From 1897af9e9318ee674f37fac065b262e1c7565171 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Sun, 10 May 2015 23:27:38 +0200
Subject: [PATCH] Make conf const inside ssl_context (finally)

---
 include/mbedtls/ssl.h | 4 ++--
 library/ssl_cli.c     | 7 ++++---
 library/ssl_tls.c     | 2 +-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 2df68fdbd..6480e78c9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -945,7 +945,7 @@ mbedtls_ssl_config;
 
 struct mbedtls_ssl_context
 {
-    mbedtls_ssl_config *conf;   /*!< configuration information              */
+    const mbedtls_ssl_config *conf; /*!< configuration information          */
 
     /*
      * Miscellaneous
@@ -1157,7 +1157,7 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
  *                 memory allocation failed
  */
 int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
-                       mbedtls_ssl_config *conf );
+                       const mbedtls_ssl_config *conf );
 
 /**
  * \brief          Reset an already initialized SSL context for re-use
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0b9de03f3..c16b6e786 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -572,10 +572,11 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
         ssl->minor_ver = ssl->conf->min_minor_ver;
     }
 
-    if( ssl->conf->max_major_ver == 0 && ssl->conf->max_minor_ver == 0 )
+    if( ssl->conf->max_major_ver == 0 )
     {
-        ssl->conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
-        ssl->conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, "
+                            "consider using mbedtls_ssl_config_defaults()" ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
     /*
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4406c1aaf..5fb2b6221 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4959,7 +4959,7 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
  * Setup an SSL context
  */
 int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
-                       mbedtls_ssl_config *conf )
+                       const mbedtls_ssl_config *conf )
 {
     int ret;
     const size_t len = MBEDTLS_SSL_BUFFER_LEN;