Require a CTVerifier and CTPolicyEnforcer for TLS/QUIC sockets

remoting/signaling/xmpp_signal_strategy.cc

Index: remoting/signaling/xmpp_signal_strategy.cc
diff --git a/remoting/signaling/xmpp_signal_strategy.cc b/remoting/signaling/xmpp_signal_strategy.cc
index 4e25ccbf9fe0f2160c7760d7a5ccc47dd8c64d86..00fe3edb5799ae665c02978e8e0a5907d9f154d5 100644
--- a/remoting/signaling/xmpp_signal_strategy.cc
+++ b/remoting/signaling/xmpp_signal_strategy.cc
@@ -21,6 +21,8 @@
 #include "base/timer/timer.h"
 #include "jingle/glue/proxy_resolving_client_socket.h"
 #include "net/cert/cert_verifier.h"
+#include "net/cert/ct_policy_enforcer.h"
+#include "net/cert/multi_log_ct_verifier.h"
 #include "net/http/transport_security_state.h"
 #include "net/socket/client_socket_factory.h"
 #include "net/socket/client_socket_handle.h"
@@ -120,6 +122,8 @@ class XmppSignalStrategy::Core : public XmppLoginHandler::Delegate {
   // Used by the |socket_|.
   std::unique_ptr<net::CertVerifier> cert_verifier_;
   std::unique_ptr<net::TransportSecurityState> transport_security_state_;
+  std::unique_ptr<net::CTVerifier> cert_transparency_verifier_;
+  std::unique_ptr<net::CTPolicyEnforcer> ct_policy_enforcer_;
 
   std::unique_ptr<net::StreamSocket> socket_;
   std::unique_ptr<BufferedSocketWriter> writer_;
@@ -294,9 +298,13 @@ void XmppSignalStrategy::Core::StartTls() {
 
   cert_verifier_ = net::CertVerifier::CreateDefault();
   transport_security_state_.reset(new net::TransportSecurityState());
+  cert_transparency_verifier_.reset(new net::MultiLogCTVerifier());
+  ct_policy_enforcer_.reset(new net::CTPolicyEnforcer());
   net::SSLClientSocketContext context;
   context.cert_verifier = cert_verifier_.get();
   context.transport_security_state = transport_security_state_.get();
+  context.cert_transparency_verifier = cert_transparency_verifier_.get();
+  context.ct_policy_enforcer = ct_policy_enforcer_.get();
 
   socket_ = socket_factory_->CreateSSLClientSocket(
       std::move(socket_handle),