diff --git a/library/debug.c b/library/debug.c
index d640bff7d..2497a3be1 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -251,9 +251,12 @@ static void debug_print_pk( const ssl_context *ssl, int level,
 
         if( items[i].type == POLARSSL_PK_DEBUG_MPI )
             debug_print_mpi( ssl, level, file, line, name, items[i].value );
-        else if( items[i].type == POLARSSL_PK_DEBUG_ECP )
+        else
+#if defined(POLARSSL_ECP_C)
+        if( items[i].type == POLARSSL_PK_DEBUG_ECP )
             debug_print_ecp( ssl, level, file, line, name, items[i].value );
         else
+#endif
             debug_print_msg( ssl, level, file, line, "should not happen" );
     }
 }
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index c4c1aed0d..847187eaa 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1316,12 +1316,16 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
 
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA )
     {
         SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
         ssl->state++;
         return( 0 );
     }
+    ((void) p);
+    ((void) end);
+#endif
 
     if( ( ret = ssl_read_record( ssl ) ) != 0 )
     {
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 92800fef5..0c491b417 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2284,7 +2284,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p,
 #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
           POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
 
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) ||                           \
+    defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
 static int ssl_parse_encrypted_pms( ssl_context *ssl,
                                     const unsigned char *p,
                                     const unsigned char *end,
@@ -2348,7 +2349,8 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl,
 
     return( ret );
 }
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED ||
+          POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
 
 #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
 static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p,