diff --git a/src/sniffer.c b/src/sniffer.c
index 6f2c022e2..dc23c0698 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2524,12 +2524,15 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
                                 SnifferSession* session, char* error)
 {
     word16 len;
+
+#ifdef WOLFSSL_TLS13
     WOLFSSL* ssl;
 
     if (session->flags.side == WOLFSSL_SERVER_END)
         ssl = session->sslServer;
     else
         ssl = session->sslClient;
+#endif
 
     /* make sure can read through hint len */
     if (TICKET_HINT_LEN > *sslBytes) {
diff --git a/src/ssl.c b/src/ssl.c
index 839d0c689..b1c0a9871 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -36021,9 +36021,12 @@ static int hash2mgf(enum wc_HashType hType)
         return WC_MGF1SHA1;
 #endif
 #ifndef NO_SHA256
-#ifdef WOLFSSL_SHA224
     case WC_HASH_TYPE_SHA224:
+#ifdef WOLFSSL_SHA224
         return WC_MGF1SHA224;
+#else
+        WOLFSSL_MSG("Unrecognized or unsupported hash function");
+        return WC_MGF1NONE;
 #endif
     case WC_HASH_TYPE_SHA256:
         return WC_MGF1SHA256;