diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c545023751..6461166ad9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1131,7 +1131,7 @@ struct mbedtls_ssl_session
     /*!< TLS version negotiated in the session. Used if and when renegotiating
      *   or resuming a session instead of the configured minor TLS version.
      */
-    uint16_t MBEDTLS_PRIVATE(tls_version);
+    mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version);
 
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t MBEDTLS_PRIVATE(start);       /*!< starting time      */
@@ -1241,8 +1241,8 @@ struct mbedtls_ssl_config
      * so that elements tend to be in the 128-element direct access window
      * on Arm Thumb, which reduces the code size. */
 
-    uint16_t MBEDTLS_PRIVATE(max_tls_version);  /*!< max. TLS version used          */
-    uint16_t MBEDTLS_PRIVATE(min_tls_version);  /*!< min. TLS version used          */
+    mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(max_tls_version);  /*!< max. TLS version used */
+    mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(min_tls_version);  /*!< min. TLS version used */
 
     /*
      * Flags (could be bit-fields to save RAM, but separate bytes make
@@ -1495,8 +1495,6 @@ struct mbedtls_ssl_context
                                   renego_max_records is < 0           */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
-    int MBEDTLS_PRIVATE(major_ver_OBSOLETE);     /*!< (should no longer be used)                */
-
     /*!< Server: Negotiated TLS protocol version.
      *   Client: Maximum TLS version to be negotiated, then negotiated TLS
      *           version.
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9d34ca4638..020f062808 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -505,6 +505,14 @@ struct mbedtls_ssl_handshake_params
     uint8_t resume;                     /*!<  session resume indicator*/
     uint8_t cli_exts;                   /*!< client extension presence*/
 
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    uint8_t sni_authmode;               /*!< authmode from SNI callback     */
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    uint8_t new_session_ticket;         /*!< use NewSessionTicket?    */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
 #if defined(MBEDTLS_SSL_CLI_C)
     /*!< Minimum TLS version to be negotiated.
      *
@@ -524,17 +532,9 @@ struct mbedtls_ssl_handshake_params
      *   used to store this maximum value until it contains the actual
      *   negotiated value.
      */
-    uint16_t min_tls_version;
+    mbedtls_ssl_protocol_version min_tls_version;
 #endif
 
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    uint8_t sni_authmode;               /*!< authmode from SNI callback     */
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    uint8_t new_session_ticket;         /*!< use NewSessionTicket?    */
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
     uint8_t extended_ms;                /*!< use Extended Master Secret? */
 #endif