Do not roll back to SSL 3.0 for Google properties.

net/ssl/ssl_config_service.h

Index: net/ssl/ssl_config_service.h
diff --git a/net/ssl/ssl_config_service.h b/net/ssl/ssl_config_service.h
index 01c20cd610382cab4a5498ce335be1cf2b1b44a6..31d310d248f6f0d75fe638bd322b6419fbce80a4 100644
--- a/net/ssl/ssl_config_service.h
+++ b/net/ssl/ssl_config_service.h
@@ -49,6 +49,14 @@ struct NET_EXPORT SSLConfig {
   bool IsAllowedBadCert(const base::StringPiece& der_cert,
                         CertStatus* cert_status) const;
 
+  // Returns the string representation of an SSL protocol version. Returns an
+  // empty string on error.
+  static std::string SSLProtocolVersionToString(uint16 version);
+
+  // Returns the SSL protocol version (as a uint16) represented by a string.
+  // Returns 0 if the string is invalid.
+  static uint16 SSLProtocolVersionFromString(const std::string& version_str);
+
   // rev_checking_enabled is true if online certificate revocation checking is
   // enabled (i.e. OCSP and CRL fetching).
   //
@@ -91,6 +99,10 @@ struct NET_EXPORT SSLConfig {
   bool channel_id_enabled;  // True if TLS channel ID extension is enabled.
   bool false_start_enabled;  // True if we'll use TLS False Start.
 
+  // True if we want to disable enforcement of minimum SSL version for
+  // preloaded HSTS entries.

[Ryan Sleevi, 2013/04/15 18:03:28]

Comment nit: Chromium comments discourage the use of pronouns - see
https://groups.google.com/a/chromium.org/d/topic/chromium-dev/NH-S6KCkr2M/dis...


"True if the enforcement of the minimum SSL/TLS version for preloaded HSTS
entries is disabled."

+  bool ssl_version_min_preloaded_disabled;
+
   // TODO(wtc): move the following members to a new SSLParams structure.  They
   // are not SSL configuration settings.