Get ClientCertStore through ResourceContext.

net/ssl/client_cert_store_impl_mac.cc

Index: net/ssl/client_cert_store_impl_mac.cc
diff --git a/net/ssl/client_cert_store_impl_mac.cc b/net/ssl/client_cert_store_impl_mac.cc
index 33457358f1e7d60ff914e670c9b9fff8093b9cd7..7892e5cf73bc516bcbf46a97e412916a80107fb5 100644
--- a/net/ssl/client_cert_store_impl_mac.cc
+++ b/net/ssl/client_cert_store_impl_mac.cc
@@ -13,6 +13,7 @@
 #include <algorithm>
 #include <string>
 
+#include "base/callback.h"
 #include "base/logging.h"
 #include "base/mac/mac_logging.h"
 #include "base/mac/scoped_cftyperef.h"
@@ -172,8 +173,9 @@ bool GetClientCertsImpl(const scoped_refptr<X509Certificate>& preferred_cert,
 
 }  // namespace
 
-bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
-                                         CertificateList* selected_certs) {
+void ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
+                                         CertificateList* selected_certs,
+                                         const base::Closure& callback) {
   std::string server_domain =
       HostPortPair::FromString(request.host_and_port).host();
 
@@ -205,8 +207,10 @@ bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
     base::AutoLock lock(crypto::GetMacSecurityServicesLock());
     err = SecIdentitySearchCreate(NULL, CSSM_KEYUSE_SIGN, &search);
   }
-  if (err)
-    return false;
+  if (err) {
+    callback.Run();
+    return;

[wtc, 2013/10/28 19:41:12]

Does this change means we can no longer report an error. Is this OK because
reporting an error would not be useful, so to the user an error is
indistinguishable from an empty selected_certs?

Note: This comment also applies to the _win.cc file. (The version of this method
in the _nss.cc file doesn't return false in the original code.)

[mattm, 2013/10/28 23:56:16]

Yeah, the UI wasn't actually using the error return code, so I just removed it
to keep things simple.

+  }
   ScopedCFTypeRef<SecIdentitySearchRef> scoped_search(search);
   while (!err) {
     SecIdentityRef identity = NULL;
@@ -239,11 +243,13 @@ bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
 
   if (err != errSecItemNotFound) {
     OSSTATUS_LOG(ERROR, err) << "SecIdentitySearch error";
-    return false;
+    callback.Run();
+    return;
   }
 
-  return GetClientCertsImpl(preferred_cert, regular_certs, request, true,
-                            selected_certs);
+  GetClientCertsImpl(preferred_cert, regular_certs, request, true,
+                     selected_certs);
+  callback.Run();
 }
 
 bool ClientCertStoreImpl::SelectClientCertsForTesting(