Use network time for bad clock interstitial.

components/ssl_errors/error_classification.h

Index: components/ssl_errors/error_classification.h
diff --git a/components/ssl_errors/error_classification.h b/components/ssl_errors/error_classification.h
index d15adb292fc80c3e59a27d4875bfeb0455099c73..5afbecfe15d99b734abe7611c6fce73b2f1c1dc3 100644
--- a/components/ssl_errors/error_classification.h
+++ b/components/ssl_errors/error_classification.h
@@ -18,6 +18,10 @@ namespace net {
 class X509Certificate;
 }
 
+namespace network_time {
+class NetworkTimeTracker;
+}
+
 namespace ssl_errors {
 
 typedef std::vector<std::string> HostnameTokens;
@@ -25,11 +29,13 @@ typedef std::vector<std::string> HostnameTokens;
 // Methods for identifying specific error causes. ------------------------------
 
 // Returns true if the system time is in the past.
-bool IsUserClockInThePast(const base::Time& time_now);
+bool IsUserClockAhead(const base::Time& time_now,

[estark, 2016/03/08 23:17:36]

My brain might not be doing logic correctly but it looks to me like the comments
on IsUserClockAhead() and IsUserClockBehind() are reversed and don't match up
with the new names? Also just curious why you decided to change the function
names. (I don't really have a preference for the old or the new.)

And, I think the comments need to be expanded with a little more detail now that
these functions are a bit more complicated. For example, "Returns true if the
system time is in the past, as indicated by network time when available or as
estimated using a heuristic based on build time, when network time is not
available." Maybe something like that?

[estark, 2016/03/08 23:17:36]

Can you name these |now_system|, like you did in the definition?

[mab, 2016/03/09 23:35:28]

I changed it to be shorter, but I've changed it back, since apparently I managed
to confuse myself with the new names.

Hopefully the comments on the new enum speak to what you are looking for.

[mab, 2016/03/09 23:35:28]

Done.

+                      const network_time::NetworkTimeTracker* network_time);
 
 // Returns true if the system time is too far in the future or the user is
 // using a version of Chrome which is more than 1 year old.
-bool IsUserClockInTheFuture(const base::Time& time_now);
+bool IsUserClockBehind(const base::Time& time_now,
+                       const network_time::NetworkTimeTracker* network_time);
 
 // Returns true if |hostname| is too broad for the scope of a wildcard
 // certificate. E.g.:
@@ -67,6 +73,7 @@ bool GetWWWSubDomainMatch(const GURL& request_url,
 
 void RecordUMAStatistics(bool overridable,
                          const base::Time& current_time,
+                         const network_time::NetworkTimeTracker* network_time,
                          const GURL& request_url,
                          int cert_error,
                          const net::X509Certificate& cert);