Cast device revocation checking.

extensions/browser/api/cast_channel/cast_auth_util.cc

Index: extensions/browser/api/cast_channel/cast_auth_util.cc
diff --git a/extensions/browser/api/cast_channel/cast_auth_util.cc b/extensions/browser/api/cast_channel/cast_auth_util.cc
index 451058b03581e12b9f2ddaa05787490161588138..221237cd258e7256a223c6829d23e50d2d1e7aa2 100644
--- a/extensions/browser/api/cast_channel/cast_auth_util.cc
+++ b/extensions/browser/api/cast_channel/cast_auth_util.cc
@@ -151,9 +151,12 @@ AuthResult VerifyCredentials(const AuthResponse& response,
   base::Time::Exploded now;
   base::Time::Now().UTCExplode(&now);
 
+  // CRL should not be enforced until it is served.
+  cast_crypto::CRLOptions crl_options;
+  crl_options.crl_required = false;
   cast_crypto::CastDeviceCertPolicy device_policy;
   if (!cast_crypto::VerifyDeviceCert(cert_chain, now, &verification_context,
-                                     &device_policy)) {
+                                     &device_policy, nullptr, crl_options)) {
     // TODO(eroman): The error information was lost; this error is ambiguous.
     return AuthResult("Failed verifying cast device certificate",
                       AuthResult::ERROR_CERT_NOT_SIGNED_BY_TRUSTED_CA);