Support for client certs in ssl_server_socket.

net/socket/ssl_server_socket_openssl.h

Index: net/socket/ssl_server_socket_openssl.h
diff --git a/net/socket/ssl_server_socket_openssl.h b/net/socket/ssl_server_socket_openssl.h
index c64f070599f40249a4b9c2b17597dc26b3b4ee62..753f2984df5c118c12763b076b913fb7bdbe0c52 100644
--- a/net/socket/ssl_server_socket_openssl.h
+++ b/net/socket/ssl_server_socket_openssl.h
@@ -19,6 +19,7 @@
 typedef struct bio_st BIO;
 // <openssl/ssl.h>
 typedef struct ssl_st SSL;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
 
 namespace net {
 
@@ -31,7 +32,8 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {
   SSLServerSocketOpenSSL(scoped_ptr<StreamSocket> socket,
                          scoped_refptr<X509Certificate> certificate,
                          crypto::RSAPrivateKey* key,
-                         const SSLServerConfig& ssl_config);
+                         const SSLServerConfig& ssl_server_config,
+                         const SSLServerSocketContext& context);
   ~SSLServerSocketOpenSSL() override;
 
   // SSLServerSocket interface.
@@ -104,6 +106,8 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {
   void DoWriteCallback(int result);
 
   int Init();
+  void ExtractClientCert();
+  static int CertVerifyCallback(X509_STORE_CTX* store_ctx, void* arg);
 
   // Members used to send and receive buffer.
   bool transport_send_busy_;
@@ -139,7 +143,10 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {
   scoped_ptr<StreamSocket> transport_socket_;
 
   // Options for the SSL socket.
-  SSLServerConfig ssl_config_;
+  SSLServerConfig ssl_server_config_;
+
+  // Additional info for SSL socket.
+  SSLServerSocketContext context_;
 
   // Certificate for the server.
   scoped_refptr<X509Certificate> cert_;
@@ -147,6 +154,9 @@ class SSLServerSocketOpenSSL : public SSLServerSocket {
   // Private key used by the server.
   scoped_ptr<crypto::RSAPrivateKey> key_;
 
+  // Certificate for the client.
+  scoped_refptr<X509Certificate> client_cert_;
+
   State next_handshake_state_;
   bool completed_handshake_;