Remove vestiges of weak Diffie-Hellman checks

Chromium used to warn if the server negotiated a weak DH key. However,
it has since disabled support for DH entirely, so this traces are
no longer used.

Bug: none
Change-Id: I3645cd011287b68bd3343e06faeb5dd9f089862a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2012909Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Christopher Thompson <cthomp@chromium.org>
Reviewed-by: Tao Bai <michaelbai@chromium.org>
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#734299}

android_webview/java/src/org/chromium/android_webview/ErrorCodeConversionHelper.java

@@ -117,7 +117,6 @@ public final class ErrorCodeConversionHelper {
             case NetError.ERR_SSL_NO_RENEGOTIATION:
             case NetError.ERR_SSL_DECOMPRESSION_FAILURE_ALERT:
             case NetError.ERR_SSL_BAD_RECORD_MAC_ALERT:
-            case NetError.ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
             case NetError.ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED:
             case NetError.ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY:
                 return ERROR_FAILED_SSL_HANDSHAKE;

components/error_page/common/localized_error.cc

@@ -45,8 +45,6 @@ namespace {
 
 static const char kRedirectLoopLearnMoreUrl[] =
     "https://support.google.com/chrome?p=rl_error";
-static const char kWeakDHKeyLearnMoreUrl[] =
-    "https://support.google.com/chrome?p=dh_error";
 static const int kGoogleCachedCopySuggestionType = 0;
 
 enum NAV_SUGGESTIONS {
@@ -260,12 +258,6 @@ const LocalizedErrorMap net_error_options[] = {
    SUGGEST_CHECK_CONNECTION | SUGGEST_FIREWALL_CONFIG | SUGGEST_PROXY_CONFIG,
    SHOW_BUTTON_RELOAD,
   },
-  {net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY,
-   IDS_ERRORPAGES_HEADING_INSECURE_CONNECTION,
-   IDS_ERRORPAGES_SUMMARY_SSL_SECURITY_ERROR,
-   SUGGEST_LEARNMORE,
-   SHOW_NO_BUTTONS,
-  },
   {net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN,
    IDS_ERRORPAGES_HEADING_INSECURE_CONNECTION,
    IDS_CERT_ERROR_SUMMARY_PINNING_FAILURE_DETAILS,
@@ -592,9 +584,6 @@ void AddLinkedSuggestionToList(const int error_code,
       l10n_util::GetStringUTF16(IDS_ERRORPAGES_SUGGESTION_LEARNMORE_SUMMARY);
 
   switch (error_code) {
-    case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
-      learn_more_url = GURL(kWeakDHKeyLearnMoreUrl);
-      break;
     case net::ERR_TOO_MANY_REDIRECTS:
       learn_more_url = GURL(kRedirectLoopLearnMoreUrl);
       suggestion_string = l10n_util::GetStringUTF16(

components/security_interstitials/core/ssl_error_options_mask.cc

@@ -28,7 +28,6 @@ int IsCertErrorFatal(int cert_error) {
     case net::ERR_CERT_CONTAINS_ERRORS:
     case net::ERR_CERT_REVOKED:
     case net::ERR_CERT_INVALID:
-    case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
     case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN:
       return true;
     default:

net/base/net_error_list.h

@@ -220,8 +220,7 @@ NET_ERROR(SSL_BAD_RECORD_MAC_ALERT, -126)
 // The proxy requested authentication (for tunnel establishment).
 NET_ERROR(PROXY_AUTH_REQUESTED, -127)
 
-// The SSL server attempted to use a weak ephemeral Diffie-Hellman key.
-NET_ERROR(SSL_WEAK_SERVER_EPHEMERAL_DH_KEY, -129)
+// Error -129 was removed (SSL_WEAK_SERVER_EPHEMERAL_DH_KEY).
 
 // Could not create a connection to the proxy server. An error occurred
 // either in resolving its name, or in connecting a socket to it.

net/ssl/openssl_ssl_util.cc

@@ -101,8 +101,6 @@ int MapOpenSSLErrorSSL(uint32_t error_code) {
       return ERR_SSL_DECRYPT_ERROR_ALERT;
     case SSL_R_TLSV1_UNRECOGNIZED_NAME:
       return ERR_SSL_UNRECOGNIZED_NAME_ALERT;
-    case SSL_R_BAD_DH_P_LENGTH:
-      return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY;
     case SSL_R_SERVER_CERT_CHANGED:
       return ERR_SSL_SERVER_CERT_CHANGED;
     case SSL_R_WRONG_VERSION_ON_EARLY_DATA: