From ebe96612af842971b0227e5c5f20ab33c66e60b0 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Mon, 2 Mar 2026 15:25:22 +0100 Subject: [PATCH 1/4] steps to resolve --- modules/test/ntp/conf/module_config.json | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/modules/test/ntp/conf/module_config.json b/modules/test/ntp/conf/module_config.json index ca69898d1..81b7bd8a1 100644 --- a/modules/test/ntp/conf/module_config.json +++ b/modules/test/ntp/conf/module_config.json @@ -23,8 +23,8 @@ }, { "name": "ntp.network.ntp_dhcp", - "test_description": "Accept NTP address over DHCP", - "expected_behavior": "Device can accept NTP server address, provided by the DHCP server (DHCP OFFER PACKET)", + "test_description": "Accept NTP address over DHCP or from public trusted sources", + "expected_behavior": "Device can accept NTP server address, provided by the DHCP server (DHCP OFFER PACKET) or from public trusted sources.", "config": { "pools_with_subdomains": [ "pool.ntp.org", @@ -101,7 +101,11 @@ ] }, "recommendations": [ - "Install an NTP client that supports fetching the NTP servers from DHCP options" + "Install an NTP client that supports fetching the NTP servers from DHCP options", + "Verify that the device is configured to accept DHCP Option 42", + "Delete any hardcoded public IPs", + "Change the NTP setting from 'Static/Manual' to 'Authomatic/DCHP'", + "Restart the NTP daemon" ] } ] From a09e48cfaecbf5cbd068e912ffa04fe996745d49 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Mon, 2 Mar 2026 15:26:33 +0100 Subject: [PATCH 2/4] test details --- modules/test/ntp/python/src/ntp_module.py | 29 ++++++++++++++++------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/modules/test/ntp/python/src/ntp_module.py b/modules/test/ntp/python/src/ntp_module.py index 91a5f9376..6295edb43 100644 --- a/modules/test/ntp/python/src/ntp_module.py +++ b/modules/test/ntp/python/src/ntp_module.py @@ -365,31 +365,44 @@ def _ntp_network_ntp_dhcp(self, config): ntp_whitelist_resolver.is_ip_whitelisted(ip) for ip in ntp_to_remote_ips ) + result_details = [f"NTP request to {self._ntp_server}"] + for ip in ntp_to_remote_ips: if ntp_whitelist_resolver.is_ip_whitelisted(ip): LOGGER.info(f'NTP server {ip} is in the trusted whitelist') else: LOGGER.info(f'NTP server {ip} is NOT in the trusted whitelist') + result_details.append(f"NTP request to {ip}") + + result_state = 'Feature Not Detected' + result_message = 'Device has not sent any NTP requests' - result = 'Feature Not Detected', 'Device has not sent any NTP requests' if device_sends_ntp: if ntp_to_local and ntp_to_remote: if ntp_to_remote_trusted: - result = True, ('Device sent NTP request to DHCP provided ' + + result_state = True + result_message = ('Device sent NTP request to DHCP provided ' + 'server and trusted non-DHCP provided servers') else: - result = False, ('Device sent NTP request to DHCP provided ' + + result_state = False + result_message = ('Device sent NTP request to DHCP provided ' + 'server and to untrusted non-DHCP provided server') elif ntp_to_remote: if ntp_to_remote_trusted: - result = False, ('Device sent NTP request to trusted ' + + result_state = False + result_message = ('Device sent NTP request to trusted ' + 'non-DHCP provided server') else: - result = False, ('Device sent NTP request to untrusted ' + + result_state = False + result_message = ('Device sent NTP request to untrusted ' + 'non-DHCP provided server') elif ntp_to_local: - result = True, 'Device sent NTP request to DHCP provided server' + result_state = True + result_message ='Device sent NTP request to DHCP provided server' - LOGGER.info(result[1]) - return result + if not ntp_to_local: + result_details.pop(0) + + LOGGER.info(result_state) + return result_state, result_message, result_details From 7cf1b8eff0d000951afe750f750073c9b8f44e40 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Mon, 2 Mar 2026 17:28:42 +0100 Subject: [PATCH 3/4] pylint --- modules/test/ntp/python/src/ntp_module.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/test/ntp/python/src/ntp_module.py b/modules/test/ntp/python/src/ntp_module.py index 6295edb43..3d536bd4f 100644 --- a/modules/test/ntp/python/src/ntp_module.py +++ b/modules/test/ntp/python/src/ntp_module.py @@ -365,7 +365,7 @@ def _ntp_network_ntp_dhcp(self, config): ntp_whitelist_resolver.is_ip_whitelisted(ip) for ip in ntp_to_remote_ips ) - result_details = [f"NTP request to {self._ntp_server}"] + result_details = [f'NTP request to {self._ntp_server}'] for ip in ntp_to_remote_ips: if ntp_whitelist_resolver.is_ip_whitelisted(ip): From 4a37ae13275ea1fa06f3ea540d9af8bbb50764a4 Mon Sep 17 00:00:00 2001 From: Aliaksandr Nikitsin Date: Mon, 2 Mar 2026 18:02:38 +0100 Subject: [PATCH 4/4] quotes --- modules/test/ntp/python/src/ntp_module.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/test/ntp/python/src/ntp_module.py b/modules/test/ntp/python/src/ntp_module.py index 3d536bd4f..f003f7b1d 100644 --- a/modules/test/ntp/python/src/ntp_module.py +++ b/modules/test/ntp/python/src/ntp_module.py @@ -372,7 +372,7 @@ def _ntp_network_ntp_dhcp(self, config): LOGGER.info(f'NTP server {ip} is in the trusted whitelist') else: LOGGER.info(f'NTP server {ip} is NOT in the trusted whitelist') - result_details.append(f"NTP request to {ip}") + result_details.append(f'NTP request to {ip}') result_state = 'Feature Not Detected' result_message = 'Device has not sent any NTP requests'