From patchwork Mon Dec 5 16:41:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kristof Provost X-Patchwork-Id: 2885 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:622a:418d:b0:3a5:7962:c21f with SMTP id cd13csp1969193qtb; Mon, 5 Dec 2022 09:09:06 -0800 (PST) X-Google-Smtp-Source: AA0mqf4aeEx6/9WIXko2ZNrMSDj7vRGDzT6mc3tosVrzG0EMuoIlIPBEANfYVUSpwNg+ZnQS1EKj X-Received: by 2002:a63:d356:0:b0:477:1a2:390e with SMTP id u22-20020a63d356000000b0047701a2390emr75393654pgi.83.1670260146736; Mon, 05 Dec 2022 09:09:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670260146; cv=none; d=google.com; s=arc-20160816; b=NI4P8I1e/KD/bkMhbvS7Gu6SiKpgJeAUiNcKpkgms/1A+6Ra0ecRXavpMVf0YQ5S3o fONzdFriGGEFKPzACii+4riGWr+fXzj/eZryQAd8dP9RPXP/GQ5TML7CvgsSE8QUQSsg JpDCBgFQZXQg0RMNuI8qn7NptUwjLqrPOOXPRfC1qcL8AqxCnz6hnKrB5KR29YQxdCzY 2heTWXoPnGXQYBq9sUe6RRgJoqFEIasOUhQmiwbPbys0kDZI1kvWsZS4NY3rvWnBy3Y7 OFfzKQsyQx+ThApEyxm1hAVFWSTzzXwUo2oKgg0TFL5SjibC2pV8U258nqkKzbVfKzVI FYNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:reply-to:from:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:dkim-signature:dkim-signature:dkim-signature; bh=Sm9EXndFihuhzEaclC7VzcoisgmXZORi9NyjYm4mlrs=; b=XnxVHH113C7cVPlg/XaWpFcpxgF+pQ5MtD+5bsJfDFFphllH8bs+5AF7F1LpQSiXFD NGa6Aq2nb2Ym3pbyYLP2P5GGVxoDhEZVnA7P/rFDzfSOhE57Nva5Syz7V+e2RgMN9GP2 rwi6BjqNr3yEaUfNaZPNwRS8R/srsmgKvkxTBjSutek+xWR+806s2O1YHfSuFO0nPQu4 pvIjzHUqe74mt5HiYqf7WLOvaKIzM/xw/eVyPxYk7mxNFdNWPtQ5OkexAky0dc+sFvom jeLZlp76m31F+JkQfo+CBS3rwfJlR4I7LmoGI5QOB/R2PMsceb7HaHMxGBZ1qmmY+lnI FGXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jsagfCP4; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ou0zhZj2; dkim=neutral (body hash did not verify) header.i=@netgate.com header.s=google header.b=UUCt5gB5; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id x5-20020a654145000000b004780221f08bsi14863134pgp.853.2022.12.05.09.09.06 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Dec 2022 09:09:06 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jsagfCP4; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ou0zhZj2; dkim=neutral (body hash did not verify) header.i=@netgate.com header.s=google header.b=UUCt5gB5; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p2Ex8-00063d-2t; Mon, 05 Dec 2022 17:08:26 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p2Ex6-00063X-RK for openvpn-devel@lists.sourceforge.net; Mon, 05 Dec 2022 17:08:24 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Ou/Y6MoWdZUwLJaTejYS2ymKTTMcEKfupS/h+Cz5aa0=; b=jsagfCP42PJi3JSUefLNKtSTU2 +leO2h01SHcHJJ8b8J6FPbl+wnx78xGB1x3hxEUhkh+izzUaKUpOb4YKQkwuebOpGIAi5MhHTpXce lDlHCSJhLAJJfchoesFjrGt+ThN+99NKTSfoKfw3m+YHQfkEP8CRj2hLlBp/Qlz0kiIw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Ou/Y6MoWdZUwLJaTejYS2ymKTTMcEKfupS/h+Cz5aa0=; b=Ou0zhZj2BCezSBdpy+bmtmXnh/ v2nHG/uu90AJgIBBWmQopOr0AWv4+J360lNugpizBJFLeT2bGqdYpMyJJrJD9Jy9huEgOUfgQoKPB BO0k/WaNyqbjcaFFSJkv/CnZ9LmdQB45fC1i6UIy60YMOu69WzbzlvDwdCQso0hgYHqc=; Received: from mail-lj1-f172.google.com ([209.85.208.172]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1p2Ex4-00033h-UY for openvpn-devel@lists.sourceforge.net; Mon, 05 Dec 2022 17:08:24 +0000 Received: by mail-lj1-f172.google.com with SMTP id z4so14284317ljq.6 for ; Mon, 05 Dec 2022 09:08:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netgate.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ou/Y6MoWdZUwLJaTejYS2ymKTTMcEKfupS/h+Cz5aa0=; b=UUCt5gB5VCjW6GSTWG2sHw8eEpdO1XZ35uvoPkDojvlXDNSKrcn+WcanhU8poBLFUf ZuivKwN0cfAGFTwcSgVBy9S0+xUILiHRVNRbmQ2m789U9vC6oKbf7kq1ggLz/QjWyENc AYBxuyVV7ltw4UYe4Aje34AaP/UqJvtd291sk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ou/Y6MoWdZUwLJaTejYS2ymKTTMcEKfupS/h+Cz5aa0=; b=BqB2mmq5cNObSfr+TKWHU0sa4E9i81zi2i1Zkyw1sJvjWTQvRwRX8mnZ/43/FZvIoG mwGL2PUVvPxx/DJXQLkNmOKhz916b/gnAQjiejawiDO40ma3MRmF46vGzalPlfT5eZi3 2vQ8BKJJ/ArsKqhNVJZWvZL2Xk2jtyazWy0vNxtgMXSaHjLR8nLJkbLWrA+dRh38tAut TSzqAF4lX2LM5o4czr0LARKyfUTsSA2KUhMYbXeFCTkC7gEl2fXMwWUssEnJRFoJL+zc bgZLbuHyooaGlvNQQ0x2bOEdaZCT+hf0fek45wo7X2148m0f28XG3XSkvAvpwLKgRJsM k93g== X-Gm-Message-State: ANoB5pmRYZalSoCCY0m/lG98AB65Nwnr0Hx6V1EQXk1SBf/O5dKgw1YK ZznSBMSbXnOGnEyJlqhWAWJO+REVvN2F3+uv X-Received: by 2002:a05:6402:528d:b0:468:dc9:ec08 with SMTP id en13-20020a056402528d00b004680dc9ec08mr60394862edb.17.1670258468062; Mon, 05 Dec 2022 08:41:08 -0800 (PST) Received: from nut.jupiter.sigsegv.be (ptr-8rfalzsse26o3oo9imw.18120a2.ip6.access.telenet.be. [2a02:1811:2402:bf00:f602:70ff:feae:6e98]) by smtp.googlemail.com with ESMTPSA id 1-20020a170906310100b0073ae9ba9ba8sm6389266ejx.3.2022.12.05.08.41.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 05 Dec 2022 08:41:07 -0800 (PST) To: openvpn-devel Date: Mon, 5 Dec 2022 17:41:02 +0100 Message-Id: <20221205164103.9190-4-kprovost@netgate.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221205164103.9190-1-kprovost@netgate.com> References: <20221205164103.9190-1-kprovost@netgate.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Kristof Provost Recent FreeBSD kernels supply a reason for the OVPN_NOTIF_DEL_PEER notification. Parse this from the nvlist so we can distinguish user-requested removals from timeouts. Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.172 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.172 listed in wl.mailspike.net] X-Headers-End: 1p2Ex4-00033h-UY Subject: [Openvpn-devel] [PATCH 3/4] Read the peer deletion reason from the kernel X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Kristof Provost via Openvpn-devel From: Kristof Provost Reply-To: Kristof Provost Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1751394703849576544?= X-GMAIL-MSGID: =?utf-8?q?1751394703849576544?= From: Kristof Provost Recent FreeBSD kernels supply a reason for the OVPN_NOTIF_DEL_PEER notification. Parse this from the nvlist so we can distinguish user-requested removals from timeouts. Signed-off-by: Kristof Provost Acked-by: Gert Doering --- src/openvpn/dco_freebsd.c | 13 +++++++++++++ src/openvpn/ovpn_dco_freebsd.h | 5 +++++ 2 files changed, 18 insertions(+) diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index 2ae46589..8d7ceb70 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -529,6 +529,19 @@ dco_do_read(dco_context_t *dco) { dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED; + if (nvlist_exists_number(nvl, "del_reason")) + { + uint32_t reason = nvlist_get_number(nvl, "del_reason"); + if (reason == OVPN_DEL_REASON_TIMEOUT) + { + dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED; + } + else + { + dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_USERSPACE; + } + } + if (nvlist_exists_nvlist(nvl, "bytes")) { const nvlist_t *bytes = nvlist_get_nvlist(nvl, "bytes"); diff --git a/src/openvpn/ovpn_dco_freebsd.h b/src/openvpn/ovpn_dco_freebsd.h index cc90111e..fec33835 100644 --- a/src/openvpn/ovpn_dco_freebsd.h +++ b/src/openvpn/ovpn_dco_freebsd.h @@ -38,6 +38,11 @@ enum ovpn_notif_type { OVPN_NOTIF_DEL_PEER, }; +enum ovpn_del_reason { + OVPN_DEL_REASON_REQUESTED = 0, + OVPN_DEL_REASON_TIMEOUT = 1 +}; + enum ovpn_key_slot { OVPN_KEY_SLOT_PRIMARY = 0, OVPN_KEY_SLOT_SECONDARY = 1