Read the peer deletion reason from the kernel

Recent FreeBSD kernels supply a reason for the OVPN_NOTIF_DEL_PEER
notification. Parse this from the nvlist so we can distinguish
user-requested removals from timeouts.

Signed-off-by: Kristof Provost <kprovost@netgate.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221205164103.9190-4-kprovost@netgate.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25617.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index ae4e5edea37e158a3ae6e0bed0604a4c3d671a88..329b0d8b79eb5a4e4bb75e41f10665a8033d15e4 100644 (file)
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -529,6 +529,19 @@ dco_do_read(dco_context_t *dco)
     {
         dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED;
 
+        if (nvlist_exists_number(nvl, "del_reason"))
+        {
+            uint32_t reason = nvlist_get_number(nvl, "del_reason");
+            if (reason == OVPN_DEL_REASON_TIMEOUT)
+            {
+                dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED;
+            }
+            else
+            {
+                dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_USERSPACE;
+            }
+        }
+
         if (nvlist_exists_nvlist(nvl, "bytes"))
         {
             const nvlist_t *bytes = nvlist_get_nvlist(nvl, "bytes");

diff --git a/src/openvpn/ovpn_dco_freebsd.h b/src/openvpn/ovpn_dco_freebsd.h
index cc90111ebc92a4b9ace800ebc37064dbda2d39d1..fec33835f007cafa2d0f3300e4da02816aa4ae69 100644 (file)
--- a/src/openvpn/ovpn_dco_freebsd.h
+++ b/src/openvpn/ovpn_dco_freebsd.h
@@ -38,6 +38,11 @@ enum ovpn_notif_type {
     OVPN_NOTIF_DEL_PEER,
 };
 
+enum ovpn_del_reason {
+    OVPN_DEL_REASON_REQUESTED       = 0,
+    OVPN_DEL_REASON_TIMEOUT         = 1
+};
+
 enum ovpn_key_slot {
     OVPN_KEY_SLOT_PRIMARY   = 0,
     OVPN_KEY_SLOT_SECONDARY = 1