From d0240f4bc8f581117dc54fe2e3b6241e71a2ca1b Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Fri, 31 Jul 2020 19:26:01 +0000
Subject: [PATCH] Remove TLS 1.3 downgrade policy and associated flags.

As documented, the policy is to be retired after M85. This policy was a
temporary workaround for potential compatibility issues due to buggy and
insecure enterprise proxies.

(cherry picked from commit 94c7e180e2074fcd7c98acf4b61a1543ef08b2fc)

Bug: 1012400
Change-Id: Ia47e544b8f7ed546633351d7c55c40c366e1d032
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2324170
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Steven Valdez <svaldez@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Matt Menke <mmenke@chromium.org>
Auto-Submit: David Benjamin <davidben@chromium.org>
Cr-Commit-Position: refs/heads/master@{#793713}
---
 net/socket/ssl_client_socket_impl.cc | 19 -------------------
 1 file changed, 19 deletions(-)

diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc
index 1bcdada85caf..343247909f99 100644
--- a/net/socket/ssl_client_socket_impl.cc
+++ b/net/socket/ssl_client_socket_impl.cc
@@ -83,12 +83,6 @@ const int kSSLClientSocketNoPendingResult = 1;
 // Default size of the internal BoringSSL buffers.
 const int kDefaultOpenSSLBufferSize = 17 * 1024;
 
-// This feature disables the TLS 1.3 downgrade protection that may be triggered
-// by buggy TLS-terminating proxies. It will be removed once TLS 1.3 is
-// successfully deployed without needing to disable this feature.
-const base::Feature kIgnoreTLS13Downgrade{"IgnoreTLS13Downgrade",
-                                          base::FEATURE_DISABLED_BY_DEFAULT};
-
 std::unique_ptr<base::Value> NetLogPrivateKeyOperationCallback(
     uint16_t algorithm,
     NetLogCaptureMode mode) {
@@ -352,10 +346,6 @@ class SSLClientSocketImpl::SSLContext {
 
     SSL_CTX_set_grease_enabled(ssl_ctx_.get(), 1);
 
-    if (base::FeatureList::IsEnabled(kIgnoreTLS13Downgrade)) {
-      SSL_CTX_set_ignore_tls13_downgrade(ssl_ctx_.get(), 1);
-    }
-
     // Deduplicate all certificates minted from the SSL_CTX in memory.
     SSL_CTX_set0_buffer_pool(ssl_ctx_.get(), x509_util::GetBufferPool());
 
@@ -1089,15 +1079,6 @@ int SSLClientSocketImpl::DoHandshakeComplete(int result) {
     base::UmaHistogramSparse("Net.SSLSignatureAlgorithm", signature_algorithm);
   }
 
-  if (base::FeatureList::IsEnabled(kIgnoreTLS13Downgrade) &&
-      IsTLS13ExperimentHost(host_and_port_.host())) {
-    // Record whether the TLS 1.3 anti-downgrade mechanism has fired. This is
-    // only recorded when enforcement is disabled. See
-    // https://crbug.com/boringssl/226.
-    UMA_HISTOGRAM_BOOLEAN("Net.SSLTLS13DowngradeTLS13Experiment",
-                          !!SSL_is_tls13_downgrade(ssl_.get()));
-  }
-
   // Verify the certificate.
   next_handshake_state_ = STATE_VERIFY_CERT;
   return OK;