Build remoting for PNaCl

remoting/protocol/ssl_hmac_channel_authenticator.cc

Index: remoting/protocol/ssl_hmac_channel_authenticator.cc
diff --git a/remoting/protocol/ssl_hmac_channel_authenticator.cc b/remoting/protocol/ssl_hmac_channel_authenticator.cc
index d8afa81714565bae11a863d1d63777a01a7a1610..cf60c52d0ca6d0b8798c466ca297ef18b0244ec7 100644
--- a/remoting/protocol/ssl_hmac_channel_authenticator.cc
+++ b/remoting/protocol/ssl_hmac_channel_authenticator.cc
@@ -10,12 +10,12 @@
 #include "net/base/host_port_pair.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
-#include "net/cert/cert_verifier.h"
 #include "net/cert/x509_certificate.h"
 #include "net/http/transport_security_state.h"
 #include "net/socket/client_socket_factory.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/socket/ssl_client_socket.h"
+#include "net/socket/ssl_client_socket_openssl.h"
 #include "net/socket/ssl_server_socket.h"
 #include "net/ssl/ssl_config_service.h"
 #include "remoting/base/rsa_key_pair.h"
@@ -64,6 +64,11 @@ void SslHmacChannelAuthenticator::SecureAndAuthenticate(
 
   int result;
   if (is_ssl_server()) {
+#if defined(OS_NACL)
+    // Client plugin uses only client SSL sockets.

[Jamie, 2014/04/14 22:23:42]

s/Client plugin/NaCl client/?

[Sergey Ulanov, 2014/04/14 23:16:51]

The comment is correct. Updated it to make it clear why this code needs to be
disabled for NaCl.

+    NOTREACHED();
+    result = net::ERR_FAILED;
+#else
     scoped_refptr<net::X509Certificate> cert =
         net::X509Certificate::CreateFromBytes(
             local_cert_.data(), local_cert_.length());
@@ -86,8 +91,8 @@ void SslHmacChannelAuthenticator::SecureAndAuthenticate(
     result = raw_server_socket->Handshake(
         base::Bind(&SslHmacChannelAuthenticator::OnConnected,
                    base::Unretained(this)));
+#endif
   } else {
-    cert_verifier_.reset(net::CertVerifier::CreateDefault());
     transport_security_state_.reset(new net::TransportSecurityState);
 
     net::SSLConfig::CertAndStatus cert_and_status;
@@ -105,13 +110,22 @@ void SslHmacChannelAuthenticator::SecureAndAuthenticate(
 
     net::HostPortPair host_and_port(kSslFakeHostName, 0);
     net::SSLClientSocketContext context;
-    context.cert_verifier = cert_verifier_.get();
+    // Don't need cert verifier.
+    context.cert_verifier = NULL;
     context.transport_security_state = transport_security_state_.get();
-    scoped_ptr<net::ClientSocketHandle> connection(new net::ClientSocketHandle);
-    connection->SetSocket(socket.Pass());
+    scoped_ptr<net::ClientSocketHandle> socket_handle(
+        new net::ClientSocketHandle);
+    socket_handle->SetSocket(socket.Pass());
+
+#if defined(OS_NACL)
+    // net_nacl doesn't include ClientSocketFactory.
+    socket_.reset(new net::SSLClientSocketOpenSSL(
+        socket_handle.Pass(), host_and_port, ssl_config, context));
+#else
     socket_ =
         net::ClientSocketFactory::GetDefaultFactory()->CreateSSLClientSocket(
-            connection.Pass(), host_and_port, ssl_config, context);
+            socket_handle.Pass(), host_and_port, ssl_config, context);
+#endif
 
     result = socket_->Connect(
         base::Bind(&SslHmacChannelAuthenticator::OnConnected,