Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: DH Key creation fails #403

Open
krausi24 opened this issue Apr 8, 2024 · 0 comments
Open

[Bug]: DH Key creation fails #403

krausi24 opened this issue Apr 8, 2024 · 0 comments
Assignees
@sumanth-lingappa
Labels
bug

Comments

@krausi24
Copy link

krausi24 commented Apr 8, 2024
edited
Loading

Summary

When using the netscaler.adc.ssldhparam module, creation of a DH Key fails.

My suggest is that "float" datatype is wrong for the "bits" parameter. Float adds a "." like 2048.0 which obviously fails.

Issue Type

Bug Report

Component Name

ssldhparam

Python Version

Python 3.10.6

Ansible Version

ansible [core 2.14.6]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/dkr/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/dkr/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.10.6 (main, Mar 10 2023, 10:55:28) [GCC 11.3.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True

Ansible Configuration

$CONFIG_FILE() = /etc/ansible/ansible.cfg
DISPLAY_SKIPPED_HOSTS(/etc/ansible/ansible.cfg) = False

netscaler.adc Collection Version

# /home/dkr/.ansible/collections/ansible_collections
Collection    Version
------------- -------
netscaler.adc 2.5.1

Target NetScaler Version

14.1  17.38

Equivalent NetScaler CLI Command

> create dhParam "/nsconfig/ssl/dhkey_gen2_2048" -gen 2 2048
 Done

Steps to Reproduce

---
- name: Create SSL DH Key
  tags: netscaler_SSLPROFILE_DHKEY
  delegate_to: localhost
  netscaler.adc.ssldhparam:
    nsip: "{{ ansible_host }}"
    nitro_user: "{{ nitro_user }}"
    nitro_pass: "{{ nitro_pass }}"
    validate_certs: "{{ validate_certs }}"
    state: "{{ dhkey_state }}"

    bits: "{{ item['DHKEY_bits'] }}"
    dhfile: "{{ item['DHKEY_dhfile'] }}"
    gen: "{{ item['DHKEY_gen'] }}"


Vars:
dhkey_state: "create"
dhkeys:
  - DHKEY_bits: 2048
    DHKEY_dhfile: "nsconfig/ssl/dhkey_gen2_2048"
    DHKEY_gen: "2"

Expected Results

Dhkey is created

Actual Results

TASK [netscaler_SSLPROFILE : Create SSL DH Key] ******************************************************************************************************************************************************************************************************************
fatal: [dkr_adc4 -> localhost]: FAILED! => {"changed": true, "loglines": ["DEBUG: Initializing ModuleExecutor for resource ssldhparam", "TRACE: ENTRY: common.get_valid_desired_states() called with ('ssldhparam',), {}", "TRACE: EXIT: common.get_valid_desired_states() returned {'created'}", "TRACE: ENTRY: common.get_netscaler_version() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {}", "TRACE: ENTRY: common.get_resource() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'nsversion'), {}", "WARNING: Resource name nsversion not found in NITRO_RESOURCE_MAP to get get_arg_keys", "TRACE: ENTRY: client.get() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {'resource': 'nsversion', 'id': None, 'args': {}}", "TRACE: ENTRY: client.url_builder() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'nsversion'), {'id': None, 'args': {}, 'attrs': None, 'filter': None}", "TRACE: EXIT: client.url_builder() returned https://10.205.102.4/nitro/v1/config/nsversion", "TRACE: ENTRY: client.send() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'GET', 'https://10.205.102.4/nitro/v1/config/nsversion'), {}", "DEBUG: self={'_module': <ansible.module_utils.basic.AnsibleModule object at 0x7f55f1018b50>, 'check_mode': False, 'api_path': 'nitro/v1/config', '_headers': {'Content-Type': 'application/json', 'User-Agent': 'ansible-ctxadc', 'X-NITRO-USER': '********', 'X-NITRO-PASS': '********'}}", "DEBUG: fetch_url()-resonse-info= GET: {'url': 'https://10.205.102.4/nitro/v1/config/nsversion', 'status': 200, 'date': 'Mon, 08 Apr 2024 12:03:49 GMT', 'server': 'Apache', 'x-frame-options': 'SAMEORIGIN', 'expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'pragma': 'no-cache', 'vary': 'Accept-Encoding', 'feature-policy': \"camera 'none'; microphone 'none'; geolocation 'none'\", 'referrer-policy': 'no-referrer', 'x-xss-protection': '1; mode=block', 'x-content-type-options': 'nosniff', 'content-length': '201', 'content-type': 'application/json; charset=utf-8', 'connection': 'close', 'cookies_string': '', 'cookies': {}, 'msg': 'OK (201 bytes)'}", "TRACE: EXIT: client.send() returned (200, {'errorcode': 0, 'message': 'Done', 'severity': 'NONE', 'nsversion': {'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb  7 2024, 21:58:09   (64-bit)', 'mode': '1'}})", "TRACE: EXIT: client.get() returned (200, {'errorcode': 0, 'message': 'Done', 'severity': 'NONE', 'nsversion': {'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb  7 2024, 21:58:09   (64-bit)', 'mode': '1'}})", "TRACE: ENTRY: common.fix_nitro_anomolies() called with ('nsversion', {}, [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb  7 2024, 21:58:09   (64-bit)', 'mode': '1'}]), {}", "TRACE: EXIT: common.fix_nitro_anomolies() returned [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb  7 2024, 21:58:09   (64-bit)', 'mode': '1'}]", "TRACE: EXIT: common.get_resource() returned (True, [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb  7 2024, 21:58:09   (64-bit)', 'mode': '1'}])", "TRACE: EXIT: common.get_netscaler_version() returned (14.1, 17.38)", "INFO: NetScaler version: 14.1-17.38", "DEBUG: All params (including non module-specific params) are: {'nsip': '10.205.102.4', 'nitro_user': '********', 'nitro_pass': '********', 'validate_certs': False, 'state': 'created', 'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2', 'nitro_protocol': 'https', 'save_config': False, 'api_path': 'nitro/v1/config', 'nitro_auth_token': None}", "TRACE: ENTRY: module_executor._filter_resource_module_params() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "DEBUG: self.module.params: {'nsip': '10.205.102.4', 'nitro_user': '********', 'nitro_pass': '********', 'validate_certs': False, 'state': 'created', 'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2', 'nitro_protocol': 'https', 'save_config': False, 'api_path': 'nitro/v1/config', 'nitro_auth_token': None}", "DEBUG: Desired `ssldhparam` module specific params are: {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}", "TRACE: EXIT: module_executor._filter_resource_module_params() returned None", "TRACE: ENTRY: module_executor._filter_desired_bindings() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "DEBUG: Desired `ssldhparam` module specific bindings are: {}", "TRACE: EXIT: module_executor._filter_desired_bindings() returned None", "TRACE: ENTRY: module_executor.main() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "TRACE: ENTRY: module_executor.act_on_resource() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {'action': 'create'}", "TRACE: ENTRY: common.create_resource_with_action() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'ssldhparam', {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}), {'action': 'create'}", "TRACE: ENTRY: common._check_create_resource_params() called with ('ssldhparam', {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}), {'action': 'create'}", "TRACE: EXIT: common._check_create_resource_params() returned (True, None, {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'})", "TRACE: ENTRY: client.post() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {'post_data': {'ssldhparam': {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}}, 'resource': 'ssldhparam', 'action': 'create'}", "TRACE: ENTRY: client.url_builder() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'ssldhparam'), {'action': 'create'}", "TRACE: EXIT: client.url_builder() returned https://10.205.102.4/nitro/v1/config/ssldhparam?action=create", "TRACE: ENTRY: client.send() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'POST', 'https://10.205.102.4/nitro/v1/config/ssldhparam?action=create', '{\"ssldhparam\": {\"bits\": 2048.0, \"dhfile\": \"nsconfig/ssl/dhkey_gen2_2048\", \"gen\": \"2\"}}'), {}", "DEBUG: self={'_module': <ansible.module_utils.basic.AnsibleModule object at 0x7f55f1018b50>, 'check_mode': False, 'api_path': 'nitro/v1/config', '_headers': {'Content-Type': 'application/json', 'User-Agent': 'ansible-ctxadc', 'X-NITRO-USER': '********', 'X-NITRO-PASS': '********'}}", "DEBUG: fetch_url()-resonse-info= POST: {'url': 'https://10.205.102.4/nitro/v1/config/ssldhparam?action=create', 'status': -1, 'msg': 'Connection failure: The read operation timed out'}", "TRACE: EXIT: client.send() returned (-1, {})", "TRACE: EXIT: client.post() returned (-1, {})", "TRACE: ENTRY: common.return_response() called with (), {'status_code': -1, 'response_body': {}, 'operation': 'create_resource', 'resource_name': 'ssldhparam'}", "ERROR: create_resource FAILED; status_code: -1; Reason:{}", "TRACE: EXIT: common.return_response() returned (False, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}')", "TRACE: EXIT: common.create_resource_with_action() returned (False, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}')", "TRACE: ENTRY: module_executor.return_failure() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}'), {}"], "msg": "ERROR: create_resource FAILED; status_code: -1; Reason:{}"}

Additional Notes

My suggest is that "float" datatype is wrong for the "bits" parameter. Float adds a "." like 2048.0 which obviously fails.

GUI working:
{"params":{"action":"create","warning":"YES"},"ssldhparam":{"dhfile":"/nsconfig/ssl/dhkey1024","bits":"1024","gen":"2"}}
vs.
Ansible non working:
{"ssldhparam": {"bits": 2048.0, "dhfile": "nsconfig/ssl/dhkey_gen2_2048",
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sumanth-lingappa sumanth-lingappa

Labels
bug
Projects
None yet
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

403-bug-dh-key-creation-fails netscaler/ansible-collection-netscaleradc
2 participants
@sumanth-lingappa @krausi24