Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert ipv6 addresses to compressed, expanded and special forms #230

Closed
ivanov17 opened this issue Dec 4, 2022 · 1 comment
Closed

Convert ipv6 addresses to compressed, expanded and special forms #230

ivanov17 opened this issue Dec 4, 2022 · 1 comment
Assignees
@Qalthos @ashwini-mhatre

Comments

@ivanov17
Copy link

ivanov17 commented Dec 4, 2022

SUMMARY

I was surprised that there is no filter for getting expanded ipv6 addresses in ansible.utils collection.

I would like to get something as:

# {{ '::1' | ansible.utils.ipv6('expand') }}
'0000:0000:0000:0000:0000:0000:0000:0001'

And for ipv6 addresses compression:

# {{ '0000:0000:0000:0000:0000:0000:0000:0001' | ansible.utils.ipv6('compress') }}
'::1'

Also I think it would be great to have filter that converts ipv6 address to x509 notation:

# {{ '::1' | ansible.utils.ipv6('x509') }}
'0:0:0:0:0:0:0:1'

When the subjectAltName extension contains an iPAddress, the address MUST be stored in the octet string in "network byte order", as specified in [RFC791]. The least significant bit (LSB) of each octet is the LSB of the corresponding byte in the network address. For IP version 4, as specified in [RFC791], the octet string MUST contain exactly four octets. For IP version 6, as specified in [RFC2460], the octet string MUST contain exactly sixteen octets.

RFC5820

IPv6 addresses must be in the form x:x:x:x:x:x:x:x, exactly 8 groups of one to four hexadecimal digits separated by colons. The compressed zero form using "::" is not accepted.

X.509 Extensions Parameter

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

I think it would be like ansible.utils.ip4_hex filter or ansible.utils.ipwrap wrapper.

It can be also implemented as separate module, e.g. ansible.utils.ip6_form:

ansible.utils.ip6_form('compress')
ansible.utils.ip6_form('expand')
ansible.utils.ip6_form('x509')
ADDITIONAL INFORMATION

In general, for processing ipv6 addresses in different forms with other filters. In particular, x509 notation filter for ipv6 will be used for self-signed certificates. Getting expanded ipv6 using regular expressions is a very complicated and unreliable way.

Example of using:

- community.crypto.openssl_csr_pipe:
    privatekey_path: "{{ privkey.filename }}"
    common_name: "{{ ansible_fqdn }}"
    subject_alt_name:
      - "IP:{{ ansible_default_ipv4.address }}"
      - "IP:{{ ansible_default_ipv6.address|ansible.utils.ip6_form('x509') }}"
@ashwini-mhatre ashwini-mhatre self-assigned this Jul 19, 2023
@ashwini-mhatre
Copy link
Contributor

#295 is merged

@brettinternet-bot brettinternet-bot bot mentioned this issue Sep 9, 2023
Closed
1 task
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this issue Sep 18, 2023
ansible: updated to 8.4.0
047cd54 
v8.4.0

Major Changes
-------------

fortinet.fortios

- Improve the document for adding notes and examples in Q&A for modules using Integer number as the mkey.

Minor Changes
-------------

amazon.aws

- cloudformation - Add support for ``disable_rollback`` to update stack operation (ansible-collections/amazon.aws#1681).
- ec2_key - add support for new parameter ``file_name`` to save private key in when new key is created by AWS. When this option is provided the generated private key will be removed from the module return (ansible-collections/amazon.aws#1704).

ansible.netcommon

- Add a new cliconf plugin ``default`` that can be used when no cliconf plugin is found for a given network_os. This plugin only supports ``get()``. (ansible-collections/ansible.netcommon#569)
- httpapi - Add additional option ``ca_path``, ``client_cert``, ``client_key``, and ``http_agent`` that are available in open_url but not to httpapi. (ansible-collections/ansible.netcommon#528)
- telnet - add crlf option to send CRLF instead of just LF (ansible-collections/ansible.netcommon#440).

ansible.utils

- Add ipcut filter plugin.(ansible-collections/ansible.utils#251)
- Add ipv6form filter plugin.(ansible-collections/ansible.utils#230)

arista.eos

- Add support for overridden operation in bgp_global resource module.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Qalthos Qalthos

@ashwini-mhatre ashwini-mhatre

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ivanov17 @Qalthos @ashwini-mhatre