lang/funcs: update cidrsubnet and cidrhost for 64-bit systems

[mildwonkey]

The cidrsubnet and cidrhost functions were limited to supporting 32-bit systems. This PR:

• updates the "github.com/apparentlymart/go-cidr" library, which was recently extended with SubnetBig and HostBig functions
• switches to the new go-cidr functions, including passing appropriate values as big.Ints
• modifies terraform's validation check in cidrsubnet to check for bits > 64 instead of 32

Fixes #25360

There's a new test, but for good measure, have some terraform console output:

> cidrsubnet("fe08::/64", 63, 0)
fe08::/127

[codecov]

Codecov Report

Merging #25517 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted Files	Coverage Δ
lang/funcs/cidr.go	84.61% <100.00%> (+7.11%)	⬆️
states/statefile/version4.go	57.87% <0.00%> (-0.29%)	⬇️

[apparentlymart]

I had honestly completely forgotten that gocty knows how to decode into big.Int! I'm glad to remember now that it does, cause I was originally expecting this change to be a bit more invasive.

One thing I notice looking back at the test cases for these functions is that they aren't testing the situation where the newbits, hostnum, netnum arguments are fractional numbers. I'm expecting that all of those would be properly rejected as invalid by the gocty conversions here (it should say something like "value must be a whole number") but might be worth adding some "expected error" test cases as insurance to future changes that might inadvertently make those panic otherwise.

[mildwonkey]

Done and done!

[apparentlymart]

I don't think we need to have this check at all anymore, because the underlying CIDR library will already check to make sure that there's enough room to extend by newbits bits. I had originally put the > 32 check here just to make sure this function wouldn't behave differently on 32-bit vs. 64-bit builds of Terraform, but using *big.Int now means that the behavior of SubnetBig should be the same for all architectures and so we shouldn't need to apply additional constraints in the Terraform layer here.

(When using IPv6, it would also be "valid" to start off with a very short prefix like e.g. 1::/1 and extend that by up to 127 new bits, which SubnetBig should accept just fine now and might be worth including a test for just to exercise the boundary cases a bit more.)

[apparentlymart]

Looks great! 🎉

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.