Use NSS for SSL by default on Mac OS X.

To use Mac OS X Secure Transport in Chromium, specify the --use-system-ssl
command-line switch, which also replaced the --use-schannel command-line
switch for Windows.  All other programs are hardcoded to use NSS for SSL.

If SSL client authentication is requested, fall back on Mac OS X Secure
Transport for now.

R=mark,mbelshe
BUG=30689
TEST=none
Review URL: http://codereview.chromium.org/2747002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49489 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 8 insertions, 1 deletions

diff --git a/net/socket/client_socket_factory.cc b/net/socket/client_socket_factory.cc
index 24d9e39..db819db 100644
--- a/net/socket/client_socket_factory.cc
+++ b/net/socket/client_socket_factory.cc
@@ -12,6 +12,7 @@
 #include "net/socket/ssl_client_socket_nss.h"
 #elif defined(OS_MACOSX)
 #include "net/socket/ssl_client_socket_mac.h"
+#include "net/socket/ssl_client_socket_nss.h"
 #endif
 #include "net/socket/tcp_client_socket.h"
 
@@ -28,7 +29,13 @@ SSLClientSocket* DefaultSSLClientSocketFactory(
 #elif defined(USE_NSS)
   return new SSLClientSocketNSS(transport_socket, hostname, ssl_config);
 #elif defined(OS_MACOSX)
-  return new SSLClientSocketMac(transport_socket, hostname, ssl_config);
+  // TODO(wtc): SSLClientSocketNSS can't do SSL client authentication using
+  // Mac OS X CDSA/CSSM yet (http://crbug.com/45369), so fall back on
+  // SSLClientSocketMac.
+  if (ssl_config.client_cert)
+    return new SSLClientSocketMac(transport_socket, hostname, ssl_config);
+
+  return new SSLClientSocketNSS(transport_socket, hostname, ssl_config);
 #else
   NOTIMPLEMENTED();
   return NULL;