xfrm: Fix truncation length of authentication algorithms installed via PF_KEY
Martin Willi [Wed, 9 Dec 2009 06:11:15 +0000 (06:11 +0000)]
Commit 4447bb33f09444920a8f1d89e1540137429351b6 ("xfrm: Store aalg in
xfrm_state with a user specified truncation length") breaks
installation of authentication algorithms via PF_KEY, as the state
specific truncation length is not installed with the algorithms
default truncation length.  This patch initializes state properly to
the default if installed via PF_KEY.

Signed-off-by: Martin Willi <martin@strongswan.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/key/af_key.c

index 84209fb..76fa6fe 100644 (file)
@@ -1193,6 +1193,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
                        x->aalg->alg_key_len = key->sadb_key_bits;
                        memcpy(x->aalg->alg_key, key+1, keysize);
                }
+               x->aalg->alg_trunc_len = a->uinfo.auth.icv_truncbits;
                x->props.aalgo = sa->sadb_sa_auth;
                /* x->algo.flags = sa->sadb_sa_flags; */
        }