TWSD-160 NTP with authentication (with MD5 key) needs to be configured on AVX

Review Request #721 — Created March 14, 2025 and submitted March 17, 2025, 10:55 a.m. — Latest diff uploaded March 17, 2025, 10:33 a.m.

Information
Owner:	jasonchang
Repository:	AVX2
Branch:	rel_avx_2_7_3
Bugs:
Depends On:
Reviewers
Groups:
People:	peteryeh, timsu, weikai

Description

The ntp server command, e.g., ntp server "172.20.0.188" "nts" 6666, should detect an error when a non-existent key ID (e.g., 6666) is configured via CLI. However, the current ui_ntp_server() function does not check for this and proceeds with the setup.
To address this, I added a condition at the beginning of the function to validate the key ID. It reads /ca/conf/chrony.keys, which stores authentication keys for NTP servers, parses the file, and extracts the key IDs. If the user-provided key ID matches one from the file, the function continues execution. Otherwise, it displays an error message:

Unknown Authentication Key ID: 6666

and returns 1.

Testing Done

AN(config)#show ntp keys          

key ID     MD5 String                      

1          hello                           
AN(config)#ntp server "172.20.0.188" nts 6666

Unknown Authentication Key ID: 6666.

AN(config)#ntp server "172.20.0.188" nts 1   
AN(config)#

You have a pending review.

Review Board 5.0.5

TWSD-160 NTP with authentication (with MD5 key) needs to be configured on AVX