compat: populate IPRange in IPAM config when listing networks

pkg/api/handlers/compat/networks.go

@@ -3,10 +3,12 @@
 package compat
 
 import (
+	"encoding/binary"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"maps"
+	"math/bits"
 	"net"
 	"net/http"
 	"net/netip"
@@ -123,7 +125,9 @@ func convertLibpodNetworktoDockerNetwork(runtime *libpod.Runtime, statuses []abi
 		ipamConfig := dockerNetwork.IPAMConfig{
 			Subnet:  subnet,
 			Gateway: gateway,
-			// TODO add range
+		}
+		if ipRange, ok := leaseRangeToIPRangePrefix(sub.LeaseRange); ok {
+			ipamConfig.IPRange = ipRange
 		}
 		ipamConfigs = append(ipamConfigs, ipamConfig)
 	}
@@ -506,3 +510,59 @@ func Prune(w http.ResponseWriter, r *http.Request) {
 	}
 	utils.WriteResponse(w, http.StatusOK, response{NetworksDeleted: prunedNetworks})
 }
+
+// leaseRangeToIPRangePrefix converts a LeaseRange back to a CIDR prefix for the Docker
+// compat API. This is the reverse of the conversion done in createNetwork, where an
+// IPRange CIDR (e.g. "192.168.0.128/25") is expanded to [FirstIP, LastIP] via
+// FirstIPInSubnet/LastIPInSubnet. FirstIPInSubnet returns network+1 (first usable host),
+// so StartIP is one greater than the network address. LastIPInSubnet returns the broadcast.
+// Only succeeds for IPv4 ranges that form a valid aligned CIDR block.
+func leaseRangeToIPRangePrefix(lr *nettypes.LeaseRange) (netip.Prefix, bool) {
+	if lr == nil || lr.StartIP == nil || lr.EndIP == nil {
+		return netip.Prefix{}, false
+	}
+	start4 := lr.StartIP.To4()
+	end4 := lr.EndIP.To4()
+	if start4 == nil || end4 == nil {
+		// IPv6 not supported: no lossless round-trip without storing the original CIDR
+		return netip.Prefix{}, false
+	}
+
+	startU := binary.BigEndian.Uint32(start4)
+	endU := binary.BigEndian.Uint32(end4)
+
+	if endU < startU {
+		return netip.Prefix{}, false
+	}
+
+	// For /32, FirstIPInSubnet returns the address unchanged so StartIP == EndIP.
+	if startU == endU {
+		addr, _ := netip.AddrFromSlice(start4)
+		return netip.PrefixFrom(addr.Unmap(), 32), true
+	}
+
+	// For all other subnets, FirstIPInSubnet increments the network address by 1,
+	// so the actual network address is StartIP - 1.
+	if startU == 0 {
+		return netip.Prefix{}, false
+	}
+	networkU := startU - 1
+	totalIPs := endU - networkU + 1
+
+	// A valid CIDR block size must be a power of two.
+	if bits.OnesCount32(totalIPs) != 1 {
+		return netip.Prefix{}, false
+	}
+	prefixLen := 32 - bits.TrailingZeros32(totalIPs)
+
+	var netBytes [4]byte
+	binary.BigEndian.PutUint32(netBytes[:], networkU)
+	networkAddr, _ := netip.AddrFromSlice(netBytes[:])
+	proposedPrefix := netip.PrefixFrom(networkAddr.Unmap(), prefixLen)
+
+	// Verify network boundary alignment: network address must be at the subnet boundary.
+	if proposedPrefix.Masked() != proposedPrefix {
+		return netip.Prefix{}, false
+	}
+	return proposedPrefix, true
+}

pkg/api/handlers/compat/networks_test.go

@@ -0,0 +1,118 @@
+//go:build !remote && (linux || freebsd)
+
+package compat
+
+import (
+	"net"
+	"net/netip"
+	"testing"
+
+	nettypes "go.podman.io/common/libnetwork/types"
+)
+
+func TestLeaseRangeToIPRangePrefix(t *testing.T) {
+	mustPrefix := func(s string) netip.Prefix {
+		p, err := netip.ParsePrefix(s)
+		if err != nil {
+			t.Fatalf("invalid prefix %q: %v", s, err)
+		}
+		return p
+	}
+	leaseRange := func(start, end string) *nettypes.LeaseRange {
+		return &nettypes.LeaseRange{
+			StartIP: net.ParseIP(start),
+			EndIP:   net.ParseIP(end),
+		}
+	}
+
+	tests := []struct {
+		name    string
+		lr      *nettypes.LeaseRange
+		want    netip.Prefix
+		wantOK  bool
+	}{
+		{
+			name:   "nil LeaseRange",
+			lr:     nil,
+			wantOK: false,
+		},
+		{
+			name:   "nil StartIP",
+			lr:     &nettypes.LeaseRange{EndIP: net.ParseIP("192.168.1.1")},
+			wantOK: false,
+		},
+		{
+			name:   "nil EndIP",
+			lr:     &nettypes.LeaseRange{StartIP: net.ParseIP("192.168.1.1")},
+			wantOK: false,
+		},
+		{
+			// /24: StartIP = network+1 = .1, EndIP = broadcast = .255
+			name:   "/24 subnet",
+			lr:     leaseRange("192.168.1.1", "192.168.1.255"),
+			want:   mustPrefix("192.168.1.0/24"),
+			wantOK: true,
+		},
+		{
+			// /25: StartIP = .129, EndIP = .255
+			name:   "/25 subnet",
+			lr:     leaseRange("10.10.61.129", "10.10.61.255"),
+			want:   mustPrefix("10.10.61.128/25"),
+			wantOK: true,
+		},
+		{
+			// /16: StartIP = .0.1, EndIP = .255.255
+			name:   "/16 subnet",
+			lr:     leaseRange("10.10.0.1", "10.10.255.255"),
+			want:   mustPrefix("10.10.0.0/16"),
+			wantOK: true,
+		},
+		{
+			// /32: single host, StartIP == EndIP (FirstIPInSubnet returns address unchanged)
+			name:   "/32 single host",
+			lr:     leaseRange("10.0.0.5", "10.0.0.5"),
+			want:   mustPrefix("10.0.0.5/32"),
+			wantOK: true,
+		},
+		{
+			// misaligned: StartIP and EndIP do not form a valid CIDR block
+			name:   "misaligned range",
+			lr:     leaseRange("192.168.1.2", "192.168.1.255"),
+			wantOK: false,
+		},
+		{
+			// non-power-of-two size: 3 addresses
+			name:   "non-power-of-two size",
+			lr:     leaseRange("192.168.1.1", "192.168.1.3"),
+			wantOK: false,
+		},
+		{
+			// end before start
+			name:   "end before start",
+			lr:     leaseRange("192.168.1.5", "192.168.1.1"),
+			wantOK: false,
+		},
+		{
+			// IPv6 not supported
+			name: "IPv6 not supported",
+			lr: &nettypes.LeaseRange{
+				StartIP: net.ParseIP("::1"),
+				EndIP:   net.ParseIP("::1"),
+			},
+			wantOK: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, ok := leaseRangeToIPRangePrefix(tt.lr)
+			if ok != tt.wantOK {
+				t.Errorf("leaseRangeToIPRangePrefix() ok = %v, want %v", ok, tt.wantOK)
+				return
+			}
+			if ok && got != tt.want {
+				t.Errorf("leaseRangeToIPRangePrefix() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

test/apiv2/35-networks.at

@@ -257,4 +257,10 @@ t POST networks/netcon/connect Container=c1 200 OK
 # cleanup
 podman network rm -f netcon
 
+# IPRange is populated in IPAM config when a network is created with --ip-range
+podman network create --subnet 10.10.61.0/24 --ip-range 10.10.61.128/25 iprange-test
+t GET networks/iprange-test 200 \
+  .IPAM.Config[0].IPRange="10.10.61.128/25"
+podman network rm -f iprange-test
+
 # vim: filetype=sh