Plumbing SSLPrivateKey (//net)

remoting/host/token_validator_base.cc

Index: remoting/host/token_validator_base.cc
diff --git a/remoting/host/token_validator_base.cc b/remoting/host/token_validator_base.cc
index a035f417f694b121640496600606db25339d0db3..a0a31f94289a810857bff7f9c46cb9e48aa3a032 100644
--- a/remoting/host/token_validator_base.cc
+++ b/remoting/host/token_validator_base.cc
@@ -27,6 +27,8 @@
 #include "net/ssl/client_cert_store_mac.h"
 #endif
 #include "net/ssl/ssl_cert_request_info.h"
+#include "net/ssl/ssl_platform_key.h"
+#include "net/ssl/ssl_private_key.h"
 #include "net/url_request/url_request.h"
 #include "net/url_request/url_request_context.h"
 #include "net/url_request/url_request_status.h"
@@ -154,11 +156,14 @@ void TokenValidatorBase::OnCertificatesSelected(
     for (size_t i = 0; i < selected_certs->size(); ++i) {
       if (issuer == kCertIssuerWildCard ||
           issuer == (*selected_certs)[i]->issuer().common_name) {
-        request_->ContinueWithCertificate((*selected_certs)[i].get());
+        scoped_refptr<net::SSLPrivateKey> private_key =

[Sergey Ulanov, 2015/11/11 19:05:02]

nit: this code would be shorter and more readable as follows:
  net::X509Certificate* cert = (*selected_certs)[i].get();
  if (issuer == kCertIssuerWildCard ||
      issuer == cert->issuer().common_name) {
    request_->ContinueWithCertificate(
        cert, net::FetchClientCertPrivateKey(cert));
  }

This particularly avoids duplication of the (*selected_certs)[i].get()
expression. Alternative

[svaldez, 2015/11/16 21:36:22]

Done.

+            net::FetchClientCertPrivateKey((*selected_certs)[i].get());
+        request_->ContinueWithCertificate((*selected_certs)[i].get(),
+                                          private_key.get());
         return;
       }
     }
-    request_->ContinueWithCertificate(nullptr);
+    request_->ContinueWithCertificate(nullptr, nullptr);
   }
 }