diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 860a99a8..2053d698 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1165,7 +1165,8 @@ OPENSSL_EXPORT void SSL_enable_fastradio_padding(SSL *ssl, char on_off);
 
 /* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by
  * the peer are rejected. It may be set at any point in a connection's lifetime
- * to disallow future renegotiations programmatically. */
+ * to control future renegotiations programmatically. By default, renegotiations
+ * are rejected. */
 OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject);
 
 /* the maximum length of the buffer given to callbacks containing the resulting
@@ -1424,9 +1425,9 @@ struct ssl_st {
    * data rate) state in 3G networks. */
   char fastradio_padding;
 
-  /* reject_peer_renegotiations, if one, causes causes renegotiation attempts
-   * from the peer to be rejected with a fatal error. */
-  char reject_peer_renegotiations;
+  /* accept_peer_renegotiations, if one, accepts renegotiation attempts from the
+   * peer. Otherwise, they will be rejected with a fatal error. */
+  char accept_peer_renegotiations;
 
   /* These fields are always NULL and exist only to keep wpa_supplicant happy
    * about the change to EVP_AEAD. They are only needed for EAP-FAST, which we
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index c42d0009..75d4df79 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -869,7 +869,7 @@ start:
   if (rr->type == SSL3_RT_HANDSHAKE) {
     /* If peer renegotiations are disabled, all out-of-order handshake records
      * are fatal. */
-    if (s->reject_peer_renegotiations) {
+    if (!s->accept_peer_renegotiations) {
       al = SSL_AD_NO_RENEGOTIATION;
       OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_NO_RENEGOTIATION);
       goto f_err;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 6c8e2c99..15bb8be9 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2929,7 +2929,7 @@ void SSL_enable_fastradio_padding(SSL *s, char on_off) {
 }
 
 void SSL_set_reject_peer_renegotiations(SSL *s, int reject) {
-  s->reject_peer_renegotiations = !!reject;
+  s->accept_peer_renegotiations = !reject;
 }
 
 const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 1cf96f21..5b54a676 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -660,8 +660,9 @@ static bool DoExchange(ScopedSSL_SESSION *out_session, SSL_CTX *ssl_ctx,
       !SSL_set_cipher_list(ssl.get(), config->cipher.c_str())) {
     return false;
   }
-  if (config->reject_peer_renegotiations) {
-    SSL_set_reject_peer_renegotiations(ssl.get(), 1);
+  if (!config->reject_peer_renegotiations) {
+    /* Renegotiations are disabled by default. */
+    SSL_set_reject_peer_renegotiations(ssl.get(), 0);
   }
 
   int sock = Connect(config->port);