From 10ea19092ded38ff25a445f987ad948aa9eac49f Mon Sep 17 00:00:00 2001
From: Kristof Provost <kp@FreeBSD.org>
Date: Mon, 5 Dec 2022 17:41:02 +0100
Subject: [PATCH] Read the peer deletion reason from the kernel

Recent FreeBSD kernels supply a reason for the OVPN_NOTIF_DEL_PEER
notification. Parse this from the nvlist so we can distinguish
user-requested removals from timeouts.

Signed-off-by: Kristof Provost <kprovost@netgate.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221205164103.9190-4-kprovost@netgate.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25617.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/dco_freebsd.c      | 13 +++++++++++++
 src/openvpn/ovpn_dco_freebsd.h |  5 +++++
 2 files changed, 18 insertions(+)

diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index ae4e5edea37..329b0d8b79e 100644
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -529,6 +529,19 @@ dco_do_read(dco_context_t *dco)
     {
         dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED;
 
+        if (nvlist_exists_number(nvl, "del_reason"))
+        {
+            uint32_t reason = nvlist_get_number(nvl, "del_reason");
+            if (reason == OVPN_DEL_REASON_TIMEOUT)
+            {
+                dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED;
+            }
+            else
+            {
+                dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_USERSPACE;
+            }
+        }
+
         if (nvlist_exists_nvlist(nvl, "bytes"))
         {
             const nvlist_t *bytes = nvlist_get_nvlist(nvl, "bytes");
diff --git a/src/openvpn/ovpn_dco_freebsd.h b/src/openvpn/ovpn_dco_freebsd.h
index cc90111ebc9..fec33835f00 100644
--- a/src/openvpn/ovpn_dco_freebsd.h
+++ b/src/openvpn/ovpn_dco_freebsd.h
@@ -38,6 +38,11 @@ enum ovpn_notif_type {
     OVPN_NOTIF_DEL_PEER,
 };
 
+enum ovpn_del_reason {
+    OVPN_DEL_REASON_REQUESTED       = 0,
+    OVPN_DEL_REASON_TIMEOUT         = 1
+};
+
 enum ovpn_key_slot {
     OVPN_KEY_SLOT_PRIMARY   = 0,
     OVPN_KEY_SLOT_SECONDARY = 1