From 1d01b877417bca55b579e649c765f9288a3b09c2 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 4 Jun 2020 16:08:08 -0700
Subject: [PATCH] Fix to detect if `NO_CERTS` / `--disable-asn` is used in
 `scripts/tls13.test`.

---
 examples/server/server.c |  8 +++++++-
 scripts/tls13.test       | 32 +++++++++++++++++---------------
 2 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/examples/server/server.c b/examples/server/server.c
index a6aab7ac2..3f7ae6d4e 100644
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -995,7 +995,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     int noPskDheKe = 0;
 #endif
     int updateKeysIVs = 0;
+#ifndef NO_CERTS
     int mutualAuth = 0;
+#endif
     int postHandAuth = 0;
 #ifdef WOLFSSL_EARLY_DATA
     int earlyData = 0;
@@ -1081,7 +1083,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     (void)crlFlags;
     (void)readySignal;
     (void)updateKeysIVs;
+#ifndef NO_CERTS
     (void)mutualAuth;
+#endif
     (void)postHandAuth;
     (void)mcastID;
     (void)loadCertKeyIntoSSLObj;
@@ -1413,9 +1417,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                 #endif
                 break;
 
+        #ifndef NO_CERTS
             case 'F' :
-                    mutualAuth = 1;
+                mutualAuth = 1;
                 break;
+        #endif
 
             case 'Q' :
             #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
diff --git a/scripts/tls13.test b/scripts/tls13.test
index df67a3963..1b2b6cee9 100755
--- a/scripts/tls13.test
+++ b/scripts/tls13.test
@@ -111,22 +111,24 @@ if [ $RESULT -eq 0 ]; then
 fi
 echo ""
 
-# TLS 1.3 mutual auth required but client doesn't send certificates.
-echo -e "\n\nTLS v1.3 mutual auth fail"
-port=0
-./examples/server/server -v 4 -F -R $ready_file -p $port &
-server_pid=$!
-create_port
-./examples/client/client -v 4 -x -p $port
-RESULT=$?
-remove_ready_file
-if [ $RESULT -eq 0 ]; then
-    echo -e "\n\nIssue with requiring mutual authentication"
-    do_cleanup
-    exit 1
+cat ./wolfssl/options.h | grep -- 'NO_CERTS'
+if [ $? -ne 0 ]; then
+    # TLS 1.3 mutual auth required but client doesn't send certificates.
+    echo -e "\n\nTLS v1.3 mutual auth fail"
+    port=0
+    ./examples/server/server -v 4 -F -R $ready_file -p $port &
+    server_pid=$!
+    create_port
+    ./examples/client/client -v 4 -x -p $port
+    RESULT=$?
+    remove_ready_file
+    if [ $RESULT -eq 0 ]; then
+        echo -e "\n\nIssue with requiring mutual authentication"
+        do_cleanup
+        exit 1
+    fi
+    echo ""
 fi
-echo ""
-
 
 ./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
 if [ $? -ne 0 ]; then