This CL is a follow up to https://codereview.chromium.org/416683002/.

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <errno.h>
@@ skipping 330 matching lines @@
     const HostPortPair& host_and_port,
     const SSLConfig& ssl_config,
     const SSLClientSocketContext& context)
     : transport_send_busy_(false),
       transport_recv_busy_(false),
       weak_factory_(this),
       pending_read_error_(kNoPendingReadResult),
       transport_read_error_(OK),
       transport_write_error_(OK),
       server_cert_chain_(new PeerCertificateChain(NULL)),
-      completed_handshake_(false),
+      completed_connect_(false),
       was_ever_used_(false),
       client_auth_cert_needed_(false),
       cert_verifier_(context.cert_verifier),
       channel_id_service_(context.channel_id_service),
       ssl_(NULL),
       transport_bio_(NULL),
       transport_(transport_socket.Pass()),
       host_and_port_(host_and_port),
       ssl_config_(ssl_config),
       ssl_session_cache_shard_(context.ssl_session_cache_shard),
       trying_cached_session_(false),
       next_handshake_state_(STATE_NONE),
       npn_status_(kNextProtoUnsupported),
       channel_id_xtn_negotiated_(false),
-      ran_handshake_finished_callback_(false),
+      handshake_succeeded_(false),
       marked_session_as_good_(false),
       net_log_(transport_->socket()->NetLog()) {
 }
 
 SSLClientSocketOpenSSL::~SSLClientSocketOpenSSL() {
   Disconnect();
 }
 
 bool SSLClientSocketOpenSSL::InSessionCache() const {
   SSLContext* context = SSLContext::GetInstance();
@@ skipping 109 matching lines @@
   user_read_buf_         = NULL;
   user_read_buf_len_     = 0;
   user_write_buf_        = NULL;
   user_write_buf_len_    = 0;
 
   pending_read_error_ = kNoPendingReadResult;
   transport_read_error_ = OK;
   transport_write_error_ = OK;
 
   server_cert_verify_result_.Reset();
-  completed_handshake_ = false;
+  completed_connect_ = false;
 
   cert_authorities_.clear();
   cert_key_types_.clear();
   client_auth_cert_needed_ = false;
 
   npn_status_ = kNextProtoUnsupported;
   npn_proto_.clear();
 
   channel_id_xtn_negotiated_ = false;
   channel_id_request_handle_.Cancel();
 }
 
 bool SSLClientSocketOpenSSL::IsConnected() const {
   // If the handshake has not yet completed.
-  if (!completed_handshake_)
+  if (!completed_connect_)
     return false;
   // If an asynchronous operation is still pending.
   if (user_read_buf_.get() || user_write_buf_.get())
     return true;
 
   return transport_->socket()->IsConnected();
 }
 
 bool SSLClientSocketOpenSSL::IsConnectedAndIdle() const {
   // If the handshake has not yet completed.
-  if (!completed_handshake_)
+  if (!completed_connect_)
     return false;
   // If an asynchronous operation is still pending.
   if (user_read_buf_.get() || user_write_buf_.get())
     return false;
   // If there is data waiting to be sent, or data read from the network that
   // has not yet been consumed.
   if (BIO_pending(transport_bio_) > 0 ||
       BIO_wpending(transport_bio_) > 0) {
     return false;
   }
@@ skipping 139 matching lines @@
 }
 
 int SSLClientSocketOpenSSL::SetReceiveBufferSize(int32 size) {
   return transport_->socket()->SetReceiveBufferSize(size);
 }
 
 int SSLClientSocketOpenSSL::SetSendBufferSize(int32 size) {
   return transport_->socket()->SetSendBufferSize(size);
 }
 
-// static
-void SSLClientSocketOpenSSL::InfoCallback(const SSL* ssl,
-                                          int result,
-                                          int /*unused*/) {
-  SSLClientSocketOpenSSL* ssl_socket =
-      SSLContext::GetInstance()->GetClientSocketFromSSL(ssl);
-  if (result == SSL_CB_HANDSHAKE_DONE) {
-    ssl_socket->ran_handshake_finished_callback_ = true;
-    ssl_socket->CheckIfHandshakeFinished();
-  }
-}
-
 int SSLClientSocketOpenSSL::Init() {
   DCHECK(!ssl_);
   DCHECK(!transport_bio_);
 
   SSLContext* context = SSLContext::GetInstance();
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
 
   ssl_ = SSL_new(context->ssl_ctx());
   if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this))
     return ERR_UNEXPECTED;
 
   if (!SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str()))
     return ERR_UNEXPECTED;
 
   // Set an OpenSSL callback to monitor this SSL*'s connection.
   SSL_set_info_callback(ssl_, &InfoCallback);
 
   trying_cached_session_ = context->session_cache()->SetSSLSessionWithKey(
       ssl_, GetSessionCacheKey());
 
   BIO* ssl_bio = NULL;
   // 0 => use default buffer sizes.
   if (!BIO_new_bio_pair(&ssl_bio, 0, &transport_bio_, 0))
     return ERR_UNEXPECTED;
   DCHECK(ssl_bio);
   DCHECK(transport_bio_);
 
   // Install a callback on OpenSSL's end to plumb transport errors through.
-  BIO_set_callback(ssl_bio, &SSLClientSocketOpenSSL::BIOCallback);
+  BIO_set_callback(ssl_bio, BIOCallback);
   BIO_set_callback_arg(ssl_bio, reinterpret_cast<char*>(this));
 
   SSL_set_bio(ssl_, ssl_bio, ssl_bio);
 
   // OpenSSL defaults some options to on, others to off. To avoid ambiguity,
   // set everything we care about to an absolute value.
   SslSetClearMask options;
   options.ConfigureFlag(SSL_OP_NO_SSLv2, true);
   bool ssl3_enabled = (ssl_config_.version_min == SSL_PROTOCOL_VERSION_SSL3);
   options.ConfigureFlag(SSL_OP_NO_SSLv3, !ssl3_enabled);
@@ skipping 306 matching lines @@
     // TODO(joth): Work out if we need to remember the intermediate CA certs
     // when the server sends them to us, and do so here.
     SSLContext::GetInstance()->session_cache()->MarkSSLSessionAsGood(ssl_);
     marked_session_as_good_ = true;
     CheckIfHandshakeFinished();
   } else {
     DVLOG(1) << "DoVerifyCertComplete error " << ErrorToString(result)
              << " (" << result << ")";
   }
 
-  completed_handshake_ = true;
+  completed_connect_ = true;
   // Exit DoHandshakeLoop and return the result to the caller to Connect.
   DCHECK_EQ(STATE_NONE, next_handshake_state_);
   return result;
 }
 
 void SSLClientSocketOpenSSL::DoConnectCallback(int rv) {
   if (rv < OK)
     OnHandshakeCompletion();
   if (!user_connect_callback_.is_null()) {
     CompletionCallback c = user_connect_callback_;
@@ skipping 419 matching lines @@
     *pkey = privkey.release();
     return 1;
   }
 #endif  // defined(OS_IOS)
 
   // Send no client certificate.
   return 0;
 }
 
 int SSLClientSocketOpenSSL::CertVerifyCallback(X509_STORE_CTX* store_ctx) {
-  if (!completed_handshake_) {
+  if (!completed_connect_) {
     // If the first handshake hasn't completed then we accept any certificates
     // because we verify after the handshake.
     return 1;
   }
 
   CHECK(server_cert_.get());
 
   PeerCertificateChain chain(store_ctx->untrusted);
   if (chain.IsValid() && server_cert_->Equals(chain.AsOSChain()))
     return 1;
@@ skipping 79 matching lines @@
     // write payload. If the current payload fails to write, the error will be
     // reported in a future write or read to |bio|.
     if (transport_write_error_ != OK) {
       OpenSSLPutNetError(FROM_HERE, transport_write_error_);
       return -1;
     }
   }
   return retvalue;
 }
 
-// Determines if the session for |ssl_| is in the cache, and calls the
-// handshake completion callback if that is the case.
-//
-// CheckIfHandshakeFinished is called twice per connection: once after
-// MarkSSLSessionAsGood, when the certificate has been verified, and
-// once via an OpenSSL callback when the handshake has completed. On the
-// second call, when the certificate has been verified and the handshake
-// has completed, the connection's handshake completion callback is run.
-void SSLClientSocketOpenSSL::CheckIfHandshakeFinished() {
-  if (ran_handshake_finished_callback_ && marked_session_as_good_)
-    OnHandshakeCompletion();
-}
-
 // static
 long SSLClientSocketOpenSSL::BIOCallback(
     BIO *bio,
     int cmd,
     const char *argp, int argi, long argl,
     long retvalue) {
   SSLClientSocketOpenSSL* socket = reinterpret_cast<SSLClientSocketOpenSSL*>(
       BIO_get_callback_arg(bio));
   CHECK(socket);
   return socket->MaybeReplayTransportError(
       bio, cmd, argp, argi, argl, retvalue);
 }
 
+// static
+void SSLClientSocketOpenSSL::InfoCallback(const SSL* ssl,
+                                          int type,
+                                          int /*val*/) {
+  if (type == SSL_CB_HANDSHAKE_DONE) {
+    SSLClientSocketOpenSSL* ssl_socket =
+        SSLContext::GetInstance()->GetClientSocketFromSSL(ssl);
+    ssl_socket->handshake_succeeded_ = true;
+    ssl_socket->CheckIfHandshakeFinished();
+  }
+}
+
+// Determines if both the handshake and certificate verification have completed
+// successfully, and calls the handshake completion callback if that is the
+// case.
+//
+// CheckIfHandshakeFinished is called twice per connection: once after
+// MarkSSLSessionAsGood, when the certificate has been verified, and
+// once via an OpenSSL callback when the handshake has completed. On the
+// second call, when the certificate has been verified and the handshake
+// has completed, the connection's handshake completion callback is run.
+void SSLClientSocketOpenSSL::CheckIfHandshakeFinished() {
+  if (handshake_succeeded_ && marked_session_as_good_)
+    OnHandshakeCompletion();
+}
+
 scoped_refptr<X509Certificate>
 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
   return server_cert_;
 }
 
 }  // namespace net