Certificate Transparency: Threading the CT verifier into the SSL client socket.

net/socket/ssl_client_socket_nss.h

Index: net/socket/ssl_client_socket_nss.h
diff --git a/net/socket/ssl_client_socket_nss.h b/net/socket/ssl_client_socket_nss.h
index b41d28d74a8472ddbfb3635e72f1b5f47fc971e5..1cea8b2a3921f47b3ad389042ab05d268e9c7b0c 100644
--- a/net/socket/ssl_client_socket_nss.h
+++ b/net/socket/ssl_client_socket_nss.h
@@ -24,6 +24,7 @@
 #include "net/base/net_log.h"
 #include "net/base/nss_memio.h"
 #include "net/cert/cert_verify_result.h"
+#include "net/cert/ct_verify_result.h"
 #include "net/cert/x509_certificate.h"
 #include "net/socket/ssl_client_socket.h"
 #include "net/ssl/server_bound_cert_service.h"
@@ -37,6 +38,7 @@ namespace net {
 
 class BoundNetLog;
 class CertVerifier;
+class CTVerifier;
 class ClientSocketHandle;
 class ServerBoundCertService;
 class SingleRequestCertVerifier;
@@ -135,6 +137,8 @@ class SSLClientSocketNSS : public SSLClientSocket {
   int DoVerifyCert(int result);
   int DoVerifyCertComplete(int result);
 
+  void VerifyCT();
+
   void LogConnectionTypeMetrics() const;
 
   // The following methods are for debugging bug 65948. Will remove this code
@@ -158,6 +162,10 @@ class SSLClientSocketNSS : public SSLClientSocket {
   CertVerifier* const cert_verifier_;
   scoped_ptr<SingleRequestCertVerifier> verifier_;
 
+  // Certificate Transparency: Verifier and result holder.
+  ct::CTVerifyResult ct_verify_result_;
+  CTVerifier* cert_transparency_verifier_;
+
   // The service for retrieving Channel ID keys.  May be NULL.
   ServerBoundCertService* server_bound_cert_service_;