net: remove TLS fallback for Google properties.

net: remove TLS fallback for Google properties.

With Chrome 31, Chrome will not accept a fallback to SSLv3 for Google
properties. If we wish to be able to depend on AES-GCM and ChaCha20+Poly1305
support then we need to ensure that an attacker cannot downgrade us to TLS 1.1
(which doesn't include those options).

This change prototypes a signal to indicate that fallback should
not be allowed. We know that Google properties don't need fallback and this
change allows us to test that networks are not too broken to deploy such a
scheme.

It's possible that defective MITM proxies will cause issues with this. The
--enable-unrestricted-ssl3-fallback option exists for diagnosis of any bug
reports.

BUG=302739
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=226529

[wtc, 2013-10-01 22:03:51]

Patch set 1 LGTM.

The CL's description says:

=====
This change prototypes an SCSV or other signal to indicate that fallback should
not be allowed. We know that Google properties don't need fallback and this
change allows us to test that networks are not too broken to deploy such a
scheme.
=====

But "an SCSV or other signal" is not in this CL, so it is confusing. Perhaps
just say "a signal"?

https://codereview.chromium.org/25547003/diff/1/net/http/http_network_transac...
File net/http/http_network_transaction.cc (right):

https://codereview.chromium.org/25547003/diff/1/net/http/http_network_transac...
net/http/http_network_transaction.cc:1266: if
(!server_ssl_config_.unrestricted_ssl3_fallback_enabled &&

Nit: this comment should be updated to note that
unrestricted_ssl3_fallback_enabled now affects fallback to any SSL/TLS version,
not just SSL3. Perhaps we should rename this config option?

[agl, 2013-10-02 16:33:17]

https://codereview.chromium.org/25547003/diff/1/net/http/http_network_transac...
File net/http/http_network_transaction.cc (right):

https://codereview.chromium.org/25547003/diff/1/net/http/http_network_transac...
net/http/http_network_transaction.cc:1266: if
(!server_ssl_config_.unrestricted_ssl3_fallback_enabled &&
On 2013/10/01 22:03:51, wtc wrote:
> 
> Nit: this comment should be updated to note that
> unrestricted_ssl3_fallback_enabled now affects fallback to any SSL/TLS
version,
> not just SSL3. Perhaps we should rename this config option?

Done.

I lean against updating the config option name. It would anyone who is currently
using it on the command line for no great reason and might confuse diagnosis of
bugs in the case when we have both M31 and M32 in flight.

[commit-bot: I haz the power, 2013-10-02 16:33:47]

CQ is trying da patch. Follow status at
https://chromium-status.appspot.com/cq/agl@chromium.org/25547003/24001

[commit-bot: I haz the power, 2013-10-02 19:42:31]

Change committed as 226529