Add a new GetTlsUniqueChannelBinding method to SSLSocket, and implement nss version.

net/socket/ssl_server_socket_nss.cc

Index: net/socket/ssl_server_socket_nss.cc
diff --git a/net/socket/ssl_server_socket_nss.cc b/net/socket/ssl_server_socket_nss.cc
index a43dbfe6b6f1d0f445773a6aac3ea062f8c70f8f..7516b62ab4c8b6a6b9fe6024e4974147d5da6134 100644
--- a/net/socket/ssl_server_socket_nss.cc
+++ b/net/socket/ssl_server_socket_nss.cc
@@ -169,6 +169,22 @@ int SSLServerSocketNSS::ExportKeyingMaterial(const base::StringPiece& label,
   return OK;
 }
 
+int SSLServerSocketNSS::GetTLSUniqueChannelBinding(std::string* out) {
+  if (!IsConnected())
+    return ERR_SOCKET_NOT_CONNECTED;
+  unsigned char buf[64];
+  unsigned int len;
+  SECStatus result = SSL_GetChannelBinding(nss_fd_,
+                                           SSL_CHANNEL_BINDING_TLS_UNIQUE,
+                                           buf, &len, arraysize(buf));
+  if (result != SECSuccess) {
+    LogFailedNSSFunction(net_log_, "SSL_GetChannelBinding", "");
+    return MapNSSError(PORT_GetError());
+  }
+  out->assign(reinterpret_cast<char*>(buf), len);
+  return OK;
+}
+
 int SSLServerSocketNSS::Connect(const CompletionCallback& callback) {
   NOTIMPLEMENTED();
   return ERR_NOT_IMPLEMENTED;