diff --git a/src/dtls.c b/src/dtls.c
index ba946ce8f..6fa691bba 100644
--- a/src/dtls.c
+++ b/src/dtls.c
@@ -296,7 +296,9 @@ static int TlsTicketIsValid(const WOLFSSL* ssl, WolfSSL_ConstVector exts,
     if (ret != WOLFSSL_TICKET_RET_OK && ret != WOLFSSL_TICKET_RET_CREATE)
         return 0;
     /* Store info for later */
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
     pskInfo->pv = it->pv;
+#endif
     pskInfo->cipherSuite0 = it->suite[0];
     pskInfo->cipherSuite = it->suite[1];
     ato16(it->namedGroup, &pskInfo->namedGroup);
@@ -344,7 +346,9 @@ static int TlsSessionIdIsValid(const WOLFSSL* ssl, WolfSSL_ConstVector sessionID
     ret = TlsSessionCacheGetAndLock(sessionID.elements, &sess, &sessRow, 1);
     if (ret == 0 && sess != NULL) {
         /* Store info for later */
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
         pskInfo->pv = sess->version;
+#endif
         pskInfo->cipherSuite0 = sess->cipherSuite0;
         pskInfo->cipherSuite = sess->cipherSuite;
         pskInfo->namedGroup = sess->namedGroup;
@@ -381,6 +385,8 @@ static int TlsCheckSupportedVersion(const WOLFSSL* ssl,
     int ret;
     ProtocolVersion pv = ssl->version;
 
+    (void)pskInfo;
+
     ret = TlsxFindByType(&tlsxSupportedVersions, TLSX_SUPPORTED_VERSIONS,
                          ch->extension);
     if (ret != 0)
@@ -393,9 +399,11 @@ static int TlsCheckSupportedVersion(const WOLFSSL* ssl,
             tlsxSupportedVersions.size, client_hello, &pv, NULL, NULL);
     if (ret != 0)
         return ret;
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
     if (pskInfo->isValid && (pskInfo->pv.major != pv.major ||
                              pskInfo->pv.minor != pv.minor))
         return VERSION_ERROR;
+#endif
     if (IsAtLeastTLSv1_3(pv))
         *isTls13 = 1;
     else
@@ -633,9 +641,11 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13,
                 nonConstSSL->options.cipherSuite = cs.cipherSuite;
                 nonConstSSL->extensions = parsedExts;
 
-
                 ret = SendTls13ServerHello(nonConstSSL, hello_retry_request);
 
+                /* Can be modified inside SendTls13ServerHello */
+                parsedExts = nonConstSSL->extensions;
+
                 InitCipherSpecs(&nonConstSSL->specs);
 
                 nonConstSSL->session->sessionIDSz = 0;
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index a904c6d53..5bb6c3c31 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -3928,7 +3928,10 @@ typedef struct TicketNonce {
 
 #ifdef WOLFSSL_DTLS
 typedef struct PskInfo {
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
+    /* Macro guard matches one for session->version */
     ProtocolVersion pv;
+#endif
     byte cipherSuite0;
     byte cipherSuite;
     word16 namedGroup;