diff --git a/configure.ac b/configure.ac
index e49e55d58..ca1f24783 100644
--- a/configure.ac
+++ b/configure.ac
@@ -311,14 +311,14 @@ fi
 
 # SNIFFER
 AC_ARG_ENABLE([sniffer],
-              [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
-               AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
-                      ENABLED_SNIFFER=yes 
-                      AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
-                      ],[ ENABLED_SNIFFER=no ]) ])
-               ],[
-                  ENABLED_SNIFFER=no
-                  ])
+   [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
+   AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
+       ENABLED_SNIFFER=yes 
+       AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
+   ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ])
+   ],[
+       ENABLED_SNIFFER=no
+   ])
 
 AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
 
diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c
index f19ce79b0..8b4463229 100644
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -2646,6 +2646,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
             CYASSL_MSG("Verify Signautre has unsupported type");
             return 0;
     }
+    (void)typeH;  /* some builds won't read */
 
     switch (keyOID) {
     #ifndef NO_RSA
@@ -3339,6 +3340,7 @@ static void DecodeCertExtensions(DecodedCert* cert)
         }
         idx += length;
     }
+    (void)critical;
 
     CYASSL_LEAVE("DecodeCertExtensions", 0);
     return;
diff --git a/cyassl/ssl.h b/cyassl/ssl.h
index b504218d1..6cbfc6f01 100644
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@@ -823,9 +823,9 @@ CYASSL_API CYASSL_X509*
 #ifndef NO_FILESYSTEM
 CYASSL_API CYASSL_X509*
     CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
-#endif
 CYASSL_API CYASSL_X509*
     CyaSSL_X509_load_certificate_file(const char* fname, int format);
+#endif
 
 #ifdef CYASSL_SEP
     CYASSL_API unsigned char*
diff --git a/src/internal.c b/src/internal.c
index a9906dad9..0fb680359 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -635,8 +635,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
     if (suites->setSuites)
         return;      /* trust user settings, don't override */
 
-    if (side == CYASSL_SERVER_END && haveStaticECC)
+    if (side == CYASSL_SERVER_END && haveStaticECC) {
         haveRSA = 0;   /* can't do RSA with ECDSA key */
+        (void)haveRSA; /* some builds won't read */
+    }
 
     if (side == CYASSL_SERVER_END && haveECDSAsig) {
         haveRSAsig = 0;     /* can't have RSA sig if signed by ECDSA */
@@ -8118,7 +8120,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
             case ecc_diffie_hellman_kea:
                 {
                     ecc_key  myKey;
-                    ecc_key* peerKey = &myKey;
+                    ecc_key* peerKey = NULL;
                     word32   size = sizeof(encSecret);
 
                     if (ssl->specs.static_ecdh) {
@@ -8133,6 +8135,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
                         peerKey = ssl->peerEccKey;
                     }
 
+                    if (peerKey == NULL)
+                        return NO_PEER_KEY;
+
                     ecc_init(&myKey);
                     ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
                     if (ret != 0)
diff --git a/src/sniffer.c b/src/sniffer.c
index 7eb272f87..8e0bff995 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -417,6 +417,13 @@ void ssl_FreeSniffer(void)
 
     FreeMutex(&SessionMutex);
     FreeMutex(&ServerListMutex);
+
+    if (TraceFile) {
+        TraceOn = 0;
+        fclose(TraceFile);
+        TraceFile = NULL;
+    }
+
     CyaSSL_Cleanup();
 }
 
diff --git a/src/ssl.c b/src/ssl.c
index 827369fcf..49f8d5f9d 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1730,6 +1730,7 @@ int CyaSSL_Init(void)
         der.buffer    = 0;
 
         (void)dynamicType;
+        (void)rsaKey;
 
         if (used)
             *used = sz;     /* used bytes default to sz, PEM chain may shorten*/
@@ -1980,7 +1981,8 @@ int CyaSSL_Init(void)
                 }
                 ecc_free(&key);
                 eccKey = 1;
-                ctx->haveStaticECC = 1;
+                if (ctx)
+                    ctx->haveStaticECC = 1;
                 if (ssl)
                     ssl->options.haveStaticECC = 1;
             }
@@ -7561,6 +7563,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len)
 }
 
 
+#ifndef NO_FILESYSTEM
+
 CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
 {
     CYASSL_X509* newX509 = NULL;
@@ -7684,6 +7688,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
     return x509;
 }
 
+#endif /* NO_FILESYSTEM */
 
 #endif /* KEEP_PEER_CERT || SESSION_CERTS */
 
diff --git a/sslSniffer/sslSnifferTest/snifftest.c b/sslSniffer/sslSnifferTest/snifftest.c
index 7d5a7561e..2570a65bc 100755
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@@ -69,18 +69,25 @@ enum {
 };
 
 
-pcap_t* pcap = 0;
-pcap_if_t *alldevs;
+pcap_t* pcap = NULL;
+pcap_if_t* alldevs = NULL;
+
+
+static void FreeAll(void)
+{
+    if (pcap)
+        pcap_close(pcap);
+    if (alldevs)
+        pcap_freealldevs(alldevs);
+#ifndef _WIN32
+    ssl_FreeSniffer();
+#endif
+}
 
 static void sig_handler(const int sig) 
 {
     printf("SIGINT handled = %d.\n", sig);
-    if (pcap)
-        pcap_close(pcap);
-	pcap_freealldevs(alldevs);
-#ifndef _WIN32
-    ssl_FreeSniffer();
-#endif
+    FreeAll();
     if (sig)
         exit(EXIT_SUCCESS);
 }
@@ -286,6 +293,7 @@ int main(int argc, char** argv)
         else if (saveFile)
             break;      /* we're done reading file */
     }
+    FreeAll();
 
     return EXIT_SUCCESS;
 }