Make OpenSSL UpdateServerCert() OS independent.

net/socket/ssl_client_socket.h

Index: net/socket/ssl_client_socket.h
diff --git a/net/socket/ssl_client_socket.h b/net/socket/ssl_client_socket.h
index 410062dc5a9b9798214233b7a5ecf2b79dd54359..9bd31857e502188da53912513fc9471970af7bb5 100644
--- a/net/socket/ssl_client_socket.h
+++ b/net/socket/ssl_client_socket.h
@@ -23,6 +23,7 @@ class SSLCertRequestInfo;
 struct SSLConfig;
 class SSLInfo;
 class TransportSecurityState;
+class X509Certificate;
 
 // This struct groups together several fields which are used by various
 // classes related to SSLClientSocket.
@@ -162,6 +163,13 @@ class NET_EXPORT SSLClientSocket : public SSLSocket {
                            ConnectSignedCertTimestampsEnabledOCSP);
   FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest,
                            ConnectSignedCertTimestampsDisabled);
+  FRIEND_TEST_ALL_PREFIXES(SSLClientSocketTest,
+                           VerifyServerChainProperlyOrdered);
+
+  // Returns the certificate chain as presented by server.
+  // For unit testing only.
+  virtual const scoped_refptr<X509Certificate> GetUnverifiedServerCertificate()

[wtc, 2014/03/10 21:45:34]

1. Nit: change "ServerCertificate" to "ServerCertChain" to make it clear the
returned X509Certificate object also contains the CA certificates presented by
the server.

2. I am not familiar with this aspect of C++, but it seems strange to see a
*private* virtual method. I would think this needs to be protected to allow
subclasses to override this method. Perhaps the "private" keyword just means
only this class can *call* this method, and doesn't care which class can
override this method.

3. Nit: in the comment you may want to point out that the cert returned by the
GetSSLInfo method is a verified certificate chain, which may be different. This
difference may not be obvious to someone unfamiliar with this code.

[Ryan Sleevi, 2014/03/11 00:15:15]

Yeah, seems like this should be protected.

[haavardm, 2014/03/11 18:43:21]

It doesn't have to be protected to allow subclasses to override it, only for
letting subclasses call it. Letting it be private here and public in the
subclass have the affect that you can call the function if you have a instance
of subclass. If you only have a instance of this class you cannot call it. The
idea was that no code having a SSLClientSocketOpenSSL instance should be able to
call GetUnverifiedServerCertificate(), while it could be interesting for
internal socket code to call it when having a nss/openssl instance or one of the
test ssl socket implementations.

I realize it can be a bit confusing though, so I'll make all of them protected
instead.

[haavardm, 2014/03/11 18:43:21]

Done.

+      const = 0;
 
   // True if NPN was responded to, independent of selecting SPDY or HTTP.
   bool was_npn_negotiated_;