Remove unnecessary IsCertificateError case.

After https://chromium-review.googlesource.com/c/chromium/src/+/1343054,
HttpStreamFactory::Job::DoInitConnectionComplete will never proceed
on a certificate error, so there is no need to extract ALPN bits.

Inline HandleCertificateError to make this more obvious (otherwise it
looks like HandleCertificateError may sometimes return OK).

Bug: none
Change-Id: I57e9554bd4062a467e4f65306f41f8bbe13c8457
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1595979
Auto-Submit: David Benjamin <davidben@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: David Benjamin <davidben@chromium.org>
Cr-Commit-Position: refs/heads/master@{#657296}

net/http/http_stream_factory_job.cc

@@ -933,8 +933,8 @@ int HttpStreamFactory::Job::DoInitConnectionComplete(int result) {
   bool ssl_started = using_ssl_ && (result == OK || connection_->socket() ||
                                     connection_->is_ssl_error());
 
-  if (ssl_started && (result == OK || IsCertificateError(result))) {
-    if (using_quic_ && result == OK) {
+  if (ssl_started && result == OK) {
+    if (using_quic_) {
       was_alpn_negotiated_ = true;
       negotiated_protocol_ = kProtoQUIC;
     } else {
@@ -1011,7 +1011,16 @@ int HttpStreamFactory::Job::DoInitConnectionComplete(int result) {
   if (using_ssl_) {
     DCHECK(ssl_started);
     if (IsCertificateError(result)) {
-      result = HandleCertificateError(result);
+      SSLInfo ssl_info;
+      GetSSLInfo(&ssl_info);
+      if (ssl_info.cert) {
+        // Add the bad certificate to the set of allowed certificates in the
+        // SSL config object. This data structure will be consulted after
+        // calling RestartIgnoringLastError(). And the user will be asked
+        // interactively before RestartIgnoringLastError() is ever called.
+        server_ssl_config_.allowed_bad_certs.emplace_back(ssl_info.cert,
+                                                          ssl_info.cert_status);
+      }
     }
     if (result < 0)
       return result;
@@ -1232,29 +1241,6 @@ int HttpStreamFactory::Job::ReconsiderProxyAfterError(int error) {
   return error;
 }
 
-int HttpStreamFactory::Job::HandleCertificateError(int error) {
-  DCHECK(using_ssl_);
-  DCHECK(IsCertificateError(error));
-
-  SSLInfo ssl_info;
-  GetSSLInfo(&ssl_info);
-
-  if (!ssl_info.cert) {
-    // If the server's certificate could not be parsed, there is no way
-    // to gracefully recover this, so just pass the error up.
-    return error;
-  }
-
-  // Add the bad certificate to the set of allowed certificates in the
-  // SSL config object. This data structure will be consulted after calling
-  // RestartIgnoringLastError(). And the user will be asked interactively
-  // before RestartIgnoringLastError() is ever called.
-  server_ssl_config_.allowed_bad_certs.emplace_back(ssl_info.cert,
-                                                    ssl_info.cert_status);
-
-  return error;
-}
-
 ClientSocketPoolManager::SocketGroupType
 HttpStreamFactory::Job::GetSocketGroup() const {
   std::string scheme = origin_url_.scheme();

net/http/http_stream_factory_job.h

@@ -351,10 +351,6 @@ class HttpStreamFactory::Job
   // code is simply returned.
   int ReconsiderProxyAfterError(int error);
 
-  // Called to handle a certificate error.  Stores the certificate in the
-  // allowed_bad_certs list. Returns the error code.
-  int HandleCertificateError(int error);
-
   ClientSocketPoolManager::SocketGroupType GetSocketGroup() const;
 
   void MaybeCopyConnectionAttemptsFromSocketOrHandle();