From 97bc5e870cb30a061d65c6be16e35b6997cdf297 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Fri, 18 Dec 2020 00:36:00 +0700
Subject: [PATCH] fix for default OCSP cmp value and fix for
 WOLFSSL_NO_CLIENT_AUTH build

---
 tests/suites.c      | 2 ++
 wolfcrypt/src/asn.c | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/suites.c b/tests/suites.c
index aed0de245..7d02f4223 100644
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -279,7 +279,9 @@ static int IsUsingCert(const char* line)
 {
     return XSTRSTR(line, "-c ") != NULL;
 }
+#endif
 
+#if defined(NO_CERTS) || defined(WOLFSSL_NO_CLIENT_AUTH)
 static int IsNoClientCert(const char* line)
 {
     const char* begin;
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 21ba6b987..1e0bbad29 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -17556,7 +17556,7 @@ void FreeOcspRequest(OcspRequest* req)
 
 int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
 {
-    int cmp = 0; /* start as matching if both req and resp have no values */
+    int cmp = -1; /* default as not matching, cmp gets set on each check */
     OcspEntry *single, *next, *prev = NULL, *top;
 
     WOLFSSL_ENTER("CompareOcspReqResp");