net: don't remember TLS intolerant servers.

net/http/http_stream_factory_impl_job.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_stream_factory_impl_job.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/logging.h"
 #include "base/stl_util.h"
@@ skipping 1033 matching lines @@
     return original_url_->SchemeIs("http");
   }
   return request_info_.url.SchemeIs("http");
 }
 
 // Sets several fields of ssl_config for the given origin_server based on the
 // proxy info and other factors.
 void HttpStreamFactoryImpl::Job::InitSSLConfig(
     const HostPortPair& origin_server,
     SSLConfig* ssl_config) const {
-  if (stream_factory_->IsTLSIntolerantServer(origin_server)) {
-    LOG(WARNING) << "Falling back to SSLv3 because host is TLS intolerant: "
-        << origin_server.ToString();
-    ssl_config->ssl3_fallback = true;
-    ssl_config->tls1_enabled = false;
-  }
-
   if (proxy_info_.is_https() && ssl_config->send_client_cert) {
     // When connecting through an HTTPS proxy, disable TLS False Start so
     // that client authentication errors can be distinguished between those
     // originating from the proxy server (ERR_PROXY_CONNECTION_FAILED) and
     // those originating from the endpoint (ERR_SSL_PROTOCOL_ERROR /
     // ERR_BAD_SSL_CLIENT_AUTH_CERT).
     // TODO(rch): This assumes that the HTTPS proxy will only request a
     // client certificate during the initial handshake.
     // http://crbug.com/59292
     ssl_config->false_start_enabled = false;
@@ skipping 173 matching lines @@
     return false;
   }
   if (request_info_.method != "GET" && request_info_.method != "HEAD") {
     return false;
   }
   return stream_factory_->http_pipelined_host_pool_.IsKeyEligibleForPipelining(
       *http_pipelining_key_.get());
 }
 
 }  // namespace net