Added a PolicyCertVerifier that uses the trust anchors from the ONC policies.

The MultiThreadedCertVerifier can optionally use a CertTrustAnchorProvider to
get a list of additional certificates to trust, without importing them into the
NSS database. This CL wraps the MultiThreadedCertVerifier with a custom verifier
that includes a trust anchor provider.

The trust anchor provider returns all the certificates from the user ONC policy
that have the Web trust flag.  The PolicyCertVerifier also writes a preference
in the Profile once any such certificate is used.

This feature is currently behind a flag, until a warning UI is implemented.
The warning should be displayed if UsedPolicyCertificates() is true for the
given profile.

BUG=216495

Review URL: https://codereview.chromium.org/13035003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@192102 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 1 insertions, 0 deletions

diff --git a/chrome/browser/prefs/browser_prefs.cc b/chrome/browser/prefs/browser_prefs.cc
index db51151..f4ee9a1 100644
--- a/chrome/browser/prefs/browser_prefs.cc
+++ b/chrome/browser/prefs/browser_prefs.cc
@@ -302,6 +302,7 @@ void RegisterUserPrefs(PrefRegistrySyncable* registry) {
   TranslatePrefs::RegisterUserPrefs(registry);
 
 #if defined(ENABLE_CONFIGURATION_POLICY)
+  policy::BrowserPolicyConnector::RegisterUserPrefs(registry);
   policy::URLBlacklistManager::RegisterUserPrefs(registry);
 #endif