Map SSL errors to SSL_PROTOCOL_ERROR, others to FAILED.

This matches the NSS port's behavior. If an unknown error within ERR_LIB_SSL,
map to ERR_SSL_PROTOCOL_ERROR. Otherwise, map to ERR_FAILED. The OpenSSL port
actually inverted this for some reason.

(This doesn't fix #417134 but maps it to a more appropriate error.)

BUG=417134

Review URL: https://codereview.chromium.org/598043002

Cr-Commit-Position: refs/heads/master@{#296769}

net/ssl/openssl_ssl_util.cc

@@ -143,7 +143,7 @@ int MapOpenSSLErrorSSL(uint32_t error_code) {
       return ERR_SSL_INAPPROPRIATE_FALLBACK;
     default:
       LOG(WARNING) << "Unmapped error reason: " << ERR_GET_REASON(error_code);
-      return ERR_FAILED;
+      return ERR_SSL_PROTOCOL_ERROR;
   }
 }
 
@@ -197,7 +197,7 @@ int MapOpenSSLErrorWithDetails(int err,
       LOG(ERROR) << "OpenSSL SYSCALL error, earliest error code in "
                     "error queue: " << ERR_peek_error() << ", errno: "
                  << errno;
-      return ERR_SSL_PROTOCOL_ERROR;
+      return ERR_FAILED;
     case SSL_ERROR_SSL:
       // Walk down the error stack to find an SSL or net error.
       uint32_t error_code;
@@ -219,7 +219,7 @@ int MapOpenSSLErrorWithDetails(int err,
           return -ERR_GET_REASON(error_code);
         }
       } while (error_code != 0);
-      return ERR_SSL_PROTOCOL_ERROR;
+      return ERR_FAILED;
     default:
       // TODO(joth): Implement full mapping.
       LOG(WARNING) << "Unknown OpenSSL error " << err;