diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 6dc219bdd..e151ffe89 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2063,6 +2063,7 @@ read_record_header:
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
             case MBEDTLS_TLS_EXT_USE_SRTP:
                 MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) );
+
                 ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size );
                 if ( ret != 0 )
                     return( ret );
@@ -2645,8 +2646,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding use_srtp extension" ) );
 
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED &&
-        ssl->dtls_srtp_info.mki_len != 0 )
+    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
     {
         mki_len = ssl->dtls_srtp_info.mki_len;
     }
@@ -2659,7 +2659,7 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
      * - 1 byte for the mki length
      * +  the actual mki length
      * Check we have enough room in the output buffer */
-    if( end < buf + mki_len + 9 )
+    if( (size_t)( end - buf ) < mki_len + 9 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
         return;
@@ -2679,7 +2679,8 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
     /* protection profile length: 2 */
     buf[4] = 0x00;
     buf[5] = 0x02;
-    profile_value = mbedtls_ssl_get_srtp_profile_iana_value( ssl->dtls_srtp_info.chosen_dtls_srtp_profile );
+    profile_value = mbedtls_ssl_get_srtp_profile_iana_value(
+                                ssl->dtls_srtp_info.chosen_dtls_srtp_profile );
     if( profile_value != 0xFFFF )
     {
         buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 93b60cc9b..696eb85ea 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4751,12 +4751,12 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
 {
     if ( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
     {
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
     if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED )
     {
-        return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
     }
 
     memcpy( ssl->dtls_srtp_info.mki_value, mki_value, mki_len );
@@ -4779,8 +4779,10 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,
     }
 
 
-    for( i=0; i < profiles_number; i++ ) {
-        switch( profiles[i] ) {
+    for( i=0; i < profiles_number; i++ )
+    {
+        switch( profiles[i] )
+        {
             case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_80:
             case MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32:
             case MBEDTLS_SRTP_NULL_HMAC_SHA1_80:
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 6adaf9216..d727ebcad 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2608,7 +2608,7 @@ int main( int argc, char *argv[] )
 #endif
 
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( opt.use_srtp != DFL_USE_SRTP && strlen( opt.mki ) != 0 )
+    if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 )
     {
         if( mbedtls_test_unhexify( mki, sizeof( mki ),
                                    opt.mki,&mki_len ) != 0 )
@@ -2754,11 +2754,11 @@ int main( int argc, char *argv[] )
     {
         size_t j = 0;
 
-        if( (mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl )
-             == MBEDTLS_SRTP_UNSET_PROFILE ) )
+        if( ( mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl )
+                                == MBEDTLS_SRTP_UNSET_PROFILE ) )
         {
-            mbedtls_printf( "    DTLS-SRTP unable to negotiate "
-                            "protection profile\n" );
+            mbedtls_printf( "    Unable to negotiate "
+                            "the use of DTLS-SRTP\n" );
         }
         else
         {
@@ -2781,11 +2781,11 @@ int main( int argc, char *argv[] )
             for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
             {
                 if( j % 8 == 0 )
-                    mbedtls_printf("\n    ");
-                mbedtls_printf("%02x ", dtls_srtp_key_material[j] );
+                    mbedtls_printf( "\n    " );
+                mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
             }
 
-            mbedtls_printf("\n");
+            mbedtls_printf( "\n" );
         }
     }
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 350d8ca51..6dc783215 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -3863,11 +3863,11 @@ handshake:
     {
         size_t j = 0;
 
-        if( (mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl )
-             == MBEDTLS_SRTP_UNSET_PROFILE ) )
+        if( ( mbedtls_ssl_get_dtls_srtp_protection_profile( &ssl )
+                                == MBEDTLS_SRTP_UNSET_PROFILE ) )
         {
-            mbedtls_printf( "    DTLS-SRTP unable to negotiate "
-                            "protection profile\n" );
+            mbedtls_printf( "    Unable to negotiate "
+                            "the use of DTLS-SRTP\n" );
         }
         else
         {
@@ -3890,11 +3890,11 @@ handshake:
             for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
             {
                 if( j % 8 == 0 )
-                    mbedtls_printf("\n    ");
-                mbedtls_printf("%02x ", dtls_srtp_key_material[j] );
+                    mbedtls_printf( "\n    " );
+                mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
             }
 
-            mbedtls_printf("\n");
+            mbedtls_printf( "\n" );
         }
     }
 #endif /* MBEDTLS_SSL_DTLS_SRTP */