From dff84620a0cda3c560697a7bf39e611d9ce6a02a Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Mon, 14 Mar 2022 11:12:57 -0400
Subject: [PATCH] Unify internal/external TLS protocol version enums

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
 ChangeLog.d/mbedtls_tlsver_enum.txt  |  2 ++
 include/mbedtls/ssl.h                | 16 ++++++++--------
 library/ssl_tls.c                    |  4 ++--
 tests/suites/test_suite_ssl.function |  4 ++--
 4 files changed, 14 insertions(+), 12 deletions(-)
 create mode 100644 ChangeLog.d/mbedtls_tlsver_enum.txt

diff --git a/ChangeLog.d/mbedtls_tlsver_enum.txt b/ChangeLog.d/mbedtls_tlsver_enum.txt
new file mode 100644
index 000000000..b6f63577f
--- /dev/null
+++ b/ChangeLog.d/mbedtls_tlsver_enum.txt
@@ -0,0 +1,2 @@
+Features
+   * Unify internal/external TLS protocol version enums
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 9be083a82..384068a1a 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1099,6 +1099,14 @@ mbedtls_dtls_srtp_info;
 
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
 
+/** Human-friendly representation of the (D)TLS protocol version. */
+typedef enum
+{
+    MBEDTLS_SSL_VERSION_UNKNOWN, /*!< Context not in use or version not yet negotiated. */
+    MBEDTLS_SSL_VERSION_TLS1_2 = 0x0303, /*!< (D)TLS 1.2 */
+    MBEDTLS_SSL_VERSION_TLS1_3 = 0x0304, /*!< (D)TLS 1.3 */
+} mbedtls_ssl_protocol_version;
+
 /*
  * This structure is used for storing current session data.
  *
@@ -1161,14 +1169,6 @@ struct mbedtls_ssl_session
 #endif
 };
 
-/** Human-friendly representation of the (D)TLS protocol version. */
-typedef enum
-{
-    MBEDTLS_SSL_VERSION_UNKNOWN, /*!< Context not in use or version not yet negotiated. */
-    MBEDTLS_SSL_VERSION_1_2,     /*!< (D)TLS 1.2 */
-    MBEDTLS_SSL_VERSION_1_3,     /*!< (D)TLS 1.3 */
-} mbedtls_ssl_protocol_version;
-
 /*
  * Identifiers for PRFs used in various versions of TLS.
  */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 32b979942..63442eb6a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2328,9 +2328,9 @@ mbedtls_ssl_protocol_version mbedtls_ssl_get_version_number(
     switch( ssl->minor_ver )
     {
         case MBEDTLS_SSL_MINOR_VERSION_3:
-            return( MBEDTLS_SSL_VERSION_1_2 );
+            return( MBEDTLS_SSL_VERSION_TLS1_2 );
         case MBEDTLS_SSL_MINOR_VERSION_4:
-            return( MBEDTLS_SSL_VERSION_1_3 );
+            return( MBEDTLS_SSL_VERSION_TLS1_3 );
         default:
             return( MBEDTLS_SSL_VERSION_UNKNOWN );
     }
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 1a3157362..692efbe42 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1879,12 +1879,12 @@ int check_ssl_version( int expected_negotiated_version,
     switch( expected_negotiated_version )
     {
         case MBEDTLS_SSL_MINOR_VERSION_3:
-            TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_1_2 );
+            TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_2 );
             TEST_ASSERT( strcmp( version_string, "TLSv1.2" ) == 0 );
             break;
 
         case MBEDTLS_SSL_MINOR_VERSION_4:
-            TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_1_3 );
+            TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_3 );
             TEST_ASSERT( strcmp( version_string, "TLSv1.3" ) == 0 );
             break;