From 642e3590a235e7fad5898fba91bb70d4689aad31 Mon Sep 17 00:00:00 2001 From: Kristin Laemmert Date: Wed, 8 Jul 2020 10:57:57 -0400 Subject: [PATCH 1/3] upgrade go-cidr to v1.1.0 --- go.mod | 2 +- go.sum | 2 + .../apparentlymart/go-cidr/cidr/cidr.go | 38 ++++++++++++++----- vendor/modules.txt | 2 +- 4 files changed, 32 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 4693f90172..ef3591083e 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190329064014-6e358769c32a github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190103054945-8205d1f41e70 github.com/aliyun/aliyun-tablestore-go-sdk v4.1.2+incompatible - github.com/apparentlymart/go-cidr v1.0.1 + github.com/apparentlymart/go-cidr v1.1.0 github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 github.com/apparentlymart/go-userdirs v0.0.0-20190512014041-4a23807e62b9 github.com/apparentlymart/go-versions v1.0.0 diff --git a/go.sum b/go.sum index 9fb02f6105..17ce1fa180 100644 --- a/go.sum +++ b/go.sum @@ -76,6 +76,8 @@ github.com/antchfx/xquery v0.0.0-20180515051857-ad5b8c7a47b0 h1:JaCC8jz0zdMLk2m+ github.com/antchfx/xquery v0.0.0-20180515051857-ad5b8c7a47b0/go.mod h1:LzD22aAzDP8/dyiCKFp31He4m2GPjl0AFyzDtZzUu9M= github.com/apparentlymart/go-cidr v1.0.1 h1:NmIwLZ/KdsjIUlhf+/Np40atNXm/+lZ5txfTJ/SpF+U= github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= +github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= +github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 h1:MzVXffFUye+ZcSR6opIgz9Co7WcDx6ZcY+RjfFHoA0I= github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= diff --git a/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go b/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go index ed749d4c51..20823af041 100644 --- a/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go +++ b/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go @@ -28,6 +28,16 @@ import ( // For example, 10.3.0.0/16, extended by 8 bits, with a network number // of 5, becomes 10.3.5.0/24 . func Subnet(base *net.IPNet, newBits int, num int) (*net.IPNet, error) { + return SubnetBig(base, newBits, big.NewInt(int64(num))) +} + +// SubnetBig takes a parent CIDR range and creates a subnet within it with the +// given number of additional prefix bits and the given network number. It +// differs from Subnet in that it takes a *big.Int for the num, instead of an int. +// +// For example, 10.3.0.0/16, extended by 8 bits, with a network number of 5, +// becomes 10.3.5.0/24 . +func SubnetBig(base *net.IPNet, newBits int, num *big.Int) (*net.IPNet, error) { ip := base.IP mask := base.Mask @@ -39,24 +49,32 @@ func Subnet(base *net.IPNet, newBits int, num int) (*net.IPNet, error) { } maxNetNum := uint64(1< maxNetNum { + if num.Uint64() > maxNetNum { return nil, fmt.Errorf("prefix extension of %d does not accommodate a subnet numbered %d", newBits, num) } return &net.IPNet{ - IP: insertNumIntoIP(ip, big.NewInt(int64(num)), newPrefixLen), + IP: insertNumIntoIP(ip, num, newPrefixLen), Mask: net.CIDRMask(newPrefixLen, addrLen), }, nil } -// Host takes a parent CIDR range and turns it into a host IP address with -// the given host number. +// Host takes a parent CIDR range and turns it into a host IP address with the +// given host number. // // For example, 10.3.0.0/16 with a host number of 2 gives 10.3.0.2. func Host(base *net.IPNet, num int) (net.IP, error) { + return HostBig(base, big.NewInt(int64(num))) +} + +// HostBig takes a parent CIDR range and turns it into a host IP address with +// the given host number. It differs from Host in that it takes a *big.Int for +// the num, instead of an int. +// +// For example, 10.3.0.0/16 with a host number of 2 gives 10.3.0.2. +func HostBig(base *net.IPNet, num *big.Int) (net.IP, error) { ip := base.IP mask := base.Mask - bigNum := big.NewInt(int64(num)) parentLen, addrLen := mask.Size() hostLen := addrLen - parentLen @@ -65,11 +83,11 @@ func Host(base *net.IPNet, num int) (net.IP, error) { maxHostNum.Lsh(maxHostNum, uint(hostLen)) maxHostNum.Sub(maxHostNum, big.NewInt(1)) - numUint64 := big.NewInt(int64(bigNum.Uint64())) - if bigNum.Cmp(big.NewInt(0)) == -1 { - numUint64.Neg(bigNum) + numUint64 := big.NewInt(int64(num.Uint64())) + if num.Cmp(big.NewInt(0)) == -1 { + numUint64.Neg(num) numUint64.Sub(numUint64, big.NewInt(int64(1))) - bigNum.Sub(maxHostNum, numUint64) + num.Sub(maxHostNum, numUint64) } if numUint64.Cmp(maxHostNum) == 1 { @@ -81,7 +99,7 @@ func Host(base *net.IPNet, num int) (net.IP, error) { } else { bitlength = 128 } - return insertNumIntoIP(ip, bigNum, bitlength), nil + return insertNumIntoIP(ip, num, bitlength), nil } // AddressRange returns the first and last addresses in the given CIDR range. diff --git a/vendor/modules.txt b/vendor/modules.txt index 9a8efeddf4..4e7b4f2d58 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -87,7 +87,7 @@ github.com/aliyun/aliyun-tablestore-go-sdk/tablestore/search github.com/antchfx/xpath # github.com/antchfx/xquery v0.0.0-20180515051857-ad5b8c7a47b0 github.com/antchfx/xquery/xml -# github.com/apparentlymart/go-cidr v1.0.1 +# github.com/apparentlymart/go-cidr v1.1.0 ## explicit github.com/apparentlymart/go-cidr/cidr # github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 From 384cfaacf9c3f43bb1a94dcc9b6e0f5f1870c467 Mon Sep 17 00:00:00 2001 From: Kristin Laemmert Date: Wed, 8 Jul 2020 10:58:06 -0400 Subject: [PATCH 2/3] lang/funcs: refactor Subnet and Host functions to support 64-bit systems --- lang/funcs/cidr.go | 17 +++++++---------- lang/funcs/cidr_test.go | 7 +++++++ 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/lang/funcs/cidr.go b/lang/funcs/cidr.go index 8c07514896..024c28a851 100644 --- a/lang/funcs/cidr.go +++ b/lang/funcs/cidr.go @@ -2,6 +2,7 @@ package funcs import ( "fmt" + "math/big" "net" "github.com/apparentlymart/go-cidr/cidr" @@ -25,7 +26,7 @@ var CidrHostFunc = function.New(&function.Spec{ }, Type: function.StaticReturnType(cty.String), Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) { - var hostNum int + var hostNum *big.Int if err := gocty.FromCtyValue(args[1], &hostNum); err != nil { return cty.UnknownVal(cty.String), err } @@ -34,7 +35,7 @@ var CidrHostFunc = function.New(&function.Spec{ return cty.UnknownVal(cty.String), fmt.Errorf("invalid CIDR expression: %s", err) } - ip, err := cidr.Host(network, hostNum) + ip, err := cidr.HostBig(network, hostNum) if err != nil { return cty.UnknownVal(cty.String), err } @@ -86,7 +87,7 @@ var CidrSubnetFunc = function.New(&function.Spec{ if err := gocty.FromCtyValue(args[1], &newbits); err != nil { return cty.UnknownVal(cty.String), err } - var netnum int + var netnum *big.Int if err := gocty.FromCtyValue(args[2], &netnum); err != nil { return cty.UnknownVal(cty.String), err } @@ -96,15 +97,11 @@ var CidrSubnetFunc = function.New(&function.Spec{ return cty.UnknownVal(cty.String), fmt.Errorf("invalid CIDR expression: %s", err) } - // For portability with 32-bit systems where the subnet number - // will be a 32-bit int, we only allow extension of 32 bits in - // one call even if we're running on a 64-bit machine. - // (Of course, this is significant only for IPv6.) - if newbits > 32 { - return cty.UnknownVal(cty.String), fmt.Errorf("may not extend prefix by more than 32 bits") + if newbits > 64 { + return cty.UnknownVal(cty.String), fmt.Errorf("may not extend prefix by more than 64 bits") } - newNetwork, err := cidr.Subnet(network, newbits, netnum) + newNetwork, err := cidr.SubnetBig(network, newbits, netnum) if err != nil { return cty.UnknownVal(cty.String), err } diff --git a/lang/funcs/cidr_test.go b/lang/funcs/cidr_test.go index 824a928e2e..b80ad8cbdd 100644 --- a/lang/funcs/cidr_test.go +++ b/lang/funcs/cidr_test.go @@ -165,6 +165,13 @@ func TestCidrSubnet(t *testing.T) { cty.StringVal("192.168.6.0/24"), false, }, + { + cty.StringVal("fe80::/48"), + cty.NumberIntVal(33), + cty.NumberIntVal(6), + cty.StringVal("fe80::3:0:0:0/81"), + false, + }, { // not enough bits left cty.StringVal("192.168.0.0/30"), cty.NumberIntVal(4), From e639d813ee566ca8cc82b6e3d572798071c393de Mon Sep 17 00:00:00 2001 From: Kristin Laemmert Date: Wed, 8 Jul 2020 13:14:15 -0400 Subject: [PATCH 3/3] add test cases and remove no-longer-needed validation --- lang/funcs/cidr.go | 4 ---- lang/funcs/cidr_test.go | 19 ++++++++++++++++--- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/lang/funcs/cidr.go b/lang/funcs/cidr.go index 024c28a851..3a20ec282e 100644 --- a/lang/funcs/cidr.go +++ b/lang/funcs/cidr.go @@ -97,10 +97,6 @@ var CidrSubnetFunc = function.New(&function.Spec{ return cty.UnknownVal(cty.String), fmt.Errorf("invalid CIDR expression: %s", err) } - if newbits > 64 { - return cty.UnknownVal(cty.String), fmt.Errorf("may not extend prefix by more than 64 bits") - } - newNetwork, err := cidr.SubnetBig(network, newbits, netnum) if err != nil { return cty.UnknownVal(cty.String), err diff --git a/lang/funcs/cidr_test.go b/lang/funcs/cidr_test.go index b80ad8cbdd..4bed530cba 100644 --- a/lang/funcs/cidr_test.go +++ b/lang/funcs/cidr_test.go @@ -56,6 +56,12 @@ func TestCidrHost(t *testing.T) { cty.UnknownVal(cty.String), true, // can't have an octet >255 }, + { // fractions are Not Ok + cty.StringVal("10.256.0.0/8"), + cty.NumberFloatVal(.75), + cty.UnknownVal(cty.String), + true, + }, } for _, test := range tests { @@ -183,21 +189,28 @@ func TestCidrSubnet(t *testing.T) { cty.StringVal("192.168.0.0/168"), cty.NumberIntVal(2), cty.NumberIntVal(16), - cty.StringVal("fe80:0:0:6::/64"), + cty.UnknownVal(cty.String), true, }, { // not a valid CIDR mask cty.StringVal("not-a-cidr"), cty.NumberIntVal(4), cty.NumberIntVal(6), - cty.StringVal("fe80:0:0:6::/64"), + cty.UnknownVal(cty.String), true, }, { // can't have an octet >255 cty.StringVal("10.256.0.0/8"), cty.NumberIntVal(4), cty.NumberIntVal(6), - cty.StringVal("fe80:0:0:6::/64"), + cty.UnknownVal(cty.String), + true, + }, + { // fractions are Not Ok + cty.StringVal("10.256.0.0/8"), + cty.NumberFloatVal(2 / 3), + cty.NumberFloatVal(.75), + cty.UnknownVal(cty.String), true, }, }