Expose when PKP is bypassed in SSLInfo.

net/socket/ssl_client_socket_impl.cc

Index: net/socket/ssl_client_socket_impl.cc
diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc
index 12867ad2e3a3d44dc10e6373c346b4e2af7adfa0..59141c1209f35df4d858d0c5b38954cd1aff0969 100644
--- a/net/socket/ssl_client_socket_impl.cc
+++ b/net/socket/ssl_client_socket_impl.cc
@@ -799,6 +799,7 @@ bool SSLClientSocketImpl::GetSSLInfo(SSLInfo* ssl_info) {
   ssl_info->cert_status = server_cert_verify_result_.cert_status;
   ssl_info->is_issued_by_known_root =
       server_cert_verify_result_.is_issued_by_known_root;
+  ssl_info->pkp_bypassed = server_cert_verify_result_.pkp_bypassed;
   ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes;
   ssl_info->client_cert_sent =
       ssl_config_.send_client_cert && ssl_config_.client_cert.get();
@@ -1351,7 +1352,10 @@ int SSLClientSocketImpl::DoVerifyCertComplete(int result) {
           server_cert_verify_result_.public_key_hashes, server_cert_.get(),
           server_cert_verify_result_.verified_cert.get(),
           TransportSecurityState::ENABLE_PIN_REPORTS, &pinning_failure_log_)) {
-    result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN;
+    if (server_cert_verify_result_.is_issued_by_known_root)
+      result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN;
+    else
+      server_cert_verify_result_.pkp_bypassed = true;

[Ryan Sleevi, 2016/06/09 22:09:05]

Here, it'd be a local member that then gets populated to the ssl_info above

   }
 
   if (result == OK) {