wireguard: add peers roaming support

Type: feature

With this change, peers are able to roam between different external
endpoints. Successfully authenticated handshake or data packet that is
received from a new endpoint will cause the peer's endpoint to be
updated accordingly.

Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ib4eb7dfa3403f3fb9e8bbe19ba6237c4960c764c

1 files changed, 7 insertions, 1 deletions

diff --git a/src/plugins/wireguard/wireguard_cli.c b/src/plugins/wireguard/wireguard_cli.c
index 214e6a5e2b4..5fa620507d6 100644
--- a/src/plugins/wireguard/wireguard_cli.c
+++ b/src/plugins/wireguard/wireguard_cli.c
@@ -165,7 +165,7 @@ wg_peer_add_command_fn (vlib_main_t * vm,
   u8 public_key[NOISE_PUBLIC_KEY_LEN + 1];
   fib_prefix_t allowed_ip, *allowed_ips = NULL;
   ip_prefix_t pfx;
-  ip_address_t ip;
+  ip_address_t ip = ip_address_initializer;
   u32 portDst = 0, table_id = 0;
   u32 persistent_keepalive = 0;
   u32 tun_sw_if_index = ~0;
@@ -213,6 +213,12 @@ wg_peer_add_command_fn (vlib_main_t * vm,
 	}
     }
 
+  if (0 == vec_len (allowed_ips))
+    {
+      error = clib_error_return (0, "Allowed IPs are not specified");
+      goto done;
+    }
+
   rv = wg_peer_add (tun_sw_if_index, public_key, table_id, &ip_addr_46 (&ip),
 		    allowed_ips, portDst, persistent_keepalive, &peer_index);