Provides a certificate for SSL client authentication on NSS sockets.

GUI is still missing, so certificates and private keys have to be
stored manually, p.e.:
$ pk12util -d sql:$HOME/.pki/nssdb -i PKCS12_file.p12
Adds --auto-ssl-client-auth command-line option to enable this feature.

Patch contributed by Jaime Soriano <jsorianopastor@gmail.com>.
Original review URL: http://codereview.chromium.org/220009

R=wtc
BUG=16830
TEST=Try to connect to a web page that requires SSL authentication and
confirm that it connects if and only if a valid certificate is stored in
the ~/.pki/nssdb database.
Review URL: http://codereview.chromium.org/276037

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@29188 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 0 deletions

diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.cc b/chrome/browser/renderer_host/resource_dispatcher_host.cc
index e1d89fe..597c931 100644
--- a/chrome/browser/renderer_host/resource_dispatcher_host.cc
+++ b/chrome/browser/renderer_host/resource_dispatcher_host.cc
@@ -1052,6 +1052,14 @@ void ResourceDispatcherHost::OnCertificateRequested(
     net::SSLCertRequestInfo* cert_request_info) {
   DCHECK(request);
 
+#if defined(OS_LINUX)
+  bool select_first_cert = CommandLine::ForCurrentProcess()->HasSwitch(
+      switches::kAutoSSLClientAuth);
+  net::X509Certificate* cert =
+      select_first_cert && !cert_request_info->client_certs.empty() ?
+      cert_request_info->client_certs[0] : NULL;
+  request->ContinueWithCertificate(cert);
+#else
   if (cert_request_info->client_certs.empty()) {
     // No need to query the user if there are no certs to choose from.
     request->ContinueWithCertificate(NULL);
@@ -1064,6 +1072,7 @@ void ResourceDispatcherHost::OnCertificateRequested(
   info->set_ssl_client_auth_handler(
       new SSLClientAuthHandler(request, cert_request_info, io_loop_, ui_loop_));
   info->ssl_client_auth_handler()->SelectCertificate();
+#endif
 }
 
 void ResourceDispatcherHost::OnSSLCertificateError(