From a561d12d24c2c8bb0f825d4a3a55a5e47e845853 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Wed, 4 May 2022 23:55:38 +0300
Subject: EAP peer status notification for server not supporting RFC 5746

From 566ce69a8d0e64093309cbde80235aa522fbf84e Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Thu, 5 May 2022 00:07:44 +0300
Subject: EAP peer: Workaround for servers that do not support safe TLS
 renegotiation

Index: src/crypto/tls.h
--- src/crypto/tls.h.orig
+++ src/crypto/tls.h
@@ -22,7 +22,8 @@ enum tls_event {
 	TLS_CERT_CHAIN_SUCCESS,
 	TLS_CERT_CHAIN_FAILURE,
 	TLS_PEER_CERTIFICATE,
-	TLS_ALERT
+	TLS_ALERT,
+	TLS_UNSAFE_RENEGOTIATION_DISABLED,
 };
 
 /*
@@ -112,6 +113,7 @@ struct tls_config {
 #define TLS_CONN_ENABLE_TLSv1_1 BIT(15)
 #define TLS_CONN_ENABLE_TLSv1_2 BIT(16)
 #define TLS_CONN_TEAP_ANON_DH BIT(17)
+#define TLS_CONN_ALLOW_UNSAFE_RENEGOTIATION BIT(18)
 
 /**
  * struct tls_connection_params - Parameters for TLS connection
