ChromeOS: only use CertVerifyProcChromeOS if multiprofiles is allowed.

chrome/browser/io_thread.cc

Index: chrome/browser/io_thread.cc
diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc
index f8ea00c9b531f50991762a9cff38f8512e80c944..bd4e5d975ae5ac0ecf888aca11ed04a0d55a1b3a 100644
--- a/chrome/browser/io_thread.cc
+++ b/chrome/browser/io_thread.cc
@@ -107,6 +107,7 @@
 #endif
 
 #if defined(OS_CHROMEOS)
+#include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h"
 #endif
 
@@ -552,13 +553,16 @@ void IOThread::InitAsync() {
   globals_->host_resolver = CreateGlobalHostResolver(net_log_);
   UpdateDnsClientEnabled();
 #if defined(OS_CHROMEOS)
-  // Creates a CertVerifyProc that doesn't allow any profile-provided certs.
-  globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
-      new chromeos::CertVerifyProcChromeOS()));
-#else
-  globals_->cert_verifier.reset(
-      new net::MultiThreadedCertVerifier(net::CertVerifyProc::CreateDefault()));
+  if (chromeos::UserManager::IsMultipleProfilesAllowed()) {
+    // Creates a CertVerifyProc that doesn't allow any profile-provided certs.
+    globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
+        new chromeos::CertVerifyProcChromeOS()));
+  } else // Fallthrough to normal verifier if multiprofiles are not allowed.

[Lei Zhang, 2014/02/13 01:38:38]

You may want // NOLINT here, otherwise presubmit checks will always complain.
Also, two spaces before //

[mattm, 2014/02/13 01:47:20]

Thanks, done.

 #endif
+  {
+    globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
+        net::CertVerifyProc::CreateDefault()));
+  }
   globals_->transport_security_state.reset(new net::TransportSecurityState());
 #if !defined(USE_OPENSSL)
   // For now, Certificate Transparency is only implemented for platforms