 4eece4ccf997c0e6d8fdad3d842e37b16b8d705f (diff) | |
| parent | 5bdeae46be6dfe9efa44a548bd622af325f4bdb4 (diff) | |
Merge branch 'linux-2.6'
Diffstat (limited to 'net/ipv4/ah4.c')
| -rw-r--r-- | net/ipv4/ah4.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index 5fc346d8b56..d76803a3dca 100644 --- a/net/ipv4/ah4.c +++ b/net/ipv4/ah4.c @@ -169,6 +169,8 @@ static int ah_input(struct xfrm_state *x, struct sk_buff *skb) if (ip_clear_mutable_options(iph, &dummy)) goto out; } + + spin_lock(&x->lock); { u8 auth_data[MAX_AH_AUTH_LEN]; @@ -176,13 +178,16 @@ static int ah_input(struct xfrm_state *x, struct sk_buff *skb) skb_push(skb, ihl); err = ah_mac_digest(ahp, skb, ah->auth_data); if (err) - goto out; - err = -EINVAL; - if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) { - x->stats.integrity_failed++; - goto out; - } + goto unlock; + if (memcmp(ahp->work_icv, auth_data, ahp->icv_trunc_len)) + err = -EBADMSG; } +unlock: + spin_unlock(&x->lock); + + if (err) + goto out; + skb->network_header += ah_hlen; memcpy(skb_network_header(skb), work_buf, ihl); skb->transport_header = skb->network_header; |