| Index: net/ssl/ssl_config.h
|
| diff --git a/net/ssl/ssl_config.h b/net/ssl/ssl_config.h
|
| index f48a86fcadac8bfeba5b4b7181aba8a8f83b3c5a..0cc7f55201bc060c0adaba85e973c1214aeffae2 100644
|
| --- a/net/ssl/ssl_config.h
|
| +++ b/net/ssl/ssl_config.h
|
| @@ -41,9 +41,6 @@ NET_EXPORT extern const uint16_t kDefaultSSLVersionMin;
|
| // Default maximum protocol version.
|
| NET_EXPORT extern const uint16_t kDefaultSSLVersionMax;
|
|
|
| -// Default minimum protocol version that it's acceptable to fallback to.
|
| -NET_EXPORT extern const uint16_t kDefaultSSLVersionFallbackMin;
|
| -
|
| // A collection of SSL-related configuration settings.
|
| struct NET_EXPORT SSLConfig {
|
| // Default to revocation checking.
|
| @@ -88,12 +85,6 @@ struct NET_EXPORT SSLConfig {
|
| uint16_t version_min;
|
| uint16_t version_max;
|
|
|
| - // version_fallback_min contains the minimum version that is acceptable to
|
| - // fallback to. Versions before this may be tried to see whether they would
|
| - // have succeeded and thus to give a better message to the user, but the
|
| - // resulting connection won't be used in these cases.
|
| - uint16_t version_fallback_min;
|
| -
|
| // Presorted list of cipher suites which should be explicitly prevented from
|
| // being used in addition to those disabled by the net built-in policy.
|
| //
|
| @@ -155,10 +146,6 @@ struct NET_EXPORT SSLConfig {
|
|
|
| bool verify_ev_cert; // True if we should verify the certificate for EV.
|
|
|
| - bool version_fallback; // True if we are falling back to an older protocol
|
| - // version (one still needs to decrement
|
| - // version_max).
|
| -
|
| // If cert_io_enabled is false, then certificate verification will not
|
| // result in additional HTTP requests. (For example: to fetch missing
|
| // intermediates or to perform OCSP/CRL fetches.) It also implies that online
|
|
|