Provides a certificate for SSL client authentication on NSS sockets.

GUI is still missing, so certificates and private keys have to be
stored manually, p.e.:
$ pk12util -d sql:$HOME/.pki/nssdb -i PKCS12_file.p12
Adds --auto-ssl-client-auth command-line option to enable this feature.

Patch contributed by Jaime Soriano <jsorianopastor@gmail.com>.
Original review URL: http://codereview.chromium.org/220009

R=wtc
BUG=16830
TEST=Try to connect to a web page that requires SSL authentication and
confirm that it connects if and only if a valid certificate is stored in
the ~/.pki/nssdb database.
Review URL: http://codereview.chromium.org/276037

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@29188 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 10 insertions, 0 deletions

diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc
index bb11493..4003003 100644
--- a/chrome/common/chrome_switches.cc
+++ b/chrome/common/chrome_switches.cc
@@ -266,6 +266,16 @@ const char kWinHttpProxyResolver[]          = "winhttp-proxy-resolver";
 extern const char kDnsLogDetails[]          = "dns-log-details";
 extern const char kDnsPrefetchDisable[]     = "dns-prefetch-disable";
 
+#if defined(OS_LINUX)
+// A temporary switch before we implement the client certificate selection UI.
+// When an SSL server requests client authentication, select a client
+// certificate automatically.
+// WARNING: This switch has privacy issues because it reveals the user's
+// identity to any server that requests a client certificate without the
+// user's consent.
+const char kAutoSSLClientAuth[]             = "auto-ssl-client-auth";
+#endif
+
 // Enables support to debug printing subsystem.
 const char kDebugPrint[]                    = "debug-print";