hannestschofenig · hannestschofenig · Jul 15, 2021 · Jul 15, 2021 · Jul 15, 2021 · Jul 15, 2021
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
@@ -176,10 +176,13 @@ int ssl_write_early_data_process( mbedtls_ssl_context* ssl )
 #endif /* MBEDTLS_SSL_USE_MPS */
 
 #else /* MBEDTLS_ZERO_RTT */
+#if defined(MBEDTLS_SSL_USE_MPS)
         ((void) buf);
         ((void) buf_len);
         ((void) msg);
         ((void) msg_len);
+#endif /* MBEDTLS_SSL_USE_MPS */
+
         /* Should never happen */
         return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
 
@@ -2725,6 +2728,9 @@ static int ssl_encrypted_extensions_parse( mbedtls_ssl_context* ssl,
     size_t ext_len;
     const unsigned char *ext;
 
+    /* ssl structure is not used when ALPN, 0RTT, and MFL extensions are not used. */
+    ((void) ssl);
+
     if( buflen < 2 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "EncryptedExtension message too short" ) );

diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
@@ -871,19 +871,24 @@ int mbedtls_ssl_tls1_3_generate_resumption_master_secret(
     int ret = 0;
 
     mbedtls_md_type_t md_type;
+
+#if defined(MBEDTLS_DEBUG_C)  
     mbedtls_md_info_t const *md_info;
     size_t md_size;
-
+#endif
+
     unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
     size_t transcript_len;
 
     MBEDTLS_SSL_DEBUG_MSG( 2,
           ( "=> mbedtls_ssl_tls1_3_generate_resumption_master_secret" ) );
 
     md_type = ssl->handshake->ciphersuite_info->mac;
+#if defined(MBEDTLS_DEBUG_C)
     md_info = mbedtls_md_info_from_type( md_type );
     md_size = mbedtls_md_get_size( md_info );
-
+#endif
+
     ret = mbedtls_ssl_get_handshake_transcript( ssl, md_type,
                                                 transcript, sizeof( transcript ),
                                                 &transcript_len );
@@ -1153,6 +1158,10 @@ int mbedtls_ssl_tls1_3_create_psk_binder( mbedtls_ssl_context *ssl,
     mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type( md_type );
     size_t const md_size = mbedtls_md_get_size( md_info );
 
+#if !defined(MBEDTLS_DEBUG_C)
+    ((void) ssl);
+#endif
+
     ret = mbedtls_ssl_tls1_3_evolve_secret( md_type,
                                             NULL,          /* Old secret */
                                             psk, psk_len,  /* Input      */

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
@@ -2269,6 +2269,10 @@ static int ssl_client_hello_fetch( mbedtls_ssl_context* ssl,
 
 static void ssl_debug_print_client_hello_exts( mbedtls_ssl_context *ssl )
 {
+#if !defined(MBEDTLS_DEBUG_C)
+    ((void) ssl);
+#endif
+
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Extensions:" ) );
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "- KEY_SHARE_EXTENSION ( %s )",
                                 ( ( ssl->handshake->extensions_present & MBEDTLS_SSL_EXT_KEY_SHARE ) > 0 ) ?