[Bug]: DH Key creation fails
krausi24 opened this issue · 0 comments
krausi24 commented
Summary
When using the netscaler.adc.ssldhparam module, creation of a DH Key fails.
My suggest is that "float" datatype is wrong for the "bits" parameter. Float adds a "." like 2048.0 which obviously fails.
Issue Type
Bug Report
Component Name
ssldhparam
Python Version
Python 3.10.6
Ansible Version
ansible [core 2.14.6]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/dkr/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/dkr/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.6 (main, Mar 10 2023, 10:55:28) [GCC 11.3.0] (/usr/bin/python3)
jinja version = 3.0.3
libyaml = True
Ansible Configuration
$CONFIG_FILE() = /etc/ansible/ansible.cfg
DISPLAY_SKIPPED_HOSTS(/etc/ansible/ansible.cfg) = False
netscaler.adc Collection Version
# /home/dkr/.ansible/collections/ansible_collections
Collection Version
------------- -------
netscaler.adc 2.5.1
Target NetScaler Version
14.1 17.38
Equivalent NetScaler CLI Command
> create dhParam "/nsconfig/ssl/dhkey_gen2_2048" -gen 2 2048
DoneSteps to Reproduce
---
- name: Create SSL DH Key
tags: netscaler_SSLPROFILE_DHKEY
delegate_to: localhost
netscaler.adc.ssldhparam:
nsip: "{{ ansible_host }}"
nitro_user: "{{ nitro_user }}"
nitro_pass: "{{ nitro_pass }}"
validate_certs: "{{ validate_certs }}"
state: "{{ dhkey_state }}"
bits: "{{ item['DHKEY_bits'] }}"
dhfile: "{{ item['DHKEY_dhfile'] }}"
gen: "{{ item['DHKEY_gen'] }}"
Vars:
dhkey_state: "create"
dhkeys:
- DHKEY_bits: 2048
DHKEY_dhfile: "nsconfig/ssl/dhkey_gen2_2048"
DHKEY_gen: "2"Expected Results
Dhkey is created
Actual Results
TASK [netscaler_SSLPROFILE : Create SSL DH Key] ******************************************************************************************************************************************************************************************************************
fatal: [dkr_adc4 -> localhost]: FAILED! => {"changed": true, "loglines": ["DEBUG: Initializing ModuleExecutor for resource ssldhparam", "TRACE: ENTRY: common.get_valid_desired_states() called with ('ssldhparam',), {}", "TRACE: EXIT: common.get_valid_desired_states() returned {'created'}", "TRACE: ENTRY: common.get_netscaler_version() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {}", "TRACE: ENTRY: common.get_resource() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'nsversion'), {}", "WARNING: Resource name nsversion not found in NITRO_RESOURCE_MAP to get get_arg_keys", "TRACE: ENTRY: client.get() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {'resource': 'nsversion', 'id': None, 'args': {}}", "TRACE: ENTRY: client.url_builder() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'nsversion'), {'id': None, 'args': {}, 'attrs': None, 'filter': None}", "TRACE: EXIT: client.url_builder() returned https://10.205.102.4/nitro/v1/config/nsversion", "TRACE: ENTRY: client.send() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'GET', 'https://10.205.102.4/nitro/v1/config/nsversion'), {}", "DEBUG: self={'_module': <ansible.module_utils.basic.AnsibleModule object at 0x7f55f1018b50>, 'check_mode': False, 'api_path': 'nitro/v1/config', '_headers': {'Content-Type': 'application/json', 'User-Agent': 'ansible-ctxadc', 'X-NITRO-USER': '********', 'X-NITRO-PASS': '********'}}", "DEBUG: fetch_url()-resonse-info= GET: {'url': 'https://10.205.102.4/nitro/v1/config/nsversion', 'status': 200, 'date': 'Mon, 08 Apr 2024 12:03:49 GMT', 'server': 'Apache', 'x-frame-options': 'SAMEORIGIN', 'expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'pragma': 'no-cache', 'vary': 'Accept-Encoding', 'feature-policy': \"camera 'none'; microphone 'none'; geolocation 'none'\", 'referrer-policy': 'no-referrer', 'x-xss-protection': '1; mode=block', 'x-content-type-options': 'nosniff', 'content-length': '201', 'content-type': 'application/json; charset=utf-8', 'connection': 'close', 'cookies_string': '', 'cookies': {}, 'msg': 'OK (201 bytes)'}", "TRACE: EXIT: client.send() returned (200, {'errorcode': 0, 'message': 'Done', 'severity': 'NONE', 'nsversion': {'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb 7 2024, 21:58:09 (64-bit)', 'mode': '1'}})", "TRACE: EXIT: client.get() returned (200, {'errorcode': 0, 'message': 'Done', 'severity': 'NONE', 'nsversion': {'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb 7 2024, 21:58:09 (64-bit)', 'mode': '1'}})", "TRACE: ENTRY: common.fix_nitro_anomolies() called with ('nsversion', {}, [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb 7 2024, 21:58:09 (64-bit)', 'mode': '1'}]), {}", "TRACE: EXIT: common.fix_nitro_anomolies() returned [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb 7 2024, 21:58:09 (64-bit)', 'mode': '1'}]", "TRACE: EXIT: common.get_resource() returned (True, [{'installedversion': False, 'version': 'NetScaler NS14.1: Build 17.38.nc, Date: Feb 7 2024, 21:58:09 (64-bit)', 'mode': '1'}])", "TRACE: EXIT: common.get_netscaler_version() returned (14.1, 17.38)", "INFO: NetScaler version: 14.1-17.38", "DEBUG: All params (including non module-specific params) are: {'nsip': '10.205.102.4', 'nitro_user': '********', 'nitro_pass': '********', 'validate_certs': False, 'state': 'created', 'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2', 'nitro_protocol': 'https', 'save_config': False, 'api_path': 'nitro/v1/config', 'nitro_auth_token': None}", "TRACE: ENTRY: module_executor._filter_resource_module_params() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "DEBUG: self.module.params: {'nsip': '10.205.102.4', 'nitro_user': '********', 'nitro_pass': '********', 'validate_certs': False, 'state': 'created', 'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2', 'nitro_protocol': 'https', 'save_config': False, 'api_path': 'nitro/v1/config', 'nitro_auth_token': None}", "DEBUG: Desired `ssldhparam` module specific params are: {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}", "TRACE: EXIT: module_executor._filter_resource_module_params() returned None", "TRACE: ENTRY: module_executor._filter_desired_bindings() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "DEBUG: Desired `ssldhparam` module specific bindings are: {}", "TRACE: EXIT: module_executor._filter_desired_bindings() returned None", "TRACE: ENTRY: module_executor.main() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {}", "TRACE: ENTRY: module_executor.act_on_resource() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>,), {'action': 'create'}", "TRACE: ENTRY: common.create_resource_with_action() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'ssldhparam', {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}), {'action': 'create'}", "TRACE: ENTRY: common._check_create_resource_params() called with ('ssldhparam', {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}), {'action': 'create'}", "TRACE: EXIT: common._check_create_resource_params() returned (True, None, {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'})", "TRACE: ENTRY: client.post() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>,), {'post_data': {'ssldhparam': {'bits': 2048.0, 'dhfile': 'nsconfig/ssl/dhkey_gen2_2048', 'gen': '2'}}, 'resource': 'ssldhparam', 'action': 'create'}", "TRACE: ENTRY: client.url_builder() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'ssldhparam'), {'action': 'create'}", "TRACE: EXIT: client.url_builder() returned https://10.205.102.4/nitro/v1/config/ssldhparam?action=create", "TRACE: ENTRY: client.send() called with (<ansible_collections.netscaler.adc.plugins.module_utils.client.NitroAPIClient object at 0x7f55f0ff2a40>, 'POST', 'https://10.205.102.4/nitro/v1/config/ssldhparam?action=create', '{\"ssldhparam\": {\"bits\": 2048.0, \"dhfile\": \"nsconfig/ssl/dhkey_gen2_2048\", \"gen\": \"2\"}}'), {}", "DEBUG: self={'_module': <ansible.module_utils.basic.AnsibleModule object at 0x7f55f1018b50>, 'check_mode': False, 'api_path': 'nitro/v1/config', '_headers': {'Content-Type': 'application/json', 'User-Agent': 'ansible-ctxadc', 'X-NITRO-USER': '********', 'X-NITRO-PASS': '********'}}", "DEBUG: fetch_url()-resonse-info= POST: {'url': 'https://10.205.102.4/nitro/v1/config/ssldhparam?action=create', 'status': -1, 'msg': 'Connection failure: The read operation timed out'}", "TRACE: EXIT: client.send() returned (-1, {})", "TRACE: EXIT: client.post() returned (-1, {})", "TRACE: ENTRY: common.return_response() called with (), {'status_code': -1, 'response_body': {}, 'operation': 'create_resource', 'resource_name': 'ssldhparam'}", "ERROR: create_resource FAILED; status_code: -1; Reason:{}", "TRACE: EXIT: common.return_response() returned (False, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}')", "TRACE: EXIT: common.create_resource_with_action() returned (False, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}')", "TRACE: ENTRY: module_executor.return_failure() called with (<ansible_collections.netscaler.adc.plugins.module_utils.module_executor.ModuleExecutor object at 0x7f55f1018a30>, 'ERROR: create_resource FAILED; status_code: -1; Reason:{}'), {}"], "msg": "ERROR: create_resource FAILED; status_code: -1; Reason:{}"}Additional Notes
My suggest is that "float" datatype is wrong for the "bits" parameter. Float adds a "." like 2048.0 which obviously fails.
GUI working:
{"params":{"action":"create","warning":"YES"},"ssldhparam":{"dhfile":"/nsconfig/ssl/dhkey1024","bits":"1024","gen":"2"}}
vs.
Ansible non working:
{"ssldhparam": {"bits": 2048.0, "dhfile": "nsconfig/ssl/dhkey_gen2_2048",