首页 发现 帮助
注册 登录
phyus
/
linux-vybrid_public
8
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

[IPSEC] ah: Remove keys from ah_data structure

The keys are only used during initialisation so we don't need to carry them
in esp_data.  Since we don't have to allocate them again, there is no need
to place a limit on the authentication key length anymore.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu 17 年之前
父节点
4b7137ff8f
当前提交
bc31d3b2c7
共有 3 个文件被更改,包括 4 次插入16 次删除
合并视图 显示文件统计
  1. 0 2
      include/net/ah.h
  2. 2 7
      net/ipv4/ah4.c
  3. 2 7
      net/ipv6/ah6.c

+ 0 - 2
include/net/ah.h
查看文件 

@@ -9,8 +9,6 @@
 
 
 
 struct ah_data
 
 struct ah_data
 
 {
 
 {
 
-	u8			*key;
 
-	int			key_len;
 
 	u8			*work_icv;
 
 	u8			*work_icv;
 
 	int			icv_full_len;
 
 	int			icv_full_len;
 
 	int			icv_trunc_len;
 
 	int			icv_trunc_len;

+ 2 - 7
net/ipv4/ah4.c
查看文件 

@@ -219,10 +219,6 @@ static int ah_init_state(struct xfrm_state *x)
 
 	if (!x->aalg)
 
 	if (!x->aalg)
 
 		goto error;
 
 		goto error;
 
 
 
-	/* null auth can use a zero length key */
 
-	if (x->aalg->alg_key_len > 512)
 
-		goto error;
 
-
 
 	if (x->encap)
 
 	if (x->encap)
 
 		goto error;
 
 		goto error;
 
 
 
@@ -230,14 +226,13 @@ static int ah_init_state(struct xfrm_state *x)
 
 	if (ahp == NULL)
 
 	if (ahp == NULL)
 
 		return -ENOMEM;
 
 		return -ENOMEM;
 
 
 
-	ahp->key = x->aalg->alg_key;
 
-	ahp->key_len = (x->aalg->alg_key_len+7)/8;
 
 	tfm = crypto_alloc_hash(x->aalg->alg_name, 0, CRYPTO_ALG_ASYNC);
 
 	tfm = crypto_alloc_hash(x->aalg->alg_name, 0, CRYPTO_ALG_ASYNC);
 
 	if (IS_ERR(tfm))
 
 	if (IS_ERR(tfm))
 
 		goto error;
 
 		goto error;
 
 
 
 	ahp->tfm = tfm;
 
 	ahp->tfm = tfm;
 
-	if (crypto_hash_setkey(tfm, ahp->key, ahp->key_len))
 
+	if (crypto_hash_setkey(tfm, x->aalg->alg_key,
 
+			       (x->aalg->alg_key_len + 7) / 8))
 
 		goto error;
 
 		goto error;
 
 
 
 	/*
 
 	/*

+ 2 - 7
net/ipv6/ah6.c
查看文件 

@@ -429,10 +429,6 @@ static int ah6_init_state(struct xfrm_state *x)
 
 	if (!x->aalg)
 
 	if (!x->aalg)
 
 		goto error;
 
 		goto error;
 
 
 
-	/* null auth can use a zero length key */
 
-	if (x->aalg->alg_key_len > 512)
 
-		goto error;
 
-
 
 	if (x->encap)
 
 	if (x->encap)
 
 		goto error;
 
 		goto error;
 
 
 
@@ -440,14 +436,13 @@ static int ah6_init_state(struct xfrm_state *x)
 
 	if (ahp == NULL)
 
 	if (ahp == NULL)
 
 		return -ENOMEM;
 
 		return -ENOMEM;
 
 
 
-	ahp->key = x->aalg->alg_key;
 
-	ahp->key_len = (x->aalg->alg_key_len+7)/8;
 
 	tfm = crypto_alloc_hash(x->aalg->alg_name, 0, CRYPTO_ALG_ASYNC);
 
 	tfm = crypto_alloc_hash(x->aalg->alg_name, 0, CRYPTO_ALG_ASYNC);
 
 	if (IS_ERR(tfm))
 
 	if (IS_ERR(tfm))
 
 		goto error;
 
 		goto error;
 
 
 
 	ahp->tfm = tfm;
 
 	ahp->tfm = tfm;
 
-	if (crypto_hash_setkey(tfm, ahp->key, ahp->key_len))
 
+	if (crypto_hash_setkey(tfm, x->aalg->alg_key,
 
+			       (x->aalg->alg_key_len + 7) / 8))
 
 		goto error;
 
 		goto error;
 
 
 
 	/*
 
 	/*