[XFRM]: beet: fix pseudo header length value

draft-nikander-esp-beet-mode-07.txt is not entirely clear on how the length
value of the pseudo header should be calculated, it states "The Header Length
field contains the length of the pseudo header, IPv4 options, and padding in
8 octets units.", but also states "Length in octets (Header Len + 1) * 8".
draft-nikander-esp-beet-mode-08-pre1.txt [1] clarifies this, the header length
should not include the first 8 byte.

This change affects backwards compatibility, but option encapsulation didn't
work until very recently anyway.

[1] http://users.piuha.net/jmelen/BEET/draft-nikander-esp-beet-mode-08-pre1.txt

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/xfrm4_mode_beet.c

@@ -52,7 +52,7 @@ static int xfrm4_beet_output(struct xfrm_state *x, struct sk_buff *skb)
 
 		ph = (struct ip_beet_phdr *)skb->h.raw;
 		ph->padlen = 4 - (optlen & 4);
-		ph->hdrlen = (optlen + ph->padlen + sizeof(*ph)) / 8;
+		ph->hdrlen = optlen / 8;
 		ph->nexthdr = top_iph->protocol;
 		if (ph->padlen)
 			memset(ph + 1, IPOPT_NOP, ph->padlen);
@@ -85,7 +85,7 @@ static int xfrm4_beet_input(struct xfrm_state *x, struct sk_buff *skb)
 		ph = (struct ip_beet_phdr *)(skb->h.ipiph + 1);
 
 		phlen = sizeof(*ph) + ph->padlen;
-		optlen = ph->hdrlen * 8 - phlen;
+		optlen = ph->hdrlen * 8 + (IPV4_BEET_PHMAXLEN - phlen);
 		if (optlen < 0 || optlen & 3 || optlen > 250)
 			goto out;