Exempt SSL_CONNECTION_VERSION_UNKNOWN from legacy TLS warning treatment

Signed Exchanges do not have a SSL connection version set. Exclude such cases from the legacy TLS warning treatment to avoid spurious warnings. Bug: 1041773 Change-Id: I323e3c1206da32b629c82b4eb28fc0a67190e7cc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2002830 Commit-Queue: Emily Stark <estark@chromium.org> Reviewed-by: David Benjamin <davidben@chromium.org> Cr-Commit-Position: refs/heads/master@{#732076}

Exempt SSL_CONNECTION_VERSION_UNKNOWN from legacy TLS warning treatment
Signed Exchanges do not have a SSL connection version set. Exclude such cases from the legacy TLS warning treatment to avoid spurious warnings. Bug: 1041773 Change-Id: I323e3c1206da32b629c82b4eb28fc0a67190e7cc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2002830 Commit-Queue: Emily Stark <estark@chromium.org> Reviewed-by: David Benjamin <davidben@chromium.org> Cr-Commit-Position: refs/heads/master@{#732076}
cde2e3c7 · Emily Stark · Commit Bot · 02f59e84 · cde2e3c7
Commit cde2e3c7 authored Jan 15, 2020 by Emily Stark Committed by Commit Bot Jan 15, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

chrome/browser/ssl/security_state_tab_helper.cc chrome/browser/ssl/security_state_tab_helper.cc +4 -1

No files found.
--- a/chrome/browser/ssl/security_state_tab_helper.cc
+++ b/chrome/browser/ssl/security_state_tab_helper.cc
@@ -110,7 +110,10 @@ bool IsLegacyTLS(GURL url, int connection_status) {
  net::SSLVersion ssl_version =
      net::SSLConnectionStatusToVersion(connection_status);
-  return ssl_version < ssl_version_min;
+  // Signed Exchanges do not have connection status set. Exclude unknown TLS
+  // versions from legacy TLS treatment. See https://crbug.com/1041773.
+  return ssl_version != net::SSL_CONNECTION_VERSION_UNKNOWN &&
+         ssl_version < ssl_version_min;
 }
 }  // namespace