Fix iv_ciphers_legacy unit test if TLS library does not support BF-CBC

When running the unit test with mbed TLS 3.0, the library does not support BF-CBC anymore. So we need to exclude BF-CBC from the expected result in this case. Signed-off-by: Arne Schwabe <[email protected]>
OpenVPN · Aug 22, 2024 · b5f677e · b5f677e
1 parent e46f663
commit b5f677e
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/test/unittests/test_proto.cpp b/test/unittests/test_proto.cpp
@@ -1325,7 +1325,15 @@ TEST(proto, iv_ciphers_legacy)
     auto ivciphers = infostring.substr(infostring.find("IV_CIPHERS="));
     ivciphers = ivciphers.substr(0, ivciphers.find("\n"));
 
-    std::string expectedstr{"IV_CIPHERS=none:AES-128-CBC:AES-192-CBC:AES-256-CBC:DES-CBC:DES-EDE3-CBC:BF-CBC:AES-128-GCM:AES-192-GCM:AES-256-GCM"};
+
+
+    std::string expectedstr{"IV_CIPHERS=none:AES-128-CBC:AES-192-CBC:AES-256-CBC:DES-CBC:DES-EDE3-CBC"};
+
+    if (SSLLib::CryptoAPI::CipherContext::is_supported(libctx, openvpn::CryptoAlgs::BF_CBC))
+        expectedstr += ":BF-CBC";
+
+    expectedstr += ":AES-128-GCM:AES-192-GCM:AES-256-GCM";
+
     if (SSLLib::CryptoAPI::CipherContextAEAD::is_supported(nullptr, openvpn::CryptoAlgs::CHACHA20_POLY1305))
         expectedstr += ":CHACHA20-POLY1305";