tests: virnettls*test: Drop use of GNUTLS_KEY_KEY_ENCIPHERMENT

author Peter Krempa <pkrempa@redhat.com>

Tue, 1 Jul 2025 11:48:00 +0000 (13:48 +0200)

committer Peter Krempa <pkrempa@redhat.com>

Tue, 8 Jul 2025 12:52:16 +0000 (14:52 +0200)
author Peter Krempa <pkrempa@redhat.com>
Tue, 1 Jul 2025 11:48:00 +0000 (13:48 +0200)
committer Peter Krempa <pkrempa@redhat.com>
Tue, 8 Jul 2025 12:52:16 +0000 (14:52 +0200)
diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c

index 2311524db8855632ed320914851b390281ef50d5..48bdefdd76775acc88b26ca67e5adb96426a08c8 100644 (file)
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -156,13 +156,13 @@ mymain(void)
      TLS_CERT_REQ(servercertreq, cacertreq,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(clientcertreq, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, 0);
  
@@ -182,7 +182,7 @@ mymain(void)
      TLS_CERT_REQ(servercert1req, cacert1req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
  
@@ -196,7 +196,7 @@ mymain(void)
      TLS_CERT_REQ(servercert2req, cacert2req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
  
@@ -210,7 +210,7 @@ mymain(void)
      TLS_CERT_REQ(servercert3req, cacert3req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
  
@@ -230,7 +230,7 @@ mymain(void)
      TLS_CERT_REQ(servercert4req, cacert4req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      /* no-basic */
@@ -243,7 +243,7 @@ mymain(void)
      TLS_CERT_REQ(servercert5req, cacert5req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      /* Key usage:dig-sig:critical */
@@ -256,7 +256,7 @@ mymain(void)
      TLS_CERT_REQ(servercert6req, cacert6req,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
  
@@ -284,7 +284,7 @@ mymain(void)
      TLS_CERT_REQ(servercert8req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_KEY_CERT_SIGN,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_CERT_SIGN,
                   false, false, NULL, NULL,
                   0, 0);
      /* usage:cert-sign:not-critical */
@@ -372,7 +372,7 @@ mymain(void)
      TLS_CERT_REQ(clientcert2req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT | GNUTLS_KEY_KEY_CERT_SIGN,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_CERT_SIGN,
                   false, false, NULL, NULL,
                   0, 0);
      /* usage:cert-sign:not-critical */
@@ -459,19 +459,19 @@ mymain(void)
      TLS_CERT_REQ(servercertexpreq, cacertexpreq,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(servercertexp1req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, -1);
      TLS_CERT_REQ(clientcertexp1req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, -1);
  
@@ -491,19 +491,19 @@ mymain(void)
      TLS_CERT_REQ(servercertnewreq, cacertnewreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(servercertnew1req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   1, 2);
      TLS_CERT_REQ(clientcertnew1req, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   1, 2);
  
@@ -538,13 +538,13 @@ mymain(void)
      TLS_CERT_REQ(servercertlevel3areq, cacertlevel2areq,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(clientcertlevel2breq, cacertlevel1breq,
                   "UK", "libvirt client level 2b", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, 0);
  
diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c

index 285cde57d8e882a5e42c1228a81721ea6b6c4f03..459e17c52cfbd91a808b7f29cac4d5808d400bc1 100644 (file)
--- a/tests/virnettlssessiontest.c
+++ b/tests/virnettlssessiontest.c
@@ -314,20 +314,20 @@ mymain(void)
      TLS_CERT_REQ(servercertreq, cacertreq,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(clientcertreq, cacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, 0);
  
      TLS_CERT_REQ(clientcertaltreq, altcacertreq,
                   "UK", "libvirt", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, 0);
  
@@ -342,14 +342,14 @@ mymain(void)
      TLS_CERT_REQ(servercertalt1req, cacertreq,
                   "UK", "libvirt.org", "www.libvirt.org", "libvirt.org", "192.168.122.1", "fec0::dead:beaf",
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      /* This intentionally doesn't replicate */
      TLS_CERT_REQ(servercertalt2req, cacertreq,
                   "UK", "libvirt.org", "www.libvirt.org", "wiki.libvirt.org", "192.168.122.1", "fec0::dead:beaf",
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
  
@@ -433,13 +433,13 @@ mymain(void)
      TLS_CERT_REQ(servercertlevel3areq, cacertlevel2areq,
                   "UK", "libvirt.org", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
                   0, 0);
      TLS_CERT_REQ(clientcertlevel2breq, cacertlevel1breq,
                   "UK", "libvirt client level 2b", NULL, NULL, NULL, NULL,
                   true, true, false,
-                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
+                 true, true, GNUTLS_KEY_DIGITAL_SIGNATURE,
                   true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
                   0, 0);
author	Peter Krempa <pkrempa@redhat.com>
	Tue, 1 Jul 2025 11:48:00 +0000 (13:48 +0200)
committer	Peter Krempa <pkrempa@redhat.com>
	Tue, 8 Jul 2025 12:52:16 +0000 (14:52 +0200)
tests/virnettlscontexttest.c		patch \| blob \| blame \| history
tests/virnettlssessiontest.c		patch \| blob \| blame \| history