 87bdc48d30
			
		
	
	
	87bdc48d30
	
	
	
		
			
			This patch removes the duplicate ipv6_{auth,esp,comp}_hdr structures since
they're identical to the IPv4 versions.  Duplicating them would only create
problems for ourselves later when we need to add things like extended
sequence numbers.
I've also added transport header type conversion headers for these types
which are now used by the transforms.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
		
	
			
		
			
				
	
	
		
			48 lines
		
	
	
	
		
			894 B
			
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			48 lines
		
	
	
	
		
			894 B
			
		
	
	
	
		
			C
		
	
	
	
	
	
| #ifndef _NET_AH_H
 | |
| #define _NET_AH_H
 | |
| 
 | |
| #include <linux/crypto.h>
 | |
| #include <net/xfrm.h>
 | |
| 
 | |
| /* This is the maximum truncated ICV length that we know of. */
 | |
| #define MAX_AH_AUTH_LEN	12
 | |
| 
 | |
| struct ah_data
 | |
| {
 | |
| 	u8			*work_icv;
 | |
| 	int			icv_full_len;
 | |
| 	int			icv_trunc_len;
 | |
| 
 | |
| 	struct crypto_hash	*tfm;
 | |
| };
 | |
| 
 | |
| static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
 | |
| 				u8 *auth_data)
 | |
| {
 | |
| 	struct hash_desc desc;
 | |
| 	int err;
 | |
| 
 | |
| 	desc.tfm = ahp->tfm;
 | |
| 	desc.flags = 0;
 | |
| 
 | |
| 	memset(auth_data, 0, ahp->icv_trunc_len);
 | |
| 	err = crypto_hash_init(&desc);
 | |
| 	if (unlikely(err))
 | |
| 		goto out;
 | |
| 	err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
 | |
| 	if (unlikely(err))
 | |
| 		goto out;
 | |
| 	err = crypto_hash_final(&desc, ahp->work_icv);
 | |
| 
 | |
| out:
 | |
| 	return err;
 | |
| }
 | |
| 
 | |
| struct ip_auth_hdr;
 | |
| 
 | |
| static inline struct ip_auth_hdr *ip_auth_hdr(const struct sk_buff *skb)
 | |
| {
 | |
| 	return (struct ip_auth_hdr *)skb_transport_header(skb);
 | |
| }
 | |
| 
 | |
| #endif
 |