Make calls to SSL_renegotiate() error out for TLSv1.3

When we have support for KeyUpdate we might consider doing that instead.
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

ssl/ssl_lib.c

@@ -1716,9 +1716,12 @@ int SSL_shutdown(SSL *s)
 
 int SSL_renegotiate(SSL *s)
 {
-    /* Do nothing in TLS1.3 */
+    /*
+     * TODO(TLS1.3): Return an error for now. Perhaps we should do a KeyUpdate
+     * instead when we support that?
+     */
     if (SSL_IS_TLS13(s))
-        return 1;
+        return 0;
 
     if (s->renegotiate == 0)
         s->renegotiate = 1;
@@ -1730,9 +1733,12 @@ int SSL_renegotiate(SSL *s)
 
 int SSL_renegotiate_abbreviated(SSL *s)
 {
-    /* Do nothing in TLS1.3 */
+    /*
+     * TODO(TLS1.3): Return an error for now. Perhaps we should do a KeyUpdate
+     * instead when we support that?
+     */
     if (SSL_IS_TLS13(s))
-        return 1;
+        return 0;
 
     if (s->renegotiate == 0)
         s->renegotiate = 1;