tests: Do not run SSHD with PAM when not needed

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

tests/client/torture_algorithms.c

@@ -34,7 +34,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_auth.c

@@ -37,7 +37,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, true);
 
     return 0;
 }

tests/client/torture_client_config.c

@@ -17,7 +17,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_connect.c

@@ -40,7 +40,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_forward.c

@@ -32,7 +32,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_hostkey.c

@@ -35,7 +35,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_knownhosts.c

@@ -45,7 +45,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_knownhosts_verify.c

@@ -37,7 +37,7 @@
 
 static int sshd_group_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_proxycommand.c

@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_request_env.c

@@ -32,7 +32,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_session.c

@@ -37,7 +37,7 @@ static char buffer[BUFLEN];
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_sftp_benchmark.c

@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_sftp_canonicalize_path.c

@@ -11,7 +11,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_sftp_dir.c

@@ -11,7 +11,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_sftp_fsync.c

@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/client/torture_sftp_read.c

@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }

tests/torture.c

@@ -540,7 +540,7 @@ void torture_setup_socket_dir(void **state)
     *state = s;
 }
 
-static void torture_setup_create_sshd_config(void **state)
+static void torture_setup_create_sshd_config(void **state, bool pam)
 {
     struct torture_state *s = *state;
     char ed25519_hostkey[1024] = {0};
@@ -579,12 +579,11 @@ static void torture_setup_create_sshd_config(void **state)
              "Subsystem sftp %s -l DEBUG2\n"
              "\n"
              "PasswordAuthentication yes\n"
-             "KbdInteractiveAuthentication yes\n"
              "PubkeyAuthentication yes\n"
              "\n"
              "StrictModes no\n"
              "\n"
-             "UsePAM yes\n"
+             "%s" /* Here comes UsePam */
              "\n"
 #if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
 # ifdef HAVE_DSA
@@ -618,11 +617,23 @@ static void torture_setup_create_sshd_config(void **state)
              "AcceptEnv LC_IDENTIFICATION LC_ALL LC_LIBSSH\n"
              "\n"
              "PidFile %s\n";
+    const char usepam_yes[] =
+             "UsePAM yes\n"
+             "KbdInteractiveAuthentication yes\n";
+    const char usepam_no[] =
+             "UsePAM no\n"
+             "KbdInteractiveAuthentication no\n";
     size_t sftp_sl_size = ARRAY_SIZE(sftp_server_locations);
-    const char *sftp_server;
+    const char *sftp_server, *usepam;
     size_t i;
     int rc;
 
+    if (pam) {
+        usepam = usepam_yes;
+    } else {
+        usepam = usepam_no;
+    }
+
     snprintf(sshd_path,
              sizeof(sshd_path),
              "%s/sshd",
@@ -688,6 +699,7 @@ static void torture_setup_create_sshd_config(void **state)
              ecdsa_hostkey,
              trusted_ca_pubkey,
              sftp_server,
+             usepam,
              s->srv_pidfile);
 #else /* HAVE_DSA */
     snprintf(sshd_config, sizeof(sshd_config),
@@ -697,6 +709,7 @@ static void torture_setup_create_sshd_config(void **state)
              ecdsa_hostkey,
              trusted_ca_pubkey,
              sftp_server,
+             usepam,
              s->srv_pidfile);
 #endif /* HAVE_DSA */
 
@@ -721,14 +734,14 @@ static int torture_wait_for_daemon(unsigned int seconds)
     return 1;
 }
 
-void torture_setup_sshd_server(void **state)
+void torture_setup_sshd_server(void **state, bool pam)
 {
     struct torture_state *s;
     char sshd_start_cmd[1024];
     int rc;
 
     torture_setup_socket_dir(state);
-    torture_setup_create_sshd_config(state);
+    torture_setup_create_sshd_config(state, pam);
 
     /* Set the default interface for the server */
     setenv("SOCKET_WRAPPER_DEFAULT_IFACE", "10", 1);

tests/torture.h

@@ -115,7 +115,7 @@ const char *torture_server_address(int domain);
 int torture_server_port(void);
 
 void torture_setup_socket_dir(void **state);
-void torture_setup_sshd_server(void **state);
+void torture_setup_sshd_server(void **state, bool pam);
 
 void torture_teardown_socket_dir(void **state);
 void torture_teardown_sshd_server(void **state);