Delete TLS version fallback code in net/http.

net/http/http_network_transaction.cc

Index: net/http/http_network_transaction.cc
diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc
index 2e131347450c7b11bf2ce8ad1e6ae23a8d7dee8e..dd49437b4c5641a0563e595dbf4526b5f2369569 100644
--- a/net/http/http_network_transaction.cc
+++ b/net/http/http_network_transaction.cc
@@ -71,20 +71,6 @@ namespace net {
 
 namespace {
 
-std::unique_ptr<base::Value> NetLogSSLVersionFallbackCallback(
-    const GURL* url,
-    int net_error,
-    uint16_t version_before,
-    uint16_t version_after,
-    NetLogCaptureMode /* capture_mode */) {
-  std::unique_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
-  dict->SetString("host_and_port", GetHostAndPort(*url));
-  dict->SetInteger("net_error", net_error);
-  dict->SetInteger("version_before", version_before);
-  dict->SetInteger("version_after", version_after);
-  return std::move(dict);
-}
-
 std::unique_ptr<base::Value> NetLogSSLCipherFallbackCallback(
     const GURL* url,
     int net_error,
@@ -108,7 +94,6 @@ HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority,
       request_(NULL),
       priority_(priority),
       headers_valid_(false),
-      fallback_error_code_(ERR_SSL_INAPPROPRIATE_FALLBACK),
       request_headers_(),
       read_buf_len_(0),
       total_received_bytes_(0),
@@ -1439,56 +1424,6 @@ int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {
     return OK;
   }
 
-  // TODO(davidben): Remove this code once the dedicated error code is no
-  // longer needed and the flags to re-enable the fallback expire.
-  bool should_fallback = false;
-  uint16_t version_max = server_ssl_config_.version_max;
-
-  switch (error) {
-    // This could be a TLS-intolerant server or a server that chose a
-    // cipher suite defined only for higher protocol versions (such as
-    // an TLS 1.1 server that chose a TLS-1.2-only cipher suite).  Fall
-    // back to the next lower version and retry.
-    case ERR_CONNECTION_CLOSED:
-    case ERR_SSL_PROTOCOL_ERROR:
-    case ERR_SSL_VERSION_OR_CIPHER_MISMATCH:
-    // Some servers trigger the TLS 1.1 fallback with ERR_CONNECTION_RESET
-    // (https://crbug.com/433406).
-    case ERR_CONNECTION_RESET:
-    // This was added for the TLS 1.0 fallback (https://crbug.com/260358) which
-    // has since been removed, but other servers may be relying on it for the
-    // TLS 1.1 fallback. It will be removed with the remainder of the fallback.
-    case ERR_SSL_BAD_RECORD_MAC_ALERT:
-      // Fallback down to a TLS 1.1 ClientHello. By default, this is rejected
-      // but surfaces ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION to help diagnose
-      // server bugs.
-      if (version_max >= SSL_PROTOCOL_VERSION_TLS1_2 &&
-          version_max > server_ssl_config_.version_min) {
-        version_max--;
-        should_fallback = true;
-      }
-      break;
-    case ERR_SSL_INAPPROPRIATE_FALLBACK:
-      // The server told us that we should not have fallen back. A buggy server
-      // could trigger ERR_SSL_INAPPROPRIATE_FALLBACK with the initial
-      // connection. |fallback_error_code_| is initialised to
-      // ERR_SSL_INAPPROPRIATE_FALLBACK to catch this case.
-      error = fallback_error_code_;
-      break;
-  }
-
-  if (should_fallback) {
-    net_log_.AddEvent(
-        NetLog::TYPE_SSL_VERSION_FALLBACK,
-        base::Bind(&NetLogSSLVersionFallbackCallback, &request_->url, error,
-                   server_ssl_config_.version_max, version_max));
-    fallback_error_code_ = error;
-    server_ssl_config_.version_max = version_max;
-    server_ssl_config_.version_fallback = true;
-    ResetConnectionAndRequestForResend();
-    error = OK;
-  }
-
   return error;
 }