From 9b47b21918fcfef0a607d6d70fd304dc0f482ab0 Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Sat, 8 Nov 2025 20:46:09 +0300
Subject: [PATCH] nfqws: ipv6 ah header length is in 32-bit words, not 64-bit

---
 nfq/darkmagic.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/nfq/darkmagic.c b/nfq/darkmagic.c
index b760d0a2..193eb93a 100644
--- a/nfq/darkmagic.c
+++ b/nfq/darkmagic.c
@@ -936,7 +936,6 @@ void proto_skip_ipv6(uint8_t **data, size_t *len, uint8_t *proto_type, uint8_t *
 		{
 		case 0: // Hop-by-Hop Options
 		case 43: // routing
-		case 51: // authentication
 		case 60: // Destination Options
 		case 135: // mobility
 		case 139: // Host Identity Protocol Version v2
@@ -947,6 +946,11 @@ void proto_skip_ipv6(uint8_t **data, size_t *len, uint8_t *proto_type, uint8_t *
 		case 44: // fragment. length fixed to 8, hdrlen field defined as reserved
 			hdrlen = 8;
 			break;
+		case 51: // authentication
+			// special case. length in ah header is in 32-bit words minus 2
+			if (*len < 2) return; // error
+			hdrlen = 8 + ((*data)[1] << 2);
+			break;
 		case 59: // no next header
 			return; // error
 		default: