Make OpenSSL UpdateServerCert() OS independent.

net/socket/ssl_client_socket_openssl.h

Index: net/socket/ssl_client_socket_openssl.h
diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h
index 5f4800a08de3ee71114e706e43dfae353f0fb23a..1f417417c05f2e06c0da0306507ad35b44067821 100644
--- a/net/socket/ssl_client_socket_openssl.h
+++ b/net/socket/ssl_client_socket_openssl.h
@@ -31,6 +31,7 @@ typedef struct x509_st X509;
 namespace net {
 
 class CertVerifier;
+class PeerCertificateChain;

[wtc, 2014/03/10 21:45:34]

This class is in the net namespace and is defined in the
ssl_client_socket_openssl.cc file. This is uncommon in the Chromium source tree.
Usually we would nest this kind of class inside SSLClientSocketOpenSSL.

[haavardm, 2014/03/11 18:43:21]

Done.

 class SingleRequestCertVerifier;
 class SSLCertRequestInfo;
 class SSLInfo;
@@ -59,6 +60,9 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   virtual NextProtoStatus GetNextProto(std::string* proto,
                                        std::string* server_protos) OVERRIDE;
   virtual ServerBoundCertService* GetServerBoundCertService() const OVERRIDE;
+  // For unit testing only.
+  virtual const scoped_refptr<X509Certificate> GetUnverifiedServerCertificate()

[wtc, 2014/03/10 21:45:34]

Here you list the method under an "SSLClientSocket implementation" section
correctly. So the only issue is whether this method should be public or private.

[Ryan Sleevi, 2014/03/11 00:15:15]

Yeah, not a fan of exposing this publicly.

[haavardm, 2014/03/11 18:43:21]

Done.

+      const OVERRIDE;
 
   // SSLSocket implementation.
   virtual int ExportKeyingMaterial(const base::StringPiece& label,
@@ -169,6 +173,7 @@ class SSLClientSocketOpenSSL : public SSLClientSocket {
   int transport_write_error_;
 
   // Set when handshake finishes.
+  scoped_ptr<PeerCertificateChain> server_cert_chain_;
   scoped_refptr<X509Certificate> server_cert_;
   CertVerifyResult server_cert_verify_result_;
   bool completed_handshake_;