tests: Do not run SSHD with PAM when not needed

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

18 files changed, 36 insertions, 23 deletions

diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c
index 8acf4403..d327d046 100644
--- a/tests/client/torture_algorithms.c
+++ b/tests/client/torture_algorithms.c
@@ -34,7 +34,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
index f3936158..ac12bb00 100644
--- a/tests/client/torture_auth.c
+++ b/tests/client/torture_auth.c
@@ -37,7 +37,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, true);
 
     return 0;
 }
diff --git a/tests/client/torture_client_config.c b/tests/client/torture_client_config.c
index ca81f36d..66645983 100644
--- a/tests/client/torture_client_config.c
+++ b/tests/client/torture_client_config.c
@@ -17,7 +17,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_connect.c b/tests/client/torture_connect.c
index 71d0bf07..0ad8ef55 100644
--- a/tests/client/torture_connect.c
+++ b/tests/client/torture_connect.c
@@ -40,7 +40,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_forward.c b/tests/client/torture_forward.c
index 449d04d5..9e0dc93c 100644
--- a/tests/client/torture_forward.c
+++ b/tests/client/torture_forward.c
@@ -32,7 +32,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_hostkey.c b/tests/client/torture_hostkey.c
index a930a293..f886f8c4 100644
--- a/tests/client/torture_hostkey.c
+++ b/tests/client/torture_hostkey.c
@@ -35,7 +35,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_knownhosts.c b/tests/client/torture_knownhosts.c
index c5447587..0c51ae0b 100644
--- a/tests/client/torture_knownhosts.c
+++ b/tests/client/torture_knownhosts.c
@@ -45,7 +45,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_knownhosts_verify.c b/tests/client/torture_knownhosts_verify.c
index 8affc249..2a2b32d0 100644
--- a/tests/client/torture_knownhosts_verify.c
+++ b/tests/client/torture_knownhosts_verify.c
@@ -37,7 +37,7 @@
 
 static int sshd_group_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_proxycommand.c b/tests/client/torture_proxycommand.c
index a1fb35c2..4ea988d7 100644
--- a/tests/client/torture_proxycommand.c
+++ b/tests/client/torture_proxycommand.c
@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_request_env.c b/tests/client/torture_request_env.c
index 96723c70..03207a05 100644
--- a/tests/client/torture_request_env.c
+++ b/tests/client/torture_request_env.c
@@ -32,7 +32,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_session.c b/tests/client/torture_session.c
index d35f1fbc..7ec622cb 100644
--- a/tests/client/torture_session.c
+++ b/tests/client/torture_session.c
@@ -37,7 +37,7 @@ static char buffer[BUFLEN];
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_sftp_benchmark.c b/tests/client/torture_sftp_benchmark.c
index 68969057..604b8f27 100644
--- a/tests/client/torture_sftp_benchmark.c
+++ b/tests/client/torture_sftp_benchmark.c
@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_sftp_canonicalize_path.c b/tests/client/torture_sftp_canonicalize_path.c
index e9f85606..517fcc77 100644
--- a/tests/client/torture_sftp_canonicalize_path.c
+++ b/tests/client/torture_sftp_canonicalize_path.c
@@ -11,7 +11,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_sftp_dir.c b/tests/client/torture_sftp_dir.c
index 182ed6b8..4ba10670 100644
--- a/tests/client/torture_sftp_dir.c
+++ b/tests/client/torture_sftp_dir.c
@@ -11,7 +11,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_sftp_fsync.c b/tests/client/torture_sftp_fsync.c
index a0bb2ebd..df03135f 100644
--- a/tests/client/torture_sftp_fsync.c
+++ b/tests/client/torture_sftp_fsync.c
@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/client/torture_sftp_read.c b/tests/client/torture_sftp_read.c
index a9df6abb..f17fe7e2 100644
--- a/tests/client/torture_sftp_read.c
+++ b/tests/client/torture_sftp_read.c
@@ -13,7 +13,7 @@
 
 static int sshd_setup(void **state)
 {
-    torture_setup_sshd_server(state);
+    torture_setup_sshd_server(state, false);
 
     return 0;
 }
diff --git a/tests/torture.c b/tests/torture.c
index 1585240f..9899a33b 100644
--- a/tests/torture.c
+++ b/tests/torture.c
@@ -540,7 +540,7 @@ void torture_setup_socket_dir(void **state)
     *state = s;
 }
 
-static void torture_setup_create_sshd_config(void **state)
+static void torture_setup_create_sshd_config(void **state, bool pam)
 {
     struct torture_state *s = *state;
     char ed25519_hostkey[1024] = {0};
@@ -579,12 +579,11 @@ static void torture_setup_create_sshd_config(void **state)
              "Subsystem sftp %s -l DEBUG2\n"
              "\n"
              "PasswordAuthentication yes\n"
-             "KbdInteractiveAuthentication yes\n"
              "PubkeyAuthentication yes\n"
              "\n"
              "StrictModes no\n"
              "\n"
-             "UsePAM yes\n"
+             "%s" /* Here comes UsePam */
              "\n"
 #if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
 # ifdef HAVE_DSA
@@ -618,11 +617,23 @@ static void torture_setup_create_sshd_config(void **state)
              "AcceptEnv LC_IDENTIFICATION LC_ALL LC_LIBSSH\n"
              "\n"
              "PidFile %s\n";
+    const char usepam_yes[] =
+             "UsePAM yes\n"
+             "KbdInteractiveAuthentication yes\n";
+    const char usepam_no[] =
+             "UsePAM no\n"
+             "KbdInteractiveAuthentication no\n";
     size_t sftp_sl_size = ARRAY_SIZE(sftp_server_locations);
-    const char *sftp_server;
+    const char *sftp_server, *usepam;
     size_t i;
     int rc;
 
+    if (pam) {
+        usepam = usepam_yes;
+    } else {
+        usepam = usepam_no;
+    }
+
     snprintf(sshd_path,
              sizeof(sshd_path),
              "%s/sshd",
@@ -688,6 +699,7 @@ static void torture_setup_create_sshd_config(void **state)
              ecdsa_hostkey,
              trusted_ca_pubkey,
              sftp_server,
+             usepam,
              s->srv_pidfile);
 #else /* HAVE_DSA */
     snprintf(sshd_config, sizeof(sshd_config),
@@ -697,6 +709,7 @@ static void torture_setup_create_sshd_config(void **state)
              ecdsa_hostkey,
              trusted_ca_pubkey,
              sftp_server,
+             usepam,
              s->srv_pidfile);
 #endif /* HAVE_DSA */
 
@@ -721,14 +734,14 @@ static int torture_wait_for_daemon(unsigned int seconds)
     return 1;
 }
 
-void torture_setup_sshd_server(void **state)
+void torture_setup_sshd_server(void **state, bool pam)
 {
     struct torture_state *s;
     char sshd_start_cmd[1024];
     int rc;
 
     torture_setup_socket_dir(state);
-    torture_setup_create_sshd_config(state);
+    torture_setup_create_sshd_config(state, pam);
 
     /* Set the default interface for the server */
     setenv("SOCKET_WRAPPER_DEFAULT_IFACE", "10", 1);
diff --git a/tests/torture.h b/tests/torture.h
index c62bda7c..bdff4deb 100644
--- a/tests/torture.h
+++ b/tests/torture.h
@@ -115,7 +115,7 @@ const char *torture_server_address(int domain);
 int torture_server_port(void);
 
 void torture_setup_socket_dir(void **state);
-void torture_setup_sshd_server(void **state);
+void torture_setup_sshd_server(void **state, bool pam);
 
 void torture_teardown_socket_dir(void **state);
 void torture_teardown_sshd_server(void **state);