fix dtls 1.0 deprecation warning

The code for generating the DTLS 1.0 deprecation warning is in the wrong
method which is not called when the transport gets connected. Moves the code
to the internal state change event and fixes punctuation in the warning.

This can be tested with a peer that creates the OpenSSL context with the
DTLS_method() and then does SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_2)
to disabled DTLS 1.2.

Bug: webrtc:10261
Change-Id: Ib11851b7a104e4d3b6ba77eeb78bed3f1c4d0588
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1894006Reviewed-by: Harald Alvestrand <hta@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Harald Alvestrand <hta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#712632}

third_party/blink/renderer/core/frame/deprecation.cc

@@ -680,7 +680,7 @@ DeprecationInfo GetDeprecationInfo(WebFeature feature) {
       return {"ObsoleteWebRtcCipherSuite", kM81,
               String::Format(
                   "Your partner is negotiating an obsolete (D)TLS version. "
-                  "Support for this will be removed in %s"
+                  "Support for this will be removed in %s. "
                   "Please check with your partner to have this fixed.",
                   MilestoneString(kM81))};
 

third_party/blink/renderer/modules/peerconnection/rtc_dtls_transport.cc

@@ -99,17 +99,6 @@ webrtc::DtlsTransportInterface* RTCDtlsTransport::native_transport() {
 void RTCDtlsTransport::ChangeState(webrtc::DtlsTransportInformation info) {
   DCHECK(current_state_.state() != webrtc::DtlsTransportState::kClosed);
   current_state_ = info;
-  if (current_state_.state() == webrtc::DtlsTransportState::kConnected) {
-    if (current_state_.tls_version()) {
-      if (*current_state_.tls_version() == DTLS1_VERSION ||
-          *current_state_.tls_version() == SSL3_VERSION ||
-          *current_state_.tls_version() == TLS1_VERSION ||
-          *current_state_.tls_version() == TLS1_1_VERSION) {
-        Deprecation::CountDeprecation(GetExecutionContext(),
-                                      WebFeature::kObsoleteWebrtcTlsVersion);
-      }
-    }
-  }
 }
 
 void RTCDtlsTransport::Close() {
@@ -129,6 +118,20 @@ void RTCDtlsTransport::OnStateChange(webrtc::DtlsTransportInformation info) {
   // We depend on closed only happening once for safe garbage collection.
   DCHECK(current_state_.state() != webrtc::DtlsTransportState::kClosed);
   current_state_ = info;
+
+  // DTLS 1.0 is deprecated, emit a console warning.
+  if (current_state_.state() == webrtc::DtlsTransportState::kConnected) {
+    if (current_state_.tls_version()) {
+      if (*current_state_.tls_version() == DTLS1_VERSION ||
+          *current_state_.tls_version() == SSL3_VERSION ||
+          *current_state_.tls_version() == TLS1_VERSION ||
+          *current_state_.tls_version() == TLS1_1_VERSION) {
+        Deprecation::CountDeprecation(GetExecutionContext(),
+                                      WebFeature::kObsoleteWebrtcTlsVersion);
+      }
+    }
+  }
+
   // If the certificates have changed, copy them as DOMArrayBuffers.
   // This makes sure that getRemoteCertificates() == getRemoteCertificates()
   if (current_state_.remote_ssl_certificates()) {