Breaking Change: merge BoringSSL branch into master

sdk/lib/io/http.dart

Index: sdk/lib/io/http.dart
diff --git a/sdk/lib/io/http.dart b/sdk/lib/io/http.dart
index befa0435316c909bc51c304a5393dbb123cb1cd3..dd715599bed08cf8568bc05d5b5f5a031fa8cc85 100644
--- a/sdk/lib/io/http.dart
+++ b/sdk/lib/io/http.dart
@@ -93,23 +93,28 @@ abstract class HttpStatus {
  *
  * Use [bindSecure] to create an HTTPS server.
  *
- * The server presents a certificate to the client. In the following
- * example, the certificate is named `localhost_cert` and comes from
- * the database found in the `pkcert` directory.
+ * The server presents a certificate to the client. The certificate
+ * chain and the private key are set in the SecurityContext
+ * object that is passed to [bindSecure].
  *
  *     import 'dart:io';
  *     import "dart:isolate";
  *
  *     main() {
- *       var testPkcertDatabase = Platform.script.resolve('pkcert')
- *                                        .toFilePath();
- *       SecureSocket.initialize(database: testPkcertDatabase,
- *                               password: 'dartdart');
+ *       SecurityContext context = new SecurityContext();
+ *       var chain =
+ *           Platform.script.resolve('certificates/server_chain.pem')
+ *           .toFilePath();
+ *       var key =
+ *           Platform.script.resolve('certificates/server_key.pem')
+ *           .toFilePath();
+ *       context.useCertificateChain(chain);
+ *       context.usePrivateKey(key, password: 'dartdart');
  *
  *       HttpServer
  *           .bindSecure(InternetAddress.ANY_IP_V6,
  *                       443,
- *                       certificateName: 'localhost_cert')
+ *                       context)
  *           .then((server) {
  *             server.listen((HttpRequest request) {
  *               request.response.write('Hello, world!');
@@ -118,10 +123,8 @@ abstract class HttpStatus {
  *           });
  *     }
  *
- * The certificate database is managed using the Mozilla certutil tool (see
- * [NSS Tools certutil](https://developer.mozilla.org/en-US/docs/NSS/tools/NSS_Tools_certutil)).
- * Dart uses the NSS library to handle SSL, and the Mozilla certutil
- * must be used to manipulate the certificate database.
+ *  The certificates and keys are pem files, which can be created and
+ *  managed with the tools in OpenSSL and BoringSSL.
  *
  * ## Connect to a server socket
  *
@@ -291,6 +294,7 @@ abstract class HttpServer implements Stream<HttpRequest> {
 
   static Future<HttpServer> bindSecure(address,
                                        int port,
+                                       SecurityContext context,
                                        {int backlog: 0,
                                         bool v6Only: false,
                                         String certificateName,
@@ -298,6 +302,7 @@ abstract class HttpServer implements Stream<HttpRequest> {
                                         bool shared: false})
       => _HttpServer.bindSecure(address,
                                 port,
+                                context,
                                 backlog,
                                 v6Only,
                                 certificateName,
@@ -1331,7 +1336,7 @@ abstract class HttpClient {
    */
   String userAgent;
 
-  factory HttpClient() => new _HttpClient();
+  factory HttpClient({SecurityContext context}) => new _HttpClient(context);
 
   /**
    * Opens a HTTP connection.