Implement SSL certificate error handling on the Mac. If the user gives...

net/socket/ssl_client_socket_nss.cc

Index: net/socket/ssl_client_socket_nss.cc
===================================================================
--- net/socket/ssl_client_socket_nss.cc	(revision 23320)
+++ net/socket/ssl_client_socket_nss.cc	(working copy)
@@ -332,7 +332,7 @@
 
 void SSLClientSocketNSS::InvalidateSessionIfBadCertificate() {
   if (UpdateServerCert() != NULL &&
-      ssl_config_.allowed_bad_certs_.count(server_cert_)) {
+      ssl_config_.IsAllowedBadCert(server_cert_)) {
     SSL_InvalidateSession(nss_fd_);
   }
 }
@@ -782,10 +782,10 @@
   // result of verifier_.Verify.
   // Eventually, we should cache the cert verification results so that we don't
   // need to call verifier_.Verify repeatedly.  But for now we need to do this.
-  // Alternatively, we might be able to store the cert's status along with
-  // the cert in the allowed_bad_certs_ set.
+  // Alternatively, we could use the cert's status that we stored along with
+  // the cert in the allowed_bad_certs vector.
   if (IsCertificateError(result) &&
-      ssl_config_.allowed_bad_certs_.count(server_cert_)) {
+      ssl_config_.IsAllowedBadCert(server_cert_)) {
     LOG(INFO) << "accepting bad SSL certificate, as user told us to";
     result = OK;
   }