WKWebView(iOS9): correctly update SSL status for current navigation item

ios/web/net/crw_cert_verification_controller.h

Index: ios/web/net/crw_cert_verification_controller.h
diff --git a/ios/web/net/crw_cert_verification_controller.h b/ios/web/net/crw_cert_verification_controller.h
index 06ff635836431f0de9110a33a1eacc180028b721..4ed55805348774481d609a0c9477efb79c6af714 100644
--- a/ios/web/net/crw_cert_verification_controller.h
+++ b/ios/web/net/crw_cert_verification_controller.h
@@ -8,6 +8,7 @@
 #import <Foundation/Foundation.h>
 
 #import "base/memory/ref_counted.h"
+#include "ios/web/public/security_style.h"
 #include "net/cert/cert_status_flags.h"
 
 namespace net {
@@ -32,6 +33,8 @@ typedef NS_ENUM(NSInteger, CertAcceptPolicy) {
 
 // Completion handler called by decidePolicyForCert:host:completionHandler:.
 typedef void (^PolicyDecisionHandler)(web::CertAcceptPolicy, net::CertStatus);
+// Completion handler called by decidePolicyForCert:host:completionHandler:.
+typedef void (^StatusQueryHandler)(web::SecurityStyle, net::CertStatus);
 
 }  // namespace web
 
@@ -49,14 +52,20 @@ typedef void (^PolicyDecisionHandler)(web::CertAcceptPolicy, net::CertStatus);
 
 // TODO(eugenebut): add API for:
 // - accepting bad SSL cert using CertPolicyCache
-// - querying SSL cert status for Navigation Item
 
 // Decides the policy for the given |cert| for the given |host| and calls
 // |completionHandler| on completion. |completionHandler| cannot be null and
 // will be called synchronously or asynchronously on UI thread.
 - (void)decidePolicyForCert:(const scoped_refptr<net::X509Certificate>&)cert
                        host:(NSString*)host
-          completionHandler:(web::PolicyDecisionHandler)handler;
+          completionHandler:(web::PolicyDecisionHandler)completionHandler;
+
+// Asynchronously returns web::SecurityStyle and net::CertStatus for the given
+// |certificateChain| (an NSArray of SecSertificateRef objects) and |host|.

[Ryan Sleevi, 2015/09/19 12:45:37]

Document what form host is

It in URL form? DNS form? Something else?

For example, if I load https://[::1], will, I get "[::1]" or "::1" ?
If I load "名がドメイン.com" will I get "名がドメイン.com" or "xn--v8jxj3d1dzdz08w.com" ?

[Eugene But (OOO till 7-30), 2015/09/21 17:23:39]

If you load "https://[::1]" then host will be "::1".
If you load "http://名がドメイン.com" you will get "xn--v8jxj3d1dzdz08w.com". 

I guess this is DNS form, so I updated comments accordingly. Please let me know
if it's not DNS form, but something else.

+// |certificateChain| cannot be null or empty.
+- (void)querySSLStatusForCertChain:(NSArray*)certChain
+                              host:(NSString*)host
+                 completionHandler:(web::StatusQueryHandler)completionHandler;
 
 // Cancels all pending verification requests. Completion handlers will not be
 // called after |shutDown| call. Must always be called before object's