Require a CTVerifier and CTPolicyEnforcer for TLS/QUIC sockets

content/browser/renderer_host/pepper/ssl_context_helper.h

Index: content/browser/renderer_host/pepper/ssl_context_helper.h
diff --git a/content/browser/renderer_host/pepper/ssl_context_helper.h b/content/browser/renderer_host/pepper/ssl_context_helper.h
index c83afa4233147670fa54bcc67cf6da1852bb6602..d2b880ec96e3d3eca17079def88c309adfcebead 100644
--- a/content/browser/renderer_host/pepper/ssl_context_helper.h
+++ b/content/browser/renderer_host/pepper/ssl_context_helper.h
@@ -13,6 +13,8 @@
 
 namespace net {
 class CertVerifier;
+class CTPolicyEnforcer;
+class CTVerifier;
 class TransportSecurityState;
 }
 
@@ -24,6 +26,8 @@ class SSLContextHelper : public base::RefCounted<SSLContextHelper> {
 
   net::CertVerifier* GetCertVerifier();
   net::TransportSecurityState* GetTransportSecurityState();
+  net::CTVerifier* GetCertTransparencyVerifier();
+  net::CTPolicyEnforcer* GetCTPolicyEnforcer();
   const net::SSLConfig& ssl_config() { return ssl_config_; }
 
  private:
@@ -36,6 +40,12 @@ class SSLContextHelper : public base::RefCounted<SSLContextHelper> {
   // This is lazily created. Users should use GetTransportSecurityState to
   // retrieve it.
   std::unique_ptr<net::TransportSecurityState> transport_security_state_;
+  // This is lazily created. Users should use GetCertTransparencyVerifier to
+  // retrieve it.
+  std::unique_ptr<net::CTVerifier> cert_transparency_verifier_;
+  // This is lazily created. Users should use GetCTPolicyEnforcer to
+  // retrieve it.
+  std::unique_ptr<net::CTPolicyEnforcer> ct_policy_enforcer_;
 
   // The default SSL configuration settings are used, as opposed to Chrome's SSL
   // settings.